Dobry den,
Prosil by som o pomoc. Vyuzivanie RAM a CPU je na 90+ % zabera to najme chrome a hostitelske sluzby, Hrozne vela reklam mam vsade a enormne vela POP-ups. Automaticky mi pocitac stahuje rozlicne programy bez povolenia. Skusal som uz vseliaky antivirus ale bolo to neefektivne, skusal som CCleaner a Adwcleaner stale sa mi to nevyriesilo. Posielam vam Log FRST.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-08-2015
Ran by PC (administrator) on USER (21-08-2015 18:57:33)
Running from C:\Users\PC\Desktop
Loaded Profiles: UpdatusUser & PC (Available Profiles: UpdatusUser & PC)
Platform: Windows 8.1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ABBYY InfoPoisk LLC) C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\2EC88D00-1439869900-81E3-2A6A-E03F49DDD7C4\knsr99F0.tmpfs
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [40184 2015-02-27] (Panda Security, S.L.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133760 2014-01-02] (Atheros Communications)
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-18\...\Run: [] => [X]
HKU\S-1-5-18\...\RunOnce: [panda] => reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f
HKU\S-1-5-18\...\RunOnce: [panda_XP] => reg.exe delete "HKCU\Software\panda" /f
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\supernatural-bloody-mary-eng-3362689.lnk [2015-04-20]
ShortcutTarget: supernatural-bloody-mary-eng-3362689.lnk -> C:\ProgramData\{711a26d9-5f47-33b8-711a-a26d95f49b65}\supernatural-bloody-mary-eng-3362689.exe (No File)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\supernatural-inside-man-eng-6107425.lnk [2015-04-20]
ShortcutTarget: supernatural-inside-man-eng-6107425.lnk -> C:\ProgramData\{8246ea6b-42e2-41b8-8246-6ea6b42ea9ad}\supernatural-inside-man-eng-6107425.exe (No File)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
BootExecute: autocheck autochk * sh4native Sh4Removal
GroupPolicyScripts-x32: Group Policy detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETid5twByAafrW7y8v6eSFLe9KUa9_SEQ9ucexk-p24F_Vk2jjHREmFKBvpvpFw3h7Rn257c1erCeQE,
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=en-GB&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fasus13.msn.com&OSP=
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1001 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1002 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3 ... rms}&SSPV=
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1002 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-05] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-02-10] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-05] (Oracle Corporation)
BHO-x32: TunePro360 -> {5E04457F-D6D4-4A7E-8277-5EF1CA591CC7} -> C:\Program Files (x86)\adlevel\TunePRO360.dll [2015-06-16] (TunePro360)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-05] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-02-10] ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-05] (Oracle Corporation)
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-02-10] ()
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-02-10] ()
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.128.0.5
Tcpip\..\Interfaces\{60B0C5D2-11C7-4334-96A0-AE954B20F1DA}: [NameServer] 82.163.143.152,82.163.142.154
Tcpip\..\Interfaces\{60B0C5D2-11C7-4334-96A0-AE954B20F1DA}: [DhcpNameServer] 10.128.0.5
Tcpip\..\Interfaces\{84F96D3E-7928-4689-93CF-E962AD7E4180}: [NameServer] 82.163.143.152,82.163.142.154
Tcpip\..\Interfaces\{84F96D3E-7928-4689-93CF-E962AD7E4180}: [DhcpNameServer] 10.0.0.1 10.0.0.5
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-21] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-05-05] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-21] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-31] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-31] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-05-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{969a43f0-fd3b-4026-aa4b-af70ac7c9d9c}] - \distribution\bundles\{969a43f0-fd3b-4026-aa4b-af70ac7c9d9c}
Chrome:
=======
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Web Store Payments) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-25]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Corporate.11.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [821048 2013-06-17] (ABBYY InfoPoisk LLC)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-07-23] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2014-01-02] (Windows (R) Win 7 DDK provider) [File not signed]
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1619704 2013-03-26] (IVT Corporation)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [File not signed]
U4 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [36992 2013-08-22] (Microsoft Corporation)
U4 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [30720 2013-08-22] (Microsoft Corporation)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [83032 2013-07-31] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [100032 2013-07-31] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [84568 2013-07-31] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [92864 2013-07-31] (Intel Corporation)
R2 HPSLPSVC; C:\Users\PC\AppData\Local\Temp\7zS473C\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-31] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-31] (Intel Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142584 2015-02-27] (Panda Security, S.L.)
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2006-11-10] (Nero AG) [File not signed]
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [1910128 2015-01-30] (Electronic Arts)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-02-27] (Panda Security, S.L.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-01-02] (Atheros) [File not signed]
R2 cewejyfy; C:\Program Files (x86)\2EC88D00-1439869900-81E3-2A6A-E03F49DDD7C4\knsr99F0.tmpfs [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S5 3ware; C:\Windows\System32\drivers\3ware.sys [108896 2013-08-22] (LSI)
R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [533824 2014-10-07] (Microsoft Corporation)
R5 acpiex; C:\Windows\System32\Drivers\acpiex.sys [79712 2013-08-22] (Microsoft Corporation)
S5 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S5 agp440; C:\Windows\System32\drivers\agp440.sys [62304 2013-08-22] (Microsoft Corporation)
S5 amdsata; C:\Windows\System32\drivers\amdsata.sys [79200 2013-08-22] (Advanced Micro Devices)
S5 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259424 2013-08-22] (AMD Technologies Inc.)
S5 amdxata; C:\Windows\System32\drivers\amdxata.sys [25952 2013-08-22] (Advanced Micro Devices)
S5 arcsas; C:\Windows\System32\drivers\arcsas.sys [114016 2013-08-22] (PMC-Sierra, Inc.)
S5 atapi; C:\Windows\System32\drivers\atapi.sys [26464 2013-08-22] (Microsoft Corporation)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70416 2013-09-23] (ASUS Corporation)
S5 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [531296 2013-08-22] (Broadcom Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)
R5 CLFS; C:\Windows\System32\drivers\CLFS.sys [377152 2015-03-04] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [561928 2015-03-30] (Microsoft Corporation)
R5 disk; C:\Windows\System32\drivers\disk.sys [100192 2013-08-22] (Microsoft Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [57216 2013-07-31] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [120256 2013-07-31] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [200808 2013-07-31] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-05-23] (Disc Soft Ltd)
S5 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R5 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [82784 2013-08-22] (Microsoft Corporation)
S5 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [114016 2013-08-22] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [79192 2014-03-18] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [354112 2014-08-26] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [30048 2013-08-22] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [589656 2014-05-23] (Microsoft Corporation)
S5 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [65888 2013-08-22] (Microsoft Corporation)
S5 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64352 2013-08-22] (Hewlett-Packard Company)
S5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [24416 2013-08-22] (Microsoft Corporation)
R5 iaStorA; C:\Windows\System32\drivers\iaStorA.sys [677360 2013-05-03] (Intel Corporation)
S5 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
S5 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412000 2013-08-22] (Intel Corporation)
S5 intelide; C:\Windows\System32\drivers\intelide.sys [18272 2013-08-22] (Microsoft Corporation)
R5 intelpep; C:\Windows\System32\drivers\intelpep.sys [39744 2014-10-13] (Microsoft Corporation)
S5 isapnp; C:\Windows\System32\drivers\isapnp.sys [21856 2013-08-22] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [100672 2014-10-29] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [178008 2015-06-28] (Microsoft Corporation)
S5 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [109408 2013-08-22] (LSI Corporation)
S5 LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [93536 2013-08-22] (LSI Corporation)
S5 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S5 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82784 2013-08-22] (LSI Corporation)
S5 megasas; C:\Windows\System32\drivers\megasas.sys [56672 2013-08-22] (LSI Corporation)
S5 megasr; C:\Windows\System32\drivers\megasr.sys [575840 2013-08-22] (LSI Corporation, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [101720 2015-07-16] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [17248 2013-08-22] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [78688 2013-08-22] (Microsoft Corporation)
S5 mvumis; C:\Windows\System32\drivers\mvumis.sys [63840 2013-08-22] (Marvell Semiconductor, Inc.)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [1113944 2015-07-14] (Microsoft Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [93968 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202000 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110864 2015-02-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [116496 2015-02-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [49936 2014-12-31] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [99600 2015-02-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69904 2015-02-09] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124176 2015-02-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [299792 2015-02-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [166160 2015-02-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113424 2015-02-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257296 2015-02-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106256 2015-02-09] (Panda Security, S.L.)
R5 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [32544 2013-12-10] (NVIDIA Corporation)
S5 nvraid; C:\Windows\System32\drivers\nvraid.sys [150368 2013-08-22] (NVIDIA Corporation)
S5 nvstor; C:\Windows\System32\drivers\nvstor.sys [168288 2013-08-22] (NVIDIA Corporation)
S5 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [124768 2013-08-22] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [88896 2014-10-15] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [280384 2014-07-24] (Microsoft Corporation)
S5 pciide; C:\Windows\System32\drivers\pciide.sys [14688 2013-08-22] (Microsoft Corporation)
S5 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [114528 2013-08-22] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50016 2013-08-22] (Microsoft Corporation)
R5 pdc; C:\Windows\System32\drivers\pdc.sys [86336 2014-10-13] (Microsoft Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-07-23] (Windows (R) Win 7 DDK provider)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163576 2015-06-17] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2015-02-25] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197392 2015-02-25] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124176 2015-02-25] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [133904 2015-02-25] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2015-02-25] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-05-22] (Panda Security, S.L.)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [249688 2014-03-18] (Microsoft Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1149232 2013-03-09] (Ralink Technology, Corp.)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [460872 2013-03-08] (RTS Corporation)
S5 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [107872 2013-08-22] (Microsoft Corporation)
S5 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44896 2013-08-22] (Silicon Integrated Systems Corp.)
S5 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81760 2013-08-22] (Silicon Integrated Systems)
R5 spaceport; C:\Windows\System32\drivers\spaceport.sys [415040 2014-10-29] (Microsoft Corporation)
S5 stexstor; C:\Windows\System32\drivers\stexstor.sys [31072 2013-08-22] (Promise Technology, Inc.)
S5 storahci; C:\Windows\System32\drivers\storahci.sys [107872 2013-08-22] (Microsoft Corporation)
S5 storflt; C:\Windows\System32\drivers\vmstorfl.sys [49944 2014-10-29] (Microsoft Corporation)
S5 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2014-03-18] (Microsoft Corporation)
S5 storvsc; C:\Windows\System32\drivers\storvsc.sys [45888 2013-08-22] (Microsoft Corporation)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2476376 2015-06-11] (Microsoft Corporation)
S5 uagp35; C:\Windows\System32\drivers\uagp35.sys [64864 2013-08-22] (Microsoft Corporation)
S5 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [65888 2013-08-22] (Microsoft Corporation)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [37728 2013-08-22] (Microsoft Corporation)
S5 viaide; C:\Windows\System32\drivers\viaide.sys [19808 2013-08-22] (VIA Technologies, Inc.)
