VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Starý počítač je velice pomalý - prosím o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=148196

Stránka 1 z 1

Starý počítač je velice pomalý - prosím o kontrolu logu

Napsal: 04 bře 2016 18:11
od vasekklh
Dobrý den,
mám starý počítač se systémem Windows XP. Nyní je počítač velice pomalý a mám podezření, že je na něm nějaký vir. Před cca 3 roky se mi do PC dostal bankovní vir. Nevím zda se ho povedlo zcela odstranit. Prosím o kontrolu přiloženého logu z FRST. (Před spuštěním FRST čištění PC pomocí CCleaner)

Děkuji za rady


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:04-03-2016
Ran by Administrator (administrator) on HP14030709615 (04-03-2016 17:50:35)
Running from C:\Documents and Settings\Administrator\Plocha
Loaded Profiles: admin & Administrator (Available Profiles: admin & Administrator & Guest)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\Av\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Autodesk) C:\Program Files\Autodesk\Data Management Server 2009\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
(Agere Systems) C:\WINDOWS\AGRSMMSG.exe
(Motive Communications, Inc.) C:\Program Files\TO2SSM\McciTrayApp.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Motive Communications, Inc.) C:\Program Files\TO2SSM\McciBrowser.exe
(Motive Communications, Inc.) C:\Program Files\TO2SSM\McciBrowser.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Motive Communications, Inc.) C:\Program Files\TO2SSM\McciBrowser.exe
(Motive Communications, Inc.) C:\Program Files\TO2SSM\McciBrowser.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Autodesk) C:\Program Files\Autodesk\Data Management Server 2009\Server\Webserver\Connectivity.EDMWS.Server.exe
(SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
(SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Messenger\SweetIM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Motive Communications, Inc.) C:\Program Files\Common Files\Motive\McciCMService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\19.2.0\ToolbarUpdater.exe
(Wondershare) C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\19.2.0\loggingserver.exe
(Canon Inc.) C:\Program Files\Canon\CAL\CALMAIN.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Documents and Settings\Administrator\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Smapp] => C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [143360 2003-07-30] (Analog Devices, Inc.)
HKLM\...\Run: [AGRSMMSG] => C:\WINDOWS\AGRSMMSG.exe [87751 2002-09-25] (Agere Systems)
HKLM\...\Run: [TO2SSM_McciTrayApp] => C:\Program Files\TO2SSM\McciTrayApp.exe [1473536 2008-08-15] (Motive Communications, Inc.)
HKLM\...\Run: [SetRefresh] => C:\Program Files\Compaq\SetRefresh\SetRefresh.exe [525824 2003-11-20] (Hewlett-Packard Company)
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2005-09-20] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [114688 2005-09-20] (Intel Corporation)
HKLM\...\Run: [mouseElf] => C:\Program Files\Navigator\MouseElf.exe [196608 2004-09-20] ()
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1045720 2015-09-14] (Adobe Systems Incorporated)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Secure Search\vprot.exe [2586696 2016-01-25] ()
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [866584 2006-11-03] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM\...\Run: [Sweetpacks Communicator] => C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.)
HKLM\...\Run: [SweetIM] => C:\Program Files\SweetIM\Messenger\SweetIM.exe [115032 2012-05-29] (SweetIM Technologies Ltd.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3873704 2016-02-01] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240 2015-04-28] (Wondershare)
HKLM\...\Run: [DelaypluginInstall] => C:\Documents and Settings\All Users\Data aplikací\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960248 2015-12-28] ()
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2075318756-1031377715-2213899492-1028\...\Run: [cz.seznam.software.szndesktop] => C:\Documents and Settings\admin\Data aplikací\Seznam.cz\bin\wszndesktop.exe [92296 2012-12-19] ()
HKU\S-1-5-21-2075318756-1031377715-2213899492-1028\...\Run: [cz.seznam.software.autoupdate] => C:\Documents and Settings\admin\Data aplikací\Seznam.cz\szninstall.exe [1009288 2012-09-13] ()
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\Run: [OscarEditor] => C:\Program Files\OSCAR Editor\OscarEditor.exe [2642432 2009-11-24] ()
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\Run: [OscarX7Mouse5Mode] => C:\Program Files\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe [3528192 2012-02-22] ()
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [543432 2013-10-16] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\Run: [cz.seznam.software.autoupdate] => C:\Documents and Settings\Administrator\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\Run: [cz.seznam.software.szndesktop] => C:\Documents and Settings\Administrator\Data aplikací\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6638296 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\MountPoints2: ##sv42133lib0012#uziv - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\MountPoints2: {8c4823f2-57ca-11dd-b4aa-000ffe270400} - G:\LaunchU3.exe -a
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\MountPoints2: {cca0c1d2-6d24-11de-ab64-000ffe270400} - F:\TrueCrypt\TrueCrypt.exe /q background /m rm /v "Secure\secure"
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\MountPoints2: {d065a156-570a-11dd-b4a7-000ffe270400} - F:\quiet.exe start.cmd
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2009-02-09] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2009-02-09] (Autodesk, Inc.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Logo Calibration Loader.lnk [2010-05-14]
ShortcutTarget: Logo Calibration Loader.lnk -> C:\Foto\xrite\run\i1Basic\i1Matschv3.6.2\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\ProfileReminder.lnk [2010-05-14]
ShortcutTarget: ProfileReminder.lnk -> C:\Foto\xrite\run\i1Basic\i1Matschv3.6.2\Eye-One Match 3\ProfileReminder.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Logo Calibration Loader.lnk [2010-05-14]
ShortcutTarget: Logo Calibration Loader.lnk -> C:\Foto\xrite\run\i1Basic\i1Matschv3.6.2\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\ProfileReminder.lnk [2010-05-14]
ShortcutTarget: ProfileReminder.lnk -> C:\Foto\xrite\run\i1Basic\i1Matschv3.6.2\Eye-One Match 3\ProfileReminder.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\Av\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [94208 2006-02-28] (Apple Computer, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{B9F4EEB6-FD6A-4451-97B9-8608C78A461B}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.hp.com
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.hp.com
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.hp.com
HKU\S-1-5-21-2075318756-1031377715-2213899492-1028\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.hp.com
HKU\S-1-5-21-2075318756-1031377715-2213899492-1028\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=16194
URLSearchHook: [S-1-5-21-2075318756-1031377715-2213899492-1028] ATTENTION => Default URLSearchHook is missing
URLSearchHook: HKU\S-1-5-21-2075318756-1031377715-2213899492-1028 - (No Name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - No File
URLSearchHook: HKU\S-1-5-21-2075318756-1031377715-2213899492-1028 - (No Name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - No File
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-1028 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={712AFC37-CC25-436F-A001-543A1D52FF01}&mid=21bf501efed9fdc17d3cb44ff5bd5a15-4a64392eadc1ebcefc4e14204472458bc722601c&lang=cz&ds=AVG&pr=pa&d=2012-08-01 17:57:07&v=17.1.2.1&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-1028 -> {DB8F254F-8227-4DA9-8C72-6A35915F420D} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=112555&tt=060612_5_&babsrc=SP_ss&mntrId=3079c015000000000000000ffe270400
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {17C06BE3-F556-4AAB-B7F6-7387AB0CBDCD} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {397357F1-1CA7-4722-B0A7-B04DD609355D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {44081789-D6CA-4151-94AA-6B11F66C7724} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {67C5F254-7E62-46C0-95B9-386B7B48836C} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {6A971EEF-8B8C-425E-9C3F-3C0561C3B6A6} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {6B545868-BC19-4460-AC21-C572A6BF9F47} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {9234308F-4938-4851-BA38-F357CD4D2193} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={712AFC37-CC25-436F-A001-543A1D52FF01}&mid=21bf501efed9fdc17d3cb44ff5bd5a15-4a64392eadc1ebcefc4e14204472458bc722601c&lang=cz&ds=AVG&pr=pa&d=2012-08-01 17:57:07&v=17.0.0.7&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {A9D5BEF1-BD19-41EA-AA01-8A6FD456BEEC} URL = hxxp://www.webhledani.cz/results.aspx?i=42&tp= ... earchTerms}
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {D1EBC87D-5F9F-4252-980D-95E68F797648} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {D637300C-49A9-406B-B546-2473E3911C8A} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {F70FB718-6363-4036-ACD1-E65F18196A2C} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> No File
BHO: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\Documents and Settings\All Users\Data aplikací\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2015-12-28] (Wondershare)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-09-11] (Oracle Corporation)
BHO: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Secure Search\19.2.0.326\AVG Secure Search_toolbar.dll [2016-01-25] (AVG Secure Search)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-09-11] (Oracle Corporation)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\19.2.0.326\AVG Secure Search_toolbar.dll [2016-01-25] (AVG Secure Search)
Toolbar: HKU\S-1-5-21-2075318756-1031377715-2213899492-1028 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-2075318756-1031377715-2213899492-1028 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
DPF: {32505657-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} hxxp://ax.emsisoft.com/asquared.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: pcl - {182D0C85-206F-4103-B4FA-DCC1FB0A0A44} - No File
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\19.2.0\ViProtocol.dll [2016-01-25] (AVG Secure Search)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\19.2.0\\npsitesafety.dll [No File]
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-09-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-09-11] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files\Adobe6\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF user.js: detected! => C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\user.js [2012-06-17]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2012-04-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2012-04-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2012-04-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2012-04-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2012-04-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2012-04-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2012-04-12] (Apple Inc.)
FF SearchPlugin: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\searchplugins\avg-secure-search.xml [2013-09-28]
FF SearchPlugin: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\searchplugins\sweetim.xml [2012-10-08]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2013-10-02]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012-06-17]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2013-11-10]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml [2013-10-28]
FF Extension: No Name - C:\Documents and Settings\Administrator\Data aplikacĂ­\Mozilla\Firefox\Profiles\egav9et1.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [not found]
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-08-01] [not signed]
FF Extension: Wondershare Video Converter Ultimate - C:\Documents and Settings\All Users\Data aplikací\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2016-02-03] [not signed]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-06-07] [not signed]
FF Extension: Seznam lištička - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-02-03]
FF Extension: SweetPacks Toolbar for Firefox - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2013-10-04] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-05-04] [not signed]
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\FireFoxExt\17.3.0.49
FF Extension: AVG Security Toolbar - C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\FireFoxExt\17.3.0.49 [2014-01-08] [not signed]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\Documents and Settings\All Users\Data aplikací\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com

