Dobrý den,
rychlý test odhalil v PC infikované soubory, které ale nejdou vyčistit. Prosím o kontrolu logu.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-12-2014
Ran by xxx (administrator) on XXX-PC on 25-12-2014 11:37:28
Running from C:\Users\xxx\Desktop
Loaded Profile: xxx (Available profiles: xxx & UpdatusUser & Guest)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Koyote-Lab Inc) C:\Program Files\Music App\Datamngr\DatamngrCoordinator.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Koyote-Lab Inc) C:\Program Files\Music App\Datamngr\DatamngrCoordinator.exe
(Koyote-Lab Inc) C:\Program Files\Music App\Datamngr\DatamngrUI.exe
(TorchMedia Inc.) C:\Users\xxx\AppData\Local\Torch\Update\TorchCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Ask) C:\Program Files\Ask.com\Updater\Updater.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(YTDownloader) C:\Program Files\YTDownloader\YTDownloader.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(iMesh, Inc) C:\Program Files\iMesh Applications\iMesh\iMesh.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
() C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\Cyti Web\bin\utilCytiWeb.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\Cyti Web\bin\CytiWeb.PurBrowse.exe
() C:\Program Files\Cyti Web\bin\CytiWeb.BrowserAdapter.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
() C:\Program Files\Cyti Web\bin\CytiWeb.expext.exe
() C:\Program Files\Cyti Web\bin\CytiWeb.BOASHelper.exe
() C:\Program Files\Cyti Web\bin\CytiWeb.BOASPRT.exe
() C:\Program Files\Cyti Web\bin\CytiWeb.BOAS.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\Cyti Web\updateCytiWeb.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\Cyti Web\bin\CytiWeb.BOASPRT.exe
(Farbar) C:\Users\xxx\Desktop\FRST (1).exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [ApnUpdater] => C:\Program Files\Ask.com\Updater\Updater.exe [1648264 2013-04-25] (Ask)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKLM\...\Run: [YTDownloader] => C:\Program Files\YTDownloader\YTDownloader.exe [1988456 2014-12-23] (YTDownloader)
HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\Run: [Steam] => C:\Program Files\Steam\Steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\Run: [iMesh] => C:\Program Files\iMesh Applications\iMesh\iMesh.exe [31020056 2013-06-24] (iMesh, Inc)
HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\Run: [EADM] => C:\Program Files\Origin\Origin.exe [3618648 2014-12-18] (Electronic Arts)
HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21648480 2014-07-02] (Skype Technologies S.A.)
HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\Run: [YTDownloader] => C:\Program Files\YTDownloader\YTDownloader.exe [1988456 2014-12-23] (YTDownloader)
HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\Run: [PCSpeedUp] => C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe [342472 2014-12-10] ()
HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\MountPoints2: {9891cc17-49e0-11e3-8efd-001bfc8b364d} - I:\LGAutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-04-30] (Microsoft Corporation)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
HKLM\...\AppCertDlls: [x64] -> c:\program files\music app\datamngr\x64\apcrtldr.dll <===== ATTENTION
HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Music App\Datamngr\apcrtldr.dll [493576 2014-12-11] () <===== ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... 2496624966
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... 2496624966
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
HKU\S-1-5-21-2003311748-928465584-277415609-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... 2496624966
HKU\S-1-5-21-2003311748-928465584-277415609-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... 2496624966
URLSearchHook: HKU\S-1-5-21-2003311748-928465584-277415609-1000 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc& ... 2496624966
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2409} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKU\S-1-5-21-2003311748-928465584-277415609-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
SearchScopes: HKU\S-1-5-21-2003311748-928465584-277415609-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2003311748-928465584-277415609-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
SearchScopes: HKU\S-1-5-21-2003311748-928465584-277415609-1000 -> {5E77E682-59BC-4CA0-A37B-BD52B6409A00} URL = http://websearch.ask.com/redirect?clien ... 4FCBA4596D
SearchScopes: HKU\S-1-5-21-2003311748-928465584-277415609-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-2003311748-928465584-277415609-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKU\S-1-5-21-2003311748-928465584-277415609-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2409} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKU\S-1-5-21-2003311748-928465584-277415609-1000 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/?a=6R9b7G ... earchTerms}
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Music Toolbar (Dist. by Koyote-Lab, Inc.) -> {229ae5b5-5528-4a17-bfb4-1f7b10d4d006} -> C:\PROGRA~1\MUSICT~1\Datamngr\SRTOOL~2\IE\searchresultsDx.dll No File
BHO: Music Box Toolbar (Dist. by iMesh, Inc.) -> {45177936-603b-4261-8d42-df6f7091d5d0} -> C:\PROGRA~1\MUSICT~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro.dll (Goobzo Ltd.)
BHO: Cyti Web 1.0.0.6 -> {aa2fac44-d24d-4fed-9e32-397d138365f1} -> C:\Program Files\Cyti Web\CytiWebbho.dll (Cyti Web)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - Music Box Toolbar (Dist. by iMesh, Inc.) - {45177936-603b-4261-8d42-df6f7091d5d0} - C:\PROGRA~1\MUSICT~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll No File
Toolbar: HKLM - Music Toolbar (Dist. by Koyote-Lab, Inc.) - {229ae5b5-5528-4a17-bfb4-1f7b10d4d006} - C:\PROGRA~1\MUSICT~1\Datamngr\SRTOOL~2\IE\searchresultsDx.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2003311748-928465584-277415609-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default
FF DefaultSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: omiga-plus
FF Homepage: hxxp://isearch.omiga-plus.com/?type=hp&ts=1419356992&from=obw&uid=WDCXWD2500AVJS-63TBA0_WD-WCAPZ382496624966
FF Keyword.URL: hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=211&systemid=409&v=a14978-204&apn_dtid=BND409&apn_ptnrs=AGB&apn_uid=5909300234144318&o=APN10650&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2003311748-928465584-277415609-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\xxx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2003311748-928465584-277415609-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF user.js: detected! => C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default\user.js
FF SearchPlugin: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default\searchplugins\Ask.xml
FF SearchPlugin: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\omiga-plus.xml
FF Extension: Shopper-Pro - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-12-23]
FF Extension: Cyti Web 1.0.1 - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default\Extensions\{06b43f25-e282-4a26-a8ba-987e86000cdf}.xpi [2014-12-23]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-09]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-15]
FF HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\Firefox\Extensions: [wcapturex@deskperience.com] - C:\Program Files\KingTranslate\WCaptureMoz
FF Extension: WordCaptureX - C:\Program Files\KingTranslate\WCaptureMoz [2013-12-22]
FF HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe http://isearch.omiga-plus.com/?type=sc& ... 2496624966
Chrome:
=======
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts=1419356992&from=obw&uid=WDCXWD2500AVJS-63TBA0_WD-WCAPZ382496624966
CHR StartupUrls: Default -> "hxxp://isearch.omiga-plus.com/?type=hp&ts=1419356992&from=obw&uid=WDCXWD2500AVJS-63TBA0_WD-WCAPZ382496624966"
CHR DefaultSearchKeyword: Default -> omiga-plus
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Music App) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaihhnfnbnpbhpagnmoplpcjbediml [2014-04-06]
CHR Extension: (Music Box Toolbar) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajcmpdgmklmanahacmhodmlanlgom [2014-04-06]
CHR Extension: (Assassin's Creed IV Black Flag) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\agibflpbghgmiinfaefgnldmfajdance [2014-08-14]
CHR Extension: (Dokumenty Google) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-06]
CHR Extension: (Disk Google) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-06]
CHR Extension: (YouTube) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-06]
CHR Extension: (McAfee Security Scan+) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-04-06]
CHR Extension: (Vyhledávání Google) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-06]
CHR Extension: (Cyti Web) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\imaonoflgcdidkofjhnlbinhjffgpjef [2014-12-24]
CHR Extension: (Torch Share) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof [2014-04-06]
CHR Extension: (Allin1Convert) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmabjcmofdemkaaekcmpocognlfonepb [2014-12-13]
CHR Extension: (WordCaptureX) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf [2014-04-06]
CHR Extension: (Peněženka Google) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-06]
CHR Extension: (SweetPacks Chrome Extension) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj [2014-04-06]
CHR Extension: (Gmail) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-06]
CHR HKLM\...\Chrome\Extension: [aaaaihhnfnbnpbhpagnmoplpcjbediml] - C:\Users\xxx\AppData\Local\imeshmusicboxtoolbar\GC\toolbar.crx [2013-06-19]
CHR HKLM\...\Chrome\Extension: [aaaajcmpdgmklmanahacmhodmlanlgom] - C:\Users\xxx\AppData\Local\kingtranslatemusictoolbarha\GC\toolbar.crx [2013-08-29]
CHR HKLM\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\xxx\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx [2013-02-08]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-20]
CHR HKLM\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\xxx\AppData\Local\Torch\Plugins\TorchPlugin.crx [2013-07-01]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files\KingTranslate\wcxChrome.crx [2013-02-04]
CHR HKLM\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\System32\jmdp\SweetNT.crx [2013-09-30]
CHR StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe http://isearch.omiga-plus.com/?type=sc& ... 2496624966
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-20] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DatamngrCoordinator; C:\Program Files\Music App\Datamngr\DatamngrCoordinator.exe [3574280 2014-12-11] (Koyote-Lab Inc)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1895760 2014-12-13] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2014-12-02] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
R2 TorchCrashHandler; C:\Users\xxx\AppData\Local\Torch\Update\TorchCrashHandler.exe [1205088 2013-06-20] (TorchMedia Inc.) [File not signed] <==== ATTENTION
R2 Update Cyti Web; C:\Program Files\Cyti Web\updateCytiWeb.exe [524528 2014-12-25] ()
R2 Util Cyti Web; C:\Program Files\Cyti Web\bin\utilCytiWeb.exe [524528 2014-12-25] ()
S2 IBUpdaterService; %SystemRoot%\system32\dmwu.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-20] ()
R0 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [21576 2013-03-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-07-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-07-20] ()
R3 Atc002; C:\Windows\System32\DRIVERS\l260x86.sys [29184 2009-07-13] (Atheros Communications, Inc.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [378672 2014-12-21] (Symantec Corporation)
R1 F06DEFF2-5B9C-490D-910F-35D3A91196222; C:\Program Files\Music App\Datamngr\setmgrc3.cfg [38280 2014-12-11] (Koyote-Lab Inc)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-13] (NXP Semiconductors)
R2 sbmntr; C:\Program Files\YTDownloader\sbmntr.sys [50024 2014-12-23] (YTDownloader)
R2 SPDRIVER_1.38.0.1450; C:\Program Files\ShopperPro\JSDriver\1.38.0.1450\jsdrv.sys [41320 2014-12-22] ()
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35088 2013-04-30] (The OpenVPN Project)
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2010-01-21] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [20864 2010-01-21] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [24960 2010-01-21] (LG Electronics Inc.)