S5 vmbus; C:\Windows\System32\drivers\vmbus.sys [97048 2014-10-29] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [73568 2013-08-22] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [377696 2013-08-22] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [310080 2014-06-19] (Microsoft Corporation)
S5 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [168800 2013-08-22] (VIA Technologies Inc.,Ltd)
S5 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305504 2013-08-22] (VIA Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [839488 2013-08-22] (Microsoft Corporation)
R5 WFPLWFS; C:\Windows\System32\DRIVERS\wfplwfs.sys [136512 2014-10-29] (Microsoft Corporation)
R5 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-05-23] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-21 06:07 - 2015-08-21 18:30 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-21 06:07 - 2015-08-21 06:07 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-21 01:47 - 2015-08-21 01:47 - 00070888 _____ C:\Users\PC\Desktop\FRST3.txt
2015-08-21 01:46 - 2015-08-21 01:47 - 00050596 _____ C:\Users\PC\Desktop\Addition.txt
2015-08-21 01:45 - 2015-08-21 18:58 - 00037684 _____ C:\Users\PC\Desktop\FRST.txt
2015-08-21 01:44 - 2015-08-21 18:57 - 00000000 ____D C:\FRST
2015-08-21 01:44 - 2015-08-21 01:44 - 00029696 _____ C:\Users\PC\AppData\Local\MSGBOX.EXE
2015-08-21 01:19 - 2015-08-21 01:20 - 02173952 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2015-08-20 03:03 - 2015-08-20 03:03 - 00000000 ____D C:\Users\PC\AppData\Roaming\OpenSoftwareUpdater
2015-08-20 03:00 - 2015-08-20 03:03 - 00000000 ____D C:\Program Files (x86)\OSDownloader
2015-08-20 03:00 - 2015-08-20 03:00 - 00000000 ____D C:\Program Files (x86)\TestXp
2015-08-19 13:44 - 2015-08-21 18:40 - 00000539 _____ C:\WINDOWS\setupact.log
2015-08-19 13:44 - 2015-08-19 13:44 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-19 07:40 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-19 07:40 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-19 05:54 - 2015-08-20 03:28 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4290684590-2047622957-4230303226-1002
2015-08-19 05:50 - 2015-08-19 05:50 - 00002766 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-08-19 05:48 - 2015-08-21 18:41 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2015-08-19 05:42 - 2015-05-22 10:45 - 00061712 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2015-08-19 05:41 - 2015-08-19 05:42 - 00002174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus.lnk
2015-08-19 05:41 - 2015-08-19 05:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2015-08-19 05:23 - 2015-08-19 05:23 - 00001642 _____ C:\ProgramData\tempimage.bmp
2015-08-19 05:21 - 2015-08-19 05:21 - 00001305 _____ C:\Users\PC\Desktop\Continue SpaceSoundPro Uninstaller.lnk
2015-08-18 06:31 - 2015-08-19 05:22 - 00000000 ____D C:\Users\PC\AppData\Roaming\System Cleaner Pro
2015-08-18 06:31 - 2015-08-19 05:14 - 00000000 ____D C:\Program Files (x86)\adlevel
2015-08-18 06:31 - 2015-08-18 06:31 - 00000217 _____ C:\task.vbs
2015-08-18 06:31 - 2015-08-18 06:31 - 00000000 ____D C:\Users\PC\AppData\Local\System_Cleaner_Pro
2015-08-18 06:31 - 2015-08-18 06:31 - 00000000 ____D C:\Users\PC\AppData\Local\SecureWebUpdate
2015-08-18 06:31 - 2015-08-18 06:31 - 00000000 ____D C:\Users\PC\AppData\Local\PopupID1
2015-08-18 06:31 - 2015-08-18 06:31 - 00000000 ____D C:\Program Files (x86)\TechVedic
2015-08-18 06:31 - 2015-08-18 06:31 - 00000000 ____D C:\Program Files (x86)\ServiceUpdater
2015-08-18 06:30 - 2015-08-18 06:30 - 00000000 ____D C:\Users\PC\AppData\Roaming\JV Update
2015-08-18 06:29 - 2015-08-19 05:17 - 00004720 _____ C:\WINDOWS\SysWOW64\Uiviuuj.ini
2015-08-18 06:29 - 2015-08-19 05:17 - 00002440 _____ C:\WINDOWS\SysWOW64\UiviuujOff.ini
2015-08-18 06:29 - 2015-08-19 05:17 - 00002440 _____ C:\WINDOWS\system32\UiviuujOff.ini
2015-08-18 06:29 - 2015-08-12 10:45 - 00353608 _____ C:\WINDOWS\system32\Uiviuuj64.dll
2015-08-18 06:28 - 2015-08-18 06:28 - 00000000 ____D C:\WINDOWS\system32\sufo
2015-08-18 06:27 - 2015-08-18 06:27 - 00000045 _____ C:\user.js
2015-08-18 06:23 - 2015-08-18 06:23 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2015-08-18 05:52 - 2014-12-07 23:35 - 00450771 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-08-18 05:51 - 2015-08-20 05:18 - 00000000 ____D C:\Program Files (x86)\2EC88D00-1439869900-81E3-2A6A-E03F49DDD7C4
2015-08-18 05:45 - 2015-08-18 05:45 - 00000000 ____D C:\Users\PC\AppData\Roaming\Shortcut
2015-08-18 05:39 - 2015-08-18 05:39 - 00000000 ____D C:\ProgramData\COMODO
2015-08-18 05:38 - 2015-08-18 05:50 - 00000000 ____D C:\ProgramData\Tristip
2015-08-18 05:38 - 2015-08-18 05:38 - 00000000 ____D C:\ProgramData\Tristips
2015-08-18 05:34 - 2015-08-18 05:57 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-18 05:33 - 2015-08-18 05:33 - 00000000 ____D C:\Program Files (x86)\wordtopdf_setup
2015-08-16 23:40 - 2015-08-16 23:40 - 00000000 ____D C:\WINDOWS\%LOCALAPPDATA%
2015-08-12 01:29 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 01:29 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 00:58 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-12 00:58 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-12 00:58 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-12 00:58 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-12 00:58 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-12 00:58 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-12 00:58 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-12 00:58 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-12 00:58 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-12 00:58 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-12 00:58 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-12 00:58 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-12 00:58 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-12 00:58 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-12 00:58 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-12 00:58 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-12 00:58 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-12 00:58 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-12 00:58 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-12 00:58 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-12 00:58 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-12 00:58 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-12 00:58 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-12 00:58 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-12 00:58 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-12 00:58 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-12 00:58 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-12 00:58 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-12 00:58 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-12 00:57 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-12 00:57 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-12 00:57 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-12 00:57 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-12 00:57 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-12 00:57 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 00:57 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-12 00:57 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-12 00:57 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-12 00:57 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-12 00:57 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-12 00:57 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-12 00:57 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-12 00:57 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-12 00:57 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-12 00:57 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-12 00:57 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-12 00:57 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-12 00:56 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-12 00:56 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-12 00:56 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-12 00:56 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-12 00:56 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-12 00:56 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-12 00:56 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-12 00:56 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-12 00:56 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-12 00:56 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-12 00:56 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-12 00:56 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-12 00:56 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-12 00:56 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-12 00:56 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-12 00:56 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 00:53 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-12 00:53 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-12 00:53 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-12 00:53 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-12 00:53 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-12 00:53 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-12 00:53 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-12 00:53 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-12 00:53 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-12 00:53 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-12 00:53 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-12 00:53 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-12 00:53 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-12 00:53 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-12 00:53 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-12 00:53 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-12 00:53 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-12 00:53 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-12 00:53 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-12 00:53 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-12 00:53 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-12 00:53 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-12 00:53 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-12 00:52 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-12 00:52 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-12 00:52 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-12 00:52 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-05 04:20 - 2015-08-05 04:20 - 00000000 ____D C:\Users\PC\Desktop\Junks
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-21 18:54 - 2015-01-31 02:10 - 01905901 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-21 18:44 - 2013-03-22 12:00 - 00000835 _____ C:\WINDOWS\SysWOW64\bscs.ini
2015-08-21 18:42 - 2015-04-29 10:16 - 00000000 ____D C:\AdwCleaner
2015-08-21 18:42 - 2014-05-06 00:03 - 00000000 ____D C:\Users\PC\AppData\Roaming\Skype
2015-08-21 18:41 - 2014-02-19 21:58 - 00004268 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2015-08-21 18:40 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-21 18:40 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-21 18:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-21 16:36 - 2015-07-09 00:53 - 00000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2015-08-21 06:09 - 2014-05-05 23:25 - 00000000 ____D C:\Users\PC\AppData\Local\Adobe
2015-08-21 05:51 - 2014-05-06 00:24 - 00000000 ____D C:\Users\PC\AppData\Roaming\ClassicShell
2015-08-20 13:43 - 2015-03-07 18:45 - 00000000 ____D C:\Users\PC\AppData\Roaming\Azureus
2015-08-20 06:21 - 2015-04-20 09:09 - 00000000 ____D C:\Program Files (x86)\Taskforce
2015-08-20 06:07 - 2014-05-19 15:54 - 00000000 ____D C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
2015-08-20 04:02 - 2015-04-14 16:50 - 00748220 _____ C:\WINDOWS\system32\perfh00E.dat
2015-08-20 04:02 - 2015-04-14 16:50 - 00180012 _____ C:\WINDOWS\system32\perfc00E.dat
2015-08-20 04:02 - 2015-04-14 16:50 - 00120862 _____ C:\WINDOWS\system32\perfh01B.dat
2015-08-20 04:02 - 2015-04-14 16:50 - 00025670 _____ C:\WINDOWS\system32\perfc01B.dat
2015-08-20 04:02 - 2014-03-18 12:08 - 01906104 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-20 03:35 - 2013-08-22 16:44 - 00592720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-19 07:40 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-19 05:52 - 2014-11-17 19:46 - 00000000 ____D C:\Users\PC\AppData\Roaming\TS3Client
2015-08-19 05:51 - 2014-07-02 17:19 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-19 05:46 - 2014-05-23 01:43 - 00000000 ____D C:\Users\PC
2015-08-19 05:41 - 2015-01-29 18:52 - 00000000 ____D C:\Users\PC\AppData\Roaming\Panda Security
2015-08-19 05:41 - 2015-01-29 18:52 - 00000000 ____D C:\Program Files (x86)\Panda Security
2015-08-19 05:41 - 2015-01-29 18:51 - 00000000 ____D C:\ProgramData\Panda Security
2015-08-18 06:28 - 2015-03-14 23:40 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-08-18 06:28 - 2015-03-14 23:39 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-08-18 05:57 - 2014-11-27 16:25 - 00000000 __SHD C:\Users\PC\AppData\Local\EmieBrowserModeList
2015-08-18 05:57 - 2014-07-17 04:25 - 00000000 __SHD C:\Users\PC\AppData\Local\EmieUserList
2015-08-18 05:57 - 2014-07-17 04:25 - 00000000 __SHD C:\Users\PC\AppData\Local\EmieSiteList
2015-08-18 05:38 - 2014-05-05 22:48 - 00001448 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-17 23:48 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-17 23:42 - 2014-05-05 22:47 - 00000000 ____D C:\Users\PC\AppData\Local\Packages
2015-08-16 23:32 - 2014-08-01 08:22 - 00000000 ____D C:\Users\PC\AppData\Roaming\vlc
2015-08-15 22:12 - 2015-07-15 20:12 - 00000288 _____ C:\WINDOWS\Tasks\DLL-Files FixerASKUSER.job
2015-08-15 20:11 - 2015-07-15 20:11 - 00000296 _____ C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job
2015-08-14 21:25 - 2014-09-28 17:49 - 00000000 ____D C:\Users\PC\Desktop\Camp Leaders
2015-08-14 04:44 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-13 23:43 - 2014-05-05 23:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 23:43 - 2014-05-05 23:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 23:41 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 23:41 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 23:41 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-13 23:41 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 06:03 - 2015-07-14 19:45 - 09284296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2015-08-12 01:29 - 2014-11-30 01:06 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 01:28 - 2014-05-05 23:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 01:26 - 2014-05-05 23:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 01:17 - 2015-04-15 23:16 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-12 01:17 - 2015-03-15 11:22 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-12 01:15 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 01:15 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-08 15:55 - 2013-08-22 17:38 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2013-08-22 17:38 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-05 04:19 - 2015-06-26 22:35 - 00000000 ____D C:\Users\PC\Desktop\USA 2
2015-07-29 20:14 - 2015-07-15 20:11 - 00000280 _____ C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2015-07-28 20:53 - 2014-05-05 23:04 - 00000000 ____D C:\ProgramData\Skype
2015-07-28 20:52 - 2015-04-27 18:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-28 10:59 - 2014-05-05 23:54 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-07-25 18:31 - 2015-04-04 18:47 - 00000000 ___SD C:\WINDOWS\system32\GWX
==================== Files in the root of some directories =======
2015-05-13 01:22 - 2015-05-13 01:22 - 0099678 _____ () C:\Program Files (x86)\tunepro138x138.ico
2015-04-25 07:10 - 2015-05-12 15:58 - 0000020 _____ () C:\Users\PC\AppData\Roaming\appdataFr3.bin
2014-05-05 22:48 - 2015-01-29 18:49 - 0000062 _____ () C:\Users\PC\AppData\Roaming\sp_data.sys
2015-08-21 01:44 - 2015-08-21 01:44 - 0029696 _____ () C:\Users\PC\AppData\Local\MSGBOX.EXE
2014-09-04 19:02 - 2014-09-04 19:02 - 0000017 _____ () C:\Users\PC\AppData\Local\resmon.resmoncfg
2014-09-27 20:18 - 2014-09-27 20:18 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-05-23 01:39 - 2014-05-23 01:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-05-01 13:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 13:15 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-05-01 13:15 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
2015-08-19 05:23 - 2015-08-19 05:23 - 0001642 _____ () C:\ProgramData\tempimage.bmp
Files to move or delete:
====================
C:\ProgramData\SetStretch.VBS
Some files in TEMP:
====================
C:\Users\PC\AppData\Local\Temp\newversion.exe
C:\Users\PC\AppData\Local\Temp\SpOrder.dll
C:\Users\PC\AppData\Local\Temp\sqlite3.dll
C:\Users\PC\AppData\Local\Temp\Uninstall.exe
C:\Users\PC\AppData\Local\Temp\{8286961E-DA9E-400E-961D-EC441966DBB7}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll
[2015-03-14 23:40] - [2015-08-18 06:28] - 0657920 ____A (Microsoft Corporation) 26B7D551E9250978DCF38B2909DAEC2E
C:\WINDOWS\SysWOW64\dnsapi.dll
[2015-03-14 23:39] - [2015-08-18 06:28] - 0498688 ____A (Microsoft Corporation) E3340051384BFD3597BF41DD3E148B90
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-21 06:14
==================== End of log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Spomaleny pocitac, reklamy, a autom. stazeni programov
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny pocitac, reklamy, a autom. stazeni programov
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomaleny pocitac, reklamy, a autom. stazeni programov
Adwcleaner log :
# AdwCleaner v5.003 - Logfile created 21/08/2015 at 20:44:07
# Updated 20/08/2015 by Xplode
# Database : 2015-08-20.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : PC - USER
# Running from : C:\Users\PC\Documents\Downloads\adwcleaner_5.003.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
[-] File Deleted : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.safefinder.com_0.localstorage
[-] File Deleted : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.safefinder.com_0.localstorage-journal
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: Proxy settings cleared
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [1442 bytes] ##########
# AdwCleaner v5.003 - Logfile created 21/08/2015 at 20:44:07
# Updated 20/08/2015 by Xplode
# Database : 2015-08-20.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : PC - USER
# Running from : C:\Users\PC\Documents\Downloads\adwcleaner_5.003.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
[-] File Deleted : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.safefinder.com_0.localstorage
[-] File Deleted : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.safefinder.com_0.localstorage-journal
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: Proxy settings cleared
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [1442 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny pocitac, reklamy, a autom. stazeni programov
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomaleny pocitac, reklamy, a autom. stazeni programov
Dakujem.