Chrome:
=======
CHR StartupUrls: Default -> ""
CHR NewTab: Default -> "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-08]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-08]
CHR Extension: (Disk Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-08]
CHR Extension: (Seznam Lištička - Email) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-02-08]
CHR Extension: (Seznam Lištička - Slovník) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-02-13]
CHR Extension: (YouTube) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-08]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-08]
CHR Extension: (Babylon Toolbar) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb [2013-11-21] [UpdateUrl: hxxp://img.babylon.com/ext/chrome/update/update2.xml] <==== ATTENTION
CHR Extension: (Tabulky Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-08]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-08]
CHR Extension: (SweetIM for Facebook) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2013-11-21] [UpdateUrl: hxxp://www.sweetim.com/simgcbar/GCSocialUpdate.xml] <==== ATTENTION
CHR Extension: (AVG Security Toolbar) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-05-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-11-13]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-02-08]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-08]
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Documents and Settings\Administrator\Data aplikací\BabylonToolbar\CR\BabylonChrome1.crx [2012-05-30]
CHR HKLM\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-10-08]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-04-27]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKU\S-1-5-21-2075318756-1031377715-2213899492-1028\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [eibfgbclmgnmffinenpipoibfdoblond] - C:\Documents and Settings\admin\Data aplikací\Seznam.cz\bin\listicka-chrome-rv-1.5.3.crx [2013-01-09]
CHR HKU\S-1-5-21-2075318756-1031377715-2213899492-1028\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkfpcckoflkdgjdobdkpclgngaahgbpi] - C:\Documents and Settings\admin\Data aplikací\Seznam.cz\bin\listicka-chrome-email-1.2.0.crx [2013-01-09]
CHR HKU\S-1-5-21-2075318756-1031377715-2213899492-1028\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ghoooididkjbjjldgojdgceoinbhbjmh] - C:\Documents and Settings\admin\Data aplikací\Seznam.cz\bin\listicka-chrome-slovnik-1.2.0.crx [2013-01-09]
CHR HKU\S-1-5-21-2075318756-1031377715-2213899492-1028\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lelcohngbjgpiibagnfmncojacafbbpg] - C:\Documents and Settings\admin\Data aplikací\Seznam.cz\bin\Partner-1.0.3.crx [2016-02-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2009-03-27] (Adobe Systems) [File not signed]
R2 Autodesk Data Management Job Dispatch; C:\Program Files\Autodesk\Data Management Server 2009\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe [32768 2008-02-18] (Autodesk) [File not signed]
R2 Autodesk EDM Server; C:\Program Files\Autodesk\Data Management Server 2009\Server\Webserver\Connectivity.EDMWS.Server.exe [57344 2008-02-18] (Autodesk) [File not signed]
S3 Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [79360 2009-11-15] (Autodesk) [File not signed]
S2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3881184 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [865704 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [561104 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
R2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96341 2005-09-30] (Canon Inc.) [File not signed]
S4 CLPSLS; C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [1052472 2011-11-23] (COMODO)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2012-06-18] (Flexera Software, Inc.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-09-11] (Oracle Corporation)
S4 KSS; C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202296 2012-04-25] (Kaspersky Lab ZAO)
R2 McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [303104 2007-10-15] (Motive Communications, Inc.) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R2 MSSQL$AUTODESKVAULT; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [130248 2013-10-16] (Sandboxie Holdings, LLC)
R2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 vToolbarUpdater19.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\19.2.0\ToolbarUpdater.exe [1875528 2016-01-25] (AVG Secure Search)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe [382464 2015-12-02] (Wondershare) [File not signed]
S3 ICRCXJFAIFOL; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ICRCXJFAIFOL.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S4 adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [105472 2002-05-09] (Adaptec, Inc.) [File not signed]
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [149936 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [245168 2016-01-05] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [207792 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [308656 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [198576 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [37296 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies CZ, s.r.o.)
R0 Avgunivx; C:\WINDOWS\System32\DRIVERS\avgunivx.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
S3 Blfp; C:\WINDOWS\System32\DRIVERS\baspxp32.sys [51584 2004-02-04] (Broadcom Corporation)
S3 FTDIBUS; C:\WINDOWS\System32\drivers\ftdibus.sys [65896 2013-07-25] (FTDI Ltd.)
S3 genmcmnUSB; C:\WINDOWS\System32\DRIVERS\gflmouhid.sys [6656 2004-04-19] ()
S3 i1; C:\WINDOWS\System32\Drivers\i1.sys [26045 2003-11-27] (GretagMacbeth)
S3 i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [161020 2004-08-04] (Intel(R) Corporation)
S3 iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [12415 2004-08-04] (Intel(R) Corporation)
S3 iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [12127 2004-08-04] (Intel(R) Corporation)
S3 iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [11775 2004-08-04] (Intel(R) Corporation)
S3 iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [12063 2004-08-04] (Intel(R) Corporation)
S3 iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [19455 2004-08-04] (Intel(R) Corporation)
S3 iAimFP5; C:\WINDOWS\System32\DRIVERS\wADV07nt.sys [11807 2004-08-04] (Intel(R) Corporation)
S3 iAimFP6; C:\WINDOWS\System32\DRIVERS\wADV08nt.sys [11295 2004-08-04] (Intel(R) Corporation)
S3 iAimFP7; C:\WINDOWS\System32\DRIVERS\wADV09nt.sys [11871 2004-08-04] (Intel(R) Corporation)
S3 iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [29311 2004-08-04] (Intel(R) Corporation)
S3 iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [19551 2004-08-04] (Intel(R) Corporation)
S3 iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [33599 2004-08-04] (Intel(R) Corporation)
S3 iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [23615 2004-08-04] (Intel(R) Corporation)
S3 iAimTV5; C:\WINDOWS\System32\DRIVERS\wATV10nt.sys [25471 2004-08-04] (Intel(R) Corporation)
S3 iAimTV6; C:\WINDOWS\System32\DRIVERS\wATV06nt.sys [22271 2004-08-04] (Intel(R) Corporation)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [35144 2013-05-06] ()
R3 MouseCap; C:\WINDOWS\System32\Drivers\MouseCap.sys [6640 2005-08-08] () [File not signed]
R0 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S1 P3; C:\WINDOWS\System32\DRIVERS\p3.sys [46592 2008-04-14] (Microsoft Corporation)
R2 PDIHWCTL; C:\WINDOWS\system32\drivers\pdihwctl.sys [14416 2007-01-25] (Portrait Displays, Inc.) [File not signed]
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [159840 2013-10-16] (Sandboxie Holdings, LLC)
S4 Symmpi; C:\WINDOWS\system32\DRIVERS\symmpi.sys [28416 2002-04-04] (LSI Logic) [File not signed]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath
S3 X-Rite; system32\DRIVERS\XrUsb.sys [X]
S3 xcpip; \SystemRoot\system32\drivers\xcpip.sys [X]
S3 xpsec; \SystemRoot\system32\drivers\xpsec.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-04 17:50 - 2016-03-04 17:50 - 00040991 _____ C:\Documents and Settings\Administrator\Plocha\FRST.txt
2016-03-04 17:49 - 2016-03-04 17:50 - 00000000 ____D C:\FRST
2016-03-04 17:49 - 2016-03-04 17:49 - 00000000 ____D C:\Documents and Settings\Administrator\Plocha\FRST-OlderVersion
2016-03-04 17:47 - 2016-03-04 17:49 - 01725440 _____ (Farbar) C:\Documents and Settings\Administrator\Plocha\FRST.exe
2016-03-04 17:16 - 2016-03-04 17:16 - 00000693 _____ C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2016-03-04 17:16 - 2016-03-04 17:16 - 00000000 ____D C:\Program Files\CCleaner
2016-03-04 17:16 - 2016-03-04 17:16 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
2016-03-04 08:30 - 2016-03-04 08:30 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\MyPhoneExplorer
2016-02-09 17:34 - 2016-02-09 17:34 - 00388608 _____ (Trend Micro Inc.) C:\Documents and Settings\Administrator\Plocha\hijackthis.exe
2016-02-03 23:38 - 2016-02-03 23:38 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Wondershare
2016-02-03 23:08 - 2016-02-03 23:08 - 00000000 ____D C:\Documents and Settings\admin\Data aplikací\Wondershare
2016-02-03 23:06 - 2016-02-03 23:06 - 00000000 ____D C:\Documents and Settings\admin\Data aplikací\Wondershare Video Converter Ultimate
2016-02-03 23:06 - 2016-02-03 23:06 - 00000000 ____D C:\Documents and Settings\admin\Data aplikací\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2016-02-03 23:05 - 2016-02-19 17:44 - 00000000 ____D C:\Documents and Settings\admin\Data aplikací\Seznam.cz
2016-02-03 23:05 - 2016-02-03 23:05 - 00000000 ____D C:\Documents and Settings\admin\Local Settings\Data aplikací\Wondershare
2016-02-03 22:49 - 2016-02-03 22:49 - 00000917 _____ C:\Documents and Settings\All Users\Plocha\Wondershare Video Converter Ultimate.lnk
2016-02-03 22:49 - 2015-02-27 14:38 - 00721263 _____ () C:\WINDOWS\system32\WSCM64.dll
2016-02-03 22:49 - 2015-02-27 14:38 - 00214528 _____ () C:\WINDOWS\system32\WSCM32.dll
2016-02-03 22:20 - 2016-03-03 21:57 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\BrowserAir
2016-02-03 22:20 - 2016-02-03 22:20 - 00002279 _____ C:\Documents and Settings\Administrator\Plocha\BrowserAir.lnk
2016-02-03 22:20 - 2016-02-03 22:20 - 00000000 ____D C:\Documents and Settings\Administrator\Nabídka Start\Programy\BrowserAir
2016-02-03 22:19 - 2016-02-03 22:24 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\SearchModule
2016-02-03 22:07 - 2016-02-03 22:07 - 00000000 ____D C:\Program Files\Seznam.cz
2016-02-03 22:06 - 2016-03-03 22:25 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Seznam.cz
2016-02-03 19:46 - 2016-02-03 19:46 - 00000000 ____D C:\Program Files\Common Files\Wondershare
2016-02-03 19:46 - 2016-02-03 19:46 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Wondershare
2016-02-03 19:45 - 2016-02-03 19:46 - 00000000 ____D C:\Documents and Settings\Administrator\Dokumenty\Wondershare Filmora
2016-02-03 19:45 - 2008-04-14 07:51 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-04 17:50 - 2008-06-02 13:49 - 00000000 ____D C:\Documents and Settings\Administrator\Plocha
2016-03-04 17:50 - 2008-06-02 13:49 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp
2016-03-04 17:48 - 2008-06-02 13:49 - 00000000 ___HD C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2016-03-04 17:36 - 2015-12-11 00:22 - 00000000 ____D C:\ABC
2016-03-04 17:28 - 2015-12-18 23:24 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Wondershare Video Converter Ultimate
2016-03-04 17:27 - 2009-11-20 23:06 - 00000000 ____D C:\AAA
2016-03-04 17:22 - 2012-05-20 14:01 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\CoreFTP
2016-03-04 17:22 - 2010-05-13 23:04 - 00000000 ____D C:\Program Files\PDFCreator
2016-03-04 17:22 - 2009-07-09 07:53 - 00000000 ____D C:\WINDOWS\Minidump
2016-03-04 17:21 - 2013-11-12 11:33 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-04 17:21 - 2008-06-02 13:49 - 00000000 ____D C:\Documents and Settings\Administrator
2016-03-04 17:16 - 2008-06-02 13:49 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2016-03-04 17:16 - 2008-06-02 13:49 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2016-03-04 16:58 - 2010-05-01 22:34 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-04 16:15 - 2012-03-20 23:13 - 00000175 _____ C:\DevList.txt
2016-03-04 14:50 - 2010-12-17 00:55 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MFAData
2016-03-04 11:58 - 2008-06-02 13:41 - 00032580 ____N C:\WINDOWS\SchedLgU.Txt
2016-03-04 10:58 - 2010-05-01 22:34 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-04 08:30 - 2008-06-02 13:49 - 00000000 ___HD C:\Documents and Settings\Administrator\Data aplikací
2016-03-04 02:00 - 2013-09-28 00:12 - 00000358 _____ C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-HP14030709615-Administrator.job
2016-03-04 02:00 - 2008-07-18 07:07 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Adobe
2016-03-03 22:23 - 2008-06-02 13:47 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2016-03-03 22:21 - 2008-06-02 13:49 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Temp
2016-03-03 22:20 - 2014-03-22 18:32 - 00000238 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2016-03-03 22:20 - 2013-05-31 19:54 - 00000350 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2016-03-03 22:20 - 2013-01-29 22:27 - 00000342 _____ C:\WINDOWS\Tasks\ROC_PAID_JAN2013_TB_rmv.job
2016-03-03 22:20 - 2013-01-22 21:39 - 00000342 _____ C:\WINDOWS\Tasks\ROC_JAN2013_TB_rmv.job
2016-03-03 22:20 - 2012-10-08 00:07 - 00000290 _____ C:\WINDOWS\Tasks\Express FilesUpdate.job
2016-03-03 22:20 - 2012-09-26 09:15 - 00000316 _____ C:\WINDOWS\Tasks\YourFile Update.job
2016-03-03 22:20 - 2012-06-17 16:28 - 00000316 _____ C:\WINDOWS\Tasks\Your File Updater.job
2016-03-03 22:20 - 2004-09-07 19:57 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-03 22:17 - 2004-09-07 19:46 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2016-03-03 22:13 - 2009-05-26 00:01 - 00000000 ____D C:\Program Files\Sony Ericsson
2016-03-03 22:13 - 2008-06-02 13:49 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2016-03-03 22:13 - 2008-06-02 13:49 - 00000000 ___HD C:\WINDOWS\inf
2016-03-03 22:12 - 2008-06-02 04:58 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-03-03 22:07 - 2012-08-04 23:37 - 00000000 ____D C:\Program Files\Panda Security
2016-03-03 22:07 - 2008-06-02 13:49 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-03-03 22:06 - 2013-03-28 17:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Norton
2016-03-03 22:00 - 2012-07-28 23:17 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\SweetIM
2016-03-03 20:57 - 2004-09-07 19:46 - 00000178 ___SH C:\Documents and Settings\LocalService\ntuser.ini
2016-03-03 20:40 - 2004-09-03 12:48 - 00923912 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-03 20:40 - 2004-09-03 12:48 - 00545242 _____ C:\WINDOWS\system32\perfh005.dat
2016-03-03 20:40 - 2004-09-03 12:48 - 00121542 _____ C:\WINDOWS\system32\perfc005.dat
2016-03-03 19:04 - 2008-06-02 13:49 - 00000000 ____D C:\WINDOWS\Help
2016-02-29 19:59 - 2015-07-08 19:53 - 00000000 ____D C:\Bamba
2016-02-27 20:57 - 2012-09-30 22:08 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\vlc
2016-02-26 22:38 - 2008-07-22 10:38 - 00077384 _____ C:\Documents and Settings\Administrator\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2016-02-26 22:37 - 2004-09-03 12:44 - 03797624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-26 08:41 - 2012-06-28 19:45 - 00000000 ____D C:\Vfp98
2016-02-24 19:02 - 2008-06-02 13:49 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
2016-02-23 22:55 - 2010-03-26 22:19 - 00000000 ____D C:\Vasek
2016-02-20 20:28 - 2012-10-24 18:04 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\dvdcss
2016-02-20 11:48 - 2015-11-15 13:07 - 00000617 _____ C:\Documents and Settings\All Users\Plocha\AVG.lnk
2016-02-20 11:48 - 2015-11-15 13:07 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG Zen
2016-02-20 00:02 - 2012-08-01 17:23 - 00001830 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome.lnk
2016-02-20 00:02 - 2012-08-01 17:23 - 00001824 _____ C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2016-02-19 18:25 - 2011-01-20 07:24 - 00000178 ___SH C:\Documents and Settings\admin\ntuser.ini
2016-02-19 17:44 - 2011-01-20 07:24 - 00000000 ____D C:\Documents and Settings\admin\Local Settings\Temp
2016-02-19 17:43 - 2013-11-13 00:13 - 00001528 _____ C:\WINDOWS\Sandboxie.ini
2016-02-18 20:57 - 2008-07-22 22:09 - 00046080 _____ C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-13 19:14 - 2015-11-15 13:14 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Avg
2016-02-11 01:33 - 2015-11-15 13:13 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG
2016-02-10 13:21 - 2013-11-12 11:33 - 00796864 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-02-10 13:21 - 2013-11-12 11:33 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-02-10 03:37 - 2013-08-15 02:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 03:01 - 2008-07-18 06:33 - 144254680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-08 18:45 - 2014-03-22 18:32 - 00000232 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2016-02-05 07:37 - 2010-08-30 14:32 - 00000000 ____D C:\Install
2016-02-04 00:12 - 2008-07-18 07:07 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Adobe
2016-02-03 23:08 - 2011-01-20 07:24 - 00000000 __RHD C:\Documents and Settings\admin\Data aplikací
2016-02-03 23:05 - 2011-01-20 07:28 - 00106960 _____ C:\Documents and Settings\admin\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2016-02-03 23:05 - 2011-01-20 07:24 - 00000000 ___HD C:\Documents and Settings\admin\Local Settings\Data aplikací
2016-02-03 22:50 - 2015-12-18 23:24 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Wondershare
2016-02-03 22:49 - 2015-12-18 23:27 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Wondershare
2016-02-03 22:48 - 2015-12-18 23:24 - 00000000 ____D C:\Program Files\Wondershare
2016-02-03 22:48 - 2015-12-18 23:21 - 00000000 ____D C:\Documents and Settings\All Users\Dokumenty\Wondershare
2016-02-03 22:20 - 2008-06-02 13:49 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy
2016-02-03 19:45 - 2008-06-02 13:49 - 00000000 ___RD C:\Documents and Settings\Administrator\Dokumenty
2016-02-03 17:40 - 2012-06-17 16:28 - 00000000 ____D C:\Program Files\YourFileDownloader