R1 {06b43f25-e282-4a26-a8ba-987e86000cdf}Gw; C:\Windows\System32\drivers\{06b43f25-e282-4a26-a8ba-987e86000cdf}Gw.sys [43152 2014-12-23] (StdLib)
S3 XDva401; \??\C:\Windows\system32\XDva401.sys [X]
S3 XDva403; \??\C:\Windows\system32\XDva403.sys [X]
S3 XDva404; \??\C:\Windows\system32\XDva404.sys [X]
S3 XDva405; \??\C:\Windows\system32\XDva405.sys [X]
S3 XDva406; \??\C:\Windows\system32\XDva406.sys [X]
S3 XDva410; \??\C:\Windows\system32\XDva410.sys [X]
S3 XDva413; \??\C:\Windows\system32\XDva413.sys [X]
S3 XDva415; \??\C:\Windows\system32\XDva415.sys [X]
S3 XDva423; \??\C:\Windows\system32\XDva423.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-25 11:33 - 2014-12-25 11:35 - 00028936 _____ () C:\Users\xxx\Desktop\Addition.txt
2014-12-25 11:29 - 2014-12-25 11:40 - 00029044 _____ () C:\Users\xxx\Desktop\FRST.txt
2014-12-25 11:27 - 2014-12-25 11:37 - 00000000 ____D () C:\FRST
2014-12-25 11:21 - 2014-12-25 11:21 - 01114112 _____ (Farbar) C:\Users\xxx\Desktop\FRST (1).exe
2014-12-25 11:04 - 2014-12-25 11:05 - 01114112 _____ (Farbar) C:\Users\xxx\Downloads\FRST.exe
2014-12-25 10:50 - 2014-12-25 10:50 - 00000000 ____D () C:\ProgramData\233F
2014-12-25 09:36 - 2014-12-25 09:36 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-12-23 19:03 - 2014-12-23 19:03 - 00065814 _____ () C:\Users\xxx\Downloads\Naruto-Arena Hack v1.0.rar
2014-12-23 19:00 - 2014-12-23 04:32 - 00043152 _____ (StdLib) C:\Windows\system32\Drivers\{06b43f25-e282-4a26-a8ba-987e86000cdf}Gw.sys
2014-12-23 18:54 - 2014-12-25 00:52 - 00000340 _____ () C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
2014-12-23 18:54 - 2014-12-23 18:54 - 00001021 _____ () C:\Users\xxx\Desktop\Zrychleni Pocitace.lnk
2014-12-23 18:54 - 2014-12-23 18:54 - 00000000 ____D () C:\Users\xxx\Documents\PCSpeedUp
2014-12-23 18:54 - 2014-12-23 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace
2014-12-23 18:54 - 2014-12-23 18:54 - 00000000 ____D () C:\Program Files\Zrychleni Pocitace
2014-12-23 18:53 - 2014-12-23 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-23 18:53 - 2014-12-23 18:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-23 18:52 - 2014-12-25 10:52 - 00000000 ____D () C:\Program Files\Cyti Web
2014-12-23 18:52 - 2014-12-23 18:52 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
2014-12-23 18:52 - 2014-12-23 18:52 - 00000000 ____D () C:\Program Files\YTDownloader
2014-12-23 18:51 - 2014-12-23 18:51 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2014-12-23 18:51 - 2014-12-23 18:51 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-12-23 18:51 - 2014-12-23 18:51 - 00000000 ____D () C:\Program Files\ShopperPro
2014-12-23 18:50 - 2014-12-23 18:52 - 00000000 ____D () C:\Program Files\SupTab
2014-12-23 18:50 - 2014-12-23 18:50 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\omiga-plus
2014-12-23 18:50 - 2014-12-23 18:50 - 00000000 ____D () C:\Users\xxx\AppData\Local\CrashRpt
2014-12-23 18:50 - 2014-12-23 18:50 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-12-23 18:47 - 2014-12-23 18:47 - 00605355 _____ () C:\Users\xxx\Downloads\Hack Tool V3 (1).zip
2014-12-23 18:46 - 2014-12-23 18:46 - 00605355 _____ () C:\Users\xxx\Downloads\Nepotvrzeno 580664.crdownload
2014-12-22 18:36 - 2014-12-22 18:36 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Macromedia
2014-12-22 18:36 - 2014-12-22 18:36 - 00000000 ____D () C:\Users\Guest\AppData\Local\Macromedia
2014-12-22 18:34 - 2014-12-22 18:34 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Mozilla
2014-12-22 18:34 - 2014-12-22 18:34 - 00000000 ____D () C:\Users\Guest\AppData\Local\Mozilla
2014-12-22 18:33 - 2014-12-22 18:33 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\AVAST Software
2014-12-17 21:06 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-15 19:29 - 2014-12-15 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-15 19:29 - 2014-12-15 19:29 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-12-15 19:26 - 2014-12-25 11:40 - 00000000 ____D () C:\ProgramData\Datamngr
2014-12-15 19:26 - 2014-12-15 19:26 - 00000000 ____D () C:\Program Files\Music App
2014-12-10 23:26 - 2014-12-10 23:26 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 08:28 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 08:19 - 2014-12-04 05:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 08:19 - 2014-12-04 05:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 08:19 - 2014-12-04 05:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 08:19 - 2014-12-04 05:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 08:19 - 2014-12-04 05:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 08:19 - 2014-12-04 05:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 08:19 - 2014-12-04 05:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 08:19 - 2014-12-02 00:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 08:19 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 08:19 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 08:19 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 08:19 - 2014-11-22 03:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 08:19 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 08:19 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 08:19 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 08:19 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 08:19 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 08:19 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 08:19 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 08:19 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 08:19 - 2014-11-22 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 08:19 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 08:19 - 2014-11-22 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 08:19 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 08:19 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 08:19 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 08:19 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 08:19 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 08:19 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 08:19 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 08:19 - 2014-11-22 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 08:19 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 08:19 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 08:19 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 08:19 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 08:19 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 08:19 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 08:19 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 08:19 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 08:18 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 08:18 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 08:17 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 08:17 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 08:17 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 08:17 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 08:17 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 19:56 - 2014-12-09 19:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-07 12:26 - 2014-12-07 12:33 - 00000000 ____D () C:\Users\xxx\AppData\Local\Ubisoft Game Launcher
2014-12-07 11:15 - 2014-12-07 11:15 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2014-12-07 11:15 - 2014-12-07 11:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-12-07 10:11 - 2014-12-07 10:11 - 00053081 _____ () C:\Users\xxx\Downloads\Attack on Titan Custom Skins View topic - Ichigo bankai new bankai mask dual blades.html
2014-12-07 10:11 - 2014-12-07 10:11 - 00000000 ____D () C:\Users\xxx\Downloads\Attack on Titan Custom Skins View topic - Ichigo bankai new bankai mask dual blades_files
2014-12-06 20:27 - 2014-12-06 20:33 - 30993712 _____ (Riot Games) C:\Users\xxx\Desktop\LeagueofLegends_EUNE_Installer_9_15_2014.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-25 11:25 - 2012-12-15 12:44 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Skype
2014-12-25 11:21 - 2012-12-15 16:53 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-25 10:58 - 2012-12-15 09:19 - 01523002 _____ () C:\Windows\WindowsUpdate.log
2014-12-25 10:56 - 2009-07-14 05:34 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-25 10:56 - 2009-07-14 05:34 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-25 10:53 - 2013-12-28 17:33 - 00000000 ____D () C:\ProgramData\Origin
2014-12-25 10:53 - 2012-12-17 08:38 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-25 10:52 - 2009-07-14 03:04 - 00000580 _____ () C:\Windows\win.ini
2014-12-25 10:51 - 2013-03-27 17:46 - 00000000 ____D () C:\Program Files\Steam
2014-12-25 10:49 - 2013-05-03 19:37 - 00000000 ____D () C:\Users\xxx\AppData\Local\LogMeIn Hamachi
2014-12-25 10:48 - 2013-12-28 17:31 - 00000000 ____D () C:\Program Files\Origin
2014-12-25 10:47 - 2013-07-01 19:04 - 00000000 ____D () C:\ProgramData\TorchCrashHandler
2014-12-25 10:47 - 2012-12-15 16:53 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-25 10:47 - 2012-12-15 12:43 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-25 10:47 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-25 10:47 - 2009-07-14 05:39 - 00751139 _____ () C:\Windows\setupact.log
2014-12-25 00:30 - 2013-07-01 18:44 - 00000000 ____D () C:\ProgramData\Wincert
2014-12-25 00:30 - 2007-12-06 06:55 - 00000000 ____D () C:\install
2014-12-24 21:16 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-12-23 18:52 - 2014-04-06 12:54 - 00002313 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-23 18:52 - 2014-02-15 17:40 - 00001341 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-23 18:52 - 2014-02-15 17:40 - 00001329 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-23 18:52 - 2012-12-15 10:04 - 00001637 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-23 18:52 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-22 18:33 - 2014-01-31 15:00 - 00000000 ____D () C:\Users\Guest\AppData\Local\LogMeIn Hamachi