FRST log :
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-08-2015
Ran by PC (administrator) on USER (22-08-2015 00:30:30)
Running from C:\Users\PC\Desktop
Loaded Profiles: UpdatusUser & PC (Available Profiles: UpdatusUser & PC)
Platform: Windows 8.1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ABBYY InfoPoisk LLC) C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\2EC88D00-1439869900-81E3-2A6A-E03F49DDD7C4\knsr99F0.tmpfs
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [40184 2015-02-27] (Panda Security, S.L.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133760 2014-01-02] (Atheros Communications)
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-18\...\Run: [] => [X]
HKU\S-1-5-18\...\RunOnce: [panda] => reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f
HKU\S-1-5-18\...\RunOnce: [panda_XP] => reg.exe delete "HKCU\Software\panda" /f
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\supernatural-bloody-mary-eng-3362689.lnk [2015-04-20]
ShortcutTarget: supernatural-bloody-mary-eng-3362689.lnk -> C:\ProgramData\{711a26d9-5f47-33b8-711a-a26d95f49b65}\supernatural-bloody-mary-eng-3362689.exe (No File)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\supernatural-inside-man-eng-6107425.lnk [2015-04-20]
ShortcutTarget: supernatural-inside-man-eng-6107425.lnk -> C:\ProgramData\{8246ea6b-42e2-41b8-8246-6ea6b42ea9ad}\supernatural-inside-man-eng-6107425.exe (No File)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
BootExecute: autocheck autochk * sh4native Sh4Removal
GroupPolicyScripts-x32: Group Policy detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETid5twByAafrW7y8v6eSFLe9KUa9_SEQ9ucexk-p24F_Vk2jjHREmFKBvpvpFw3h7Rn257c1erCeQE,
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=en-GB&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fasus13.msn.com&OSP=
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1001 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1002 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3 ... rms}&SSPV=
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1002 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-05] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-02-10] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-05] (Oracle Corporation)
BHO-x32: TunePro360 -> {5E04457F-D6D4-4A7E-8277-5EF1CA591CC7} -> C:\Program Files (x86)\adlevel\TunePRO360.dll [2015-06-16] (TunePro360)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-05] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-02-10] ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-05] (Oracle Corporation)
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-02-10] ()
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-02-10] ()
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.128.0.5
Tcpip\..\Interfaces\{60B0C5D2-11C7-4334-96A0-AE954B20F1DA}: [NameServer] 82.163.143.152,82.163.142.154
Tcpip\..\Interfaces\{60B0C5D2-11C7-4334-96A0-AE954B20F1DA}: [DhcpNameServer] 10.128.0.5
Tcpip\..\Interfaces\{84F96D3E-7928-4689-93CF-E962AD7E4180}: [NameServer] 82.163.143.152,82.163.142.154
Tcpip\..\Interfaces\{84F96D3E-7928-4689-93CF-E962AD7E4180}: [DhcpNameServer] 10.0.0.1 10.0.0.5
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-21] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-05-05] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-21] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-31] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-31] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-05-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{969a43f0-fd3b-4026-aa4b-af70ac7c9d9c}] - \distribution\bundles\{969a43f0-fd3b-4026-aa4b-af70ac7c9d9c}
Chrome:
=======
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Web Store Payments) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-25]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Corporate.11.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [821048 2013-06-17] (ABBYY InfoPoisk LLC)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-07-23] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2014-01-02] (Windows (R) Win 7 DDK provider) [File not signed]
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1619704 2013-03-26] (IVT Corporation)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [File not signed]
U4 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [36992 2013-08-22] (Microsoft Corporation)
U4 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [30720 2013-08-22] (Microsoft Corporation)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [83032 2013-07-31] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [100032 2013-07-31] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [84568 2013-07-31] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [92864 2013-07-31] (Intel Corporation)
R2 HPSLPSVC; C:\Users\PC\AppData\Local\Temp\7zS473C\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-31] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-31] (Intel Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142584 2015-02-27] (Panda Security, S.L.)
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2006-11-10] (Nero AG) [File not signed]
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [1910128 2015-01-30] (Electronic Arts)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-02-27] (Panda Security, S.L.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-01-02] (Atheros) [File not signed]
R2 cewejyfy; C:\Program Files (x86)\2EC88D00-1439869900-81E3-2A6A-E03F49DDD7C4\knsr99F0.tmpfs [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S5 3ware; C:\Windows\System32\drivers\3ware.sys [108896 2013-08-22] (LSI)
R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [533824 2014-10-07] (Microsoft Corporation)
R5 acpiex; C:\Windows\System32\Drivers\acpiex.sys [79712 2013-08-22] (Microsoft Corporation)
S5 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S5 agp440; C:\Windows\System32\drivers\agp440.sys [62304 2013-08-22] (Microsoft Corporation)
S5 amdsata; C:\Windows\System32\drivers\amdsata.sys [79200 2013-08-22] (Advanced Micro Devices)
S5 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259424 2013-08-22] (AMD Technologies Inc.)
S5 amdxata; C:\Windows\System32\drivers\amdxata.sys [25952 2013-08-22] (Advanced Micro Devices)
S5 arcsas; C:\Windows\System32\drivers\arcsas.sys [114016 2013-08-22] (PMC-Sierra, Inc.)
S5 atapi; C:\Windows\System32\drivers\atapi.sys [26464 2013-08-22] (Microsoft Corporation)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70416 2013-09-23] (ASUS Corporation)
S5 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [531296 2013-08-22] (Broadcom Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)
R5 CLFS; C:\Windows\System32\drivers\CLFS.sys [377152 2015-03-04] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [561928 2015-03-30] (Microsoft Corporation)
R5 disk; C:\Windows\System32\drivers\disk.sys [100192 2013-08-22] (Microsoft Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [57216 2013-07-31] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [120256 2013-07-31] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [200808 2013-07-31] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-05-23] (Disc Soft Ltd)
S5 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R5 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [82784 2013-08-22] (Microsoft Corporation)
S5 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [114016 2013-08-22] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [79192 2014-03-18] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [354112 2014-08-26] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [30048 2013-08-22] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [589656 2014-05-23] (Microsoft Corporation)
S5 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [65888 2013-08-22] (Microsoft Corporation)
S5 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64352 2013-08-22] (Hewlett-Packard Company)
S5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [24416 2013-08-22] (Microsoft Corporation)
R5 iaStorA; C:\Windows\System32\drivers\iaStorA.sys [677360 2013-05-03] (Intel Corporation)
S5 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
S5 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412000 2013-08-22] (Intel Corporation)
S5 intelide; C:\Windows\System32\drivers\intelide.sys [18272 2013-08-22] (Microsoft Corporation)
R5 intelpep; C:\Windows\System32\drivers\intelpep.sys [39744 2014-10-13] (Microsoft Corporation)
S5 isapnp; C:\Windows\System32\drivers\isapnp.sys [21856 2013-08-22] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [100672 2014-10-29] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [178008 2015-06-28] (Microsoft Corporation)
S5 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [109408 2013-08-22] (LSI Corporation)
S5 LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [93536 2013-08-22] (LSI Corporation)
S5 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S5 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82784 2013-08-22] (LSI Corporation)
S5 megasas; C:\Windows\System32\drivers\megasas.sys [56672 2013-08-22] (LSI Corporation)
S5 megasr; C:\Windows\System32\drivers\megasr.sys [575840 2013-08-22] (LSI Corporation, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [101720 2015-07-16] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [17248 2013-08-22] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [78688 2013-08-22] (Microsoft Corporation)
S5 mvumis; C:\Windows\System32\drivers\mvumis.sys [63840 2013-08-22] (Marvell Semiconductor, Inc.)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [1113944 2015-07-14] (Microsoft Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [93968 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202000 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110864 2015-02-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [116496 2015-02-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [49936 2014-12-31] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [99600 2015-02-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69904 2015-02-09] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124176 2015-02-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [299792 2015-02-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [166160 2015-02-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113424 2015-02-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257296 2015-02-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106256 2015-02-09] (Panda Security, S.L.)
R5 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [32544 2013-12-10] (NVIDIA Corporation)
S5 nvraid; C:\Windows\System32\drivers\nvraid.sys [150368 2013-08-22] (NVIDIA Corporation)
S5 nvstor; C:\Windows\System32\drivers\nvstor.sys [168288 2013-08-22] (NVIDIA Corporation)
S5 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [124768 2013-08-22] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [88896 2014-10-15] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [280384 2014-07-24] (Microsoft Corporation)
S5 pciide; C:\Windows\System32\drivers\pciide.sys [14688 2013-08-22] (Microsoft Corporation)
S5 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [114528 2013-08-22] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50016 2013-08-22] (Microsoft Corporation)
R5 pdc; C:\Windows\System32\drivers\pdc.sys [86336 2014-10-13] (Microsoft Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-07-23] (Windows (R) Win 7 DDK provider)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163576 2015-06-17] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2015-02-25] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197392 2015-02-25] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124176 2015-02-25] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [133904 2015-02-25] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2015-02-25] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-05-22] (Panda Security, S.L.)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [249688 2014-03-18] (Microsoft Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1149232 2013-03-09] (Ralink Technology, Corp.)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [460872 2013-03-08] (RTS Corporation)
S5 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [107872 2013-08-22] (Microsoft Corporation)
S5 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44896 2013-08-22] (Silicon Integrated Systems Corp.)
S5 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81760 2013-08-22] (Silicon Integrated Systems)
R5 spaceport; C:\Windows\System32\drivers\spaceport.sys [415040 2014-10-29] (Microsoft Corporation)
S5 stexstor; C:\Windows\System32\drivers\stexstor.sys [31072 2013-08-22] (Promise Technology, Inc.)
S5 storahci; C:\Windows\System32\drivers\storahci.sys [107872 2013-08-22] (Microsoft Corporation)
S5 storflt; C:\Windows\System32\drivers\vmstorfl.sys [49944 2014-10-29] (Microsoft Corporation)
S5 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2014-03-18] (Microsoft Corporation)
S5 storvsc; C:\Windows\System32\drivers\storvsc.sys [45888 2013-08-22] (Microsoft Corporation)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2476376 2015-06-11] (Microsoft Corporation)
S5 uagp35; C:\Windows\System32\drivers\uagp35.sys [64864 2013-08-22] (Microsoft Corporation)
S5 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [65888 2013-08-22] (Microsoft Corporation)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [37728 2013-08-22] (Microsoft Corporation)
S5 viaide; C:\Windows\System32\drivers\viaide.sys [19808 2013-08-22] (VIA Technologies, Inc.)
S5 vmbus; C:\Windows\System32\drivers\vmbus.sys [97048 2014-10-29] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [73568 2013-08-22] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [377696 2013-08-22] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [310080 2014-06-19] (Microsoft Corporation)
S5 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [168800 2013-08-22] (VIA Technologies Inc.,Ltd)
S5 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305504 2013-08-22] (VIA Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [839488 2013-08-22] (Microsoft Corporation)
R5 WFPLWFS; C:\Windows\System32\DRIVERS\wfplwfs.sys [136512 2014-10-29] (Microsoft Corporation)
R5 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-05-23] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-21 06:07 - 2015-08-22 00:30 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-21 06:07 - 2015-08-21 06:07 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-21 01:47 - 2015-08-21 01:47 - 00070888 _____ C:\Users\PC\Desktop\FRST3.txt
2015-08-21 01:46 - 2015-08-21 19:00 - 00049129 _____ C:\Users\PC\Desktop\Addition.txt
2015-08-21 01:45 - 2015-08-22 00:30 - 00037873 _____ C:\Users\PC\Desktop\FRST.txt
2015-08-21 01:44 - 2015-08-22 00:30 - 00000000 ____D C:\FRST
2015-08-21 01:44 - 2015-08-21 01:44 - 00029696 _____ C:\Users\PC\AppData\Local\MSGBOX.EXE
2015-08-21 01:19 - 2015-08-21 01:20 - 02173952 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2015-08-20 03:03 - 2015-08-20 03:03 - 00000000 ____D C:\Users\PC\AppData\Roaming\OpenSoftwareUpdater
2015-08-20 03:00 - 2015-08-20 03:03 - 00000000 ____D C:\Program Files (x86)\OSDownloader
2015-08-20 03:00 - 2015-08-20 03:00 - 00000000 ____D C:\Program Files (x86)\TestXp
2015-08-19 13:44 - 2015-08-21 20:44 - 00000616 _____ C:\WINDOWS\setupact.log
2015-08-19 13:44 - 2015-08-19 13:44 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-19 07:40 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-19 07:40 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-19 05:54 - 2015-08-20 03:28 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4290684590-2047622957-4230303226-1002
2015-08-19 05:50 - 2015-08-19 05:50 - 00002766 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-08-19 05:48 - 2015-08-21 20:45 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2015-08-19 05:42 - 2015-05-22 10:45 - 00061712 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2015-08-19 05:41 - 2015-08-19 05:42 - 00002174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus.lnk
2015-08-19 05:41 - 2015-08-19 05:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2015-08-19 05:23 - 2015-08-19 05:23 - 00001642 _____ C:\ProgramData\tempimage.bmp
2015-08-19 05:21 - 2015-08-19 05:21 - 00001305 _____ C:\Users\PC\Desktop\Continue SpaceSoundPro Uninstaller.lnk
2015-08-18 06:31 - 2015-08-19 05:22 - 00000000 ____D C:\Users\PC\AppData\Roaming\System Cleaner Pro
2015-08-18 06:31 - 2015-08-19 05:14 - 00000000 ____D C:\Program Files (x86)\adlevel
2015-08-18 06:31 - 2015-08-18 06:31 - 00000217 _____ C:\task.vbs
2015-08-18 06:31 - 2015-08-18 06:31 - 00000000 ____D C:\Users\PC\AppData\Local\System_Cleaner_Pro
2015-08-18 06:31 - 2015-08-18 06:31 - 00000000 ____D C:\Users\PC\AppData\Local\SecureWebUpdate
2015-08-18 06:31 - 2015-08-18 06:31 - 00000000 ____D C:\Users\PC\AppData\Local\PopupID1
2015-08-18 06:31 - 2015-08-18 06:31 - 00000000 ____D C:\Program Files (x86)\TechVedic
2015-08-18 06:31 - 2015-08-18 06:31 - 00000000 ____D C:\Program Files (x86)\ServiceUpdater
2015-08-18 06:30 - 2015-08-18 06:30 - 00000000 ____D C:\Users\PC\AppData\Roaming\JV Update
2015-08-18 06:29 - 2015-08-19 05:17 - 00004720 _____ C:\WINDOWS\SysWOW64\Uiviuuj.ini
2015-08-18 06:29 - 2015-08-19 05:17 - 00002440 _____ C:\WINDOWS\SysWOW64\UiviuujOff.ini
2015-08-18 06:29 - 2015-08-19 05:17 - 00002440 _____ C:\WINDOWS\system32\UiviuujOff.ini
2015-08-18 06:29 - 2015-08-12 10:45 - 00353608 _____ C:\WINDOWS\system32\Uiviuuj64.dll
2015-08-18 06:28 - 2015-08-18 06:28 - 00000000 ____D C:\WINDOWS\system32\sufo
2015-08-18 06:27 - 2015-08-18 06:27 - 00000045 _____ C:\user.js
2015-08-18 06:23 - 2015-08-18 06:23 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2015-08-18 05:52 - 2014-12-07 23:35 - 00450771 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-08-18 05:51 - 2015-08-20 05:18 - 00000000 ____D C:\Program Files (x86)\2EC88D00-1439869900-81E3-2A6A-E03F49DDD7C4
2015-08-18 05:45 - 2015-08-18 05:45 - 00000000 ____D C:\Users\PC\AppData\Roaming\Shortcut
2015-08-18 05:39 - 2015-08-18 05:39 - 00000000 ____D C:\ProgramData\COMODO
2015-08-18 05:38 - 2015-08-18 05:50 - 00000000 ____D C:\ProgramData\Tristip
2015-08-18 05:38 - 2015-08-18 05:38 - 00000000 ____D C:\ProgramData\Tristips
2015-08-18 05:34 - 2015-08-18 05:57 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-18 05:33 - 2015-08-18 05:33 - 00000000 ____D C:\Program Files (x86)\wordtopdf_setup
2015-08-16 23:40 - 2015-08-16 23:40 - 00000000 ____D C:\WINDOWS\%LOCALAPPDATA%