==================== Files in the root of some directories =======

2013-11-10 22:27 - 2013-11-10 22:28 - 0003725 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2012-02-04 23:13 - 2012-02-04 23:13 - 0001063 _____ () C:\Documents and Settings\Administrator\Data aplikací\.ptbt0
2010-05-25 19:58 - 2010-05-25 19:58 - 0000600 _____ () C:\Documents and Settings\Administrator\Data aplikací\winscp.rnd
2008-07-22 22:09 - 2016-02-18 20:57 - 0046080 _____ () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-06-02 04:57 - 2008-06-02 04:57 - 0000133 _____ () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\fusioncache.dat
2013-04-18 20:32 - 2013-04-18 20:32 - 0000000 _____ () C:\Documents and Settings\All Users\Data aplikací\PKP_DLes.DAT

Some files in TEMP:
====================
C:\Documents and Settings\admin\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe
C:\Documents and Settings\admin\Local Settings\Temp\jre-7u51-windows-i586-iftw.exe
C:\Documents and Settings\admin\Local Settings\Temp\jre-7u65-windows-i586-iftw.exe
C:\Documents and Settings\admin\Local Settings\Temp\jre-7u67-windows-i586-iftw.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\aqbarqcr.exe
C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-2faa986b.exe
C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-40ab78ba.exe
C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-84cf3e84.exe
C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-c2be92c1.exe
C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-d15802b5.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-HP14030709615-Administrator.job => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe-mode=scheduled.Adm
Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\WINDOWS\TEMP\{89475A1A-A472-4D5D-A9E8-8FC56FB62B0D}.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Express FilesUpdate.job => C:\Program Files\ExpressFiles\EFUpdater.exehxxp:/www.express-files.com <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files\AVG Secure Search\PostInstall\ROC.exe
Task: C:\WINDOWS\Tasks\ROC_PAID_JAN2013_TB_rmv.job => C:\Program Files\AVG Secure Search\PostInstall\ROC.exe
Task: C:\WINDOWS\Tasks\Your File Updater.job => C:\Program Files\YourFileDownloader\YourFileUpdater.exehxxp:/yourfiledownloader.com <==== ATTENTION
Task: C:\WINDOWS\Tasks\YourFile Update.job => C:\Program Files\YourFileDownloader\YourFileUpdater.exehxxp:/yourfiledownloader.com <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: AVG AntiVirus Free Edition (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials (Disabled - Up to date) {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: AVG Firewall (Disabled) {8decf618-9569-4340-b34a-d78d28969b66}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Administrator\Plocha" je 1098 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Aclient\\AClntUsr.EXE"="C:\\Program Files\\Aclient\\AClntUsr.EXE:*:Enabled:AClntUsr - AClient Interactive User Service"
"C:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"="C:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe:*:Enabled:Update Service"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Autodesk\\Inventor_Professional_2009_CSY_Win_32_64bit\\klic\\MovieBario_FM.exe"="C:\\Autodesk\\Inventor_Professional_2009_CSY_Win_32_64bit\\klic\\MovieBario_FM.exe:*:Enabled:Facemoods Installer"
"C:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"="C:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"="C:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\\Program Files\\AVG\\AVG10\\avgmfapx.exe"="C:\\Program Files\\AVG\\AVG10\\avgmfapx.exe:*:Enabled:Instaltor AVG"
"C:\\Program Files\\ExpressFiles\\expressdl.exe"="C:\\Program Files\\ExpressFiles\\expressdl.exe:*:Enabled:Express Files"
"C:\\Program Files\\ExpressFiles\\ExpressFiles.exe"="C:\\Program Files\\ExpressFiles\\ExpressFiles.exe:*:Enabled:Express Files"
"C:\\WINDOWS\\system32\\msiexec.exe"="C:\\WINDOWS\\system32\\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\\Program Files\\SweetIM\\Communicator\\SweetPacksUpdateManager.exe"="C:\\Program Files\\SweetIM\\Communicator\\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\AVG\\Av\\avgmfapx.exe"="C:\\Program Files\\AVG\\Av\\avgmfapx.exe:*:Enabled:AVG Installer"
"C:\\Documents and Settings\\Administrator\\Local Settings\\Data aplikac\\BrowserAir\\Application\\BrowserAir.exe"="C:\\Documents and Settings\\Administrator\\Local Settings\\Data aplikac\\BrowserAir\\Application\\BrowserAir.exe:*:Enabled:BrowserAir"
"C:\\Program Files\\AVG\\Av\\avgnsx.exe"="C:\\Program Files\\AVG\\Av\\avgnsx.exe:*:Enabled:Online Shield"
"C:\\Program Files\\AVG\\Av\\avgdiagex.exe"="C:\\Program Files\\AVG\\Av\\avgdiagex.exe:*:Enabled:AVG Diagnostics"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"
"3389:TCP"="3389:TCP:*:Enabled:Remote Desktop"
"65533:TCP"="65533:TCP:*:Enabled:Services"
"52344:TCP"="52344:TCP:*:Enabled:Services"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
"3389:TCP"="3389:TCP:*:Enabled:Remote Desktop"
"65533:TCP"="65533:TCP:*:Enabled:Services"
"52344:TCP"="52344:TCP:*:Enabled:Services"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Starý počítač je velice pomalý - prosím o kontrolu logu