2014-12-21 09:35 - 2014-08-30 08:28 - 00000436 ____H () C:\Windows\Tasks\Norton Security Scan for xxx.job
2014-12-21 06:24 - 2012-12-15 20:23 - 00227568 _____ () C:\Windows\PFRO.log
2014-12-14 13:55 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-12-11 00:53 - 2012-12-17 08:38 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-11 00:53 - 2012-12-17 08:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-10 23:26 - 2014-05-06 11:38 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 23:26 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 08:07 - 2014-02-15 17:40 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-07 11:16 - 2013-11-10 09:45 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Riot Games
2014-12-07 11:08 - 2013-07-21 20:17 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-12-07 09:27 - 2013-07-01 18:48 - 00000000 ____D () C:\Users\xxx\AppData\Local\iMesh
2014-11-27 19:20 - 2013-03-27 17:46 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-11-25 08:06 - 2013-12-28 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
Files to move or delete:
====================
C:\Program Files\Music App\Datamngr\apcrtldr.dll
Some content of TEMP:
====================
C:\Users\xxx\AppData\Local\Temp\APNStub.exe
C:\Users\xxx\AppData\Local\Temp\bundlesweetimsetup.exe
C:\Users\xxx\AppData\Local\Temp\Delta.exe
C:\Users\xxx\AppData\Local\Temp\DeltaTB.exe
C:\Users\xxx\AppData\Local\Temp\DownloadManager.exe
C:\Users\xxx\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaaf8id.dll
C:\Users\xxx\AppData\Local\Temp\EmptySetup.exe
C:\Users\xxx\AppData\Local\Temp\GenericUninstall.exe
C:\Users\xxx\AppData\Local\Temp\i4jdel0.exe
C:\Users\xxx\AppData\Local\Temp\i4jdel1.exe
C:\Users\xxx\AppData\Local\Temp\i4jdel2.exe
C:\Users\xxx\AppData\Local\Temp\install_flashplayer11x32ax_gtbp_chra_aih.exe
C:\Users\xxx\AppData\Local\Temp\jansi-32-git-Bukkit-1.4.7-R1.0-66-g543fc73-b2706jnks.dll
C:\Users\xxx\AppData\Local\Temp\mgsqlite3.dll
C:\Users\xxx\AppData\Local\Temp\MybabylonTB.exe
C:\Users\xxx\AppData\Local\Temp\OptimizerPro.exe
C:\Users\xxx\AppData\Local\Temp\propsys.dll
C:\Users\xxx\AppData\Local\Temp\SkypeSetup.exe
C:\Users\xxx\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\xxx\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\xxx\AppData\Local\Temp\ubiB146.tmp.exe
C:\Users\xxx\AppData\Local\Temp\uninstaller.exe
C:\Users\xxx\AppData\Local\Temp\WSSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-25 00:23
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Viry v PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Viry v PC
- Přílohy
-
- Addition.rar
- (7.6 KiB) Staženo 39 x
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Viry v PC
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve >Scan< a potom na >Clean< (smazat)
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Viry v PC
Děkuju. Posílám log:
# AdwCleaner v4.106 - Report created 25/12/2014 at 15:46:40
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : xxx - XXX-PC
# Running from : C:\Users\xxx\Desktop\adwcleaner_4.106.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : DatamngrCoordinator
[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A91196222
[#] Service Deleted : IBUpdaterService
Service Deleted : sbmntr
Service Deleted : torchcrashhandler
[#] Service Deleted : Update Cyti Web
[#] Service Deleted : Util Cyti Web
Service Deleted : {06b43f25-e282-4a26-a8ba-987e86000cdf}Gw
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
[#] Folder Deleted : C:\ProgramData\BitGuard
[#] Folder Deleted : C:\ProgramData\Browser Manager
[#] Folder Deleted : C:\ProgramData\BrowserProtect
[!] Folder Deleted : C:\ProgramData\DataMngr
Folder Deleted : C:\ProgramData\ShopperPro
Folder Deleted : C:\ProgramData\torchcrashhandler
Folder Deleted : C:\ProgramData\wincert
Folder Deleted : C:\ProgramData\WindowsMangerProtect
[!] Folder Deleted : C:\ProgramData\Datamngr
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\iMesh Applications
Folder Deleted : C:\Program Files\Music Toolbar
Folder Deleted : C:\Program Files\ShopperPro
Folder Deleted : C:\Program Files\SupTab
Folder Deleted : C:\Program Files\sweetpacks bundle uninstaller
Folder Deleted : C:\Program Files\YTDownloader
Folder Deleted : C:\Program Files\Zrychleni Pocitace
[!] Folder Deleted : C:\Program Files\Cyti Web
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Windows\system32\ARFC
Folder Deleted : C:\Windows\system32\jmdp
Folder Deleted : C:\Windows\system32\WNLT
Folder Deleted : C:\Users\xxx\AppData\Local\Temp\Cyti Web
Folder Deleted : C:\Users\Guest\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\xxx\AppData\Local\apn
Folder Deleted : C:\Users\xxx\AppData\Local\iMesh
Folder Deleted : C:\Users\xxx\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
Folder Deleted : C:\Users\xxx\AppData\Local\torch
Folder Deleted : C:\Users\xxx\AppData\Local\CrashRpt
Folder Deleted : C:\Users\xxx\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\xxx\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\xxx\AppData\Roaming\FirefoxToolbar
Folder Deleted : C:\Users\xxx\AppData\Roaming\omiga-plus
Folder Deleted : C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
Folder Deleted : C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
Folder Deleted : C:\Users\xxx\Documents\PCSpeedUp
Folder Deleted : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
Folder Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Folder Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Folder Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Folder Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmabjcmofdemkaaekcmpocognlfonepb
File Deleted : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
File Deleted : C:\Windows\system32\ImhxxpComm.dll
File Deleted : C:\Windows\system32\drivers\{06b43f25-e282-4a26-a8ba-987e86000cdf}Gw.sys
File Deleted : C:\Users\xxx\AppData\Local\Temp\uninstaller.exe
File Deleted : C:\Users\xxx\AppData\Local\Temp\OptimizerPro.exe
File Deleted : C:\Users\xxx\AppData\LocalLow\SkwConfig.bin
File Deleted : C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk
File Deleted : C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
File Deleted : C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iMesh.lnk
File Deleted : C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
File Deleted : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default\invalidprefs.js
File Deleted : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default\searchplugins\Ask.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\Ask.xml
File Deleted : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default\searchplugins\bingp.xml
File Deleted : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default\user.js
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\omiga-plus.xml
File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.search.ask.com_0.localstorage
File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.search.ask.com_0.localstorage-journal
File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_allin1convert.dl.tb.ask.com_0.localstorage
File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_allin1convert.dl.tb.ask.com_0.localstorage-journal
File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : PC SpeedUp Service Deactivator
Task Deleted : Scheduled Update for Ask Toolbar
Task Deleted : ShopperPro
Task Deleted : ShopperProJSUpd
Task Deleted : SMupdate1
Task Deleted : YTDownloader
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [pcspeedup]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\iMesh.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\Torch.exe
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.Device
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.file
Key Deleted : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\torch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMPlayCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMRipCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowVolumeOnArrival
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Value Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Cyti Web
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Cyti Web
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{969D2C61-9B16-407C-86B7-397BF4579BE6}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C353E32-B8AC-4B82-B988-4C2D3394388A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{aa2fac44-d24d-4fed-9e32-397d138365f1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{969D2C61-9B16-407C-86B7-397BF4579BE6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4b030cae-5396-4e8d-b29f-0bc3213ab606}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aa2fac44-d24d-4fed-9e32-397d138365f1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{aa2fac44-d24d-4fed-9e32-397d138365f1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5E77E682-59BC-4CA0-A37B-BD52B6409A00}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2409}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2409}
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\Imesh
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Speedchecker Limited
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\YTDownloader
Key Deleted : HKCU\Software\Cyti Web
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Imesh
Key Deleted : HKLM\SOFTWARE\omiga-plusSoftware
Key Deleted : HKLM\SOFTWARE\ShopperPro
Key Deleted : HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\torch
Key Deleted : HKLM\SOFTWARE\WNLT
Key Deleted : HKLM\SOFTWARE\YTDownloader
Key Deleted : HKLM\SOFTWARE\Cyti Web
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Imesh
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Music Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\omiga-plus uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YTDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Cyti Web