2015-08-12 01:29 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 01:29 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 00:58 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-12 00:58 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-12 00:58 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-12 00:58 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-12 00:58 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-12 00:58 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-12 00:58 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-12 00:58 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-12 00:58 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-12 00:58 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-12 00:58 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-12 00:58 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-12 00:58 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-12 00:58 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-12 00:58 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-12 00:58 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-12 00:58 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-12 00:58 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-12 00:58 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-12 00:58 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-12 00:58 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-12 00:58 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-12 00:58 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-12 00:58 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-12 00:58 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-12 00:58 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-12 00:58 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-12 00:58 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-12 00:58 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-12 00:57 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-12 00:57 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-12 00:57 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-12 00:57 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-12 00:57 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-12 00:57 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 00:57 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-12 00:57 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-12 00:57 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-12 00:57 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-12 00:57 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-12 00:57 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-12 00:57 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-12 00:57 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-12 00:57 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-12 00:57 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-12 00:57 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-12 00:57 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-12 00:56 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-12 00:56 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-12 00:56 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-12 00:56 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-12 00:56 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-12 00:56 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-12 00:56 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-12 00:56 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-12 00:56 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-12 00:56 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-12 00:56 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-12 00:56 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-12 00:56 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-12 00:56 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-12 00:56 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-12 00:56 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 00:53 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-12 00:53 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-12 00:53 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-12 00:53 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-12 00:53 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-12 00:53 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-12 00:53 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-12 00:53 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-12 00:53 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-12 00:53 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-12 00:53 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-12 00:53 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-12 00:53 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-12 00:53 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-12 00:53 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-12 00:53 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-12 00:53 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-12 00:53 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-12 00:53 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-12 00:53 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-12 00:53 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-12 00:53 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-12 00:53 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-12 00:52 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-12 00:52 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-12 00:52 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-12 00:52 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-05 04:20 - 2015-08-05 04:20 - 00000000 ____D C:\Users\PC\Desktop\Junks
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-22 00:25 - 2015-01-31 02:10 - 01998927 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-21 23:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-21 22:12 - 2015-07-15 20:12 - 00000288 _____ C:\WINDOWS\Tasks\DLL-Files FixerASKUSER.job
2015-08-21 20:53 - 2014-05-06 00:03 - 00000000 ____D C:\Users\PC\AppData\Roaming\Skype
2015-08-21 20:52 - 2015-04-29 10:16 - 00000000 ____D C:\AdwCleaner
2015-08-21 20:48 - 2013-03-22 12:00 - 00000835 _____ C:\WINDOWS\SysWOW64\bscs.ini
2015-08-21 20:45 - 2014-02-19 21:58 - 00004268 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2015-08-21 20:45 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-21 20:42 - 2014-05-06 00:24 - 00000000 ____D C:\Users\PC\AppData\Roaming\ClassicShell
2015-08-21 18:40 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-21 16:36 - 2015-07-09 00:53 - 00000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2015-08-21 06:09 - 2014-05-05 23:25 - 00000000 ____D C:\Users\PC\AppData\Local\Adobe
2015-08-20 13:43 - 2015-03-07 18:45 - 00000000 ____D C:\Users\PC\AppData\Roaming\Azureus
2015-08-20 06:21 - 2015-04-20 09:09 - 00000000 ____D C:\Program Files (x86)\Taskforce
2015-08-20 06:07 - 2014-05-19 15:54 - 00000000 ____D C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
2015-08-20 04:02 - 2015-04-14 16:50 - 00748220 _____ C:\WINDOWS\system32\perfh00E.dat
2015-08-20 04:02 - 2015-04-14 16:50 - 00180012 _____ C:\WINDOWS\system32\perfc00E.dat
2015-08-20 04:02 - 2015-04-14 16:50 - 00120862 _____ C:\WINDOWS\system32\perfh01B.dat
2015-08-20 04:02 - 2015-04-14 16:50 - 00025670 _____ C:\WINDOWS\system32\perfc01B.dat
2015-08-20 04:02 - 2014-03-18 12:08 - 01906104 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-20 03:35 - 2013-08-22 16:44 - 00592720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-19 07:40 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-19 05:52 - 2014-11-17 19:46 - 00000000 ____D C:\Users\PC\AppData\Roaming\TS3Client
2015-08-19 05:51 - 2014-07-02 17:19 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-19 05:46 - 2014-05-23 01:43 - 00000000 ____D C:\Users\PC
2015-08-19 05:41 - 2015-01-29 18:52 - 00000000 ____D C:\Users\PC\AppData\Roaming\Panda Security
2015-08-19 05:41 - 2015-01-29 18:52 - 00000000 ____D C:\Program Files (x86)\Panda Security
2015-08-19 05:41 - 2015-01-29 18:51 - 00000000 ____D C:\ProgramData\Panda Security
2015-08-18 06:28 - 2015-03-14 23:40 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-08-18 06:28 - 2015-03-14 23:39 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-08-18 05:57 - 2014-11-27 16:25 - 00000000 __SHD C:\Users\PC\AppData\Local\EmieBrowserModeList
2015-08-18 05:57 - 2014-07-17 04:25 - 00000000 __SHD C:\Users\PC\AppData\Local\EmieUserList
2015-08-18 05:57 - 2014-07-17 04:25 - 00000000 __SHD C:\Users\PC\AppData\Local\EmieSiteList
2015-08-18 05:38 - 2014-05-05 22:48 - 00001448 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-17 23:48 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-17 23:42 - 2014-05-05 22:47 - 00000000 ____D C:\Users\PC\AppData\Local\Packages
2015-08-16 23:32 - 2014-08-01 08:22 - 00000000 ____D C:\Users\PC\AppData\Roaming\vlc
2015-08-15 20:11 - 2015-07-15 20:11 - 00000296 _____ C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job
2015-08-14 21:25 - 2014-09-28 17:49 - 00000000 ____D C:\Users\PC\Desktop\Camp Leaders
2015-08-14 04:44 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-13 23:43 - 2014-05-05 23:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 23:43 - 2014-05-05 23:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 23:41 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 23:41 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 23:41 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-13 23:41 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 06:03 - 2015-07-14 19:45 - 09284296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2015-08-12 01:29 - 2014-11-30 01:06 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 01:28 - 2014-05-05 23:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 01:26 - 2014-05-05 23:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 01:17 - 2015-04-15 23:16 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-12 01:17 - 2015-03-15 11:22 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-12 01:15 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 01:15 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-08 15:55 - 2013-08-22 17:38 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2013-08-22 17:38 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-05 04:19 - 2015-06-26 22:35 - 00000000 ____D C:\Users\PC\Desktop\USA 2
2015-07-29 20:14 - 2015-07-15 20:11 - 00000280 _____ C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2015-07-28 20:53 - 2014-05-05 23:04 - 00000000 ____D C:\ProgramData\Skype
2015-07-28 20:52 - 2015-04-27 18:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-28 10:59 - 2014-05-05 23:54 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-07-25 18:31 - 2015-04-04 18:47 - 00000000 ___SD C:\WINDOWS\system32\GWX
==================== Files in the root of some directories =======
2015-05-13 01:22 - 2015-05-13 01:22 - 0099678 _____ () C:\Program Files (x86)\tunepro138x138.ico
2015-04-25 07:10 - 2015-05-12 15:58 - 0000020 _____ () C:\Users\PC\AppData\Roaming\appdataFr3.bin
2014-05-05 22:48 - 2015-01-29 18:49 - 0000062 _____ () C:\Users\PC\AppData\Roaming\sp_data.sys
2015-08-21 01:44 - 2015-08-21 01:44 - 0029696 _____ () C:\Users\PC\AppData\Local\MSGBOX.EXE
2014-09-04 19:02 - 2014-09-04 19:02 - 0000017 _____ () C:\Users\PC\AppData\Local\resmon.resmoncfg
2014-09-27 20:18 - 2014-09-27 20:18 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-05-23 01:39 - 2014-05-23 01:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-05-01 13:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 13:15 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-05-01 13:15 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
2015-08-19 05:23 - 2015-08-19 05:23 - 0001642 _____ () C:\ProgramData\tempimage.bmp
Files to move or delete:
====================
C:\ProgramData\SetStretch.VBS
Some files in TEMP:
====================
C:\Users\PC\AppData\Local\Temp\newversion.exe
C:\Users\PC\AppData\Local\Temp\SpOrder.dll
C:\Users\PC\AppData\Local\Temp\sqlite3.dll
C:\Users\PC\AppData\Local\Temp\Uninstall.exe
C:\Users\PC\AppData\Local\Temp\{8286961E-DA9E-400E-961D-EC441966DBB7}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll
[2015-03-14 23:40] - [2015-08-18 06:28] - 0657920 ____A (Microsoft Corporation) 26B7D551E9250978DCF38B2909DAEC2E
C:\WINDOWS\SysWOW64\dnsapi.dll
[2015-03-14 23:39] - [2015-08-18 06:28] - 0498688 ____A (Microsoft Corporation) E3340051384BFD3597BF41DD3E148B90
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-21 22:18
==================== End of log ============================
FRST log :
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-08-2015
Ran by PC (administrator) on USER (22-08-2015 00:30:30)
Running from C:\Users\PC\Desktop
Loaded Profiles: UpdatusUser & PC (Available Profiles: UpdatusUser & PC)
Platform: Windows 8.1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ABBYY InfoPoisk LLC) C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\2EC88D00-1439869900-81E3-2A6A-E03F49DDD7C4\knsr99F0.tmpfs
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [40184 2015-02-27] (Panda Security, S.L.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133760 2014-01-02] (Atheros Communications)
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-18\...\Run: [] => [X]
HKU\S-1-5-18\...\RunOnce: [panda] => reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f
HKU\S-1-5-18\...\RunOnce: [panda_XP] => reg.exe delete "HKCU\Software\panda" /f
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\supernatural-bloody-mary-eng-3362689.lnk [2015-04-20]
ShortcutTarget: supernatural-bloody-mary-eng-3362689.lnk -> C:\ProgramData\{711a26d9-5f47-33b8-711a-a26d95f49b65}\supernatural-bloody-mary-eng-3362689.exe (No File)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\supernatural-inside-man-eng-6107425.lnk [2015-04-20]
ShortcutTarget: supernatural-inside-man-eng-6107425.lnk -> C:\ProgramData\{8246ea6b-42e2-41b8-8246-6ea6b42ea9ad}\supernatural-inside-man-eng-6107425.exe (No File)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
BootExecute: autocheck autochk * sh4native Sh4Removal
GroupPolicyScripts-x32: Group Policy detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETid5twByAafrW7y8v6eSFLe9KUa9_SEQ9ucexk-p24F_Vk2jjHREmFKBvpvpFw3h7Rn257c1erCeQE,
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=en-GB&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fasus13.msn.com&OSP=
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1001 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1002 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3 ... rms}&SSPV=
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1002 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-05] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-02-10] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-05] (Oracle Corporation)
BHO-x32: TunePro360 -> {5E04457F-D6D4-4A7E-8277-5EF1CA591CC7} -> C:\Program Files (x86)\adlevel\TunePRO360.dll [2015-06-16] (TunePro360)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-05] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-02-10] ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-05] (Oracle Corporation)
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-02-10] ()
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-02-10] ()
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.128.0.5
Tcpip\..\Interfaces\{60B0C5D2-11C7-4334-96A0-AE954B20F1DA}: [NameServer] 82.163.143.152,82.163.142.154
Tcpip\..\Interfaces\{60B0C5D2-11C7-4334-96A0-AE954B20F1DA}: [DhcpNameServer] 10.128.0.5
Tcpip\..\Interfaces\{84F96D3E-7928-4689-93CF-E962AD7E4180}: [NameServer] 82.163.143.152,82.163.142.154
Tcpip\..\Interfaces\{84F96D3E-7928-4689-93CF-E962AD7E4180}: [DhcpNameServer] 10.0.0.1 10.0.0.5
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-21] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-05-05] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-21] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-31] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-31] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-05-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{969a43f0-fd3b-4026-aa4b-af70ac7c9d9c}] - \distribution\bundles\{969a43f0-fd3b-4026-aa4b-af70ac7c9d9c}
Chrome:
=======
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Web Store Payments) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-25]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Corporate.11.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [821048 2013-06-17] (ABBYY InfoPoisk LLC)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-07-23] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2014-01-02] (Windows (R) Win 7 DDK provider) [File not signed]
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1619704 2013-03-26] (IVT Corporation)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [File not signed]
U4 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [36992 2013-08-22] (Microsoft Corporation)
U4 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [30720 2013-08-22] (Microsoft Corporation)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [83032 2013-07-31] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [100032 2013-07-31] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [84568 2013-07-31] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [92864 2013-07-31] (Intel Corporation)
R2 HPSLPSVC; C:\Users\PC\AppData\Local\Temp\7zS473C\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-31] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-31] (Intel Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142584 2015-02-27] (Panda Security, S.L.)
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2006-11-10] (Nero AG) [File not signed]
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [1910128 2015-01-30] (Electronic Arts)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-02-27] (Panda Security, S.L.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-01-02] (Atheros) [File not signed]
R2 cewejyfy; C:\Program Files (x86)\2EC88D00-1439869900-81E3-2A6A-E03F49DDD7C4\knsr99F0.tmpfs [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S5 3ware; C:\Windows\System32\drivers\3ware.sys [108896 2013-08-22] (LSI)
R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [533824 2014-10-07] (Microsoft Corporation)
R5 acpiex; C:\Windows\System32\Drivers\acpiex.sys [79712 2013-08-22] (Microsoft Corporation)
S5 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S5 agp440; C:\Windows\System32\drivers\agp440.sys [62304 2013-08-22] (Microsoft Corporation)
S5 amdsata; C:\Windows\System32\drivers\amdsata.sys [79200 2013-08-22] (Advanced Micro Devices)
S5 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259424 2013-08-22] (AMD Technologies Inc.)
S5 amdxata; C:\Windows\System32\drivers\amdxata.sys [25952 2013-08-22] (Advanced Micro Devices)
S5 arcsas; C:\Windows\System32\drivers\arcsas.sys [114016 2013-08-22] (PMC-Sierra, Inc.)