Napsal: 04 bře 2016 19:21
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Starý počítač je velice pomalý - prosím o kontrolu logu

Napsal: 04 bře 2016 20:14
od vasekklh
Děkuji za rychlou reakci a posílám log z AWcleaner


# AdwCleaner v5.037 - Logfile created 04/03/2016 at 19:56:28
# Updated 28/02/2016 by Xplode
# Database : 2016-03-02.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Administrator - HP14030709615
# Running from : C:\Documents and Settings\Administrator\Plocha\adwcleaner_5.037.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : AVG Security Toolbar Service
[-] Service Deleted : vToolbarUpdater19.2.0

***** [ Folders ] *****

[-] Folder Deleted : C:\abc
[-] Folder Deleted : C:\Documents and Settings\admin\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\admin\Data aplikací\BabylonToolbar
[-] Folder Deleted : C:\Documents and Settings\admin\Data aplikací\Search Settings
[-] Folder Deleted : C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\6bsv2l7f.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Documents and Settings\admin\Local Settings\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[-] Folder Deleted : C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
[-] Folder Deleted : C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[!] Folder Not Deleted : C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[!] Folder Not Deleted : C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[-] Folder Deleted : C:\Documents and Settings\Administrator\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\Administrator\Data aplikací\Babylon
[-] Folder Deleted : C:\Documents and Settings\Administrator\Data aplikací\BabylonToolbar
[-] Folder Deleted : C:\Documents and Settings\Administrator\Data aplikací\ExpressFiles
[-] Folder Deleted : C:\Documents and Settings\Administrator\Data aplikací\YourFileDownloader
[!] Folder Not Deleted : C:\Documents and Settings\Administrator\Data aplikací\YourFileDownloader
[-] Folder Deleted : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\SweetPacksToolbarData
[-] Folder Deleted : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\BrowserAir
[-] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\SearchModule
[-] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[-] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
[-] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[!] Folder Not Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[!] Folder Not Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[-] Folder Deleted : C:\Documents and Settings\Administrator\Nabídka Start\Programy\BrowserAir
[-] Folder Deleted : C:\Documents and Settings\Administrator\Nabídka Start\Programy\GotClip
[-] Folder Deleted : C:\Documents and Settings\Administrator\Plocha\abc
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Ask
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\SweetIM
[-] Folder Deleted : C:\Documents and Settings\All Users\Nabídka Start\ExpressFiles
[-] Folder Deleted : C:\Documents and Settings\All Users\Nabídka Start\YourFileDownloader
[!] Folder Not Deleted : C:\Documents and Settings\All Users\Nabídka Start\YourFileDownloader
[-] Folder Deleted : C:\Documents and Settings\Guest\Data aplikací\Search Settings
[-] Folder Deleted : C:\Program Files\~BabylonToolbar
[-] Folder Deleted : C:\Program Files\AVG Secure Search
[-] Folder Deleted : C:\Program Files\ExpressFiles
[-] Folder Deleted : C:\Program Files\GotClip
[-] Folder Deleted : C:\Program Files\PANDORA.TV
[-] Folder Deleted : C:\Program Files\SweetIM
[-] Folder Deleted : C:\Program Files\YourFileDownloader
[!] Folder Not Deleted : C:\Program Files\YourFileDownloader
[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
[-] Folder Deleted : C:\Program Files\Common Files\Spigot
[-] Folder Deleted : C:\WINDOWS\Installer\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
[-] Folder Deleted : C:\WINDOWS\system32\WNLT

***** [ Files ] *****

[-] File Deleted : C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\Quick Launch\BrowserAir.lnk
[-] File Deleted : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\searchplugins\avg-secure-search.xml
[-] File Deleted : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\searchplugins\SweetIm.xml
[-] File Deleted : C:\Documents and Settings\Administrator\Plocha\sweetpcfix.url
[-] File Deleted : C:\Documents and Settings\Administrator\Plocha\BrowserAir.lnk
[-] File Deleted : C:\Documents and Settings\All Users\Plocha\YourFile Downloader.lnk
[-] File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
[-] File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[-] File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : Express FilesUpdate
[-] Task Deleted : Your File Updater
[-] Task Deleted : YourFile Update
[-] Task Deleted : AVG-Secure-Search-Update_JUNE2013_TB_rmv
[-] Task Deleted : Your File Updater
[-] Task Deleted : YourFile Update

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\BrowserAir.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\BrowserAir.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[!] Key Not Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[!] Key Not Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{17EF1FFB-0545-4C9A-BE64-78FF53338475}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BBF19A5-BE50-4E06-A340-6777A505E490}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{869E753F-BD0D-4832-8131-94FEEE058AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D77AC8A-0A4C-40D0-9557-51907A575E45}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{ADEA3C4E-2184-40A2-9556-488456427E80}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35D-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
[-] Key Deleted : HKCU\Software\AVG Secure Search
[-] Key Deleted : HKCU\Software\AVG Security Toolbar
[-] Key Deleted : HKCU\Software\BabylonToolbar
[-] Key Deleted : HKCU\Software\BrowserAir
[-] Key Deleted : HKCU\Software\ExpressFiles
[-] Key Deleted : HKCU\Software\ImInstaller
[-] Key Deleted : HKCU\Software\Microsoft\Babylon
[-] Key Deleted : HKCU\Software\SweetIM
[-] Key Deleted : HKCU\Software\YourFileDownloader
[!] Key Not Deleted : HKCU\Software\YourFileDownloader
[-] Key Deleted : HKLM\SOFTWARE\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Babylon
[-] Key Deleted : HKLM\SOFTWARE\BabylonToolbar
[-] Key Deleted : HKLM\SOFTWARE\ExpressFiles
[-] Key Deleted : HKLM\SOFTWARE\SweetIM
[-] Key Deleted : HKLM\SOFTWARE\YourFileDownloader
[!] Key Not Deleted : HKLM\SOFTWARE\YourFileDownloader
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\BrowserAir
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ExpressFiles
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D2E9FE6A-7003-42A0-96F6-5569DFC2A3A8}_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ExpressFiles
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{83AA2913-C123-4146-85BD-AD8F93971D39}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D2E9FE6A-7003-42A0-96F6-5569DFC2A3A8}_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{ea8fa6be-29be-4af2-9352-841f83215eb0}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
[-] Key Deleted : HKU\.DEFAULT\Software\AVG Secure Search
[-] Key Deleted : HKU\.DEFAULT\Software\AVG Security Toolbar
[-] Key Deleted : HKU\.DEFAULT\Software\ExpressFiles
[-] Key Deleted : HKU\.DEFAULT\Software\IGearSettings
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547B38670606DF14AA57B0BB83F3AE4D
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\ExpressFiles\expressdl.exe]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\ExpressFiles\ExpressFiles.exe]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Documents and Settings\Administrator\Local Settings\Data aplikací\BrowserAir\Application\BrowserAir.exe]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F70FB718-6363-4036-ACD1-E65F18196A2C}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

***** [ Web browsers ] *****

[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112555&tt=060612_5_");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "3079c015000000000000000ffe270400");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.id", "3079c015000000000000000ffe270400");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15508");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1717:29:24");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote ... crg=$cargo;");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*.*.facebook.com/.*.*.google.com/.*.*.google.co.in/.*.*.google.com.br/.*.*.google.es/.*.*.youtube.com/.*.*.yahoo.com/.*.[...]
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... crg=$cargo;");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*.*.bing..*.*.live..*.*.msn..*.*.yahoo..*.*.youtube.com.*.*ask.com.*.*.sweetim.com.*");
[-] [C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dhkplhfnhceodhffomolpfigojocbpcb
[-] [C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dhkplhfnhceodhffomolpfigojocbpcb
[-] [C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dhkplhfnhceodhffomolpfigojocbpcb
[-] [C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jcdgjdiieiljkfkdcloehkohchhpekkn
[-] [C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ndibdjnfmopecpmkdieinmbadjfpblof
[-] [C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dhkplhfnhceodhffomolpfigojocbpcb
[-] [C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dhkplhfnhceodhffomolpfigojocbpcb
[-] [C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dhkplhfnhceodhffomolpfigojocbpcb
[-] [C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jcdgjdiieiljkfkdcloehkohchhpekkn
[-] [C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ndibdjnfmopecpmkdieinmbadjfpblof

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [38884 bytes] - [04/03/2016 19:56:28]
C:\AdwCleaner\AdwCleaner[S1].txt - [36886 bytes] - [04/03/2016 19:52:48]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [39032 bytes] ##########

Re: Starý počítač je velice pomalý - prosím o kontrolu logu

Napsal: 04 bře 2016 20:14
od vasekklh
Děkuji za rychlou reakci a posílám log z AWcleaner


# AdwCleaner v5.037 - Logfile created 04/03/2016 at 19:56:28
# Updated 28/02/2016 by Xplode
# Database : 2016-03-02.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Administrator - HP14030709615
# Running from : C:\Documents and Settings\Administrator\Plocha\adwcleaner_5.037.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : AVG Security Toolbar Service
[-] Service Deleted : vToolbarUpdater19.2.0