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v34.0.5 (x86 en-US)
[s5lj4m23.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
[s5lj4m23.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
[s5lj4m23.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Ask.com");
[s5lj4m23.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "omiga-plus");
[s5lj4m23.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1419356992&from=obw&uid=WDCXWD2500AVJS-63TBA0_WD-WCAPZ382496624966");
[s5lj4m23.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
[s5lj4m23.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=211&systemid=409&v=a14978-204&apn_dtid=BND409&apn_ptnrs=AGB&apn_uid=5909300234144318&o=APN10650&q=");
-\\ Google Chrome v39.0.2171.95
*************************
AdwCleaner[R0].txt - [32558 octets] - [25/12/2014 15:33:33]
AdwCleaner[S0].txt - [30528 octets] - [25/12/2014 15:46:40]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [30589 octets] ##########
# AdwCleaner v4.106 - Report created 25/12/2014 at 15:46:40
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : xxx - XXX-PC
# Running from : C:\Users\xxx\Desktop\adwcleaner_4.106.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : DatamngrCoordinator
[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A91196222
[#] Service Deleted : IBUpdaterService
Service Deleted : sbmntr
Service Deleted : torchcrashhandler
[#] Service Deleted : Update Cyti Web
[#] Service Deleted : Util Cyti Web
Service Deleted : {06b43f25-e282-4a26-a8ba-987e86000cdf}Gw
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
[#] Folder Deleted : C:\ProgramData\BitGuard
[#] Folder Deleted : C:\ProgramData\Browser Manager
[#] Folder Deleted : C:\ProgramData\BrowserProtect
[!] Folder Deleted : C:\ProgramData\DataMngr
Folder Deleted : C:\ProgramData\ShopperPro
Folder Deleted : C:\ProgramData\torchcrashhandler
Folder Deleted : C:\ProgramData\wincert
Folder Deleted : C:\ProgramData\WindowsMangerProtect
[!] Folder Deleted : C:\ProgramData\Datamngr
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\iMesh Applications
Folder Deleted : C:\Program Files\Music Toolbar
Folder Deleted : C:\Program Files\ShopperPro
Folder Deleted : C:\Program Files\SupTab
Folder Deleted : C:\Program Files\sweetpacks bundle uninstaller
Folder Deleted : C:\Program Files\YTDownloader
Folder Deleted : C:\Program Files\Zrychleni Pocitace
[!] Folder Deleted : C:\Program Files\Cyti Web
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Windows\system32\ARFC
Folder Deleted : C:\Windows\system32\jmdp
Folder Deleted : C:\Windows\system32\WNLT
Folder Deleted : C:\Users\xxx\AppData\Local\Temp\Cyti Web
Folder Deleted : C:\Users\Guest\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\xxx\AppData\Local\apn
Folder Deleted : C:\Users\xxx\AppData\Local\iMesh
Folder Deleted : C:\Users\xxx\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
Folder Deleted : C:\Users\xxx\AppData\Local\torch
Folder Deleted : C:\Users\xxx\AppData\Local\CrashRpt
Folder Deleted : C:\Users\xxx\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\xxx\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\xxx\AppData\Roaming\FirefoxToolbar
Folder Deleted : C:\Users\xxx\AppData\Roaming\omiga-plus
Folder Deleted : C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
Folder Deleted : C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
Folder Deleted : C:\Users\xxx\Documents\PCSpeedUp
Folder Deleted : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
Folder Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Folder Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Folder Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Folder Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmabjcmofdemkaaekcmpocognlfonepb
File Deleted : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
File Deleted : C:\Windows\system32\ImhxxpComm.dll
File Deleted : C:\Windows\system32\drivers\{06b43f25-e282-4a26-a8ba-987e86000cdf}Gw.sys
File Deleted : C:\Users\xxx\AppData\Local\Temp\uninstaller.exe
File Deleted : C:\Users\xxx\AppData\Local\Temp\OptimizerPro.exe
File Deleted : C:\Users\xxx\AppData\LocalLow\SkwConfig.bin
File Deleted : C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk
File Deleted : C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
File Deleted : C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iMesh.lnk
File Deleted : C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
File Deleted : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default\invalidprefs.js
File Deleted : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default\searchplugins\Ask.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\Ask.xml
File Deleted : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default\searchplugins\bingp.xml
File Deleted : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default\user.js
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\omiga-plus.xml
File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.search.ask.com_0.localstorage
File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.search.ask.com_0.localstorage-journal
File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_allin1convert.dl.tb.ask.com_0.localstorage
File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_allin1convert.dl.tb.ask.com_0.localstorage-journal
File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : PC SpeedUp Service Deactivator
Task Deleted : Scheduled Update for Ask Toolbar
Task Deleted : ShopperPro
Task Deleted : ShopperProJSUpd
Task Deleted : SMupdate1
Task Deleted : YTDownloader
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [pcspeedup]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\iMesh.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\Torch.exe
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.Device
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.file
Key Deleted : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\torch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMPlayCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMRipCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowVolumeOnArrival
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Value Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Cyti Web
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Cyti Web
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{969D2C61-9B16-407C-86B7-397BF4579BE6}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C353E32-B8AC-4B82-B988-4C2D3394388A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{aa2fac44-d24d-4fed-9e32-397d138365f1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{969D2C61-9B16-407C-86B7-397BF4579BE6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4b030cae-5396-4e8d-b29f-0bc3213ab606}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aa2fac44-d24d-4fed-9e32-397d138365f1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{aa2fac44-d24d-4fed-9e32-397d138365f1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5E77E682-59BC-4CA0-A37B-BD52B6409A00}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2409}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2409}
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\Imesh
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Speedchecker Limited
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\YTDownloader
Key Deleted : HKCU\Software\Cyti Web
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Imesh
Key Deleted : HKLM\SOFTWARE\omiga-plusSoftware
Key Deleted : HKLM\SOFTWARE\ShopperPro
Key Deleted : HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\torch
Key Deleted : HKLM\SOFTWARE\WNLT
Key Deleted : HKLM\SOFTWARE\YTDownloader
Key Deleted : HKLM\SOFTWARE\Cyti Web
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Imesh
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Music Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\omiga-plus uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YTDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Cyti Web
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v34.0.5 (x86 en-US)
[s5lj4m23.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
[s5lj4m23.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
[s5lj4m23.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Ask.com");
[s5lj4m23.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "omiga-plus");
[s5lj4m23.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1419356992&from=obw&uid=WDCXWD2500AVJS-63TBA0_WD-WCAPZ382496624966");
[s5lj4m23.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
[s5lj4m23.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=211&systemid=409&v=a14978-204&apn_dtid=BND409&apn_ptnrs=AGB&apn_uid=5909300234144318&o=APN10650&q=");
-\\ Google Chrome v39.0.2171.95
*************************
AdwCleaner[R0].txt - [32558 octets] - [25/12/2014 15:33:33]
AdwCleaner[S0].txt - [30528 octets] - [25/12/2014 15:46:40]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [30589 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Viry v PC
Poprosím o nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Viry v PC
Tady je:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-12-2014
Ran by xxx (administrator) on XXX-PC on 25-12-2014 19:22:47
Running from C:\Users\xxx\Desktop
Loaded Profile: xxx (Available profiles: xxx & UpdatusUser & Guest)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\xxx\Desktop\FRST (1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKLM\...\Run: [YTDownloader] => "C:\Program Files\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\Run: [Steam] => C:\Program Files\Steam\Steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\Run: [iMesh] => "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" --lightmode
HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\Run: [EADM] => C:\Program Files\Origin\Origin.exe [3618648 2014-12-18] (Electronic Arts)
HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21648480 2014-07-02] (Skype Technologies S.A.)
HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\MountPoints2: {9891cc17-49e0-11e3-8efd-001bfc8b364d} - I:\LGAutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-04-30] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
HKLM\...\AppCertDlls: [x64] -> c:\program files\music app\datamngr\x64\apcrtldr.dll <===== ATTENTION
HKLM\...\AppCertDlls: [x86] -> c:\program files\music app\datamngr\apcrtldr.dll [493576 2014-12-11] () <===== ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2003311748-928465584-277415609-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Music Toolbar (Dist. by Koyote-Lab, Inc.) -> {229ae5b5-5528-4a17-bfb4-1f7b10d4d006} -> C:\PROGRA~1\MUSICT~1\Datamngr\SRTOOL~2\IE\searchresultsDx.dll No File
BHO: Music Box Toolbar (Dist. by iMesh, Inc.) -> {45177936-603b-4261-8d42-df6f7091d5d0} -> C:\PROGRA~1\MUSICT~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Music Box Toolbar (Dist. by iMesh, Inc.) - {45177936-603b-4261-8d42-df6f7091d5d0} - C:\PROGRA~1\MUSICT~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll No File
Toolbar: HKLM - Music Toolbar (Dist. by Koyote-Lab, Inc.) - {229ae5b5-5528-4a17-bfb4-1f7b10d4d006} - C:\PROGRA~1\MUSICT~1\Datamngr\SRTOOL~2\IE\searchresultsDx.dll No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default
FF SearchEngineOrder.3: Bing
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2003311748-928465584-277415609-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\xxx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2003311748-928465584-277415609-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Cyti Web 1.0.1 - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default\Extensions\{06b43f25-e282-4a26-a8ba-987e86000cdf}.xpi [2014-12-23]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-09]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-15]
FF HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\Firefox\Extensions: [wcapturex@deskperience.com] - C:\Program Files\KingTranslate\WCaptureMoz
FF Extension: WordCaptureX - C:\Program Files\KingTranslate\WCaptureMoz [2013-12-22]
FF HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF Extension: No Name - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [Not Found]
FF Extension: No Name - {746505DC-0E21-4667-97F8-72EA6BCF5EEF} [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts=1419356992&from=obw&uid=WDCXWD2500AVJS-63TBA0_WD-WCAPZ382496624966
CHR StartupUrls: Default -> "hxxp://isearch.omiga-plus.com/?type=hp&ts=1419356992&from=obw&uid=WDCXWD2500AVJS-63TBA0_WD-WCAPZ382496624966"
CHR DefaultSearchKeyword: Default -> omiga-plus
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Music App) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaihhnfnbnpbhpagnmoplpcjbediml [2014-04-06]
CHR Extension: (Music Box Toolbar) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajcmpdgmklmanahacmhodmlanlgom [2014-04-06]
CHR Extension: (Assassin's Creed IV Black Flag) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\agibflpbghgmiinfaefgnldmfajdance [2014-08-14]
CHR Extension: (Dokumenty Google) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-06]
CHR Extension: (Disk Google) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-06]
CHR Extension: (YouTube) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-06]
CHR Extension: (Vyhledávání Google) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-06]
CHR Extension: (Cyti Web) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\imaonoflgcdidkofjhnlbinhjffgpjef [2014-12-24]
CHR Extension: (Allin1Convert) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmabjcmofdemkaaekcmpocognlfonepb [2014-12-25]
CHR Extension: (WordCaptureX) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf [2014-04-06]
CHR Extension: (Peněženka Google) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-06]
CHR Extension: (Gmail) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-06]
CHR HKLM\...\Chrome\Extension: [aaaaihhnfnbnpbhpagnmoplpcjbediml] - C:\Users\xxx\AppData\Local\imeshmusicboxtoolbar\GC\toolbar.crx [2013-06-19]
CHR HKLM\...\Chrome\Extension: [aaaajcmpdgmklmanahacmhodmlanlgom] - C:\Users\xxx\AppData\Local\kingtranslatemusictoolbarha\GC\toolbar.crx [2013-08-29]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-20]
CHR HKLM\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files\KingTranslate\wcxChrome.crx [2013-02-04]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-20] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1895760 2014-12-13] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2014-12-02] (LogMeIn, Inc.)
R3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-20] ()
R0 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [21576 2013-03-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-07-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-07-20] ()
R3 Atc002; C:\Windows\System32\DRIVERS\l260x86.sys [29184 2009-07-13] (Atheros Communications, Inc.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [378672 2014-12-21] (Symantec Corporation)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-13] (NXP Semiconductors)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35088 2013-04-30] (The OpenVPN Project)
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2010-01-21] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [20864 2010-01-21] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [24960 2010-01-21] (LG Electronics Inc.)
S2 SPDRIVER_1.38.0.1450; \??\C:\Program Files\ShopperPro\JSDriver\1.38.0.1450\jsdrv.sys [X]
S3 XDva401; \??\C:\Windows\system32\XDva401.sys [X]
S3 XDva403; \??\C:\Windows\system32\XDva403.sys [X]
S3 XDva404; \??\C:\Windows\system32\XDva404.sys [X]
S3 XDva405; \??\C:\Windows\system32\XDva405.sys [X]
S3 XDva406; \??\C:\Windows\system32\XDva406.sys [X]
S3 XDva410; \??\C:\Windows\system32\XDva410.sys [X]
S3 XDva413; \??\C:\Windows\system32\XDva413.sys [X]
S3 XDva415; \??\C:\Windows\system32\XDva415.sys [X]
S3 XDva423; \??\C:\Windows\system32\XDva423.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-25 15:59 - 2014-12-25 15:59 - 00000000 ____D () C:\Users\xxx\AppData\Local\CrashRpt
2014-12-25 15:33 - 2014-12-25 15:48 - 00000000 ____D () C:\AdwCleaner
2014-12-25 15:31 - 2014-12-25 15:32 - 02173952 _____ () C:\Users\xxx\Desktop\adwcleaner_4.106.exe
2014-12-25 14:30 - 2014-12-25 14:30 - 00000000 ____D () C:\ProgramData\241AE
2014-12-25 11:44 - 2014-12-25 11:44 - 00007787 _____ () C:\Users\xxx\Desktop\Addition.rar
2014-12-25 11:33 - 2014-12-25 11:42 - 00028937 _____ () C:\Users\xxx\Desktop\Addition.txt
2014-12-25 11:29 - 2014-12-25 19:24 - 00018012 _____ () C:\Users\xxx\Desktop\FRST.txt
2014-12-25 11:27 - 2014-12-25 19:22 - 00000000 ____D () C:\FRST
2014-12-25 11:21 - 2014-12-25 11:21 - 01114112 _____ (Farbar) C:\Users\xxx\Desktop\FRST (1).exe
2014-12-25 11:04 - 2014-12-25 11:05 - 01114112 _____ (Farbar) C:\Users\xxx\Downloads\FRST.exe
2014-12-25 09:36 - 2014-12-25 09:36 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-12-23 19:03 - 2014-12-23 19:03 - 00065814 _____ () C:\Users\xxx\Downloads\Naruto-Arena Hack v1.0.rar
2014-12-23 18:54 - 2014-12-23 18:54 - 00001021 _____ () C:\Users\xxx\Desktop\Zrychleni Pocitace.lnk
2014-12-23 18:53 - 2014-12-23 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-23 18:53 - 2014-12-23 18:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-23 18:52 - 2014-12-25 15:47 - 00000000 ____D () C:\Program Files\Cyti Web
2014-12-23 18:47 - 2014-12-23 18:47 - 00605355 _____ () C:\Users\xxx\Downloads\Hack Tool V3 (1).zip
2014-12-23 18:46 - 2014-12-23 18:46 - 00605355 _____ () C:\Users\xxx\Downloads\Nepotvrzeno 580664.crdownload
2014-12-22 18:36 - 2014-12-22 18:36 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Macromedia
2014-12-22 18:36 - 2014-12-22 18:36 - 00000000 ____D () C:\Users\Guest\AppData\Local\Macromedia
2014-12-22 18:34 - 2014-12-22 18:34 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Mozilla
2014-12-22 18:34 - 2014-12-22 18:34 - 00000000 ____D () C:\Users\Guest\AppData\Local\Mozilla
2014-12-22 18:33 - 2014-12-22 18:33 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\AVAST Software
2014-12-17 21:06 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-15 19:29 - 2014-12-15 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-15 19:29 - 2014-12-15 19:29 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-12-15 19:26 - 2014-12-15 19:26 - 00000000 ____D () C:\Program Files\Music App
2014-12-10 23:26 - 2014-12-10 23:26 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 08:28 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 08:19 - 2014-12-04 05:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 08:19 - 2014-12-04 05:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 08:19 - 2014-12-04 05:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 08:19 - 2014-12-04 05:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 08:19 - 2014-12-04 05:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 08:19 - 2014-12-04 05:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 08:19 - 2014-12-04 05:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 08:19 - 2014-12-02 00:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 08:19 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 08:19 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 08:19 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 08:19 - 2014-11-22 03:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 08:19 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 08:19 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 08:19 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 08:19 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 08:19 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 08:19 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 08:19 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 08:19 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 08:19 - 2014-11-22 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 08:19 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 08:19 - 2014-11-22 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 08:19 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 08:19 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 08:19 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 08:19 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 08:19 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 08:19 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 08:19 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 08:19 - 2014-11-22 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 08:19 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 08:19 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 08:19 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 08:19 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 08:19 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 08:19 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 08:19 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 08:19 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 08:18 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 08:18 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 08:17 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 08:17 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 08:17 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 08:17 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 08:17 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 19:56 - 2014-12-09 19:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-07 12:26 - 2014-12-07 12:33 - 00000000 ____D () C:\Users\xxx\AppData\Local\Ubisoft Game Launcher
2014-12-07 11:15 - 2014-12-07 11:15 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2014-12-07 11:15 - 2014-12-07 11:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-12-07 10:11 - 2014-12-07 10:11 - 00053081 _____ () C:\Users\xxx\Downloads\Attack on Titan Custom Skins View topic - Ichigo bankai new bankai mask dual blades.html
2014-12-07 10:11 - 2014-12-07 10:11 - 00000000 ____D () C:\Users\xxx\Downloads\Attack on Titan Custom Skins View topic - Ichigo bankai new bankai mask dual blades_files
2014-12-06 20:27 - 2014-12-06 20:33 - 30993712 _____ (Riot Games) C:\Users\xxx\Desktop\LeagueofLegends_EUNE_Installer_9_15_2014.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-25 19:21 - 2013-05-03 19:37 - 00000000 ____D () C:\Users\xxx\AppData\Local\LogMeIn Hamachi
2014-12-25 19:21 - 2012-12-15 12:44 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Skype
2014-12-25 19:21 - 2012-12-15 09:19 - 01535976 _____ () C:\Windows\WindowsUpdate.log
2014-12-25 19:20 - 2012-12-15 16:53 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-25 18:53 - 2012-12-17 08:38 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-25 16:01 - 2013-12-28 17:33 - 00000000 ____D () C:\ProgramData\Origin
2014-12-25 16:01 - 2013-03-27 17:46 - 00000000 ____D () C:\Program Files\Steam
2014-12-25 15:58 - 2009-07-14 05:34 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-25 15:58 - 2009-07-14 05:34 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-25 15:54 - 2013-12-28 17:31 - 00000000 ____D () C:\Program Files\Origin
2014-12-25 15:54 - 2012-12-15 16:53 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-25 15:51 - 2012-12-15 20:23 - 00229272 _____ () C:\Windows\PFRO.log
2014-12-25 15:51 - 2012-12-15 12:43 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-25 15:51 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-25 15:51 - 2009-07-14 05:39 - 00752147 _____ () C:\Windows\setupact.log
2014-12-25 15:48 - 2014-04-06 12:54 - 00001210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-25 15:48 - 2014-04-06 12:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-25 15:48 - 2014-02-15 17:40 - 00000985 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-25 15:48 - 2014-02-15 17:40 - 00000973 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-25 15:48 - 2012-12-15 10:04 - 00001084 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-25 15:47 - 2009-07-14 03:04 - 00000580 _____ () C:\Windows\win.ini
2014-12-25 00:30 - 2007-12-06 06:55 - 00000000 ____D () C:\install
2014-12-24 21:16 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-12-23 18:52 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-22 18:33 - 2014-01-31 15:00 - 00000000 ____D () C:\Users\Guest\AppData\Local\LogMeIn Hamachi
2014-12-21 09:35 - 2014-08-30 08:28 - 00000436 ____H () C:\Windows\Tasks\Norton Security Scan for xxx.job
2014-12-14 13:55 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-12-11 00:53 - 2012-12-17 08:38 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-11 00:53 - 2012-12-17 08:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-10 23:26 - 2014-05-06 11:38 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 23:26 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 08:07 - 2014-02-15 17:40 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-07 11:16 - 2013-11-10 09:45 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Riot Games
2014-12-07 11:08 - 2013-07-21 20:17 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-11-27 19:20 - 2013-03-27 17:46 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-11-25 08:06 - 2013-12-28 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
Files to move or delete:
====================
c:\program files\music app\datamngr\apcrtldr.dll
Some content of TEMP:
====================
C:\Users\xxx\AppData\Local\Temp\APNStub.exe
C:\Users\xxx\AppData\Local\Temp\bundlesweetimsetup.exe
C:\Users\xxx\AppData\Local\Temp\Delta.exe
C:\Users\xxx\AppData\Local\Temp\DeltaTB.exe
C:\Users\xxx\AppData\Local\Temp\DownloadManager.exe
C:\Users\xxx\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaaf8id.dll
C:\Users\xxx\AppData\Local\Temp\EmptySetup.exe
C:\Users\xxx\AppData\Local\Temp\GenericUninstall.exe
C:\Users\xxx\AppData\Local\Temp\i4jdel0.exe
C:\Users\xxx\AppData\Local\Temp\i4jdel1.exe
C:\Users\xxx\AppData\Local\Temp\i4jdel2.exe
C:\Users\xxx\AppData\Local\Temp\install_flashplayer11x32ax_gtbp_chra_aih.exe
C:\Users\xxx\AppData\Local\Temp\jansi-32-git-Bukkit-1.4.7-R1.0-66-g543fc73-b2706jnks.dll
C:\Users\xxx\AppData\Local\Temp\mgsqlite3.dll
C:\Users\xxx\AppData\Local\Temp\MybabylonTB.exe
C:\Users\xxx\AppData\Local\Temp\propsys.dll
C:\Users\xxx\AppData\Local\Temp\Quarantine.exe
C:\Users\xxx\AppData\Local\Temp\SkypeSetup.exe
C:\Users\xxx\AppData\Local\Temp\sqlite3.dll
C:\Users\xxx\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\xxx\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\xxx\AppData\Local\Temp\ubiB146.tmp.exe
C:\Users\xxx\AppData\Local\Temp\WSSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-25 00:23
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-12-2014
Ran by xxx (administrator) on XXX-PC on 25-12-2014 19:22:47
Running from C:\Users\xxx\Desktop
Loaded Profile: xxx (Available profiles: xxx & UpdatusUser & Guest)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\xxx\Desktop\FRST (1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKLM\...\Run: [YTDownloader] => "C:\Program Files\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\Run: [Steam] => C:\Program Files\Steam\Steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\Run: [iMesh] => "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" --lightmode
HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\Run: [EADM] => C:\Program Files\Origin\Origin.exe [3618648 2014-12-18] (Electronic Arts)
HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21648480 2014-07-02] (Skype Technologies S.A.)
HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\MountPoints2: {9891cc17-49e0-11e3-8efd-001bfc8b364d} - I:\LGAutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-04-30] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
HKLM\...\AppCertDlls: [x64] -> c:\program files\music app\datamngr\x64\apcrtldr.dll <===== ATTENTION
HKLM\...\AppCertDlls: [x86] -> c:\program files\music app\datamngr\apcrtldr.dll [493576 2014-12-11] () <===== ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2003311748-928465584-277415609-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Music Toolbar (Dist. by Koyote-Lab, Inc.) -> {229ae5b5-5528-4a17-bfb4-1f7b10d4d006} -> C:\PROGRA~1\MUSICT~1\Datamngr\SRTOOL~2\IE\searchresultsDx.dll No File
BHO: Music Box Toolbar (Dist. by iMesh, Inc.) -> {45177936-603b-4261-8d42-df6f7091d5d0} -> C:\PROGRA~1\MUSICT~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Music Box Toolbar (Dist. by iMesh, Inc.) - {45177936-603b-4261-8d42-df6f7091d5d0} - C:\PROGRA~1\MUSICT~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll No File
Toolbar: HKLM - Music Toolbar (Dist. by Koyote-Lab, Inc.) - {229ae5b5-5528-4a17-bfb4-1f7b10d4d006} - C:\PROGRA~1\MUSICT~1\Datamngr\SRTOOL~2\IE\searchresultsDx.dll No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default
FF SearchEngineOrder.3: Bing
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2003311748-928465584-277415609-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\xxx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2003311748-928465584-277415609-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Cyti Web 1.0.1 - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default\Extensions\{06b43f25-e282-4a26-a8ba-987e86000cdf}.xpi [2014-12-23]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-09]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-15]
FF HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\Firefox\Extensions: [wcapturex@deskperience.com] - C:\Program Files\KingTranslate\WCaptureMoz
FF Extension: WordCaptureX - C:\Program Files\KingTranslate\WCaptureMoz [2013-12-22]
FF HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF Extension: No Name - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\s5lj4m23.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [Not Found]
FF Extension: No Name - {746505DC-0E21-4667-97F8-72EA6BCF5EEF} [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts=1419356992&from=obw&uid=WDCXWD2500AVJS-63TBA0_WD-WCAPZ382496624966
CHR StartupUrls: Default -> "hxxp://isearch.omiga-plus.com/?type=hp&ts=1419356992&from=obw&uid=WDCXWD2500AVJS-63TBA0_WD-WCAPZ382496624966"
CHR DefaultSearchKeyword: Default -> omiga-plus
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Music App) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaihhnfnbnpbhpagnmoplpcjbediml [2014-04-06]
CHR Extension: (Music Box Toolbar) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajcmpdgmklmanahacmhodmlanlgom [2014-04-06]
CHR Extension: (Assassin's Creed IV Black Flag) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\agibflpbghgmiinfaefgnldmfajdance [2014-08-14]
CHR Extension: (Dokumenty Google) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-06]
CHR Extension: (Disk Google) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-06]
CHR Extension: (YouTube) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-06]
CHR Extension: (Vyhledávání Google) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-06]
CHR Extension: (Cyti Web) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\imaonoflgcdidkofjhnlbinhjffgpjef [2014-12-24]
CHR Extension: (Allin1Convert) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmabjcmofdemkaaekcmpocognlfonepb [2014-12-25]
CHR Extension: (WordCaptureX) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf [2014-04-06]
CHR Extension: (Peněženka Google) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-06]
CHR Extension: (Gmail) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-06]
CHR HKLM\...\Chrome\Extension: [aaaaihhnfnbnpbhpagnmoplpcjbediml] - C:\Users\xxx\AppData\Local\imeshmusicboxtoolbar\GC\toolbar.crx [2013-06-19]
CHR HKLM\...\Chrome\Extension: [aaaajcmpdgmklmanahacmhodmlanlgom] - C:\Users\xxx\AppData\Local\kingtranslatemusictoolbarha\GC\toolbar.crx [2013-08-29]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-20]
CHR HKLM\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files\KingTranslate\wcxChrome.crx [2013-02-04]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-20] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1895760 2014-12-13] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2014-12-02] (LogMeIn, Inc.)
R3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-20] ()
R0 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [21576 2013-03-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-07-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-07-20] ()
R3 Atc002; C:\Windows\System32\DRIVERS\l260x86.sys [29184 2009-07-13] (Atheros Communications, Inc.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [378672 2014-12-21] (Symantec Corporation)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-13] (NXP Semiconductors)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35088 2013-04-30] (The OpenVPN Project)
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2010-01-21] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [20864 2010-01-21] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [24960 2010-01-21] (LG Electronics Inc.)
S2 SPDRIVER_1.38.0.1450; \??\C:\Program Files\ShopperPro\JSDriver\1.38.0.1450\jsdrv.sys [X]
S3 XDva401; \??\C:\Windows\system32\XDva401.sys [X]
S3 XDva403; \??\C:\Windows\system32\XDva403.sys [X]
S3 XDva404; \??\C:\Windows\system32\XDva404.sys [X]
S3 XDva405; \??\C:\Windows\system32\XDva405.sys [X]
S3 XDva406; \??\C:\Windows\system32\XDva406.sys [X]
S3 XDva410; \??\C:\Windows\system32\XDva410.sys [X]
S3 XDva413; \??\C:\Windows\system32\XDva413.sys [X]
S3 XDva415; \??\C:\Windows\system32\XDva415.sys [X]
S3 XDva423; \??\C:\Windows\system32\XDva423.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-25 15:59 - 2014-12-25 15:59 - 00000000 ____D () C:\Users\xxx\AppData\Local\CrashRpt
2014-12-25 15:33 - 2014-12-25 15:48 - 00000000 ____D () C:\AdwCleaner
2014-12-25 15:31 - 2014-12-25 15:32 - 02173952 _____ () C:\Users\xxx\Desktop\adwcleaner_4.106.exe
2014-12-25 14:30 - 2014-12-25 14:30 - 00000000 ____D () C:\ProgramData\241AE
2014-12-25 11:44 - 2014-12-25 11:44 - 00007787 _____ () C:\Users\xxx\Desktop\Addition.rar
2014-12-25 11:33 - 2014-12-25 11:42 - 00028937 _____ () C:\Users\xxx\Desktop\Addition.txt
2014-12-25 11:29 - 2014-12-25 19:24 - 00018012 _____ () C:\Users\xxx\Desktop\FRST.txt
2014-12-25 11:27 - 2014-12-25 19:22 - 00000000 ____D () C:\FRST
2014-12-25 11:21 - 2014-12-25 11:21 - 01114112 _____ (Farbar) C:\Users\xxx\Desktop\FRST (1).exe
2014-12-25 11:04 - 2014-12-25 11:05 - 01114112 _____ (Farbar) C:\Users\xxx\Downloads\FRST.exe
2014-12-25 09:36 - 2014-12-25 09:36 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-12-23 19:03 - 2014-12-23 19:03 - 00065814 _____ () C:\Users\xxx\Downloads\Naruto-Arena Hack v1.0.rar
2014-12-23 18:54 - 2014-12-23 18:54 - 00001021 _____ () C:\Users\xxx\Desktop\Zrychleni Pocitace.lnk
2014-12-23 18:53 - 2014-12-23 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-23 18:53 - 2014-12-23 18:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-23 18:52 - 2014-12-25 15:47 - 00000000 ____D () C:\Program Files\Cyti Web
2014-12-23 18:47 - 2014-12-23 18:47 - 00605355 _____ () C:\Users\xxx\Downloads\Hack Tool V3 (1).zip
2014-12-23 18:46 - 2014-12-23 18:46 - 00605355 _____ () C:\Users\xxx\Downloads\Nepotvrzeno 580664.crdownload
2014-12-22 18:36 - 2014-12-22 18:36 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Macromedia
2014-12-22 18:36 - 2014-12-22 18:36 - 00000000 ____D () C:\Users\Guest\AppData\Local\Macromedia
2014-12-22 18:34 - 2014-12-22 18:34 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Mozilla
2014-12-22 18:34 - 2014-12-22 18:34 - 00000000 ____D () C:\Users\Guest\AppData\Local\Mozilla
2014-12-22 18:33 - 2014-12-22 18:33 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\AVAST Software
2014-12-17 21:06 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-15 19:29 - 2014-12-15 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-15 19:29 - 2014-12-15 19:29 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-12-15 19:26 - 2014-12-15 19:26 - 00000000 ____D () C:\Program Files\Music App
2014-12-10 23:26 - 2014-12-10 23:26 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 08:28 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 08:19 - 2014-12-04 05:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 08:19 - 2014-12-04 05:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 08:19 - 2014-12-04 05:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 08:19 - 2014-12-04 05:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 08:19 - 2014-12-04 05:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 08:19 - 2014-12-04 05:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 08:19 - 2014-12-04 05:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 08:19 - 2014-12-02 00:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 08:19 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 08:19 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 08:19 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 08:19 - 2014-11-22 03:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 08:19 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 08:19 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 08:19 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 08:19 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 08:19 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 08:19 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 08:19 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 08:19 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 08:19 - 2014-11-22 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 08:19 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 08:19 - 2014-11-22 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 08:19 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 08:19 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 08:19 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 08:19 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 08:19 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 08:19 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 08:19 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 08:19 - 2014-11-22 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 08:19 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 08:19 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 08:19 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 08:19 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 08:19 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 08:19 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 08:19 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 08:19 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 08:18 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 08:18 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 08:17 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 08:17 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 08:17 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 08:17 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 08:17 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 19:56 - 2014-12-09 19:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-07 12:26 - 2014-12-07 12:33 - 00000000 ____D () C:\Users\xxx\AppData\Local\Ubisoft Game Launcher
2014-12-07 11:15 - 2014-12-07 11:15 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2014-12-07 11:15 - 2014-12-07 11:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-12-07 10:11 - 2014-12-07 10:11 - 00053081 _____ () C:\Users\xxx\Downloads\Attack on Titan Custom Skins View topic - Ichigo bankai new bankai mask dual blades.html
2014-12-07 10:11 - 2014-12-07 10:11 - 00000000 ____D () C:\Users\xxx\Downloads\Attack on Titan Custom Skins View topic - Ichigo bankai new bankai mask dual blades_files
2014-12-06 20:27 - 2014-12-06 20:33 - 30993712 _____ (Riot Games) C:\Users\xxx\Desktop\LeagueofLegends_EUNE_Installer_9_15_2014.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-25 19:21 - 2013-05-03 19:37 - 00000000 ____D () C:\Users\xxx\AppData\Local\LogMeIn Hamachi
2014-12-25 19:21 - 2012-12-15 12:44 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Skype
2014-12-25 19:21 - 2012-12-15 09:19 - 01535976 _____ () C:\Windows\WindowsUpdate.log
2014-12-25 19:20 - 2012-12-15 16:53 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-25 18:53 - 2012-12-17 08:38 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-25 16:01 - 2013-12-28 17:33 - 00000000 ____D () C:\ProgramData\Origin
2014-12-25 16:01 - 2013-03-27 17:46 - 00000000 ____D () C:\Program Files\Steam
2014-12-25 15:58 - 2009-07-14 05:34 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-25 15:58 - 2009-07-14 05:34 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-25 15:54 - 2013-12-28 17:31 - 00000000 ____D () C:\Program Files\Origin
2014-12-25 15:54 - 2012-12-15 16:53 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-25 15:51 - 2012-12-15 20:23 - 00229272 _____ () C:\Windows\PFRO.log
2014-12-25 15:51 - 2012-12-15 12:43 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-25 15:51 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-25 15:51 - 2009-07-14 05:39 - 00752147 _____ () C:\Windows\setupact.log
2014-12-25 15:48 - 2014-04-06 12:54 - 00001210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-25 15:48 - 2014-04-06 12:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-25 15:48 - 2014-02-15 17:40 - 00000985 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-25 15:48 - 2014-02-15 17:40 - 00000973 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-25 15:48 - 2012-12-15 10:04 - 00001084 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-25 15:47 - 2009-07-14 03:04 - 00000580 _____ () C:\Windows\win.ini
2014-12-25 00:30 - 2007-12-06 06:55 - 00000000 ____D () C:\install
2014-12-24 21:16 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-12-23 18:52 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-22 18:33 - 2014-01-31 15:00 - 00000000 ____D () C:\Users\Guest\AppData\Local\LogMeIn Hamachi
2014-12-21 09:35 - 2014-08-30 08:28 - 00000436 ____H () C:\Windows\Tasks\Norton Security Scan for xxx.job
2014-12-14 13:55 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-12-11 00:53 - 2012-12-17 08:38 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-11 00:53 - 2012-12-17 08:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-10 23:26 - 2014-05-06 11:38 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 23:26 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 08:07 - 2014-02-15 17:40 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-07 11:16 - 2013-11-10 09:45 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Riot Games
2014-12-07 11:08 - 2013-07-21 20:17 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-11-27 19:20 - 2013-03-27 17:46 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-11-25 08:06 - 2013-12-28 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
Files to move or delete:
====================
c:\program files\music app\datamngr\apcrtldr.dll
Some content of TEMP:
====================
C:\Users\xxx\AppData\Local\Temp\APNStub.exe
C:\Users\xxx\AppData\Local\Temp\bundlesweetimsetup.exe
C:\Users\xxx\AppData\Local\Temp\Delta.exe
C:\Users\xxx\AppData\Local\Temp\DeltaTB.exe
C:\Users\xxx\AppData\Local\Temp\DownloadManager.exe
C:\Users\xxx\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaaf8id.dll
C:\Users\xxx\AppData\Local\Temp\EmptySetup.exe
C:\Users\xxx\AppData\Local\Temp\GenericUninstall.exe
C:\Users\xxx\AppData\Local\Temp\i4jdel0.exe
C:\Users\xxx\AppData\Local\Temp\i4jdel1.exe
C:\Users\xxx\AppData\Local\Temp\i4jdel2.exe
C:\Users\xxx\AppData\Local\Temp\install_flashplayer11x32ax_gtbp_chra_aih.exe
C:\Users\xxx\AppData\Local\Temp\jansi-32-git-Bukkit-1.4.7-R1.0-66-g543fc73-b2706jnks.dll
C:\Users\xxx\AppData\Local\Temp\mgsqlite3.dll
C:\Users\xxx\AppData\Local\Temp\MybabylonTB.exe
C:\Users\xxx\AppData\Local\Temp\propsys.dll
C:\Users\xxx\AppData\Local\Temp\Quarantine.exe
C:\Users\xxx\AppData\Local\Temp\SkypeSetup.exe
C:\Users\xxx\AppData\Local\Temp\sqlite3.dll
C:\Users\xxx\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\xxx\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\xxx\AppData\Local\Temp\ubiB146.tmp.exe
C:\Users\xxx\AppData\Local\Temp\WSSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-25 00:23
==================== End Of Log ============================
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Viry v PC
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [YTDownloader] => "C:\Program Files\YTDownloader\YTDownloader.exe" /boot
C:\Program Files\YTDownloader
HKU\S-1-5-21-2003311748-928465584-277415609-1000\...\MountPoints2: {9891cc17-49e0-11e3-8efd-001bfc8b364d} - I:\LGAutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
C:\Program Files\McAfee Security Scan
HKLM\...\AppCertDlls: [x64] -> c:\program files\music app\datamngr\x64\apcrtldr.dll <===== ATTENTION
HKLM\...\AppCertDlls: [x86] -> c:\program files\music app\datamngr\apcrtldr.dll [493576 2014-12-11] () <===== ATTENTION
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2003311748-928465584-277415609-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
C:\Program Files\Google\Google Toolbar
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
C:\Program Files\Skype\Toolbars
FF SearchEngineOrder.3: Bing
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
0E21-4667-97F8-72EA6BCF5EEF} [Not Found]
FF Extension: No Name - {746505DC-0E21-4667-97F8-72EA6BCF5EEF} [Not Found]
CHR Extension: (Cyti Web) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\imaonoflgcdidkofjhnlbinhjffgpjef [2014-12-24]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 XDva401; \??\C:\Windows\system32\XDva401.sys [X]
S3 XDva403; \??\C:\Windows\system32\XDva403.sys [X]
S3 XDva404; \??\C:\Windows\system32\XDva404.sys [X]
S3 XDva405; \??\C:\Windows\system32\XDva405.sys [X]
S3 XDva406; \??\C:\Windows\system32\XDva406.sys [X]
S3 XDva410; \??\C:\Windows\system32\XDva410.sys [X]
S3 XDva413; \??\C:\Windows\system32\XDva413.sys [X]
S3 XDva415; \??\C:\Windows\system32\XDva415.sys [X]
S3 XDva423; \??\C:\Windows\system32\XDva423.sys [X]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\xxx\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Viry v PC
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Viry v PC
Avast uz nehlasi zadny viry. Ale pocitac je stale trochu pomaly, ale to bude asi necim jinym. Mnohokrakt diky za rychlou pomoc!
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Viry v PC
Zkuste defragmentovat disk. Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?