S5 atapi; C:\Windows\System32\drivers\atapi.sys [26464 2013-08-22] (Microsoft Corporation)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70416 2013-09-23] (ASUS Corporation)
S5 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [531296 2013-08-22] (Broadcom Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)
R5 CLFS; C:\Windows\System32\drivers\CLFS.sys [377152 2015-03-04] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [561928 2015-03-30] (Microsoft Corporation)
R5 disk; C:\Windows\System32\drivers\disk.sys [100192 2013-08-22] (Microsoft Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [57216 2013-07-31] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [120256 2013-07-31] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [200808 2013-07-31] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-05-23] (Disc Soft Ltd)
S5 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R5 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [82784 2013-08-22] (Microsoft Corporation)
S5 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [114016 2013-08-22] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [79192 2014-03-18] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [354112 2014-08-26] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [30048 2013-08-22] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [589656 2014-05-23] (Microsoft Corporation)
S5 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [65888 2013-08-22] (Microsoft Corporation)
S5 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64352 2013-08-22] (Hewlett-Packard Company)
S5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [24416 2013-08-22] (Microsoft Corporation)
R5 iaStorA; C:\Windows\System32\drivers\iaStorA.sys [677360 2013-05-03] (Intel Corporation)
S5 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
S5 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412000 2013-08-22] (Intel Corporation)
S5 intelide; C:\Windows\System32\drivers\intelide.sys [18272 2013-08-22] (Microsoft Corporation)
R5 intelpep; C:\Windows\System32\drivers\intelpep.sys [39744 2014-10-13] (Microsoft Corporation)
S5 isapnp; C:\Windows\System32\drivers\isapnp.sys [21856 2013-08-22] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [100672 2014-10-29] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [178008 2015-06-28] (Microsoft Corporation)
S5 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [109408 2013-08-22] (LSI Corporation)
S5 LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [93536 2013-08-22] (LSI Corporation)
S5 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S5 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82784 2013-08-22] (LSI Corporation)
S5 megasas; C:\Windows\System32\drivers\megasas.sys [56672 2013-08-22] (LSI Corporation)
S5 megasr; C:\Windows\System32\drivers\megasr.sys [575840 2013-08-22] (LSI Corporation, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [101720 2015-07-16] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [17248 2013-08-22] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [78688 2013-08-22] (Microsoft Corporation)
S5 mvumis; C:\Windows\System32\drivers\mvumis.sys [63840 2013-08-22] (Marvell Semiconductor, Inc.)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [1113944 2015-07-14] (Microsoft Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [93968 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202000 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110864 2015-02-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [116496 2015-02-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [49936 2014-12-31] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [99600 2015-02-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69904 2015-02-09] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124176 2015-02-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [299792 2015-02-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [166160 2015-02-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113424 2015-02-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257296 2015-02-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106256 2015-02-09] (Panda Security, S.L.)
R5 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [32544 2013-12-10] (NVIDIA Corporation)
S5 nvraid; C:\Windows\System32\drivers\nvraid.sys [150368 2013-08-22] (NVIDIA Corporation)
S5 nvstor; C:\Windows\System32\drivers\nvstor.sys [168288 2013-08-22] (NVIDIA Corporation)
S5 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [124768 2013-08-22] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [88896 2014-10-15] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [280384 2014-07-24] (Microsoft Corporation)
S5 pciide; C:\Windows\System32\drivers\pciide.sys [14688 2013-08-22] (Microsoft Corporation)
S5 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [114528 2013-08-22] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50016 2013-08-22] (Microsoft Corporation)
R5 pdc; C:\Windows\System32\drivers\pdc.sys [86336 2014-10-13] (Microsoft Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-07-23] (Windows (R) Win 7 DDK provider)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163576 2015-06-17] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2015-02-25] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197392 2015-02-25] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124176 2015-02-25] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [133904 2015-02-25] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2015-02-25] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-05-22] (Panda Security, S.L.)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [249688 2014-03-18] (Microsoft Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1149232 2013-03-09] (Ralink Technology, Corp.)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [460872 2013-03-08] (RTS Corporation)
S5 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [107872 2013-08-22] (Microsoft Corporation)
S5 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44896 2013-08-22] (Silicon Integrated Systems Corp.)
S5 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81760 2013-08-22] (Silicon Integrated Systems)
R5 spaceport; C:\Windows\System32\drivers\spaceport.sys [415040 2014-10-29] (Microsoft Corporation)
S5 stexstor; C:\Windows\System32\drivers\stexstor.sys [31072 2013-08-22] (Promise Technology, Inc.)
S5 storahci; C:\Windows\System32\drivers\storahci.sys [107872 2013-08-22] (Microsoft Corporation)
S5 storflt; C:\Windows\System32\drivers\vmstorfl.sys [49944 2014-10-29] (Microsoft Corporation)
S5 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2014-03-18] (Microsoft Corporation)
S5 storvsc; C:\Windows\System32\drivers\storvsc.sys [45888 2013-08-22] (Microsoft Corporation)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2476376 2015-06-11] (Microsoft Corporation)
S5 uagp35; C:\Windows\System32\drivers\uagp35.sys [64864 2013-08-22] (Microsoft Corporation)
S5 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [65888 2013-08-22] (Microsoft Corporation)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [37728 2013-08-22] (Microsoft Corporation)
S5 viaide; C:\Windows\System32\drivers\viaide.sys [19808 2013-08-22] (VIA Technologies, Inc.)
S5 vmbus; C:\Windows\System32\drivers\vmbus.sys [97048 2014-10-29] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [73568 2013-08-22] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [377696 2013-08-22] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [310080 2014-06-19] (Microsoft Corporation)
S5 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [168800 2013-08-22] (VIA Technologies Inc.,Ltd)
S5 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305504 2013-08-22] (VIA Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [839488 2013-08-22] (Microsoft Corporation)
R5 WFPLWFS; C:\Windows\System32\DRIVERS\wfplwfs.sys [136512 2014-10-29] (Microsoft Corporation)
R5 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-05-23] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-21 06:07 - 2015-08-22 00:30 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-21 06:07 - 2015-08-21 06:07 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-21 01:47 - 2015-08-21 01:47 - 00070888 _____ C:\Users\PC\Desktop\FRST3.txt
2015-08-21 01:46 - 2015-08-21 19:00 - 00049129 _____ C:\Users\PC\Desktop\Addition.txt
2015-08-21 01:45 - 2015-08-22 00:30 - 00037873 _____ C:\Users\PC\Desktop\FRST.txt
2015-08-21 01:44 - 2015-08-22 00:30 - 00000000 ____D C:\FRST
2015-08-21 01:44 - 2015-08-21 01:44 - 00029696 _____ C:\Users\PC\AppData\Local\MSGBOX.EXE
2015-08-21 01:19 - 2015-08-21 01:20 - 02173952 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2015-08-20 03:03 - 2015-08-20 03:03 - 00000000 ____D C:\Users\PC\AppData\Roaming\OpenSoftwareUpdater
2015-08-20 03:00 - 2015-08-20 03:03 - 00000000 ____D C:\Program Files (x86)\OSDownloader
2015-08-20 03:00 - 2015-08-20 03:00 - 00000000 ____D C:\Program Files (x86)\TestXp
2015-08-19 13:44 - 2015-08-21 20:44 - 00000616 _____ C:\WINDOWS\setupact.log
2015-08-19 13:44 - 2015-08-19 13:44 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-19 07:40 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-19 07:40 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-19 05:54 - 2015-08-20 03:28 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4290684590-2047622957-4230303226-1002
2015-08-19 05:50 - 2015-08-19 05:50 - 00002766 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-08-19 05:48 - 2015-08-21 20:45 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2015-08-19 05:42 - 2015-05-22 10:45 - 00061712 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2015-08-19 05:41 - 2015-08-19 05:42 - 00002174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus.lnk
2015-08-19 05:41 - 2015-08-19 05:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2015-08-19 05:23 - 2015-08-19 05:23 - 00001642 _____ C:\ProgramData\tempimage.bmp
2015-08-19 05:21 - 2015-08-19 05:21 - 00001305 _____ C:\Users\PC\Desktop\Continue SpaceSoundPro Uninstaller.lnk
2015-08-18 06:31 - 2015-08-19 05:22 - 00000000 ____D C:\Users\PC\AppData\Roaming\System Cleaner Pro
2015-08-18 06:31 - 2015-08-19 05:14 - 00000000 ____D C:\Program Files (x86)\adlevel
2015-08-18 06:31 - 2015-08-18 06:31 - 00000217 _____ C:\task.vbs
2015-08-18 06:31 - 2015-08-18 06:31 - 00000000 ____D C:\Users\PC\AppData\Local\System_Cleaner_Pro
2015-08-18 06:31 - 2015-08-18 06:31 - 00000000 ____D C:\Users\PC\AppData\Local\SecureWebUpdate
2015-08-18 06:31 - 2015-08-18 06:31 - 00000000 ____D C:\Users\PC\AppData\Local\PopupID1
2015-08-18 06:31 - 2015-08-18 06:31 - 00000000 ____D C:\Program Files (x86)\TechVedic
2015-08-18 06:31 - 2015-08-18 06:31 - 00000000 ____D C:\Program Files (x86)\ServiceUpdater
2015-08-18 06:30 - 2015-08-18 06:30 - 00000000 ____D C:\Users\PC\AppData\Roaming\JV Update
2015-08-18 06:29 - 2015-08-19 05:17 - 00004720 _____ C:\WINDOWS\SysWOW64\Uiviuuj.ini
2015-08-18 06:29 - 2015-08-19 05:17 - 00002440 _____ C:\WINDOWS\SysWOW64\UiviuujOff.ini
2015-08-18 06:29 - 2015-08-19 05:17 - 00002440 _____ C:\WINDOWS\system32\UiviuujOff.ini
2015-08-18 06:29 - 2015-08-12 10:45 - 00353608 _____ C:\WINDOWS\system32\Uiviuuj64.dll
2015-08-18 06:28 - 2015-08-18 06:28 - 00000000 ____D C:\WINDOWS\system32\sufo
2015-08-18 06:27 - 2015-08-18 06:27 - 00000045 _____ C:\user.js
2015-08-18 06:23 - 2015-08-18 06:23 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2015-08-18 05:52 - 2014-12-07 23:35 - 00450771 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-08-18 05:51 - 2015-08-20 05:18 - 00000000 ____D C:\Program Files (x86)\2EC88D00-1439869900-81E3-2A6A-E03F49DDD7C4
2015-08-18 05:45 - 2015-08-18 05:45 - 00000000 ____D C:\Users\PC\AppData\Roaming\Shortcut
2015-08-18 05:39 - 2015-08-18 05:39 - 00000000 ____D C:\ProgramData\COMODO
2015-08-18 05:38 - 2015-08-18 05:50 - 00000000 ____D C:\ProgramData\Tristip
2015-08-18 05:38 - 2015-08-18 05:38 - 00000000 ____D C:\ProgramData\Tristips
2015-08-18 05:34 - 2015-08-18 05:57 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-18 05:33 - 2015-08-18 05:33 - 00000000 ____D C:\Program Files (x86)\wordtopdf_setup
2015-08-16 23:40 - 2015-08-16 23:40 - 00000000 ____D C:\WINDOWS\%LOCALAPPDATA%
2015-08-12 01:29 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 01:29 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 00:58 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-12 00:58 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-12 00:58 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-12 00:58 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-12 00:58 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-12 00:58 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-12 00:58 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-12 00:58 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-12 00:58 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-12 00:58 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-12 00:58 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-12 00:58 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-12 00:58 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-12 00:58 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-12 00:58 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-12 00:58 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-12 00:58 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-12 00:58 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-12 00:58 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-12 00:58 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-12 00:58 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-12 00:58 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-12 00:58 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-12 00:58 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-12 00:58 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-12 00:58 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-12 00:58 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-12 00:58 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-12 00:58 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-12 00:57 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-12 00:57 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-12 00:57 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-12 00:57 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-12 00:57 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-12 00:57 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 00:57 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-12 00:57 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-12 00:57 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-12 00:57 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-12 00:57 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-12 00:57 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-12 00:57 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-12 00:57 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-12 00:57 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-12 00:57 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-12 00:57 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-12 00:57 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-12 00:56 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-12 00:56 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-12 00:56 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-12 00:56 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-12 00:56 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-12 00:56 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-12 00:56 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-12 00:56 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-12 00:56 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-12 00:56 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-12 00:56 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-12 00:56 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-12 00:56 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-12 00:56 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-12 00:56 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-12 00:56 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 00:53 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-12 00:53 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-12 00:53 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-12 00:53 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-12 00:53 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-12 00:53 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-12 00:53 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-12 00:53 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-12 00:53 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-12 00:53 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-12 00:53 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-12 00:53 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-12 00:53 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-12 00:53 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-12 00:53 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-12 00:53 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-12 00:53 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-12 00:53 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-12 00:53 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-12 00:53 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-12 00:53 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-12 00:53 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-12 00:53 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-12 00:52 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-12 00:52 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-12 00:52 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-12 00:52 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-05 04:20 - 2015-08-05 04:20 - 00000000 ____D C:\Users\PC\Desktop\Junks