***** [ Folders ] *****

[-] Folder Deleted : C:\abc
[-] Folder Deleted : C:\Documents and Settings\admin\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\admin\Data aplikací\BabylonToolbar
[-] Folder Deleted : C:\Documents and Settings\admin\Data aplikací\Search Settings
[-] Folder Deleted : C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\6bsv2l7f.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Documents and Settings\admin\Local Settings\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[-] Folder Deleted : C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
[-] Folder Deleted : C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[!] Folder Not Deleted : C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[!] Folder Not Deleted : C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[-] Folder Deleted : C:\Documents and Settings\Administrator\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\Administrator\Data aplikací\Babylon
[-] Folder Deleted : C:\Documents and Settings\Administrator\Data aplikací\BabylonToolbar
[-] Folder Deleted : C:\Documents and Settings\Administrator\Data aplikací\ExpressFiles
[-] Folder Deleted : C:\Documents and Settings\Administrator\Data aplikací\YourFileDownloader
[!] Folder Not Deleted : C:\Documents and Settings\Administrator\Data aplikací\YourFileDownloader
[-] Folder Deleted : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\SweetPacksToolbarData
[-] Folder Deleted : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\BrowserAir
[-] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\SearchModule
[-] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[-] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
[-] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[!] Folder Not Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[!] Folder Not Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[-] Folder Deleted : C:\Documents and Settings\Administrator\Nabídka Start\Programy\BrowserAir
[-] Folder Deleted : C:\Documents and Settings\Administrator\Nabídka Start\Programy\GotClip
[-] Folder Deleted : C:\Documents and Settings\Administrator\Plocha\abc
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Ask
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\SweetIM
[-] Folder Deleted : C:\Documents and Settings\All Users\Nabídka Start\ExpressFiles
[-] Folder Deleted : C:\Documents and Settings\All Users\Nabídka Start\YourFileDownloader
[!] Folder Not Deleted : C:\Documents and Settings\All Users\Nabídka Start\YourFileDownloader
[-] Folder Deleted : C:\Documents and Settings\Guest\Data aplikací\Search Settings
[-] Folder Deleted : C:\Program Files\~BabylonToolbar
[-] Folder Deleted : C:\Program Files\AVG Secure Search
[-] Folder Deleted : C:\Program Files\ExpressFiles
[-] Folder Deleted : C:\Program Files\GotClip
[-] Folder Deleted : C:\Program Files\PANDORA.TV
[-] Folder Deleted : C:\Program Files\SweetIM
[-] Folder Deleted : C:\Program Files\YourFileDownloader
[!] Folder Not Deleted : C:\Program Files\YourFileDownloader
[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
[-] Folder Deleted : C:\Program Files\Common Files\Spigot
[-] Folder Deleted : C:\WINDOWS\Installer\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
[-] Folder Deleted : C:\WINDOWS\system32\WNLT

***** [ Files ] *****

[-] File Deleted : C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\Quick Launch\BrowserAir.lnk
[-] File Deleted : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\searchplugins\avg-secure-search.xml
[-] File Deleted : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\searchplugins\SweetIm.xml
[-] File Deleted : C:\Documents and Settings\Administrator\Plocha\sweetpcfix.url
[-] File Deleted : C:\Documents and Settings\Administrator\Plocha\BrowserAir.lnk
[-] File Deleted : C:\Documents and Settings\All Users\Plocha\YourFile Downloader.lnk
[-] File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
[-] File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[-] File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : Express FilesUpdate
[-] Task Deleted : Your File Updater
[-] Task Deleted : YourFile Update
[-] Task Deleted : AVG-Secure-Search-Update_JUNE2013_TB_rmv
[-] Task Deleted : Your File Updater
[-] Task Deleted : YourFile Update

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\BrowserAir.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\BrowserAir.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[!] Key Not Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[!] Key Not Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{17EF1FFB-0545-4C9A-BE64-78FF53338475}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BBF19A5-BE50-4E06-A340-6777A505E490}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{869E753F-BD0D-4832-8131-94FEEE058AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D77AC8A-0A4C-40D0-9557-51907A575E45}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{ADEA3C4E-2184-40A2-9556-488456427E80}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35D-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
[-] Key Deleted : HKCU\Software\AVG Secure Search
[-] Key Deleted : HKCU\Software\AVG Security Toolbar
[-] Key Deleted : HKCU\Software\BabylonToolbar
[-] Key Deleted : HKCU\Software\BrowserAir
[-] Key Deleted : HKCU\Software\ExpressFiles
[-] Key Deleted : HKCU\Software\ImInstaller
[-] Key Deleted : HKCU\Software\Microsoft\Babylon
[-] Key Deleted : HKCU\Software\SweetIM
[-] Key Deleted : HKCU\Software\YourFileDownloader
[!] Key Not Deleted : HKCU\Software\YourFileDownloader
[-] Key Deleted : HKLM\SOFTWARE\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Babylon
[-] Key Deleted : HKLM\SOFTWARE\BabylonToolbar
[-] Key Deleted : HKLM\SOFTWARE\ExpressFiles
[-] Key Deleted : HKLM\SOFTWARE\SweetIM
[-] Key Deleted : HKLM\SOFTWARE\YourFileDownloader
[!] Key Not Deleted : HKLM\SOFTWARE\YourFileDownloader
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\BrowserAir
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ExpressFiles
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D2E9FE6A-7003-42A0-96F6-5569DFC2A3A8}_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ExpressFiles
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{83AA2913-C123-4146-85BD-AD8F93971D39}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D2E9FE6A-7003-42A0-96F6-5569DFC2A3A8}_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{ea8fa6be-29be-4af2-9352-841f83215eb0}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
[-] Key Deleted : HKU\.DEFAULT\Software\AVG Secure Search
[-] Key Deleted : HKU\.DEFAULT\Software\AVG Security Toolbar
[-] Key Deleted : HKU\.DEFAULT\Software\ExpressFiles
[-] Key Deleted : HKU\.DEFAULT\Software\IGearSettings
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547B38670606DF14AA57B0BB83F3AE4D
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\ExpressFiles\expressdl.exe]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\ExpressFiles\ExpressFiles.exe]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Documents and Settings\Administrator\Local Settings\Data aplikací\BrowserAir\Application\BrowserAir.exe]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F70FB718-6363-4036-ACD1-E65F18196A2C}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

***** [ Web browsers ] *****

[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112555&tt=060612_5_");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "3079c015000000000000000ffe270400");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.id", "3079c015000000000000000ffe270400");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15508");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1717:29:24");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote ... crg=$cargo;");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*.*.facebook.com/.*.*.google.com/.*.*.google.co.in/.*.*.google.com.br/.*.*.google.es/.*.*.youtube.com/.*.*.yahoo.com/.*.[...]
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... crg=$cargo;");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
[-] [C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\prefs.js] [Preference] Deleted : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*.*.bing..*.*.live..*.*.msn..*.*.yahoo..*.*.youtube.com.*.*ask.com.*.*.sweetim.com.*");
[-] [C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dhkplhfnhceodhffomolpfigojocbpcb
[-] [C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dhkplhfnhceodhffomolpfigojocbpcb
[-] [C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dhkplhfnhceodhffomolpfigojocbpcb
[-] [C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jcdgjdiieiljkfkdcloehkohchhpekkn
[-] [C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ndibdjnfmopecpmkdieinmbadjfpblof
[-] [C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dhkplhfnhceodhffomolpfigojocbpcb
[-] [C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dhkplhfnhceodhffomolpfigojocbpcb
[-] [C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dhkplhfnhceodhffomolpfigojocbpcb
[-] [C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jcdgjdiieiljkfkdcloehkohchhpekkn
[-] [C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ndibdjnfmopecpmkdieinmbadjfpblof

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [38884 bytes] - [04/03/2016 19:56:28]
C:\AdwCleaner\AdwCleaner[S1].txt - [36886 bytes] - [04/03/2016 19:52:48]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [39032 bytes] ##########

Re: Starý počítač je velice pomalý - prosím o kontrolu logu

Napsal: 04 bře 2016 20:42
od Rudy
Dejte nový log FRST.

Re: Starý počítač je velice pomalý - prosím o kontrolu logu

Napsal: 04 bře 2016 21:00
od vasekklh
Děkuji za radu a přikládám nový log z FRST


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:04-03-2016
Ran by Administrator (administrator) on HP14030709615 (04-03-2016 20:54:28)
Running from C:\Documents and Settings\Administrator\Plocha
Loaded Profiles: Administrator (Available Profiles: admin & Administrator & Guest)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\Av\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Autodesk) C:\Program Files\Autodesk\Data Management Server 2009\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
(Agere Systems) C:\WINDOWS\AGRSMMSG.exe
(Motive Communications, Inc.) C:\Program Files\TO2SSM\McciTrayApp.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Motive Communications, Inc.) C:\Program Files\TO2SSM\McciBrowser.exe
(Motive Communications, Inc.) C:\Program Files\TO2SSM\McciBrowser.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(Motive Communications, Inc.) C:\Program Files\TO2SSM\McciBrowser.exe
(Motive Communications, Inc.) C:\Program Files\TO2SSM\McciBrowser.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Autodesk) C:\Program Files\Autodesk\Data Management Server 2009\Server\Webserver\Connectivity.EDMWS.Server.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Motive Communications, Inc.) C:\Program Files\Common Files\Motive\McciCMService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
(Wondershare) C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Canon Inc.) C:\Program Files\Canon\CAL\CALMAIN.exe
(forum.viry.cz) C:\Documents and Settings\Administrator\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Smapp] => C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [143360 2003-07-30] (Analog Devices, Inc.)
HKLM\...\Run: [AGRSMMSG] => C:\WINDOWS\AGRSMMSG.exe [87751 2002-09-25] (Agere Systems)
HKLM\...\Run: [TO2SSM_McciTrayApp] => C:\Program Files\TO2SSM\McciTrayApp.exe [1473536 2008-08-15] (Motive Communications, Inc.)
HKLM\...\Run: [SetRefresh] => C:\Program Files\Compaq\SetRefresh\SetRefresh.exe [525824 2003-11-20] (Hewlett-Packard Company)
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2005-09-20] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [114688 2005-09-20] (Intel Corporation)
HKLM\...\Run: [mouseElf] => C:\Program Files\Navigator\MouseElf.exe [196608 2004-09-20] ()
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1045720 2015-09-14] (Adobe Systems Incorporated)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [866584 2006-11-03] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3873704 2016-02-01] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240 2015-04-28] (Wondershare)
HKLM\...\Run: [DelaypluginInstall] => C:\Documents and Settings\All Users\Data aplikací\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960248 2015-12-28] ()
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\Run: [OscarEditor] => C:\Program Files\OSCAR Editor\OscarEditor.exe [2642432 2009-11-24] ()
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\Run: [OscarX7Mouse5Mode] => C:\Program Files\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe [3528192 2012-02-22] ()
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [543432 2013-10-16] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\Run: [cz.seznam.software.autoupdate] => C:\Documents and Settings\Administrator\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\Run: [cz.seznam.software.szndesktop] => C:\Documents and Settings\Administrator\Data aplikací\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6638296 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\MountPoints2: ##sv42133lib0012#uziv - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\MountPoints2: {8c4823f2-57ca-11dd-b4aa-000ffe270400} - G:\LaunchU3.exe -a
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\MountPoints2: {cca0c1d2-6d24-11de-ab64-000ffe270400} - F:\TrueCrypt\TrueCrypt.exe /q background /m rm /v "Secure\secure"
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\MountPoints2: {d065a156-570a-11dd-b4a7-000ffe270400} - F:\quiet.exe start.cmd
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2009-02-09] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2009-02-09] (Autodesk, Inc.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Logo Calibration Loader.lnk [2010-05-14]
ShortcutTarget: Logo Calibration Loader.lnk -> C:\Foto\xrite\run\i1Basic\i1Matschv3.6.2\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\ProfileReminder.lnk [2010-05-14]
ShortcutTarget: ProfileReminder.lnk -> C:\Foto\xrite\run\i1Basic\i1Matschv3.6.2\Eye-One Match 3\ProfileReminder.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Logo Calibration Loader.lnk [2010-05-14]
ShortcutTarget: Logo Calibration Loader.lnk -> C:\Foto\xrite\run\i1Basic\i1Matschv3.6.2\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\ProfileReminder.lnk [2010-05-14]
ShortcutTarget: ProfileReminder.lnk -> C:\Foto\xrite\run\i1Basic\i1Matschv3.6.2\Eye-One Match 3\ProfileReminder.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\Av\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [94208 2006-02-28] (Apple Computer, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{B9F4EEB6-FD6A-4451-97B9-8608C78A461B}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.hp.com
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.hp.com
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.hp.com
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=16194
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {17C06BE3-F556-4AAB-B7F6-7387AB0CBDCD} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {397357F1-1CA7-4722-B0A7-B04DD609355D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {44081789-D6CA-4151-94AA-6B11F66C7724} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {67C5F254-7E62-46C0-95B9-386B7B48836C} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {6A971EEF-8B8C-425E-9C3F-3C0561C3B6A6} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {6B545868-BC19-4460-AC21-C572A6BF9F47} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {9234308F-4938-4851-BA38-F357CD4D2193} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {A9D5BEF1-BD19-41EA-AA01-8A6FD456BEEC} URL = hxxp://www.webhledani.cz/results.aspx?i=42&tp= ... earchTerms}
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {D1EBC87D-5F9F-4252-980D-95E68F797648} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> {D637300C-49A9-406B-B546-2473E3911C8A} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\Documents and Settings\All Users\Data aplikací\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2015-12-28] (Wondershare)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-09-11] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-09-11] (Oracle Corporation)
Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKU\S-1-5-21-2075318756-1031377715-2213899492-500 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
DPF: {32505657-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} hxxp://ax.emsisoft.com/asquared.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: pcl - {182D0C85-206F-4103-B4FA-DCC1FB0A0A44} - No File
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-09-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-09-11] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files\Adobe6\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF user.js: detected! => C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\user.js [2012-06-17]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2012-04-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2012-04-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2012-04-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2012-04-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2012-04-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2012-04-12] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2012-04-12] (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml [2013-10-28]
FF Extension: No Name - C:\Documents and Settings\Administrator\Data aplikacĂ­\Mozilla\Firefox\Profiles\egav9et1.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [not found]
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-08-01] [not signed]
FF Extension: Wondershare Video Converter Ultimate - C:\Documents and Settings\All Users\Data aplikací\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2016-02-03] [not signed]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-06-07] [not signed]
FF Extension: SweetPacks Toolbar for Firefox - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2013-10-04] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-05-04] [not signed]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\Documents and Settings\All Users\Data aplikací\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com