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-22 00:25 - 2015-01-31 02:10 - 01998927 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-21 23:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-21 22:12 - 2015-07-15 20:12 - 00000288 _____ C:\WINDOWS\Tasks\DLL-Files FixerASKUSER.job
2015-08-21 20:53 - 2014-05-06 00:03 - 00000000 ____D C:\Users\PC\AppData\Roaming\Skype
2015-08-21 20:52 - 2015-04-29 10:16 - 00000000 ____D C:\AdwCleaner
2015-08-21 20:48 - 2013-03-22 12:00 - 00000835 _____ C:\WINDOWS\SysWOW64\bscs.ini
2015-08-21 20:45 - 2014-02-19 21:58 - 00004268 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2015-08-21 20:45 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-21 20:42 - 2014-05-06 00:24 - 00000000 ____D C:\Users\PC\AppData\Roaming\ClassicShell
2015-08-21 18:40 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-21 16:36 - 2015-07-09 00:53 - 00000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2015-08-21 06:09 - 2014-05-05 23:25 - 00000000 ____D C:\Users\PC\AppData\Local\Adobe
2015-08-20 13:43 - 2015-03-07 18:45 - 00000000 ____D C:\Users\PC\AppData\Roaming\Azureus
2015-08-20 06:21 - 2015-04-20 09:09 - 00000000 ____D C:\Program Files (x86)\Taskforce
2015-08-20 06:07 - 2014-05-19 15:54 - 00000000 ____D C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
2015-08-20 04:02 - 2015-04-14 16:50 - 00748220 _____ C:\WINDOWS\system32\perfh00E.dat
2015-08-20 04:02 - 2015-04-14 16:50 - 00180012 _____ C:\WINDOWS\system32\perfc00E.dat
2015-08-20 04:02 - 2015-04-14 16:50 - 00120862 _____ C:\WINDOWS\system32\perfh01B.dat
2015-08-20 04:02 - 2015-04-14 16:50 - 00025670 _____ C:\WINDOWS\system32\perfc01B.dat
2015-08-20 04:02 - 2014-03-18 12:08 - 01906104 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-20 03:35 - 2013-08-22 16:44 - 00592720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-19 07:40 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-19 05:52 - 2014-11-17 19:46 - 00000000 ____D C:\Users\PC\AppData\Roaming\TS3Client
2015-08-19 05:51 - 2014-07-02 17:19 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-19 05:46 - 2014-05-23 01:43 - 00000000 ____D C:\Users\PC
2015-08-19 05:41 - 2015-01-29 18:52 - 00000000 ____D C:\Users\PC\AppData\Roaming\Panda Security
2015-08-19 05:41 - 2015-01-29 18:52 - 00000000 ____D C:\Program Files (x86)\Panda Security
2015-08-19 05:41 - 2015-01-29 18:51 - 00000000 ____D C:\ProgramData\Panda Security
2015-08-18 06:28 - 2015-03-14 23:40 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-08-18 06:28 - 2015-03-14 23:39 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-08-18 05:57 - 2014-11-27 16:25 - 00000000 __SHD C:\Users\PC\AppData\Local\EmieBrowserModeList
2015-08-18 05:57 - 2014-07-17 04:25 - 00000000 __SHD C:\Users\PC\AppData\Local\EmieUserList
2015-08-18 05:57 - 2014-07-17 04:25 - 00000000 __SHD C:\Users\PC\AppData\Local\EmieSiteList
2015-08-18 05:38 - 2014-05-05 22:48 - 00001448 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-17 23:48 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-17 23:42 - 2014-05-05 22:47 - 00000000 ____D C:\Users\PC\AppData\Local\Packages
2015-08-16 23:32 - 2014-08-01 08:22 - 00000000 ____D C:\Users\PC\AppData\Roaming\vlc
2015-08-15 20:11 - 2015-07-15 20:11 - 00000296 _____ C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job
2015-08-14 21:25 - 2014-09-28 17:49 - 00000000 ____D C:\Users\PC\Desktop\Camp Leaders
2015-08-14 04:44 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-13 23:43 - 2014-05-05 23:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 23:43 - 2014-05-05 23:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 23:41 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 23:41 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 23:41 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-13 23:41 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 06:03 - 2015-07-14 19:45 - 09284296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2015-08-12 01:29 - 2014-11-30 01:06 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 01:28 - 2014-05-05 23:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 01:26 - 2014-05-05 23:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 01:17 - 2015-04-15 23:16 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-12 01:17 - 2015-03-15 11:22 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-12 01:15 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 01:15 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-08 15:55 - 2013-08-22 17:38 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2013-08-22 17:38 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-05 04:19 - 2015-06-26 22:35 - 00000000 ____D C:\Users\PC\Desktop\USA 2
2015-07-29 20:14 - 2015-07-15 20:11 - 00000280 _____ C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2015-07-28 20:53 - 2014-05-05 23:04 - 00000000 ____D C:\ProgramData\Skype
2015-07-28 20:52 - 2015-04-27 18:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-28 10:59 - 2014-05-05 23:54 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-07-25 18:31 - 2015-04-04 18:47 - 00000000 ___SD C:\WINDOWS\system32\GWX
==================== Files in the root of some directories =======
2015-05-13 01:22 - 2015-05-13 01:22 - 0099678 _____ () C:\Program Files (x86)\tunepro138x138.ico
2015-04-25 07:10 - 2015-05-12 15:58 - 0000020 _____ () C:\Users\PC\AppData\Roaming\appdataFr3.bin
2014-05-05 22:48 - 2015-01-29 18:49 - 0000062 _____ () C:\Users\PC\AppData\Roaming\sp_data.sys
2015-08-21 01:44 - 2015-08-21 01:44 - 0029696 _____ () C:\Users\PC\AppData\Local\MSGBOX.EXE
2014-09-04 19:02 - 2014-09-04 19:02 - 0000017 _____ () C:\Users\PC\AppData\Local\resmon.resmoncfg
2014-09-27 20:18 - 2014-09-27 20:18 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-05-23 01:39 - 2014-05-23 01:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-05-01 13:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 13:15 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-05-01 13:15 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
2015-08-19 05:23 - 2015-08-19 05:23 - 0001642 _____ () C:\ProgramData\tempimage.bmp
Files to move or delete:
====================
C:\ProgramData\SetStretch.VBS
Some files in TEMP:
====================
C:\Users\PC\AppData\Local\Temp\newversion.exe
C:\Users\PC\AppData\Local\Temp\SpOrder.dll
C:\Users\PC\AppData\Local\Temp\sqlite3.dll
C:\Users\PC\AppData\Local\Temp\Uninstall.exe
C:\Users\PC\AppData\Local\Temp\{8286961E-DA9E-400E-961D-EC441966DBB7}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll
[2015-03-14 23:40] - [2015-08-18 06:28] - 0657920 ____A (Microsoft Corporation) 26B7D551E9250978DCF38B2909DAEC2E
C:\WINDOWS\SysWOW64\dnsapi.dll
[2015-03-14 23:39] - [2015-08-18 06:28] - 0498688 ____A (Microsoft Corporation) E3340051384BFD3597BF41DD3E148B90
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-21 22:18
==================== End of log ============================
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny pocitac, reklamy, a autom. stazeni programov
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-18\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
GroupPolicyScripts-x32: Group Policy detected <======= ATTENTION
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F. ... 57c1erCeQE,
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1001 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1002 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&c ... =081715&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1002 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-02-10] ()
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-02-10] ()
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-02-10] ()
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-02-10] ()
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
R2 cewejyfy; C:\Program Files (x86)\2EC88D00-1439869900-81E3-2A6A-E03F49DDD7C4\knsr99F0.tmpfs [X]
C:\WINDOWS\SysWOW64\Uiviuuj.ini
C:\WINDOWS\SysWOW64\UiviuujOff.ini
C:\WINDOWS\system32\UiviuujOff.ini
C:\WINDOWS\system32\Uiviuuj64.dll
C:\ProgramData\DP45977C.lfl
C:\ProgramData\SetStretch.VBS
C:\Users\PC\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomaleny pocitac, reklamy, a autom. stazeni programov
Uz je to lip ale jeste stale mi to zatazuje pocitac a jak som klikol mimo mi to stale vyhodil nejaky pop-ups stranku.
Fix result of Farbar Recovery Scan Tool (x64) Version:21-08-2015
Ran by PC (2015-08-22 13:19:47) Run:1
Running from C:\Users\PC\Desktop
Loaded Profiles: UpdatusUser & PC (Available Profiles: UpdatusUser & PC)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-18\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
GroupPolicyScripts-x32: Group Policy detected <======= ATTENTION
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F. ... 57c1erCeQE,
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1001 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1002 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&c ... =081715&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1002 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-02-10] ()
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-02-10] ()
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-02-10] ()
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-02-10] ()
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
R2 cewejyfy; C:\Program Files (x86)\2EC88D00-1439869900-81E3-2A6A-E03F49DDD7C4\knsr99F0.tmpfs [X]
C:\WINDOWS\SysWOW64\Uiviuuj.ini
C:\WINDOWS\SysWOW64\UiviuujOff.ini
C:\WINDOWS\system32\UiviuujOff.ini
C:\WINDOWS\system32\Uiviuuj64.dll
C:\ProgramData\DP45977C.lfl
C:\ProgramData\SetStretch.VBS
C:\Users\PC\AppData\Local\Temp
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
C:\WINDOWS\SysWOW64\GroupPolicy\Machine => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main\\SearchAssistant => value removed successfully
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main\\SearchAssistant => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}" => key removed successfully
HKCR\CLSID\{ielnksrch} => key not found.
"HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" => key removed successfully
HKCR\CLSID\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => key not found.
"HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}" => key removed successfully
HKCR\CLSID\{ielnksrch} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => key removed successfully
"HKCR\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => value removed successfully
HKCR\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => value removed successfully
HKCR\Wow6432Node\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => key not found.
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
cewejyfy => Unable to stop service.
cewejyfy => service removed successfully
C:\WINDOWS\SysWOW64\Uiviuuj.ini => moved successfully
C:\WINDOWS\SysWOW64\UiviuujOff.ini => moved successfully
C:\WINDOWS\system32\UiviuujOff.ini => moved successfully
C:\WINDOWS\system32\Uiviuuj64.dll => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\ProgramData\SetStretch.VBS => moved successfully
"C:\Users\PC\AppData\Local\Temp" folder move:
Could not move "C:\Users\PC\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-08-22 13:21:17)<=
C:\Users\PC\AppData\Local\Temp => moved successfully
==== End of Fixlog 13:21:20 ====
Fix result of Farbar Recovery Scan Tool (x64) Version:21-08-2015
Ran by PC (2015-08-22 13:19:47) Run:1
Running from C:\Users\PC\Desktop
Loaded Profiles: UpdatusUser & PC (Available Profiles: UpdatusUser & PC)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-18\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
GroupPolicyScripts-x32: Group Policy detected <======= ATTENTION
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F. ... 57c1erCeQE,
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1001 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1002 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&c ... =081715&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-4290684590-2047622957-4230303226-1002 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... inmtZI,&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-02-10] ()
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-02-10] ()
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-02-10] ()
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-02-10] ()
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
R2 cewejyfy; C:\Program Files (x86)\2EC88D00-1439869900-81E3-2A6A-E03F49DDD7C4\knsr99F0.tmpfs [X]
C:\WINDOWS\SysWOW64\Uiviuuj.ini
C:\WINDOWS\SysWOW64\UiviuujOff.ini
C:\WINDOWS\system32\UiviuujOff.ini
C:\WINDOWS\system32\Uiviuuj64.dll
C:\ProgramData\DP45977C.lfl
C:\ProgramData\SetStretch.VBS
C:\Users\PC\AppData\Local\Temp
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
C:\WINDOWS\SysWOW64\GroupPolicy\Machine => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\Software\Microsoft\Internet Explorer\Main\\SearchAssistant => value removed successfully
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully
HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\Software\Microsoft\Internet Explorer\Main\\SearchAssistant => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}" => key removed successfully
HKCR\CLSID\{ielnksrch} => key not found.
"HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" => key removed successfully
HKCR\CLSID\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => key not found.
"HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}" => key removed successfully
HKCR\CLSID\{ielnksrch} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => key removed successfully
"HKCR\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => value removed successfully
HKCR\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => value removed successfully
HKCR\Wow6432Node\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => key not found.
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
cewejyfy => Unable to stop service.
cewejyfy => service removed successfully
C:\WINDOWS\SysWOW64\Uiviuuj.ini => moved successfully
C:\WINDOWS\SysWOW64\UiviuujOff.ini => moved successfully
C:\WINDOWS\system32\UiviuujOff.ini => moved successfully
C:\WINDOWS\system32\Uiviuuj64.dll => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\ProgramData\SetStretch.VBS => moved successfully
"C:\Users\PC\AppData\Local\Temp" folder move:
Could not move "C:\Users\PC\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-08-22 13:21:17)<=
C:\Users\PC\AppData\Local\Temp => moved successfully
==== End of Fixlog 13:21:20 ====
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny pocitac, reklamy, a autom. stazeni programov
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomaleny pocitac, reklamy, a autom. stazeni programov
Je to lip, ale bohuzel stale mi to velmi zatazuje CPU a RAM a jeste stale mam Pop ups stranky, ako vidiet na foto furt mi nacitava novy a novy reklamy alebo teda neviem preco mi to neustale nacitava. Uz neviem co stym mam spravit.... 
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny pocitac, reklamy, a autom. stazeni programov
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomaleny pocitac, reklamy, a autom. stazeni programov
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 22.8.2015
Čas skenování: 23:13
Protokol: Test.txt
Správce: Ano
Verze: 2.1.8.1057
Databáze malwaru: v2015.08.22.04
Databáze rootkitů: v2015.08.16.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: PC
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 418072
Uplynulý čas: 22 min, 9 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 29
PUP.Optional.TuneUpPro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5E04457F-D6D4-4A7E-8277-5EF1CA591CC7}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.TuneUpPro.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5E04457F-D6D4-4A7E-8277-5EF1CA591CC7}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.TuneUpPro.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{9135D966-D8E1-4CE1-8F64-CDF735B86D92}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.TuneUpPro.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1A9DB3CD-5128-4A39-93EE-B269CFB3DD85}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.TuneUpPro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1A9DB3CD-5128-4A39-93EE-B269CFB3DD85}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.TuneUpPro.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{1A9DB3CD-5128-4A39-93EE-B269CFB3DD85}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.TuneUpPro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{9135D966-D8E1-4CE1-8F64-CDF735B86D92}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.TuneUpPro.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{9135D966-D8E1-4CE1-8F64-CDF735B86D92}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.TuneUpPro.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{5E04457F-D6D4-4A7E-8277-5EF1CA591CC7}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.TuneUpPro.A, HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5E04457F-D6D4-4A7E-8277-5EF1CA591CC7}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.TuneUpPro.A, HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5E04457F-D6D4-4A7E-8277-5EF1CA591CC7}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.PCKeeper.C, HKLM\SOFTWARE\MICROSOFT\TRACING\PCKeeperService_RASAPI32, , [a43822e98cff979f931f4e6942c21ae6],
PUP.Optional.PCKeeper.C, HKLM\SOFTWARE\MICROSOFT\TRACING\PCKeeperService_RASMANCS, , [5c8038d3137843f34c6605b2e321ed13],
PUP.Optional.PCKeeper.C, HKLM\SOFTWARE\MICROSOFT\TRACING\PCKeeper_RASAPI32, , [687448c3187330065d5513a4808436ca],
PUP.Optional.PCKeeper.C, HKLM\SOFTWARE\MICROSOFT\TRACING\PCKeeper_RASMANCS, , [697303087a1141f5377bd9de28dce020],
PUP.Optional.WombatUpdater.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\SERVICE1291.EXE, , [bf1d66a54546c571e1d03ae1857e6e92],
PUP.Optional.TunePro360.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\TunePro360 Updater, , [3aa23ad12c5f5dd941adaf6c8d762bd5],
PUP.Optional.WordSurfer.A, HKLM\SOFTWARE\WOW6432NODE\WordSurfer_1.10.0.19, , [9d3f9675612ac86ed6dd0ea3758f2cd4],
PUP.Optional.SushiLeads.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\SushiLeadsApplication_RASAPI32, , [33a917f407840f2708b7a70b12f2d32d],
PUP.Optional.SushiLeads.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\SushiLeadsApplication_RASMANCS, , [924acd3ee5a69f97d8e74072ca3a6997],
PUP.Optional.PCKeeper.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E44BBEE3-3F83-4670-9E2E-EE0556442287}, , [6478be4d0a8152e4efc454637094f50b],
PUP.Optional.PCSpeedUp.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, , [6b7166a50487fa3c775efbb045bf8d73],
PUP.Optional.SushiLeads.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\SushiLeadsUpdaterService, , [d705bf4cfa91ed494f0a89989271bb45],
PUP.Optional.InstallCore.A, HKU\S-1-5-18\SOFTWARE\ICSW1.13, , [9f3da863e5a6ed496791a779d1327888],
PUP.Optional.Shopperz.A, HKU\S-1-5-18\SOFTWARE\{98AD4C4E-92AB-47B9-A529-A437E2E545E0}, , [508c8883a3e80531dbc7b5fc8a7ac13f],
PUP.Optional.Shopperz.A, HKU\S-1-5-19\SOFTWARE\{98AD4C4E-92AB-47B9-A529-A437E2E545E0}, , [6f6d62a996f5be78cdd5efc2f80cc33d],
PUP.Optional.Shopperz.A, HKU\S-1-5-20\SOFTWARE\{98AD4C4E-92AB-47B9-A529-A437E2E545E0}, , [18c47f8cf09bb2849111961b28dc6e92],
PUP.Optional.Shopperz.A, HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\SOFTWARE\{98AD4C4E-92AB-47B9-A529-A437E2E545E0}, , [716b16f5a3e82313abf7f6bb33d16e92],
PUP.Optional.Shopperz.A, HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\SOFTWARE\{98AD4C4E-92AB-47B9-A529-A437E2E545E0}, , [fedeae5d8ffc45f1a002367b9470ef11],
Hodnoty registru: 13
PUP.Optional.WombatUpdater.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\Service1291.exe|{a53dd3e5-0283-4ab3-b77c-7bd1bc7550c6}.sdb, 130843453857137525, , [bf1d66a54546c571e1d03ae1857e6e92]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}, , [63794dbe5338d85e6b1a1b9764a0d62a]
PUP.Optional.PCKeeper.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E44BBEE3-3F83-4670-9E2E-EE0556442287}|DisplayName, PCKeeper, , [6478be4d0a8152e4efc454637094f50b]
PUP.Optional.TunePro360.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{969a43f0-fd3b-4026-aa4b-af70ac7c9d9c}, \distribution\bundles\{969a43f0-fd3b-4026-aa4b-af70ac7c9d9c}, , [26b6907be6a532046788e13a8f7442be]
PUP.Optional.Shopperz.A, HKU\S-1-5-18\SOFTWARE\{98ad4c4e-92ab-47b9-a529-a437e2e545e0}|Name, C:\Program Files\shopperz12082015\Tuejet.exe, , [508c8883a3e80531dbc7b5fc8a7ac13f]
PUP.Optional.Shopperz.A, HKU\S-1-5-19\SOFTWARE\{98ad4c4e-92ab-47b9-a529-a437e2e545e0}|Name, C:\Program Files\shopperz12082015\Tuejet.exe, , [6f6d62a996f5be78cdd5efc2f80cc33d]
PUP.Optional.Shopperz.A, HKU\S-1-5-20\SOFTWARE\{98ad4c4e-92ab-47b9-a529-a437e2e545e0}|Name, C:\Program Files\shopperz12082015\Tuejet.exe, , [18c47f8cf09bb2849111961b28dc6e92]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}, , [10cc39d2a6e57cba0d75476bc53fe917]
PUP.Optional.Shopperz.A, HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\SOFTWARE\{98ad4c4e-92ab-47b9-a529-a437e2e545e0}|Name, C:\Program Files\shopperz12082015\Tuejet.exe, , [716b16f5a3e82313abf7f6bb33d16e92]
PUP.Optional.Linkury.A, HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\ENVIRONMENT|SNF, C:\ProgramData\Tristips\snp.sc, , [37a5f5168803b58167699f13a85cdf21]
PUP.Optional.Linkury.A, HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\ENVIRONMENT|SNP, http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D?publisher=APSFIsc&co=US&userid=5d98adb2-d499-2440-3a7e-daa8dd21db44&searchtype=sc&installDate=18.08.2015&barcodeid=50028023&channelid=23, , [3aa21dee1477e94d646d9919f60ec838]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}, , [805c52b9474465d1dca6238f6b99817f]
PUP.Optional.Shopperz.A, HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\SOFTWARE\{98ad4c4e-92ab-47b9-a529-a437e2e545e0}|Name, C:\Program Files\shopperz12082015\Tuejet.exe, , [fedeae5d8ffc45f1a002367b9470ef11]
Data registru: 4
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}),,[85576ba0ec9f77bf26b8a6b39372e51b]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}),,[1fbdd13a8605320459852c2da164c23e]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{60B0C5D2-11C7-4334-96A0-AE954B20F1DA}|NameServer, 82.163.143.152,82.163.142.154, Dobré: (), Špatné: (82.163.143.152,82.163.142.154),,[3f9d17f4a3e8a98d8206352537cec43c]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{84F96D3E-7928-4689-93CF-E962AD7E4180}|NameServer, 82.163.143.152,82.163.142.154, Dobré: (), Špatné: (82.163.143.152,82.163.142.154),,[19c31fec226944f285035703bb4a6e92]
Složky: 8
PUP.Optional.TunePro360.A, C:\Program Files (x86)\adlevel, , [01dbf417dab1e5514c9fa5767e859e62],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\2EC88D00-1439869900-81E3-2A6A-E03F49DDD7C4, , [b22a7e8df59660d6e704ded2da2a59a7],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12533571474916105663, , [dffd8d7e2f5ce5515e8f79383ec6cb35],
Rogue.Multiple, C:\ProgramData\3872871776, , [6b7121ea2962be78bb057c5c9d6549b7],
PUP.Optional.OpenSoftwareUpdater.A, C:\Users\PC\AppData\Roaming\OpenSoftwareUpdater, , [1dbfb853bccf35013ad233e707fcf40c],
PUP.Optional.Linkury.A, C:\ProgramData\Tristip, , [5389fd0e0c7f92a4642677a37a89d030],
PUP.Optional.Linkury.A, C:\ProgramData\Tristips, , [904c3dcee0ab71c50d7e05155fa47f81],
Soubory: 48
PUP.Optional.TuneUpPro.A, C:\Program Files (x86)\adlevel\TunePro360.dll, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.InstallIQ.A, C:\Users\PC\Documents\Downloads\applianflv_upgrade_1472.exe, , [e0fcd635b4d72a0c8b7bb23f9e62f50b],
PUP.Optional.DownloadAdmin, C:\Users\PC\Documents\Downloads\installer_adobe_flash_player_English.exe, , [6f6d38d3e5a61a1c535ee953d22e08f8],
PUP.Optional.MultiPlug, C:\Users\PC\Documents\Downloads\supernatural-bloody-mary-eng-3362689.exe, , [30acb358296262d4118b197c34cd867a],
PUP.Optional.APNToolBar.A, C:\Users\PC\Documents\Downloads\YTDSetup.exe, , [419b9477711a45f182a33b6b20e15ca4],
PUP.Optional.BundleInstaller.A, C:\Program Files (x86)\ServiceUpdater\ServUpdater.exe, , [b72544c75c2f01353be9cdbff80dc33d],
PUP.Optional.BundleInstaller.A, C:\Program Files (x86)\ServiceUpdater\WeWatcherLSP.dll, , [87553bd00d7e1f171a0a8903f60fd030],
PUP.Optional.BundleInstaller.A, C:\Program Files (x86)\ServiceUpdater\WeWatcherLSP.exe, , [ce0e39d219726cca75af9cf05baaf60a],
PUP.Optional.BundleInstaller.A, C:\Program Files (x86)\ServiceUpdater\WeWatcherLSP64.dll, , [cb116f9c0f7c5ed88b9990fc2dd844bc],
PUP.Optional.BundleInstaller.A, C:\Program Files (x86)\ServiceUpdater\WeWatcherLSP64.exe, , [ba223ecd246768cea282e2aa2adb9a66],
PUP.Optional.WombatUpdater.A, C:\Windows\apppatch\Custom\{a53dd3e5-0283-4ab3-b77c-7bd1bc7550c6}.sdb, , [0bd1b15af89339fd7d3393883dc67987],
PUP.Optional.TunePro360.A, C:\Program Files (x86)\adlevel\TunePro360Updater.exe, , [01dbf417dab1e5514c9fa5767e859e62],
PUP.Optional.TunePro360.A, C:\Program Files (x86)\adlevel\temp.data, , [01dbf417dab1e5514c9fa5767e859e62],
PUP.Optional.TunePro360.A, C:\Program Files (x86)\adlevel\temp.zip, , [01dbf417dab1e5514c9fa5767e859e62],
Trojan.Agent, C:\a.exe, , [f7e5d734fc8f8caa78d6099c758ece32],
Trojan.Agent, C:\s.exe, , [01db7992adde7cba1836ebba81823bc5],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\WeWatcherProxy.tlb, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\freebl3.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\libnspr4.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\libplc4.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\libplds4.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\nss3.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\nssckbi.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\nssdbm3.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\nssutil3.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\smime3.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\softokn3.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\sqlite3.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\ssl3.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\uninstall.exe, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Windows\Temp\WeWatcherProxy.log, , [39a3ac5fc0cb88aec908486847bd8f71],
PUP.Optional.WeWatcherProxy.A, C:\Windows\Temp\WeWatcherProxyr.log, , [ca123ccf7a11d95d19b86749768e12ee],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\2EC88D00-1439869900-81E3-2A6A-E03F49DDD7C4\knsr99F0.tmpfs, , [b22a7e8df59660d6e704ded2da2a59a7],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\2EC88D00-1439869900-81E3-2A6A-E03F49DDD7C4\Uninstall.exe, , [b22a7e8df59660d6e704ded2da2a59a7],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12533571474916105663\0f839359446eec4ccf960380f5727f87.ini, , [dffd8d7e2f5ce5515e8f79383ec6cb35],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12533571474916105663\4775d99c57b1799ecf960380f5727f87.ini, , [dffd8d7e2f5ce5515e8f79383ec6cb35],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12533571474916105663\720f0a2b9afe7af3cf960380f5727f87.ini, , [dffd8d7e2f5ce5515e8f79383ec6cb35],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12533571474916105663\8452e691c1478e9acf960380f5727f87.ini, , [dffd8d7e2f5ce5515e8f79383ec6cb35],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12533571474916105663\954accd1ef18255bcf960380f5727f87.ini, , [dffd8d7e2f5ce5515e8f79383ec6cb35],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12533571474916105663\a4972f3d267d7857cf960380f5727f87.ini, , [dffd8d7e2f5ce5515e8f79383ec6cb35],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12533571474916105663\c5dda88116364677cf960380f5727f87.ini, , [dffd8d7e2f5ce5515e8f79383ec6cb35],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12533571474916105663\cd5b15e575e1c3d0cf960380f5727f87.ini, , [dffd8d7e2f5ce5515e8f79383ec6cb35],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12533571474916105663\d1b823d8a4cc4149cf960380f5727f87.ini, , [dffd8d7e2f5ce5515e8f79383ec6cb35],
PUP.Optional.Linkury.A, C:\ProgramData\Tristip\x4hx0wls.dll, , [5389fd0e0c7f92a4642677a37a89d030],
PUP.Optional.Linkury.A, C:\ProgramData\Tristips\ff.HP, , [904c3dcee0ab71c50d7e05155fa47f81],
PUP.Optional.Linkury.A, C:\ProgramData\Tristips\ff.NT, , [904c3dcee0ab71c50d7e05155fa47f81],
PUP.Optional.Linkury.A, C:\ProgramData\Tristips\snp.sc, , [904c3dcee0ab71c50d7e05155fa47f81],
PUP.Optional.HijackHosts.Gen, C:\Windows\System32\sufo\cytz\aog.dat, , [6f6d3fcc67240d29ae3a454e75901fe1],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 22.8.2015
Čas skenování: 23:13
Protokol: Test.txt
Správce: Ano
Verze: 2.1.8.1057
Databáze malwaru: v2015.08.22.04
Databáze rootkitů: v2015.08.16.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: PC
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 418072
Uplynulý čas: 22 min, 9 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 29
PUP.Optional.TuneUpPro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5E04457F-D6D4-4A7E-8277-5EF1CA591CC7}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.TuneUpPro.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5E04457F-D6D4-4A7E-8277-5EF1CA591CC7}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.TuneUpPro.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{9135D966-D8E1-4CE1-8F64-CDF735B86D92}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.TuneUpPro.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1A9DB3CD-5128-4A39-93EE-B269CFB3DD85}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.TuneUpPro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1A9DB3CD-5128-4A39-93EE-B269CFB3DD85}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.TuneUpPro.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{1A9DB3CD-5128-4A39-93EE-B269CFB3DD85}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.TuneUpPro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{9135D966-D8E1-4CE1-8F64-CDF735B86D92}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.TuneUpPro.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{9135D966-D8E1-4CE1-8F64-CDF735B86D92}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.TuneUpPro.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{5E04457F-D6D4-4A7E-8277-5EF1CA591CC7}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.TuneUpPro.A, HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5E04457F-D6D4-4A7E-8277-5EF1CA591CC7}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.TuneUpPro.A, HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5E04457F-D6D4-4A7E-8277-5EF1CA591CC7}, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.PCKeeper.C, HKLM\SOFTWARE\MICROSOFT\TRACING\PCKeeperService_RASAPI32, , [a43822e98cff979f931f4e6942c21ae6],
PUP.Optional.PCKeeper.C, HKLM\SOFTWARE\MICROSOFT\TRACING\PCKeeperService_RASMANCS, , [5c8038d3137843f34c6605b2e321ed13],
PUP.Optional.PCKeeper.C, HKLM\SOFTWARE\MICROSOFT\TRACING\PCKeeper_RASAPI32, , [687448c3187330065d5513a4808436ca],
PUP.Optional.PCKeeper.C, HKLM\SOFTWARE\MICROSOFT\TRACING\PCKeeper_RASMANCS, , [697303087a1141f5377bd9de28dce020],
PUP.Optional.WombatUpdater.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\SERVICE1291.EXE, , [bf1d66a54546c571e1d03ae1857e6e92],
PUP.Optional.TunePro360.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\TunePro360 Updater, , [3aa23ad12c5f5dd941adaf6c8d762bd5],
PUP.Optional.WordSurfer.A, HKLM\SOFTWARE\WOW6432NODE\WordSurfer_1.10.0.19, , [9d3f9675612ac86ed6dd0ea3758f2cd4],
PUP.Optional.SushiLeads.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\SushiLeadsApplication_RASAPI32, , [33a917f407840f2708b7a70b12f2d32d],
PUP.Optional.SushiLeads.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\SushiLeadsApplication_RASMANCS, , [924acd3ee5a69f97d8e74072ca3a6997],
PUP.Optional.PCKeeper.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E44BBEE3-3F83-4670-9E2E-EE0556442287}, , [6478be4d0a8152e4efc454637094f50b],
PUP.Optional.PCSpeedUp.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, , [6b7166a50487fa3c775efbb045bf8d73],
PUP.Optional.SushiLeads.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\SushiLeadsUpdaterService, , [d705bf4cfa91ed494f0a89989271bb45],
PUP.Optional.InstallCore.A, HKU\S-1-5-18\SOFTWARE\ICSW1.13, , [9f3da863e5a6ed496791a779d1327888],
PUP.Optional.Shopperz.A, HKU\S-1-5-18\SOFTWARE\{98AD4C4E-92AB-47B9-A529-A437E2E545E0}, , [508c8883a3e80531dbc7b5fc8a7ac13f],
PUP.Optional.Shopperz.A, HKU\S-1-5-19\SOFTWARE\{98AD4C4E-92AB-47B9-A529-A437E2E545E0}, , [6f6d62a996f5be78cdd5efc2f80cc33d],
PUP.Optional.Shopperz.A, HKU\S-1-5-20\SOFTWARE\{98AD4C4E-92AB-47B9-A529-A437E2E545E0}, , [18c47f8cf09bb2849111961b28dc6e92],
PUP.Optional.Shopperz.A, HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\SOFTWARE\{98AD4C4E-92AB-47B9-A529-A437E2E545E0}, , [716b16f5a3e82313abf7f6bb33d16e92],
PUP.Optional.Shopperz.A, HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\SOFTWARE\{98AD4C4E-92AB-47B9-A529-A437E2E545E0}, , [fedeae5d8ffc45f1a002367b9470ef11],
Hodnoty registru: 13
PUP.Optional.WombatUpdater.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\Service1291.exe|{a53dd3e5-0283-4ab3-b77c-7bd1bc7550c6}.sdb, 130843453857137525, , [bf1d66a54546c571e1d03ae1857e6e92]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}, , [63794dbe5338d85e6b1a1b9764a0d62a]
PUP.Optional.PCKeeper.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E44BBEE3-3F83-4670-9E2E-EE0556442287}|DisplayName, PCKeeper, , [6478be4d0a8152e4efc454637094f50b]
PUP.Optional.TunePro360.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{969a43f0-fd3b-4026-aa4b-af70ac7c9d9c}, \distribution\bundles\{969a43f0-fd3b-4026-aa4b-af70ac7c9d9c}, , [26b6907be6a532046788e13a8f7442be]
PUP.Optional.Shopperz.A, HKU\S-1-5-18\SOFTWARE\{98ad4c4e-92ab-47b9-a529-a437e2e545e0}|Name, C:\Program Files\shopperz12082015\Tuejet.exe, , [508c8883a3e80531dbc7b5fc8a7ac13f]
PUP.Optional.Shopperz.A, HKU\S-1-5-19\SOFTWARE\{98ad4c4e-92ab-47b9-a529-a437e2e545e0}|Name, C:\Program Files\shopperz12082015\Tuejet.exe, , [6f6d62a996f5be78cdd5efc2f80cc33d]
PUP.Optional.Shopperz.A, HKU\S-1-5-20\SOFTWARE\{98ad4c4e-92ab-47b9-a529-a437e2e545e0}|Name, C:\Program Files\shopperz12082015\Tuejet.exe, , [18c47f8cf09bb2849111961b28dc6e92]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}, , [10cc39d2a6e57cba0d75476bc53fe917]
PUP.Optional.Shopperz.A, HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\SOFTWARE\{98ad4c4e-92ab-47b9-a529-a437e2e545e0}|Name, C:\Program Files\shopperz12082015\Tuejet.exe, , [716b16f5a3e82313abf7f6bb33d16e92]
PUP.Optional.Linkury.A, HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\ENVIRONMENT|SNF, C:\ProgramData\Tristips\snp.sc, , [37a5f5168803b58167699f13a85cdf21]
PUP.Optional.Linkury.A, HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\ENVIRONMENT|SNP, http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D?publisher=APSFIsc&co=US&userid=5d98adb2-d499-2440-3a7e-daa8dd21db44&searchtype=sc&installDate=18.08.2015&barcodeid=50028023&channelid=23, , [3aa21dee1477e94d646d9919f60ec838]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}, , [805c52b9474465d1dca6238f6b99817f]
PUP.Optional.Shopperz.A, HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\SOFTWARE\{98ad4c4e-92ab-47b9-a529-a437e2e545e0}|Name, C:\Program Files\shopperz12082015\Tuejet.exe, , [fedeae5d8ffc45f1a002367b9470ef11]
Data registru: 4
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4290684590-2047622957-4230303226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}),,[85576ba0ec9f77bf26b8a6b39372e51b]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4290684590-2047622957-4230303226-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ7Fa-0_fuaC6bBZRpZmmDfJ_DGF22c1V02Tj_29TgJdMw-1d238bX4zgHYMQ33rHYVY6pslny53IIETQSmpheXhZ4lszAmlNT3moXfkQ-p94IH42FwdwpSgORDJC9EEU4bgRs5LoAwD7eFh2QAs4jpinmtZI,&q={searchTerms}),,[1fbdd13a8605320459852c2da164c23e]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{60B0C5D2-11C7-4334-96A0-AE954B20F1DA}|NameServer, 82.163.143.152,82.163.142.154, Dobré: (), Špatné: (82.163.143.152,82.163.142.154),,[3f9d17f4a3e8a98d8206352537cec43c]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{84F96D3E-7928-4689-93CF-E962AD7E4180}|NameServer, 82.163.143.152,82.163.142.154, Dobré: (), Špatné: (82.163.143.152,82.163.142.154),,[19c31fec226944f285035703bb4a6e92]
Složky: 8
PUP.Optional.TunePro360.A, C:\Program Files (x86)\adlevel, , [01dbf417dab1e5514c9fa5767e859e62],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\2EC88D00-1439869900-81E3-2A6A-E03F49DDD7C4, , [b22a7e8df59660d6e704ded2da2a59a7],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12533571474916105663, , [dffd8d7e2f5ce5515e8f79383ec6cb35],
Rogue.Multiple, C:\ProgramData\3872871776, , [6b7121ea2962be78bb057c5c9d6549b7],
PUP.Optional.OpenSoftwareUpdater.A, C:\Users\PC\AppData\Roaming\OpenSoftwareUpdater, , [1dbfb853bccf35013ad233e707fcf40c],
PUP.Optional.Linkury.A, C:\ProgramData\Tristip, , [5389fd0e0c7f92a4642677a37a89d030],
PUP.Optional.Linkury.A, C:\ProgramData\Tristips, , [904c3dcee0ab71c50d7e05155fa47f81],
Soubory: 48
PUP.Optional.TuneUpPro.A, C:\Program Files (x86)\adlevel\TunePro360.dll, , [f9e3c744d8b3ab8bf8d05045758d2cd4],
PUP.Optional.InstallIQ.A, C:\Users\PC\Documents\Downloads\applianflv_upgrade_1472.exe, , [e0fcd635b4d72a0c8b7bb23f9e62f50b],
PUP.Optional.DownloadAdmin, C:\Users\PC\Documents\Downloads\installer_adobe_flash_player_English.exe, , [6f6d38d3e5a61a1c535ee953d22e08f8],
PUP.Optional.MultiPlug, C:\Users\PC\Documents\Downloads\supernatural-bloody-mary-eng-3362689.exe, , [30acb358296262d4118b197c34cd867a],
PUP.Optional.APNToolBar.A, C:\Users\PC\Documents\Downloads\YTDSetup.exe, , [419b9477711a45f182a33b6b20e15ca4],
PUP.Optional.BundleInstaller.A, C:\Program Files (x86)\ServiceUpdater\ServUpdater.exe, , [b72544c75c2f01353be9cdbff80dc33d],
PUP.Optional.BundleInstaller.A, C:\Program Files (x86)\ServiceUpdater\WeWatcherLSP.dll, , [87553bd00d7e1f171a0a8903f60fd030],
PUP.Optional.BundleInstaller.A, C:\Program Files (x86)\ServiceUpdater\WeWatcherLSP.exe, , [ce0e39d219726cca75af9cf05baaf60a],
PUP.Optional.BundleInstaller.A, C:\Program Files (x86)\ServiceUpdater\WeWatcherLSP64.dll, , [cb116f9c0f7c5ed88b9990fc2dd844bc],
PUP.Optional.BundleInstaller.A, C:\Program Files (x86)\ServiceUpdater\WeWatcherLSP64.exe, , [ba223ecd246768cea282e2aa2adb9a66],
PUP.Optional.WombatUpdater.A, C:\Windows\apppatch\Custom\{a53dd3e5-0283-4ab3-b77c-7bd1bc7550c6}.sdb, , [0bd1b15af89339fd7d3393883dc67987],
PUP.Optional.TunePro360.A, C:\Program Files (x86)\adlevel\TunePro360Updater.exe, , [01dbf417dab1e5514c9fa5767e859e62],
PUP.Optional.TunePro360.A, C:\Program Files (x86)\adlevel\temp.data, , [01dbf417dab1e5514c9fa5767e859e62],
PUP.Optional.TunePro360.A, C:\Program Files (x86)\adlevel\temp.zip, , [01dbf417dab1e5514c9fa5767e859e62],
Trojan.Agent, C:\a.exe, , [f7e5d734fc8f8caa78d6099c758ece32],
Trojan.Agent, C:\s.exe, , [01db7992adde7cba1836ebba81823bc5],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\WeWatcherProxy.tlb, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\freebl3.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\libnspr4.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\libplc4.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\libplds4.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\nss3.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\nssckbi.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\nssdbm3.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\nssutil3.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\smime3.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\softokn3.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\sqlite3.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\ssl3.dll, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Program Files (x86)\ServiceUpdater\uninstall.exe, , [d20a9c6fc8c31521745b07a94db7eb15],
PUP.Optional.WeWatcherProxy.A, C:\Windows\Temp\WeWatcherProxy.log, , [39a3ac5fc0cb88aec908486847bd8f71],
PUP.Optional.WeWatcherProxy.A, C:\Windows\Temp\WeWatcherProxyr.log, , [ca123ccf7a11d95d19b86749768e12ee],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\2EC88D00-1439869900-81E3-2A6A-E03F49DDD7C4\knsr99F0.tmpfs, , [b22a7e8df59660d6e704ded2da2a59a7],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\2EC88D00-1439869900-81E3-2A6A-E03F49DDD7C4\Uninstall.exe, , [b22a7e8df59660d6e704ded2da2a59a7],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12533571474916105663\0f839359446eec4ccf960380f5727f87.ini, , [dffd8d7e2f5ce5515e8f79383ec6cb35],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12533571474916105663\4775d99c57b1799ecf960380f5727f87.ini, , [dffd8d7e2f5ce5515e8f79383ec6cb35],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12533571474916105663\720f0a2b9afe7af3cf960380f5727f87.ini, , [dffd8d7e2f5ce5515e8f79383ec6cb35],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12533571474916105663\8452e691c1478e9acf960380f5727f87.ini, , [dffd8d7e2f5ce5515e8f79383ec6cb35],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12533571474916105663\954accd1ef18255bcf960380f5727f87.ini, , [dffd8d7e2f5ce5515e8f79383ec6cb35],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12533571474916105663\a4972f3d267d7857cf960380f5727f87.ini, , [dffd8d7e2f5ce5515e8f79383ec6cb35],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12533571474916105663\c5dda88116364677cf960380f5727f87.ini, , [dffd8d7e2f5ce5515e8f79383ec6cb35],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12533571474916105663\cd5b15e575e1c3d0cf960380f5727f87.ini, , [dffd8d7e2f5ce5515e8f79383ec6cb35],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\12533571474916105663\d1b823d8a4cc4149cf960380f5727f87.ini, , [dffd8d7e2f5ce5515e8f79383ec6cb35],
PUP.Optional.Linkury.A, C:\ProgramData\Tristip\x4hx0wls.dll, , [5389fd0e0c7f92a4642677a37a89d030],
PUP.Optional.Linkury.A, C:\ProgramData\Tristips\ff.HP, , [904c3dcee0ab71c50d7e05155fa47f81],
PUP.Optional.Linkury.A, C:\ProgramData\Tristips\ff.NT, , [904c3dcee0ab71c50d7e05155fa47f81],
PUP.Optional.Linkury.A, C:\ProgramData\Tristips\snp.sc, , [904c3dcee0ab71c50d7e05155fa47f81],
PUP.Optional.HijackHosts.Gen, C:\Windows\System32\sufo\cytz\aog.dat, , [6f6d3fcc67240d29ae3a454e75901fe1],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny pocitac, reklamy, a autom. stazeni programov
Všechny nálezy smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomaleny pocitac, reklamy, a autom. stazeni programov
Bohuzel este stale tam ostal nejaky virus pretoze browsingovanie mam velmi pomale a tie pop-ups stranky mam este stale, ten malwarebytes v kuse mi blokuje domenu tr553, ale neviem sa toho zbavyt nijak. spustil som dalsi scan a vymazal, ale stale totam ostava.
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny pocitac, reklamy, a autom. stazeni programov
V kterém se to děje prohlížeči?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?