Chrome:
=======
CHR StartupUrls: Default -> ""
CHR NewTab: Default -> "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-08]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-08]
CHR Extension: (Disk Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-08]
CHR Extension: (Seznam Lištička - Email) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-02-08]
CHR Extension: (Seznam Lištička - Slovník) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-02-13]
CHR Extension: (YouTube) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-08]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-08]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-08]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-11-13]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-02-08]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-08]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2009-03-27] (Adobe Systems) [File not signed]
R2 Autodesk Data Management Job Dispatch; C:\Program Files\Autodesk\Data Management Server 2009\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe [32768 2008-02-18] (Autodesk) [File not signed]
R2 Autodesk EDM Server; C:\Program Files\Autodesk\Data Management Server 2009\Server\Webserver\Connectivity.EDMWS.Server.exe [57344 2008-02-18] (Autodesk) [File not signed]
S3 Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [79360 2009-11-15] (Autodesk) [File not signed]
S2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3881184 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [865704 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [561104 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
R2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96341 2005-09-30] (Canon Inc.) [File not signed]
S4 CLPSLS; C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [1052472 2011-11-23] (COMODO)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2012-06-18] (Flexera Software, Inc.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-09-11] (Oracle Corporation)
S4 KSS; C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202296 2012-04-25] (Kaspersky Lab ZAO)
R2 McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [303104 2007-10-15] (Motive Communications, Inc.) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R2 MSSQL$AUTODESKVAULT; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [130248 2013-10-16] (Sandboxie Holdings, LLC)
R2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe [382464 2015-12-02] (Wondershare) [File not signed]
S3 ICRCXJFAIFOL; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ICRCXJFAIFOL.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S4 adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [105472 2002-05-09] (Adaptec, Inc.) [File not signed]
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [149936 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [245168 2016-01-05] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [207792 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [308656 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [198576 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [37296 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies CZ, s.r.o.)
R0 Avgunivx; C:\WINDOWS\System32\DRIVERS\avgunivx.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
S3 Blfp; C:\WINDOWS\System32\DRIVERS\baspxp32.sys [51584 2004-02-04] (Broadcom Corporation)
S3 FTDIBUS; C:\WINDOWS\System32\drivers\ftdibus.sys [65896 2013-07-25] (FTDI Ltd.)
S3 genmcmnUSB; C:\WINDOWS\System32\DRIVERS\gflmouhid.sys [6656 2004-04-19] ()
S3 i1; C:\WINDOWS\System32\Drivers\i1.sys [26045 2003-11-27] (GretagMacbeth)
S3 i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [161020 2004-08-04] (Intel(R) Corporation)
S3 iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [12415 2004-08-04] (Intel(R) Corporation)
S3 iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [12127 2004-08-04] (Intel(R) Corporation)
S3 iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [11775 2004-08-04] (Intel(R) Corporation)
S3 iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [12063 2004-08-04] (Intel(R) Corporation)
S3 iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [19455 2004-08-04] (Intel(R) Corporation)
S3 iAimFP5; C:\WINDOWS\System32\DRIVERS\wADV07nt.sys [11807 2004-08-04] (Intel(R) Corporation)
S3 iAimFP6; C:\WINDOWS\System32\DRIVERS\wADV08nt.sys [11295 2004-08-04] (Intel(R) Corporation)
S3 iAimFP7; C:\WINDOWS\System32\DRIVERS\wADV09nt.sys [11871 2004-08-04] (Intel(R) Corporation)
S3 iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [29311 2004-08-04] (Intel(R) Corporation)
S3 iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [19551 2004-08-04] (Intel(R) Corporation)
S3 iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [33599 2004-08-04] (Intel(R) Corporation)
S3 iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [23615 2004-08-04] (Intel(R) Corporation)
S3 iAimTV5; C:\WINDOWS\System32\DRIVERS\wATV10nt.sys [25471 2004-08-04] (Intel(R) Corporation)
S3 iAimTV6; C:\WINDOWS\System32\DRIVERS\wATV06nt.sys [22271 2004-08-04] (Intel(R) Corporation)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [35144 2013-05-06] ()
R3 MouseCap; C:\WINDOWS\System32\Drivers\MouseCap.sys [6640 2005-08-08] () [File not signed]
R0 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S1 P3; C:\WINDOWS\System32\DRIVERS\p3.sys [46592 2008-04-14] (Microsoft Corporation)
R2 PDIHWCTL; C:\WINDOWS\system32\drivers\pdihwctl.sys [14416 2007-01-25] (Portrait Displays, Inc.) [File not signed]
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [159840 2013-10-16] (Sandboxie Holdings, LLC)
S4 Symmpi; C:\WINDOWS\system32\DRIVERS\symmpi.sys [28416 2002-04-04] (LSI Logic) [File not signed]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath
S3 X-Rite; system32\DRIVERS\XrUsb.sys [X]
S3 xcpip; \SystemRoot\system32\drivers\xcpip.sys [X]
S3 xpsec; \SystemRoot\system32\drivers\xpsec.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-04 20:54 - 2016-03-04 17:08 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Administrator\Plocha\FRSTLauncher.exe
2016-03-04 19:52 - 2016-03-04 19:56 - 00000000 ____D C:\AdwCleaner
2016-03-04 19:52 - 2016-03-04 19:51 - 01518592 _____ C:\Documents and Settings\Administrator\Plocha\adwcleaner_5.037.exe
2016-03-04 17:50 - 2016-03-04 20:54 - 00032055 _____ C:\Documents and Settings\Administrator\Plocha\FRST.txt
2016-03-04 17:49 - 2016-03-04 20:54 - 00000000 ____D C:\FRST
2016-03-04 17:49 - 2016-03-04 17:49 - 00000000 ____D C:\Documents and Settings\Administrator\Plocha\FRST-OlderVersion
2016-03-04 17:47 - 2016-03-04 17:49 - 01725440 _____ (Farbar) C:\Documents and Settings\Administrator\Plocha\FRST.exe
2016-03-04 17:16 - 2016-03-04 17:16 - 00000693 _____ C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2016-03-04 17:16 - 2016-03-04 17:16 - 00000000 ____D C:\Program Files\CCleaner
2016-03-04 17:16 - 2016-03-04 17:16 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
2016-03-04 08:30 - 2016-03-04 08:30 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\MyPhoneExplorer
2016-02-09 17:34 - 2016-02-09 17:34 - 00388608 _____ (Trend Micro Inc.) C:\Documents and Settings\Administrator\Plocha\hijackthis.exe
2016-02-03 23:38 - 2016-02-03 23:38 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Wondershare
2016-02-03 23:08 - 2016-02-03 23:08 - 00000000 ____D C:\Documents and Settings\admin\Data aplikací\Wondershare
2016-02-03 23:06 - 2016-02-03 23:06 - 00000000 ____D C:\Documents and Settings\admin\Data aplikací\Wondershare Video Converter Ultimate
2016-02-03 23:06 - 2016-02-03 23:06 - 00000000 ____D C:\Documents and Settings\admin\Data aplikací\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2016-02-03 23:05 - 2016-02-19 17:44 - 00000000 ____D C:\Documents and Settings\admin\Data aplikací\Seznam.cz
2016-02-03 23:05 - 2016-02-03 23:05 - 00000000 ____D C:\Documents and Settings\admin\Local Settings\Data aplikací\Wondershare
2016-02-03 22:49 - 2016-02-03 22:49 - 00000917 _____ C:\Documents and Settings\All Users\Plocha\Wondershare Video Converter Ultimate.lnk
2016-02-03 22:49 - 2015-02-27 14:38 - 00721263 _____ () C:\WINDOWS\system32\WSCM64.dll
2016-02-03 22:49 - 2015-02-27 14:38 - 00214528 _____ () C:\WINDOWS\system32\WSCM32.dll
2016-02-03 22:07 - 2016-02-03 22:07 - 00000000 ____D C:\Program Files\Seznam.cz
2016-02-03 22:06 - 2016-03-04 20:12 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Seznam.cz
2016-02-03 19:46 - 2016-02-03 19:46 - 00000000 ____D C:\Program Files\Common Files\Wondershare
2016-02-03 19:46 - 2016-02-03 19:46 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Wondershare
2016-02-03 19:45 - 2016-02-03 19:46 - 00000000 ____D C:\Documents and Settings\Administrator\Dokumenty\Wondershare Filmora
2016-02-03 19:45 - 2008-04-14 07:51 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-04 20:54 - 2008-06-02 13:49 - 00000000 ___HD C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2016-03-04 20:54 - 2008-06-02 13:49 - 00000000 ____D C:\Documents and Settings\Administrator\Plocha
2016-03-04 20:54 - 2008-06-02 13:49 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp
2016-03-04 20:21 - 2013-11-12 11:33 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-04 20:20 - 2008-06-02 13:49 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Temp
2016-03-04 20:09 - 2008-06-02 13:47 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2016-03-04 20:08 - 2010-12-17 00:55 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MFAData
2016-03-04 20:07 - 2014-03-22 18:32 - 00000238 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2016-03-04 20:07 - 2013-01-29 22:27 - 00000342 _____ C:\WINDOWS\Tasks\ROC_PAID_JAN2013_TB_rmv.job
2016-03-04 20:07 - 2013-01-22 21:39 - 00000342 _____ C:\WINDOWS\Tasks\ROC_JAN2013_TB_rmv.job
2016-03-04 20:07 - 2010-05-01 22:34 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-04 20:07 - 2004-09-07 19:57 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-04 20:06 - 2008-06-02 13:49 - 00000000 ____D C:\Documents and Settings\Administrator
2016-03-04 20:06 - 2008-06-02 13:41 - 00032580 _____ C:\WINDOWS\SchedLgU.Txt
2016-03-04 20:06 - 2004-09-07 19:46 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2016-03-04 20:00 - 2008-06-02 13:49 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2016-03-04 19:59 - 2008-06-02 13:49 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2016-03-04 19:59 - 2008-06-02 13:49 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start
2016-03-04 19:58 - 2010-05-01 22:34 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-04 19:58 - 2008-06-02 13:49 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy
2016-03-04 19:56 - 2011-01-20 07:24 - 00000000 __RHD C:\Documents and Settings\admin\Data aplikací
2016-03-04 19:56 - 2011-01-20 07:24 - 00000000 ___HD C:\Documents and Settings\admin\Local Settings\Data aplikací
2016-03-04 19:56 - 2008-06-02 13:49 - 00000000 ___HD C:\Documents and Settings\Administrator\Data aplikací
2016-03-04 18:34 - 2009-12-19 22:27 - 00000000 ____D C:\TATA
2016-03-04 18:30 - 2009-11-20 23:06 - 00000000 ____D C:\AAA
2016-03-04 17:28 - 2015-12-18 23:24 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Wondershare Video Converter Ultimate
2016-03-04 17:22 - 2012-05-20 14:01 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\CoreFTP
2016-03-04 17:22 - 2010-05-13 23:04 - 00000000 ____D C:\Program Files\PDFCreator
2016-03-04 17:22 - 2009-07-09 07:53 - 00000000 ____D C:\WINDOWS\Minidump
2016-03-04 17:16 - 2008-06-02 13:49 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2016-03-04 16:15 - 2012-03-20 23:13 - 00000175 _____ C:\DevList.txt
2016-03-04 02:00 - 2013-09-28 00:12 - 00000358 _____ C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-HP14030709615-Administrator.job
2016-03-04 02:00 - 2008-07-18 07:07 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Adobe
2016-03-03 22:13 - 2009-05-26 00:01 - 00000000 ____D C:\Program Files\Sony Ericsson
2016-03-03 22:13 - 2008-06-02 13:49 - 00000000 ___HD C:\WINDOWS\inf
2016-03-03 22:12 - 2008-06-02 04:58 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-03-03 22:07 - 2012-08-04 23:37 - 00000000 ____D C:\Program Files\Panda Security
2016-03-03 22:07 - 2008-06-02 13:49 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-03-03 22:06 - 2013-03-28 17:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Norton
2016-03-03 20:57 - 2004-09-07 19:46 - 00000178 ___SH C:\Documents and Settings\LocalService\ntuser.ini
2016-03-03 20:40 - 2004-09-03 12:48 - 00923912 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-03 20:40 - 2004-09-03 12:48 - 00545242 _____ C:\WINDOWS\system32\perfh005.dat
2016-03-03 20:40 - 2004-09-03 12:48 - 00121542 _____ C:\WINDOWS\system32\perfc005.dat
2016-03-03 19:04 - 2008-06-02 13:49 - 00000000 ____D C:\WINDOWS\Help
2016-02-29 19:59 - 2015-07-08 19:53 - 00000000 ____D C:\Vasek_FILMY
2016-02-27 20:57 - 2012-09-30 22:08 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\vlc
2016-02-26 22:38 - 2008-07-22 10:38 - 00077384 _____ C:\Documents and Settings\Administrator\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2016-02-26 22:37 - 2004-09-03 12:44 - 03797624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-26 08:41 - 2012-06-28 19:45 - 00000000 ____D C:\Vfp98
2016-02-24 19:02 - 2008-06-02 13:49 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
2016-02-23 22:55 - 2010-03-26 22:19 - 00000000 ____D C:\Vasek
2016-02-20 20:28 - 2012-10-24 18:04 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\dvdcss
2016-02-20 11:48 - 2015-11-15 13:07 - 00000617 _____ C:\Documents and Settings\All Users\Plocha\AVG.lnk
2016-02-20 11:48 - 2015-11-15 13:07 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG Zen
2016-02-20 00:02 - 2012-08-01 17:23 - 00001830 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome.lnk
2016-02-20 00:02 - 2012-08-01 17:23 - 00001824 _____ C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2016-02-19 18:25 - 2011-01-20 07:24 - 00000178 ___SH C:\Documents and Settings\admin\ntuser.ini
2016-02-19 17:44 - 2011-01-20 07:24 - 00000000 ____D C:\Documents and Settings\admin\Local Settings\Temp
2016-02-19 17:43 - 2013-11-13 00:13 - 00001528 _____ C:\WINDOWS\Sandboxie.ini
2016-02-18 20:57 - 2008-07-22 22:09 - 00046080 _____ C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-13 19:14 - 2015-11-15 13:14 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Avg
2016-02-11 01:33 - 2015-11-15 13:13 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG
2016-02-10 13:21 - 2013-11-12 11:33 - 00796864 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-02-10 13:21 - 2013-11-12 11:33 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-02-10 03:37 - 2013-08-15 02:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 03:01 - 2008-07-18 06:33 - 144254680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-08 18:45 - 2014-03-22 18:32 - 00000232 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2016-02-05 07:37 - 2010-08-30 14:32 - 00000000 ____D C:\Install
2016-02-04 00:12 - 2008-07-18 07:07 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\Adobe
2016-02-03 23:05 - 2011-01-20 07:28 - 00106960 _____ C:\Documents and Settings\admin\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2016-02-03 22:50 - 2015-12-18 23:24 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Wondershare
2016-02-03 22:49 - 2015-12-18 23:27 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Wondershare
2016-02-03 22:48 - 2015-12-18 23:24 - 00000000 ____D C:\Program Files\Wondershare
2016-02-03 22:48 - 2015-12-18 23:21 - 00000000 ____D C:\Documents and Settings\All Users\Dokumenty\Wondershare
2016-02-03 19:45 - 2008-06-02 13:49 - 00000000 ___RD C:\Documents and Settings\Administrator\Dokumenty

==================== Files in the root of some directories =======

2013-11-10 22:27 - 2013-11-10 22:28 - 0003725 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2012-02-04 23:13 - 2012-02-04 23:13 - 0001063 _____ () C:\Documents and Settings\Administrator\Data aplikací\.ptbt0
2010-05-25 19:58 - 2010-05-25 19:58 - 0000600 _____ () C:\Documents and Settings\Administrator\Data aplikací\winscp.rnd
2008-07-22 22:09 - 2016-02-18 20:57 - 0046080 _____ () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-06-02 04:57 - 2008-06-02 04:57 - 0000133 _____ () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\fusioncache.dat
2013-04-18 20:32 - 2013-04-18 20:32 - 0000000 _____ () C:\Documents and Settings\All Users\Data aplikací\PKP_DLes.DAT

Some files in TEMP:
====================
C:\Documents and Settings\admin\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe
C:\Documents and Settings\admin\Local Settings\Temp\jre-7u51-windows-i586-iftw.exe
C:\Documents and Settings\admin\Local Settings\Temp\jre-7u65-windows-i586-iftw.exe
C:\Documents and Settings\admin\Local Settings\Temp\jre-7u67-windows-i586-iftw.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\aqbarqcr.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\sqlite3.dll
C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-2faa986b.exe
C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-40ab78ba.exe
C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-84cf3e84.exe
C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-c2be92c1.exe
C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-d15802b5.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-HP14030709615-Administrator.job => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe-mode=scheduled.Adm
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files\AVG Secure Search\PostInstall\ROC.exe
Task: C:\WINDOWS\Tasks\ROC_PAID_JAN2013_TB_rmv.job => C:\Program Files\AVG Secure Search\PostInstall\ROC.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: AVG AntiVirus Free Edition (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials (Disabled - Up to date) {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: AVG Firewall (Disabled) {8decf618-9569-4340-b34a-d78d28969b66}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Administrator\Plocha" je 1099 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Aclient\\AClntUsr.EXE"="C:\\Program Files\\Aclient\\AClntUsr.EXE:*:Enabled:AClntUsr - AClient Interactive User Service"
"C:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"="C:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe:*:Enabled:Update Service"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Autodesk\\Inventor_Professional_2009_CSY_Win_32_64bit\\klic\\MovieBario_FM.exe"="C:\\Autodesk\\Inventor_Professional_2009_CSY_Win_32_64bit\\klic\\MovieBario_FM.exe:*:Enabled:Facemoods Installer"
"C:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"="C:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"="C:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\\Program Files\\AVG\\AVG10\\avgmfapx.exe"="C:\\Program Files\\AVG\\AVG10\\avgmfapx.exe:*:Enabled:Instaltor AVG"
"C:\\WINDOWS\\system32\\msiexec.exe"="C:\\WINDOWS\\system32\\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\AVG\\Av\\avgmfapx.exe"="C:\\Program Files\\AVG\\Av\\avgmfapx.exe:*:Enabled:AVG Installer"
"C:\\Program Files\\AVG\\Av\\avgnsx.exe"="C:\\Program Files\\AVG\\Av\\avgnsx.exe:*:Enabled:Online Shield"
"C:\\Program Files\\AVG\\Av\\avgdiagex.exe"="C:\\Program Files\\AVG\\Av\\avgdiagex.exe:*:Enabled:AVG Diagnostics"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"
"3389:TCP"="3389:TCP:*:Enabled:Remote Desktop"
"65533:TCP"="65533:TCP:*:Enabled:Services"
"52344:TCP"="52344:TCP:*:Enabled:Services"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
"3389:TCP"="3389:TCP:*:Enabled:Remote Desktop"
"65533:TCP"="65533:TCP:*:Enabled:Services"
"52344:TCP"="52344:TCP:*:Enabled:Services"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Starý počítač je velice pomalý - prosím o kontrolu logu

Napsal: 04 bře 2016 21:59
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\MountPoints2: ##sv42133lib0012#uziv - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\MountPoints2: {8c4823f2-57ca-11dd-b4aa-000ffe270400} - G:\LaunchU3.exe -a
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\MountPoints2: {cca0c1d2-6d24-11de-ab64-000ffe270400} - F:\TrueCrypt\TrueCrypt.exe /q background /m rm /v "Secure\secure"
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\MountPoints2: {d065a156-570a-11dd-b4a7-000ffe270400} - F:\quiet.exe start.cmd
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
Handler: pcl - {182D0C85-206F-4103-B4FA-DCC1FB0A0A44} - No File
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
FF Extension: No Name - C:\Documents and Settings\Administrator\Data aplikacĂ­\Mozilla\Firefox\Profiles\egav9et1.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [not found]
FF Extension: SweetPacks Toolbar for Firefox - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2013-10-04] [not signed]
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
S3 ICRCXJFAIFOL; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ICRCXJFAIFOL.exe [X]
U1 WS2IFSL; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\Documents and Settings\admin\Local Settings\Temp
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:
Velikost slozky "C:\Documents and Settings\Administrator\Plocha" je 1099 MB.
To je příliš mnoho a může to zpomalovat start systému. Vytvořte v C:\Documents and Settings\Administrator novou složku, kam přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupcě té složky pro snazší přístup.

Re: Starý počítač je velice pomalý - prosím o kontrolu logu

Napsal: 05 bře 2016 10:53
od vasekklh
Dobrý den,
rád bych Vám poděkoval, že jste se mne ujal a pomáháte mi řešit problém s mým PC. Zasílám log z FRST dle instrukcí.



Fix result of Farbar Recovery Scan Tool (x86) Version:04-03-2016
Ran by Administrator (2016-03-05 10:41:02) Run:1
Running from C:\Documents and Settings\Administrator\Plocha
Loaded Profiles: Administrator (Available Profiles: admin & Administrator & Guest)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\MountPoints2: ##sv42133lib0012#uziv - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\MountPoints2: {8c4823f2-57ca-11dd-b4aa-000ffe270400} - G:\LaunchU3.exe -a
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\MountPoints2: {cca0c1d2-6d24-11de-ab64-000ffe270400} - F:\TrueCrypt\TrueCrypt.exe /q background /m rm /v "Secure\secure"
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\...\MountPoints2: {d065a156-570a-11dd-b4a7-000ffe270400} - F:\quiet.exe start.cmd
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
Handler: pcl - {182D0C85-206F-4103-B4FA-DCC1FB0A0A44} - No File
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
FF Extension: No Name - C:\Documents and Settings\Administrator\Data aplikacĂ­\Mozilla\Firefox\Profiles\egav9et1.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [not found]
FF Extension: SweetPacks Toolbar for Firefox - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2013-10-04] [not signed]
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
S3 ICRCXJFAIFOL; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ICRCXJFAIFOL.exe [X]
U1 WS2IFSL; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\Documents and Settings\admin\Local Settings\Temp
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
HKU\S-1-5-21-2075318756-1031377715-2213899492-500\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully.
"HKU\S-1-5-21-2075318756-1031377715-2213899492-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##sv42133lib0012#uziv" => key removed successfully.
"HKU\S-1-5-21-2075318756-1031377715-2213899492-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8c4823f2-57ca-11dd-b4aa-000ffe270400}" => key removed successfully.
HKCR\CLSID\{8c4823f2-57ca-11dd-b4aa-000ffe270400} => key not found.
"HKU\S-1-5-21-2075318756-1031377715-2213899492-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cca0c1d2-6d24-11de-ab64-000ffe270400}" => key removed successfully.
HKCR\CLSID\{cca0c1d2-6d24-11de-ab64-000ffe270400} => key not found.
"HKU\S-1-5-21-2075318756-1031377715-2213899492-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d065a156-570a-11dd-b4a7-000ffe270400}" => key removed successfully.
HKCR\CLSID\{d065a156-570a-11dd-b4a7-000ffe270400} => key not found.
"HKU\S-1-5-21-2075318756-1031377715-2213899492-500\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKCR\PROTOCOLS\Handler\pcl" => key removed successfully.
HKCR\CLSID\{182D0C85-206F-4103-B4FA-DCC1FB0A0A44} => key not found.
"HKCR\PROTOCOLS\Handler\WSWSVCUchrome" => key removed successfully.
C:\Documents and Settings\Administrator\Data aplikacĂ­\Mozilla\Firefox\Profiles\egav9et1.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi => path removed successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi => moved successfully
"C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\egav9et1.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi" => not found.
Bonjour Service => Service stopped successfully.
Bonjour Service => service removed successfully.
ICRCXJFAIFOL => service removed successfully.
WS2IFSL => service removed successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Documents and Settings\admin\Local Settings\Temp => moved successfully

==== End of Fixlog 10:41:05 ====

Re: Starý počítač je velice pomalý - prosím o kontrolu logu

Napsal: 05 bře 2016 11:39
od Rudy
Smazáno. Nastala nějaká změna?

Re: Starý počítač je velice pomalý - prosím o kontrolu logu

Napsal: 06 bře 2016 11:54
od vasekklh
Dobrý den,
děkuji za Vaše rady. Na Vaši otázku otázku ohledně změny chování PC po vyčištění pomocí FRST

1. Samovolné ukončování programů.
Dříve se některé programy samovolně ukončovali, nyní zlepšení.

2. Rychlost programů
Zatím beze změny. Mám staré PC, Pentium4 CPU 3GHz, 2,5 GB RAM. Problémy s rychlostí máme zejména v grafických programech (Photoshop). Dříve se mi zdáli rychlejší. Nejvíce mi však vadí , že při pouštění HD videa (VLC , DivX, QuickTime), video běží velmi trhaně. Nevím zda je problém v slabém HW nebo tím, že Windows XP není v kondici.

3. Antivir
Mám antivir AVG free, který i po Vašem vyčištění hlásí např Trojan horse. Je to falešný poplach ? Zároveň bych se chtěl zeptat, jaký antivir byste nám doporučil (pokud možno free) ?

Re: Starý počítač je velice pomalý - prosím o kontrolu logu

Napsal: 06 bře 2016 12:38
od Rudy
Udělejte ještě kompletní sken MBAM: http://filehippo.com/download_malwareby ... are/14815/ a dejte log. Předem nic nemažte. Výzvu ke stažení novější verze ignorujte, nefunguje pod XP.

Re: Starý počítač je velice pomalý - prosím o kontrolu logu

Napsal: 06 bře 2016 21:12
od vasekklh
Dobrý den,
zasílam log z MBAM.



Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.04.04.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: HP14030709615 [administrátor]

Ochrana: Povolena

6.3.2016 13:05:37
MBAM-log-2016-03-06 (21-05-16).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 1119805
Uplynulý čas: 7 hodin, 54 minut, 23 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 16
C:\Program Files\Adobe6\Adobe Photoshop CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\PS6 patch\Photoshop.zip (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\PS6 patch\Photoshop\patch - PainteR.rar (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{37BE5458-E215-467E-83D7-4AF1AEC70570}\RP1335\A0109357.exe (PUP.Adware.Gotclip.ScamLotto) -> Nebyla provedena žádná instrukce.
C:\TATA\Disk_old\disk_old_110630\Install\Ostatni\Inventor crack 2009 2010\Inv 2009.zip (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
C:\TATA\Disk_old\disk_old_110630\Install\Ostatni\Inventor crack 2009 2010\Inv 2009\crack 2009\XF-AIP2k9-32bit-KG.exe (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
C:\Vasek\autopujcovna\pripominky\GotClip_Setup.exe (PUP.Adware.Gotclip.ScamLotto) -> Nebyla provedena žádná instrukce.
C:\Vasek\erasmus\predmety\GotClip_Setup.exe (PUP.Adware.Gotclip.ScamLotto) -> Nebyla provedena žádná instrukce.
C:\Vasek\Photoshop\Photoshop.zip (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\GotClip\Uninstall.exe.vir (PUP.Adware.Gotclip.ScamLotto) -> Nebyla provedena žádná instrukce.
C:\Autodesk\Inventor_Professional_2009_CSY_Win_32_64bit\klic\XF-AIP2k9-32bit-KG.exe (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
C:\Autodesk\Inventor_Professional_2009_CSY_Win_32_64bit\klic\Nová složka\XF-AIP2k9-32bit-KG.exe (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
C:\Install\Autodesk (V)\Inventor_2009 rozbaleno (V)\klic\XF-AIP2k9-32bit-KG.exe (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
C:\Install\Autodesk (V)\Inventor_2009 rozbaleno (V)\klic\Nová složka\XF-AIP2k9-32bit-KG.exe (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
C:\Install\Autodesk (V)\Inventor_crack 2009 2010 LVZ (V)\Inv 2009.zip (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
C:\Install\Autodesk (V)\Inventor_crack 2009 2010 LVZ (V)\Inv 2009\crack 2009\XF-AIP2k9-32bit-KG.exe (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.

(konec)

Re: Starý počítač je velice pomalý - prosím o kontrolu logu

Napsal: 06 bře 2016 21:39
od Rudy
Všechny nálezy smažte.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz