Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
Ran by ASUS (administrator) on PC (28-09-2015 16:54:46)
Running from C:\Users\ASUS\Desktop
Loaded Profiles: ASUS (Available Profiles: UpdatusUser & ASUS)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
() C:\ProgramData\Airron\Airron.exe
() C:\ProgramData\ApplicationHosting\ApplicationHosting.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
() C:\WINDOWS\SysWOW64\PnkBstrA.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Microsoft Corporation) C:\WINDOWS\System32\GWX\GWX.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\System32\igfxsrvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Users\ASUS\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\ASUS\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\ProgramData\Airron\Airron.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
(GameRanger Technologies) C:\Users\ASUS\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
(Echobit LLC) C:\Program Files\Echobit\Evolve\EvolveClient.exe
(Echobit LLC) C:\Program Files\Echobit\Evolve\EvoSvc.exe
(Echobit, LLC) C:\Program Files\Echobit\Evolve\Drivers\EvolveTracker_32.exe
(Echobit, LLC) C:\Program Files\Echobit\Evolve\Drivers\EvolveTracker_64.exe
(Echobit, LLC) C:\Program Files\Echobit\Evolve\EvolveUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Echobit, LLC) C:\Program Files\Echobit\Evolve\EvolveUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\ASUS\Desktop\FRSTLauncher (1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13197456 2012-09-28] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2916584 2010-08-12] (ESET)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\...\Run: [EvolveClient] => C:\Program Files\Echobit\Evolve\EvolveClient.exe [3334016 2015-07-23] (Echobit LLC)
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\ASUS\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\ASUS\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
AppInit_DLLs: C:\ProgramData\Airron\Haykix.dll => C:\ProgramData\Airron\Haykix.dll [883200 2015-09-25] ()
AppInit_DLLs-x32: C:\ProgramData\Airron\Kantom.dll => C:\ProgramData\Airron\Kantom.dll [738816 2015-09-25] ()
Startup: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk [2015-07-09]
ShortcutTarget: GameRanger.lnk -> C:\Users\ASUS\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (GameRanger Technologies)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{56EE1D7F-67FF-4DA8-AF0F-643A1D516CE3}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{FC31EF48-E3C3-4A48-ABC5-1B2F6B3CB9A1}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1447694392-248528962-4126827209-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1447694392-248528962-4126827209-1002 -> {060B046C-71E8-4393-B42C-F6E213AC19E1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1447694392-248528962-4126827209-1002 -> {0BBA08A4-3430-4924-BBD8-987539D419CE} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-1447694392-248528962-4126827209-1002 -> {28FB04F3-498F-4FC4-BB59-56790F44FF2C} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-1447694392-248528962-4126827209-1002 -> {356A085D-E3AB-460C-A3F1-3874890869B1} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1447694392-248528962-4126827209-1002 -> {60CD57CE-8ED8-4F14-B488-39DCE95BEC7E} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-1447694392-248528962-4126827209-1002 -> {78CF3F94-9144-427E-92C5-1B51230A2B0A} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1447694392-248528962-4126827209-1002 -> {828F1FDD-72DA-483B-9599-4F5386202733} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1447694392-248528962-4126827209-1002 -> {B6A4C9EB-A25A-4496-87E1-35432DD113C9} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-1447694392-248528962-4126827209-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\ASUS\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1447694392-248528962-4126827209-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ASUS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: No Name - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2015-06-16]
Chrome:
=======
CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2OVvqpTxFp_mf8596oJ0raYPS2lBR3JnibuQMfA_mb-rAreTX0THRAcx_1LRKClLpeDYPKh1k8l7ChCjf7-OeNDChoByk3k4CticzKuceTJz3Lms4Uu0d8z_0sjkad4ODVqOaz0noIKCHT9
CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2OVvqpTxFp_mf8596oJ0raYPS2lBR3JnibuQMfA_mb-rAreTX0THRAcx_1LRKClLpePCgBepKrUDjwX3IGU169okcaik6klpJ9T0bEBBRGUFATLeKxqXQJxlywRA4feEP4_qpzpkpC6eGVy&q={searchTerms}
CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
CHR Profile: C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-03]
CHR Extension: (Dokumenty Google) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-03]
CHR Extension: (Disk Google) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-03]
CHR Extension: (YouTube) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-03]
CHR Extension: (Vyhledávání Google) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-03]
CHR Extension: (Tabulky Google) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-02]
CHR Extension: (Skype Click to Call) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-08-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-03]
CHR Extension: (Gmail) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-03]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Airron; C:\ProgramData\\Airron\\Airron.exe [441856 2015-09-20] () [File not signed]
R2 ApplicationHosting; C:\ProgramData\\ApplicationHosting\\ApplicationHosting.exe [441856 2015-09-21] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [42360 2010-08-12] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [810144 2010-08-12] (ESET)
R3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1583488 2015-07-13] (Echobit LLC)
S2 gupdate1d0a83d726de062; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-08-03] (Google Inc.)
S3 gupdatem1d0a83d728293cb; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-08-03] (Google Inc.)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75064 2015-08-09] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)
S3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-10-01] (Intel Corporation)
S3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-10-01] (Intel Corporation)
S3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-10-01] (Intel Corporation)
S3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [96576 2012-10-01] (Intel Corporation)
S3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229184 2012-10-01] (Intel Corporation)
S3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363328 2012-10-01] (Intel Corporation)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [168544 2010-07-29] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [141264 2010-07-29] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [126320 2010-07-29] (ESET)
S3 IntcDAud; C:\Windows\system32\DRIVERS\IntcDAud.sys [342528 2012-10-08] (Intel(R) Corporation) [File not signed]
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S2 BstHdDrv; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [X]
R3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-28 16:54 - 2015-09-28 16:54 - 00112640 _____ (forum.viry.cz) C:\Users\ASUS\Desktop\FRSTLauncher (1).exe
2015-09-28 16:53 - 2015-09-28 16:54 - 00112640 _____ (forum.viry.cz) C:\Users\ASUS\Downloads\FRSTLauncher (1).exe
2015-09-28 16:52 - 2015-09-28 16:52 - 02192384 _____ (Farbar) C:\Users\ASUS\Downloads\FRST64 (1).exe
2015-09-28 16:52 - 2015-09-28 16:52 - 02192384 _____ (Farbar) C:\Users\ASUS\Desktop\FRST64 (1).exe
2015-09-28 15:31 - 2015-09-28 15:31 - 00008072 _____ C:\Users\ASUS\Desktop\oki.txt
2015-09-28 12:31 - 2015-09-28 13:52 - 726463312 _____ C:\Users\ASUS\Downloads\Rocky-2-Cz-Avi-Super-DablinG-Siv.avi.crdownload
2015-09-27 20:57 - 2014-02-13 23:59 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-09-27 20:37 - 2015-09-27 20:37 - 01308672 _____ C:\Users\ASUS\Downloads\zoek.exe
2015-09-27 20:37 - 2015-08-02 22:27 - 00019757 _____ C:\zoek-results2015-08-02-202722.log
2015-09-27 20:36 - 2015-09-27 20:36 - 04328652 _____ C:\Users\ASUS\Downloads\zoek.rar
2015-09-27 20:36 - 2015-09-27 20:36 - 04328652 _____ C:\Users\ASUS\Desktop\zoek.rar
2015-09-27 20:33 - 2015-09-27 20:33 - 00001610 _____ C:\Users\ASUS\Desktop\JRT.txt
2015-09-27 20:29 - 2015-09-27 20:29 - 01800512 _____ (Malwarebytes) C:\Users\ASUS\Downloads\JRT.exe
2015-09-27 20:29 - 2015-09-27 20:29 - 01800512 _____ (Malwarebytes) C:\Users\ASUS\Desktop\JRT.exe
2015-09-26 22:05 - 2015-09-26 22:05 - 00614611 _____ C:\Users\ASUS\Downloads\Mouse_Speed_Switcher_2_0_keygen_by_DBC.zip.zip
2015-09-26 22:02 - 2015-09-26 22:02 - 00935393 _____ C:\Users\ASUS\Downloads\Mouse_Speed_Switcher_2_0_keygen_by_Lz0.exe.zip
2015-09-26 15:38 - 2015-09-26 15:39 - 02007544 _____ (Gianpaolo Bottin ) C:\Users\ASUS\Downloads\MouseSpeedSetup (3).exe
2015-09-26 11:23 - 2015-09-26 12:25 - 1008460141 _____ C:\Users\ASUS\Downloads\!Rocky-1-1976-cz.avi.crdownload
2015-09-26 09:51 - 2015-09-26 09:51 - 00003820 _____ C:\WINDOWS\System32\Tasks\Install
2015-09-26 00:09 - 2015-09-26 00:09 - 00000674 _____ C:\Users\ASUS\Desktop\strikebounce.cfg
2015-09-26 00:07 - 2015-09-26 00:07 - 00000222 _____ C:\Users\ASUS\Downloads\Strike Balcony strafe.txt
2015-09-26 00:04 - 2015-09-26 00:04 - 00000661 _____ C:\Users\ASUS\Desktop\crossfirejump.cfg
2015-09-26 00:04 - 2015-09-26 00:04 - 00000261 _____ C:\Users\ASUS\Desktop\StrafeScript.cfg
2015-09-26 00:02 - 2015-09-26 00:02 - 00000519 _____ C:\Users\ASUS\Downloads\crash.cfg
2015-09-26 00:02 - 2015-09-26 00:02 - 00000519 _____ C:\Users\ASUS\Desktop\crash.cfg
2015-09-26 00:00 - 2015-09-26 00:00 - 00000124 _____ C:\Users\ASUS\Downloads\COD4 Deagle Scrollfire Script.txt
2015-09-25 23:56 - 2015-09-25 23:56 - 00000356 _____ C:\Users\ASUS\Downloads\COD4 Citystreet strafe bind.txt
2015-09-25 23:53 - 2015-09-25 23:53 - 00000295 _____ C:\Users\ASUS\Downloads\COD4 Crash Jumpscript.txt
2015-09-25 23:50 - 2015-09-25 23:50 - 00000219 _____ C:\Users\ASUS\Downloads\COD4 Deagle Button Script.txt
2015-09-25 23:37 - 2015-09-26 10:01 - 00000647 _____ C:\Users\ASUS\Desktop\strike2.cfg
2015-09-25 23:34 - 2015-09-25 23:34 - 00000319 _____ C:\Users\ASUS\Downloads\strike2.rar
2015-09-25 20:41 - 2015-09-25 20:41 - 00003440 _____ C:\Users\ASUS\Desktop\7777.txt
2015-09-25 19:33 - 2015-09-25 19:33 - 00040739 _____ C:\Users\ASUS\Desktop\6hodin.txt
2015-09-25 12:46 - 2015-09-25 12:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-25 12:45 - 2015-09-25 12:45 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\ASUS\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-25 12:36 - 2015-09-25 12:36 - 01662976 _____ C:\Users\ASUS\Downloads\adwcleaner_5.008.exe
2015-09-25 12:36 - 2015-09-25 12:36 - 01662976 _____ C:\Users\ASUS\Desktop\adwcleaner_5.008.exe
2015-09-25 11:41 - 2015-09-25 11:41 - 04875861 _____ C:\Program Files\Common Files\1hmzmq13.exe
2015-09-25 11:25 - 2015-09-25 19:57 - 00000000 ____D C:\Program Files\Common Files\ncqwmj3j
2015-09-25 11:25 - 2015-09-25 11:25 - 00003156 _____ C:\WINDOWS\System32\Tasks\00bnggyf
2015-09-25 10:59 - 2015-09-28 16:55 - 00017681 _____ C:\Users\ASUS\Desktop\FRST.txt
2015-09-25 10:59 - 2015-09-25 10:58 - 00112640 _____ (forum.viry.cz) C:\Users\ASUS\Desktop\FRSTLauncher.exe
2015-09-25 10:58 - 2015-09-25 10:58 - 00112640 _____ (forum.viry.cz) C:\Users\ASUS\Downloads\FRSTLauncher.exe
2015-09-25 10:54 - 2015-09-25 10:54 - 02192384 _____ (Farbar) C:\Users\ASUS\Downloads\FRST64.exe
2015-09-25 10:30 - 2015-09-28 16:02 - 00000000 ____D C:\ProgramData\Airron
2015-09-25 10:30 - 2015-09-25 10:30 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Mozilla
2015-09-25 10:30 - 2015-09-25 10:30 - 00000000 ____D C:\ProgramData\ApplicationHosting
2015-09-25 10:25 - 2015-09-27 20:27 - 00000000 ____D C:\Program Files\Concom
2015-09-25 10:25 - 2015-09-25 10:25 - 00003042 _____ C:\WINDOWS\System32\Tasks\Virtual Bus
2015-09-25 10:24 - 2015-08-02 21:51 - 00000753 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-09-25 10:23 - 2015-09-25 10:23 - 01661679 _____ C:\Users\ASUS\Downloads\Keygen_v7.rar
2015-09-25 10:21 - 2015-09-27 20:23 - 00001061 _____ C:\Users\ASUS\Desktop\Mouse Speed Switcher.lnk
2015-09-25 10:21 - 2015-09-25 10:21 - 02007912 _____ (Gianpaolo Bottin ) C:\Users\ASUS\Downloads\MouseSpeedSetup (2).exe
2015-09-25 10:21 - 2015-09-25 10:21 - 02007912 _____ (Gianpaolo Bottin ) C:\Users\ASUS\Downloads\MouseSpeedSetup (1).exe
2015-09-25 10:21 - 2015-09-25 10:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mouse Speed Switcher
2015-09-25 10:21 - 2015-09-25 10:21 - 00000000 ____D C:\Program Files (x86)\MouseSpeedSwitcher
2015-09-24 23:09 - 2015-09-27 20:58 - 00093006 _____ C:\WINDOWS\PFRO.log
2015-09-24 20:34 - 2015-09-28 15:03 - 00007274 _____ C:\WINDOWS\setupact.log
2015-09-24 20:34 - 2015-09-24 20:34 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-09-24 20:21 - 2015-09-24 20:21 - 00633886 _____ C:\Users\ASUS\Desktop\wawa_3daim_tdm.iwd
2015-09-24 16:57 - 2015-09-27 20:23 - 00000981 _____ C:\Users\ASUS\Desktop\GSC.lnk
2015-09-24 16:57 - 2015-09-24 16:57 - 00000000 ____D C:\Users\ASUS\Documents\GSC
2015-09-24 16:57 - 2015-09-24 16:57 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GSC 2.00
2015-09-24 16:56 - 2015-09-27 21:09 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\GSC 2.00
2015-09-24 16:56 - 2015-09-24 16:57 - 00000000 ____D C:\Program Files (x86)\GSC 2.00
2015-09-24 16:56 - 2015-09-24 16:56 - 00209144 _____ C:\Users\ASUS\Downloads\GSCSetup.exe
2015-09-23 20:41 - 2015-09-23 22:23 - 1803217814 _____ C:\Users\ASUS\Downloads\Obávaný-bojovník-(2006)-(CZ)-(Akční,-Drama,-Životopisný).avi.crdownload
2015-09-23 17:59 - 2015-09-23 17:59 - 07620921 _____ C:\Users\ASUS\Desktop\mp_disco.iwd
2015-09-23 15:52 - 2015-09-23 15:52 - 00000038 _____ C:\Users\ASUS\Desktop\flm dwlnd.txt
2015-09-23 11:08 - 2015-09-23 11:08 - 00047537 _____ C:\Users\ASUS\Desktop\399.ass
2015-09-23 10:50 - 2012-04-13 00:22 - 171182616 _____ C:\Users\ASUS\Desktop\400 - Rhapsody In Drew.avi
2015-09-21 17:22 - 2015-09-21 17:33 - 189493248 _____ C:\Users\ASUS\Downloads\Pokemon-08x393-Bobulí-dobrodružství.avi.crdownload
2015-09-21 13:05 - 2015-09-21 14:03 - 1047527424 _____ C:\Users\ASUS\Downloads\Přískra8.part06.rar
2015-09-20 23:26 - 2015-09-20 23:26 - 00003489 _____ C:\Users\ASUS\Desktop\config.cfg
2015-09-20 19:55 - 2015-09-20 19:55 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Canneverbe Limited
2015-09-20 19:55 - 2015-09-20 19:55 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2015-09-20 19:54 - 2015-09-20 19:55 - 05650560 _____ (Canneverbe Limited ) C:\Users\ASUS\Downloads\cdbxp_setup_4.5.6.5844.exe
2015-09-20 19:48 - 2015-09-20 19:50 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Nero
2015-09-20 19:47 - 2015-09-24 18:15 - 00000000 ____D C:\ProgramData\Nero
2015-09-20 19:44 - 2015-09-20 19:44 - 59902132 _____ (Oleg N. Scherbakov) C:\Users\ASUS\Downloads\Nero-9.4.12.3_free-notoolbar.exe
2015-09-19 15:31 - 2015-09-19 15:31 - 00010457 _____ C:\Users\ASUS\Downloads\macro-sakura.lua
2015-09-19 13:04 - 2015-09-19 13:15 - 202790912 _____ C:\Users\ASUS\Downloads\Pokemon-08x392-Pacifidlogská-šance.avi.crdownload
2015-09-19 12:51 - 2015-09-19 13:50 - 1047527424 _____ C:\Users\ASUS\Downloads\Přískra8.part05.rar
2015-09-19 12:29 - 2015-09-19 12:39 - 188651520 _____ C:\Users\ASUS\Downloads\Pokemon-08x397-Zahájení-Velkých-slavností.avi
2015-09-19 11:40 - 2015-09-19 11:40 - 00045616 _____ C:\Users\ASUS\Desktop\398 red col.ass
2015-09-19 09:50 - 2015-09-27 20:23 - 00000488 _____ C:\Users\ASUS\Desktop\398.lnk
2015-09-19 09:46 - 2015-09-19 09:46 - 00001930 _____ C:\Users\ASUS\Downloads\Fonty.ass
2015-09-18 18:56 - 2015-09-18 19:06 - 161701888 _____ C:\Users\ASUS\Downloads\Pokemon-08x391-Chaotická-bitka-o-stuhu.avi
2015-09-18 18:09 - 2015-09-18 18:20 - 199135232 _____ C:\Users\ASUS\Downloads\Pokemon-08x390-Zamilovaní-Donphani.avi.crdownload
2015-09-18 18:03 - 2015-09-19 21:06 - 00005712 _____ C:\Users\ASUS\Desktop\PKMN files.txt
2015-09-17 21:46 - 2015-09-17 21:58 - 203270144 _____ C:\Users\ASUS\Downloads\Pokemon-08x389-Wynautí-spřežení.avi
2015-09-17 14:43 - 2015-09-17 14:54 - 199258112 _____ C:\Users\ASUS\Downloads\Pokemon-08x388-Zloděj-Linoone.avi.crdownload
2015-09-17 14:01 - 2015-09-17 14:12 - 200376320 _____ C:\Users\ASUS\Downloads\Pokemon-08x387-Osm-nestačí.avi.crdownload
2015-09-17 13:28 - 2015-09-17 13:39 - 200065024 _____ C:\Users\ASUS\Downloads\Pokemon-08x386-Důležitý-osmý-zápas.avi.crdownload
2015-09-17 12:44 - 2015-09-17 12:56 - 202438656 _____ C:\Users\ASUS\Downloads\Pokemon-08x385-Slyším-Raltse.avi
2015-09-17 10:28 - 2015-09-17 10:39 - 199852032 _____ C:\Users\ASUS\Downloads\Pokemon-08x384-Ledový-Snorunt.avi
2015-09-17 09:06 - 2015-09-17 09:20 - 191805440 _____ C:\Users\ASUS\Downloads\Pokemon-08x383-Absol-utní-pohroma.avi
2015-09-16 21:18 - 2015-09-16 21:29 - 191229952 _____ C:\Users\ASUS\Downloads\Pokemon-08x382-Tajemné-Trapinchí-jezero.avi
2015-09-16 18:35 - 2015-09-16 18:46 - 201375744 _____ C:\Users\ASUS\Downloads\Pokemon-08x381-Jedna-Mawile.avi
2015-09-16 16:07 - 2015-09-16 16:18 - 188633088 _____ C:\Users\ASUS\Downloads\Pokemon-08x380-Horem-dolem-Claydolem.avi
2015-09-16 09:25 - 2015-09-16 09:35 - 189833216 _____ C:\Users\ASUS\Downloads\Pokemon-08x378-Kde-je-Armaldo.avi
2015-09-16 08:51 - 2015-09-16 08:51 - 00046365 _____ C:\Users\ASUS\Desktop\398 (1).ass
2015-09-15 22:37 - 2015-09-15 22:47 - 186136576 _____ C:\Users\ASUS\Downloads\Pokemon-08x377-Drake-z-Elitní-čtyřky.avi
2015-09-15 17:16 - 2015-09-15 17:27 - 187629568 _____ C:\Users\ASUS\Downloads\Pokemon-08x376-Silný-jako-Solrock.avi.crdownload
2015-09-15 16:54 - 2015-09-15 17:05 - 186451968 _____ C:\Users\ASUS\Downloads\Pokemon-08x375-Zápas-ve-vesmírném-středisku!.avi.crdownload
2015-09-15 15:13 - 2015-09-15 15:13 - 00015788 _____ C:\Users\ASUS\Downloads\[kat.cr]pokemon.battle.frontier.47.end.of.a.journey.yet.beginning.of.a.journey.jap.eng.subs (1).torrent
2015-09-15 15:07 - 2015-09-15 15:07 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\dvdcss
2015-09-15 14:48 - 2015-09-15 15:02 - 00000000 ____D C:\Users\ASUS\Downloads\Pokemon Season 9 - Battle Frontier
2015-09-15 14:48 - 2015-09-15 14:48 - 00073454 _____ C:\Users\ASUS\Downloads\Pokemon_Season_9_-_Battle_Frontier.torrent
2015-09-15 14:43 - 2015-09-15 14:43 - 00015788 _____ C:\Users\ASUS\Downloads\[kat.cr]pokemon.battle.frontier.47.end.of.a.journey.yet.beginning.of.a.journey.jap.eng.subs.torrent
2015-09-15 14:40 - 2015-09-15 14:40 - 00040379 _____ C:\Users\ASUS\Downloads\C797E8D33B4334BC6B36F8B6AC4AFCAE64748013.torrent
2015-09-15 14:27 - 2015-09-15 15:22 - 00000000 ____D C:\Users\ASUS\Downloads\9 - Battle Frontier
2015-09-15 14:27 - 2015-09-15 15:02 - 250513050 _____ C:\Users\ASUS\Desktop\426 - Battle Arena! Kakutou taiketsu! (Jap+Eng).ogm
2015-09-15 14:24 - 2015-09-15 14:24 - 00062625 _____ C:\Users\ASUS\Downloads\39617053076DB50B3B86746541507B45439F2FDA.torrent
2015-09-15 14:17 - 2015-09-15 15:37 - 00000000 ____D C:\Users\ASUS\Downloads\Pokemon Season 9 Battle Frontier Complete 323-468 Episods Salman Sk Silver RG
2015-09-15 14:15 - 2015-09-15 14:15 - 00015438 _____ C:\Users\ASUS\Downloads\71A2A0DEF6097275389ED15CF67D66349FC31E25.torrent
2015-09-15 14:00 - 2015-09-15 14:00 - 00520376 _____ C:\Users\ASUS\Downloads\subrip_0.96b.zip
2015-09-15 12:59 - 2015-09-28 07:53 - 00000000 ____D C:\Users\ASUS\Desktop\SK
2015-09-15 12:14 - 2015-09-20 10:40 - 00672015 _____ C:\Users\ASUS\Downloads\Anglické titulky pro AB.rar
2015-09-15 12:04 - 2015-09-15 12:04 - 00315558 _____ C:\Users\ASUS\Downloads\Titulky.zip
2015-09-15 10:47 - 2015-09-15 10:53 - 00047875 _____ C:\Users\ASUS\Downloads\398.ass
2015-09-14 20:28 - 2015-09-14 20:38 - 188598272 _____ C:\Users\ASUS\Downloads\Pokemon-08x374-Souboj-titánů.avi
2015-09-14 20:05 - 2015-09-14 20:15 - 185581568 _____ C:\Users\ASUS\Downloads\Pokemon-08x373-Vzestup-Groudona.avi.crdownload
2015-09-14 17:24 - 2015-09-14 17:35 - 190349312 _____ C:\Users\ASUS\Downloads\Pokemon-08x372-Zápas-svalů.avi.crdownload
2015-09-14 16:58 - 2015-09-14 17:09 - 174955520 _____ C:\Users\ASUS\Downloads\PA3GKO7AMH1SN.avi.crdownload
2015-09-14 16:18 - 2015-09-14 16:29 - 178276352 _____ C:\Users\ASUS\Downloads\PA3GKO7AMH0SN.avi.crdownload
2015-09-14 14:35 - 2015-09-14 14:35 - 00000702 _____ C:\Users\ASUS\Desktop\legit_scoperifle_bySubversion2.ass
2015-09-14 14:01 - 2015-09-14 14:11 - 179212288 _____ C:\Users\ASUS\Downloads\PA3GKO6AMH9SN.avi.crdownload
2015-09-14 12:37 - 2015-09-14 12:37 - 00498420 _____ C:\Users\ASUS\Downloads\codehook.rar
2015-09-14 11:57 - 2015-09-14 11:57 - 00000039 _____ C:\Users\ASUS\Desktop\legit_scoperifle_bySubversion2.txt
2015-09-14 11:36 - 2015-09-14 12:11 - 630777134 _____ C:\Users\ASUS\Downloads\Poketo7.part8.rar
2015-09-14 09:36 - 2015-09-26 18:11 - 00010803 _____ C:\Users\ASUS\Desktop\config_mp.cfg
2015-09-14 09:17 - 2015-09-14 09:17 - 01233137 _____ C:\Users\ASUS\Downloads\GoT-ss.rar
2015-09-13 22:55 - 2015-09-13 22:55 - 10774603 _____ C:\Users\ASUS\Desktop\tdm bur.rar
2015-09-13 22:47 - 2015-09-20 12:12 - 00000000 ____D C:\Users\ASUS\Desktop\tdm bur
2015-09-13 11:27 - 2015-09-13 11:27 - 02007912 _____ (Gianpaolo Bottin ) C:\Users\ASUS\Downloads\MouseSpeedSetup.exe
2015-09-13 11:27 - 2015-09-13 11:27 - 00000000 ____D C:\ProgramData\Licenses
2015-09-13 10:18 - 2015-09-13 10:18 - 00324319 _____ C:\Users\ASUS\Downloads\buttons_default.cfg
2015-09-12 13:15 - 2015-09-12 13:15 - 06839982 _____ C:\Users\ASUS\Desktop\mp_shipment.iwd
2015-09-12 13:15 - 2015-09-12 13:15 - 01243997 _____ C:\Users\ASUS\Desktop\mp_jojo.iwd
2015-09-12 13:15 - 2015-09-12 13:15 - 00589187 _____ C:\Users\ASUS\Desktop\mp_glassarena.iwd
2015-09-12 12:12 - 2015-09-12 12:12 - 00042054 _____ C:\Users\ASUS\Downloads\ZuRoMoDZ Ultimate Patch V1.1 With Real Aimbot(2).zip
2015-09-11 22:45 - 2015-09-11 22:46 - 00722432 _____ C:\Users\ASUS\Downloads\Console Variable Unlocker_[www.unknowncheats.me]_.exe
2015-09-11 12:58 - 2015-09-11 13:57 - 1047527424 _____ C:\Users\ASUS\Downloads\Poketo7.part7.rar
2015-09-10 16:24 - 2015-09-10 16:35 - 188651520 _____ C:\Users\ASUS\Downloads\Pokemon-08x397-Zahájení-Velkých-slavností.avi.crdownload
2015-09-10 13:14 - 2015-09-16 09:35 - 00007153 _____ C:\Users\ASUS\Desktop\ep1 fear factor phony.srt
2015-09-10 10:33 - 2015-09-10 10:43 - 181393110 _____ C:\Users\ASUS\Downloads\Episode-396---Ash-and-May!-Heated-Battles-in-Hoenn!-(not-aired-in-english).avi
2015-09-09 20:47 - 2015-09-27 20:24 - 00000957 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASSDraw3.lnk
2015-09-09 20:47 - 2015-09-27 20:24 - 00000928 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aegisub.lnk
2015-09-09 20:40 - 2015-09-09 20:40 - 00053375 _____ C:\Users\ASUS\Desktop\UTF-8.txt
2015-09-09 19:43 - 2015-09-09 19:43 - 00053375 _____ C:\Users\ASUS\Desktop\UFT-8.ass
2015-09-09 19:32 - 2015-09-09 19:32 - 00053375 _____ C:\Users\ASUS\Downloads\398_tmp_ff98.ass
2015-09-09 19:32 - 2015-09-09 19:32 - 00053375 _____ C:\Users\ASUS\Downloads\398_tmp_faed.ass
2015-09-09 19:27 - 2015-09-09 19:40 - 182687402 _____ C:\Users\ASUS\Desktop\Episode-398---Deceit-And-Assist.avi
2015-09-09 18:31 - 2015-09-09 18:31 - 00000710 _____ C:\Users\ASUS\Downloads\Plocha – zástupce.lnk
2015-09-09 18:14 - 2015-09-09 18:14 - 00003447 _____ C:\Users\ASUS\Downloads\PKMN---WG.ass
2015-09-09 17:26 - 2015-09-09 17:30 - 73404416 _____ C:\Users\ASUS\Downloads\Pocket_Monsters._Pikachu_no_Fuyuyasumi_(2000)_-_1_-_Winter_Games_-_[JDS](6bf190a1)(dub_en).avi
2015-09-09 12:03 - 2015-09-09 13:01 - 1047527424 _____ C:\Users\ASUS\Downloads\Poketo7.part6.rar
2015-09-09 10:49 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-09 10:49 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-09 10:49 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-09 10:49 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-09 10:49 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-09-09 10:49 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-09 10:49 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-09-09 10:49 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-09-09 10:49 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-09 10:49 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-09 10:49 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-09-09 10:48 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-09-09 10:48 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-09-09 10:48 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-09-09 10:44 - 2015-07-10 21:06 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2015-09-09 10:32 - 2015-09-09 11:11 - 594912904 _____ C:\Users\ASUS\Downloads\Pokemon_-_Film_6_-_Jirachi_co_plni_prani.avi.crdownload
2015-09-09 10:24 - 2015-09-09 11:23 - 1047527424 _____ C:\Users\ASUS\Downloads\Poketo7.part5.rar
2015-09-09 06:30 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-09 06:30 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-09 06:30 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-09 06:30 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-09 06:30 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-09 06:30 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-09 06:30 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-09 06:30 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-09 06:30 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-09 06:30 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-09 06:30 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-09 06:30 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-09 06:28 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-09 06:28 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 06:28 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 06:28 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-09 06:28 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 06:28 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-09 06:28 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-09 06:28 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-09 06:28 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-09 06:28 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-09 06:28 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-09 06:28 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 06:28 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-09 06:28 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-09 06:28 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-09 06:28 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-09 06:28 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-09 06:28 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-09 06:28 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-09 06:28 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-09 06:28 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-09 06:28 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-09 06:28 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-09 06:28 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-09 06:28 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-09 06:28 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-09 06:28 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-09 06:28 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-09 06:28 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-09 06:28 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-09 06:28 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-09 06:27 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-09 06:27 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 06:27 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-09 06:27 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-09 06:27 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-09 06:27 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-09 06:27 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-09 06:27 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-09 06:27 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-09 06:27 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-09 06:27 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 06:27 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-09 06:27 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-09 06:27 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 06:27 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 06:27 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-09 06:27 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 06:27 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 06:27 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 06:27 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-09 06:27 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-09 06:27 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-09-08 17:18 - 2015-09-08 17:28 - 183238656 _____ C:\Users\ASUS\Downloads\348-the-bicker-the-better---Uploaded-for-AGoA.super-forum.net-by-Sedlois.avi.crdownload
2015-09-07 18:08 - 2015-09-07 18:51 - 725458305 _____ C:\Users\ASUS\Downloads\PK5H.rar
2015-09-07 14:25 - 2015-09-07 14:25 - 00149666 _____ C:\Users\ASUS\Desktop\Trainwreck.2015.V2.READNFO.HDRip.XviD.AC3-EVO.srt
2015-09-06 16:54 - 2015-09-06 17:02 - 130061469 _____ C:\Users\ASUS\Downloads\Pokemon-Chronicles-03---Povest-o-hromu.mp4
2015-09-06 16:47 - 2015-09-06 16:54 - 129596952 _____ C:\Users\ASUS\Downloads\Pokemon-Chronicles-02---Povest-o-hromu.mp4
2015-09-05 18:17 - 2015-09-05 19:15 - 00000000 ____D C:\Users\ASUS\Downloads\Trainwreck.2015.V2.READNFO.HDRip.XviD.AC3-EVO
2015-09-05 18:16 - 2015-09-05 18:16 - 00118629 _____ C:\Users\ASUS\Downloads\Trainwreck2015V2READNFOHDRipXviDAC3-EVO - ThePirateBay.TO.torrent
2015-09-05 18:14 - 2015-09-05 18:14 - 00059246 _____ C:\Users\ASUS\Downloads\trainwreck.(2015).cze.1cd.(6282764).zip
2015-09-04 19:01 - 2015-09-04 19:01 - 00000898 _____ C:\Users\ASUS\Documents\Obrázky – zástupce.lnk
2015-09-04 17:00 - 2015-09-04 17:00 - 00010032 _____ C:\Users\ASUS\Downloads\317.rar
2015-09-04 15:41 - 2013-01-09 22:57 - 230241234 _____ C:\Users\ASUS\Desktop\314- Budiž světlo!.avi
2015-09-04 15:40 - 2013-01-09 22:35 - 00036414 _____ C:\Users\ASUS\Desktop\314- Budiž světlo!.ass
2015-09-04 14:12 - 2015-09-04 14:12 - 00056207 _____ C:\Users\ASUS\Desktop\orig397(2).ass
2015-09-03 16:33 - 2015-09-03 16:33 - 00001839 _____ C:\Users\ASUS\Downloads\config (1).zip
2015-09-03 16:31 - 2015-09-03 16:31 - 00013439 _____ C:\Users\ASUS\Downloads\config.zip
2015-09-02 11:57 - 2015-09-02 11:57 - 09547376 _____ C:\Users\ASUS\Downloads\[Akaname] Pokemon SPECIAL v01ch14.zip
2015-09-02 09:02 - 2015-09-02 09:02 - 00056743 _____ C:\Users\ASUS\Downloads\397 (1).ass
2015-09-02 08:20 - 2015-09-02 08:20 - 00000000 ____D C:\Users\ASUS\AppData\Local\Aegisub
2015-09-02 08:19 - 2015-09-09 20:47 - 00000000 ____D C:\Program Files\Aegisub
2015-09-02 08:18 - 2015-09-02 08:18 - 20891980 _____ (Aegisub Team ) C:\Users\ASUS\Downloads\Aegisub-3.2.2-64.exe
2015-09-02 08:17 - 2015-09-02 08:18 - 19602087 _____ (Aegisub Team ) C:\Users\ASUS\Downloads\Aegisub-3.2.2-32.exe
2015-09-02 08:16 - 2015-09-02 08:16 - 00041535 _____ C:\Users\ASUS\Desktop\orig397.srt
2015-09-01 20:12 - 2015-09-01 22:42 - 00042035 _____ C:\Users\ASUS\Desktop\39777777777.srt
2015-09-01 19:41 - 2015-09-01 20:11 - 00042243 _____ C:\Users\ASUS\Desktop\39777.srt
2015-09-01 19:26 - 2015-09-01 19:37 - 183511040 _____ C:\Users\ASUS\Downloads\Episode-397---Hi-Ho-Silver-Wind!.avi
2015-09-01 16:18 - 2015-09-01 19:40 - 00056268 _____ C:\Users\ASUS\Downloads\397.ass
2015-09-01 13:43 - 2012-04-13 16:28 - 150499062 _____ C:\Users\ASUS\Desktop\423 - Fear Factor Phony.avi
2015-09-01 12:58 - 2015-09-27 20:23 - 00002150 _____ C:\Users\ASUS\Desktop\Subtitle Workshop.lnk
2015-09-01 12:58 - 2015-09-01 12:58 - 01087682 _____ C:\Users\ASUS\Downloads\subtitleworkshop251.zip
2015-09-01 12:58 - 2015-09-01 12:58 - 00002150 _____ C:\Users\UpdatusUser\Desktop\Subtitle Workshop.lnk
2015-09-01 12:58 - 2004-03-19 13:53 - 01107022 _____ C:\Users\ASUS\Desktop\SubtitleWorkshop251.exe
2015-09-01 12:40 - 2015-09-01 13:40 - 1047527424 _____ C:\Users\ASUS\Downloads\Poketo9.part1.rar
2015-09-01 11:58 - 2015-09-01 12:39 - 731164987 _____ C:\Users\ASUS\Downloads\Poketo6.part09.rar
2015-09-01 10:33 - 2015-09-01 11:13 - 732954624 _____ C:\Users\ASUS\Downloads\Pokémon navždy (2001).avi.crdownload
2015-09-01 10:19 - 2015-09-01 10:19 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-09-01 10:19 - 2015-09-01 10:19 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-09-01 10:17 - 2015-09-01 11:16 - 1047527424 _____ C:\Users\ASUS\Downloads\Poketo6.part08.rar
2015-08-30 13:23 - 2015-08-30 14:14 - 908635796 _____ C:\Users\ASUS\Downloads\Kód-Enigmy-CZ-dub.avi.crdownload
2015-08-29 17:17 - 2015-08-29 18:17 - 1047527424 _____ C:\Users\ASUS\Downloads\Poketo6.part06.rar
2015-08-29 09:36 - 2015-08-29 10:34 - 1047527424 _____ C:\Users\ASUS\Downloads\Poketo6.part05.rar
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-28 16:55 - 2014-12-23 13:52 - 00214520 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2015-09-28 16:55 - 2014-10-22 14:30 - 00214520 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-09-28 16:54 - 2015-06-16 16:30 - 00000000 ____D C:\FRST
2015-09-28 16:44 - 2015-06-16 16:05 - 00000966 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-28 16:12 - 2014-10-17 20:06 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-28 16:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-28 14:56 - 2015-03-13 19:44 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\vlc
2015-09-28 14:42 - 2014-09-05 12:37 - 00000930 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1447694392-248528962-4126827209-1002UA.job
2015-09-28 14:00 - 2014-10-06 16:38 - 00003798 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F961BA38-6AD9-450B-9D20-5BD9C5795238}
2015-09-28 12:00 - 2014-10-11 11:22 - 08539648 ___SH C:\Users\ASUS\Desktop\Thumbs.db
2015-09-28 11:42 - 2014-09-05 12:37 - 00000908 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1447694392-248528962-4126827209-1002Core.job
2015-09-28 11:23 - 2015-07-03 17:06 - 01402425 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-28 10:22 - 2014-08-05 19:03 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Skype
2015-09-28 09:08 - 2014-08-05 17:38 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1447694392-248528962-4126827209-1002
2015-09-28 07:53 - 2015-02-11 13:15 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Seznam.cz
2015-09-28 07:50 - 2014-07-28 18:18 - 00000000 ____D C:\ProgramData\Temp
2015-09-28 07:48 - 2015-06-16 16:05 - 00000962 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-28 07:48 - 2014-10-03 16:32 - 00000000 __RDO C:\Users\ASUS\OneDrive
2015-09-27 20:58 - 2015-08-02 21:05 - 00009497 _____ C:\zoek-results.log
2015-09-27 20:58 - 2015-08-02 21:03 - 00000000 ____D C:\zoek_backup
2015-09-27 20:58 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-27 20:37 - 2015-08-02 21:49 - 01308672 _____ C:\Users\ASUS\Desktop\zoek.exe
2015-09-27 20:31 - 2015-06-04 23:03 - 00001884 _____ C:\WINDOWS\System32\Tasks\{199D9D07-1ABA-48C0-89F8-60D1CC89E153}
2015-09-27 20:31 - 2014-11-25 11:14 - 00001690 _____ C:\WINDOWS\System32\Tasks\{80D225EB-49DF-4A6F-859E-F6561383E234}
2015-09-27 20:31 - 2014-11-10 10:18 - 00001684 _____ C:\WINDOWS\System32\Tasks\{E26880A1-D91D-4B79-95BF-2AC1EB2708B4}
2015-09-27 20:27 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-09-27 20:24 - 2015-08-21 23:45 - 00001019 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-09-27 20:24 - 2015-08-20 21:23 - 00002741 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-27 20:24 - 2015-07-13 16:43 - 00002025 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolve.lnk
2015-09-27 20:24 - 2015-07-13 16:43 - 00002019 _____ C:\Users\Public\Desktop\Evolve.lnk
2015-09-27 20:24 - 2015-03-31 11:17 - 00000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-09-27 20:24 - 2015-03-13 19:43 - 00001038 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-09-27 20:24 - 2014-10-03 16:08 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-27 20:24 - 2014-08-05 14:15 - 00000963 _____ C:\Users\Public\Desktop\WinRAR.lnk
2015-09-27 20:24 - 2013-05-01 13:17 - 00001364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-09-27 20:24 - 2013-05-01 13:17 - 00001295 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-09-27 20:24 - 2013-05-01 13:15 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-09-27 20:24 - 2013-05-01 13:14 - 00001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2015-09-27 20:23 - 2015-08-03 09:25 - 00000436 _____ C:\Users\ASUS\Desktop\Tento počítač.lnk
2015-09-27 20:23 - 2015-07-09 20:05 - 00001117 _____ C:\Users\ASUS\Desktop\GameRanger.lnk
2015-09-27 20:23 - 2015-07-09 20:05 - 00001103 _____ C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk
2015-09-27 20:23 - 2015-04-27 22:46 - 00002747 _____ C:\Users\ASUS\Desktop\Skype.lnk
2015-09-27 20:23 - 2015-04-13 11:08 - 00000582 _____ C:\Users\ASUS\Desktop\Fraps.lnk
2015-09-27 20:23 - 2014-11-19 13:45 - 00001914 _____ C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2015-09-27 20:23 - 2014-10-03 16:30 - 00001424 _____ C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-27 19:57 - 2014-10-05 17:39 - 00856576 ___SH C:\Users\ASUS\Downloads\Thumbs.db
2015-09-26 23:00 - 2015-08-14 10:30 - 00000124 _____ C:\Users\ASUS\Downloads\gammacfg.ini
2015-09-26 21:17 - 2015-03-31 11:10 - 00000000 ____D C:\Users\ASUS\Desktop\Hry
2015-09-26 15:49 - 2014-10-05 16:59 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2015-09-26 10:47 - 2013-08-22 16:45 - 00000000 ____D C:\WINDOWS\Setup
2015-09-25 20:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Help
2015-09-25 19:58 - 2014-09-02 13:11 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2015-09-25 19:57 - 2013-05-01 13:15 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-09-25 12:40 - 2015-08-02 13:21 - 00000000 ____D C:\AdwCleaner
2015-09-25 12:40 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-25 12:24 - 2015-08-02 12:48 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-09-25 10:54 - 2015-08-02 13:12 - 02192384 _____ (Farbar) C:\Users\ASUS\Desktop\FRST64.exe
2015-09-24 21:28 - 2014-03-18 17:33 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-24 21:28 - 2014-03-18 16:54 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2015-09-24 21:28 - 2014-03-18 16:54 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2015-09-24 20:27 - 2015-02-11 14:12 - 00000000 ____D C:\Users\ASUS\Desktop\Filmy
2015-09-24 18:17 - 2015-03-03 13:59 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\TS3Client
2015-09-22 22:11 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-22 14:12 - 2014-10-17 20:06 - 00003666 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-09-22 11:16 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-19 17:35 - 2014-10-19 11:15 - 00000000 ____D C:\Users\ASUS\Desktop\Fotky
2015-09-18 13:21 - 2014-10-03 16:04 - 00000000 ____D C:\Users\ASUS
2015-09-16 20:39 - 2015-06-16 16:05 - 00003938 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-16 20:39 - 2015-06-16 16:05 - 00003702 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 15:37 - 2014-09-02 13:11 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\uTorrent
2015-09-15 10:19 - 2014-09-05 12:37 - 00003054 _____ C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1447694392-248528962-4126827209-1002UA
2015-09-15 10:19 - 2014-09-05 12:37 - 00002704 _____ C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1447694392-248528962-4126827209-1002Core
2015-09-15 10:19 - 2014-08-05 14:04 - 00000000 ____D C:\Users\ASUS\AppData\Local\Google
2015-09-15 03:18 - 2014-12-11 09:56 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2014-12-11 09:56 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-12 08:53 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-09 17:55 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-09-09 14:58 - 2013-08-22 16:44 - 00346512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-09 14:46 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-09 14:45 - 2014-08-05 17:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-09 06:35 - 2014-03-18 17:10 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-01 12:58 - 2015-03-06 14:52 - 00000000 ____D C:\Program Files (x86)\URUSoft
2015-09-01 10:22 - 2014-07-28 18:09 - 00000000 ____D C:\Program Files\Intel
2015-09-01 10:22 - 2014-07-28 18:03 - 00000000 ____D C:\ProgramData\Intel
2015-09-01 10:13 - 2014-10-29 17:51 - 00000000 ____D C:\ProgramData\ASUS
==================== Files in the root of some directories =======
2015-09-25 11:41 - 2015-09-25 11:41 - 4875861 _____ () C:\Program Files\Common Files\1hmzmq13.exe
2015-06-13 23:07 - 2015-06-13 23:07 - 0000000 _____ () C:\Users\ASUS\AppData\Local\Temp.dat
2013-05-01 13:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 13:15 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1447694392-248528962-4126827209-1002Core.job => C:\Users\ASUS\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1447694392-248528962-4126827209-1002UA.job => C:\Users\ASUS\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET NOD32 Antivirus 4.2 (Enabled - Out of date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 4.2 (Enabled - Out of date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\ASUS\Desktop" je 60956 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
nějaký viry ..
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: nějaký viry ..
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\ASUS\Desktop" je 60956 MB.
Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku 
AV: ESET NOD32 Antivirus 4.2 (Enabled - Out of date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
Proc mate tak prahistorickou verzi? Pak se nedivte, ze tam je porad nejaka havet 
Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\...\Run: [EvolveClient] => C:\Program Files\Echobit\Evolve\EvolveClient.exe [3334016 2015-07-23] (Echobit LLC)
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\ASUS\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\ASUS\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
AppInit_DLLs: C:\ProgramData\Airron\Haykix.dll => C:\ProgramData\Airron\Haykix.dll [883200 2015-09-25] ()
AppInit_DLLs-x32: C:\ProgramData\Airron\Kantom.dll => C:\ProgramData\Airron\Kantom.dll [738816 2015-09-25] ()
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F. ... z0noIKCHT9
CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... pC6eGVy&q={searchTerms}
CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?ou ... s&command={searchTerms}
CHR Extension: (Skype Click to Call) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-08-05]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
R2 Airron; C:\ProgramData\\Airron\\Airron.exe [441856 2015-09-20] () [File not signed]
R2 ApplicationHosting; C:\ProgramData\\ApplicationHosting\\ApplicationHosting.exe [441856 2015-09-21] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 gupdate1d0a83d726de062; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-08-03] (Google Inc.)
S3 gupdatem1d0a83d728293cb; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-08-03] (Google Inc.)
R3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
2015-09-27 20:57 - 2014-02-13 23:59 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-09-27 20:37 - 2015-09-27 20:37 - 01308672 _____ C:\Users\ASUS\Downloads\zoek.exe
2015-09-27 20:37 - 2015-08-02 22:27 - 00019757 _____ C:\zoek-results2015-08-02-202722.log
2015-09-27 20:36 - 2015-09-27 20:36 - 04328652 _____ C:\Users\ASUS\Downloads\zoek.rar
2015-09-27 20:36 - 2015-09-27 20:36 - 04328652 _____ C:\Users\ASUS\Desktop\zoek.rar
2015-09-25 12:46 - 2015-09-25 12:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-25 12:45 - 2015-09-25 12:45 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\ASUS\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-25 10:30 - 2015-09-28 16:02 - 00000000 ____D C:\ProgramData\Airron
2015-09-25 10:30 - 2015-09-25 10:30 - 00000000 ____D C:\ProgramData\ApplicationHosting
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1447694392-248528962-4126827209-1002Core.job => C:\Users\ASUS\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1447694392-248528962-4126827209-1002UA.job => C:\Users\ASUS\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
EndKliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: nějaký viry ..
Fix result of Farbar Recovery Scan Tool (x64) Version:27-09-2015 01
Ran by ASUS (2015-09-28 18:17:30) Run:2
Running from C:\Users\ASUS\Desktop
Loaded Profiles: ASUS (Available Profiles: UpdatusUser & ASUS)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\...\Run: [EvolveClient] => C:\Program Files\Echobit\Evolve\EvolveClient.exe [3334016 2015-07-23] (Echobit LLC)
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\ASUS\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\ASUS\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
AppInit_DLLs: C:\ProgramData\Airron\Haykix.dll => C:\ProgramData\Airron\Haykix.dll [883200 2015-09-25] ()
AppInit_DLLs-x32: C:\ProgramData\Airron\Kantom.dll => C:\ProgramData\Airron\Kantom.dll [738816 2015-09-25] ()
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F. ... z0noIKCHT9
CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... pC6eGVy&q={searchTerms}
CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?ou ... s&command={searchTerms}
CHR Extension: (Skype Click to Call) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-08-05]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
R2 Airron; C:\ProgramData\\Airron\\Airron.exe [441856 2015-09-20] () [File not signed]
R2 ApplicationHosting; C:\ProgramData\\ApplicationHosting\\ApplicationHosting.exe [441856 2015-09-21] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 gupdate1d0a83d726de062; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-08-03] (Google Inc.)
S3 gupdatem1d0a83d728293cb; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-08-03] (Google Inc.)
R3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
2015-09-27 20:57 - 2014-02-13 23:59 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-09-27 20:37 - 2015-09-27 20:37 - 01308672 _____ C:\Users\ASUS\Downloads\zoek.exe
2015-09-27 20:37 - 2015-08-02 22:27 - 00019757 _____ C:\zoek-results2015-08-02-202722.log
2015-09-27 20:36 - 2015-09-27 20:36 - 04328652 _____ C:\Users\ASUS\Downloads\zoek.rar
2015-09-27 20:36 - 2015-09-27 20:36 - 04328652 _____ C:\Users\ASUS\Desktop\zoek.rar
2015-09-25 12:46 - 2015-09-25 12:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-25 12:45 - 2015-09-25 12:45 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\ASUS\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-25 10:30 - 2015-09-28 16:02 - 00000000 ____D C:\ProgramData\Airron
2015-09-25 10:30 - 2015-09-25 10:30 - 00000000 ____D C:\ProgramData\ApplicationHosting
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1447694392-248528962-4126827209-1002Core.job => C:\Users\ASUS\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1447694392-248528962-4126827209-1002UA.job => C:\Users\ASUS\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value removed successfully
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\Software\Microsoft\Windows\CurrentVersion\Run\\EvolveClient => value removed successfully
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value removed successfully
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value removed successfully
"C:\ProgramData\Airron\Haykix.dll" => Value data removed successfully.
"C:\ProgramData\Airron\Kantom.dll" => Value data removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
Chrome HomePage removed successfully
Chrome DefaultSearchURL removed successfully
Chrome DefaultSearchKeyword removed successfully
Chrome DefaultSuggestURL removed successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => moved successfully
Airron => service removed successfully
ApplicationHosting => service removed successfully
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => service removed successfully
gupdate1d0a83d726de062 => service removed successfully
gupdatem1d0a83d728293cb => service removed successfully
MBAMSwissArmy => Unable to stop service.
MBAMSwissArmy => service removed successfully
C:\WINDOWS\zoek-delete.exe => moved successfully
C:\Users\ASUS\Downloads\zoek.exe => moved successfully
C:\zoek-results2015-08-02-202722.log => moved successfully
C:\Users\ASUS\Downloads\zoek.rar => moved successfully
C:\Users\ASUS\Desktop\zoek.rar => moved successfully
C:\ProgramData\Malwarebytes => moved successfully
C:\Users\ASUS\Downloads\mbam-setup-2.1.8.1057.exe => moved successfully
C:\ProgramData\Airron => moved successfully
C:\ProgramData\ApplicationHosting => moved successfully
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1447694392-248528962-4126827209-1002Core.job => moved successfully
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1447694392-248528962-4126827209-1002UA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 23.2 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 18:18:32 ====
Ran by ASUS (2015-09-28 18:17:30) Run:2
Running from C:\Users\ASUS\Desktop
Loaded Profiles: ASUS (Available Profiles: UpdatusUser & ASUS)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\...\Run: [EvolveClient] => C:\Program Files\Echobit\Evolve\EvolveClient.exe [3334016 2015-07-23] (Echobit LLC)
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\ASUS\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\ASUS\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
AppInit_DLLs: C:\ProgramData\Airron\Haykix.dll => C:\ProgramData\Airron\Haykix.dll [883200 2015-09-25] ()
AppInit_DLLs-x32: C:\ProgramData\Airron\Kantom.dll => C:\ProgramData\Airron\Kantom.dll [738816 2015-09-25] ()
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F. ... z0noIKCHT9
CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... pC6eGVy&q={searchTerms}
CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?ou ... s&command={searchTerms}
CHR Extension: (Skype Click to Call) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-08-05]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
R2 Airron; C:\ProgramData\\Airron\\Airron.exe [441856 2015-09-20] () [File not signed]
R2 ApplicationHosting; C:\ProgramData\\ApplicationHosting\\ApplicationHosting.exe [441856 2015-09-21] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 gupdate1d0a83d726de062; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-08-03] (Google Inc.)
S3 gupdatem1d0a83d728293cb; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-08-03] (Google Inc.)
R3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
2015-09-27 20:57 - 2014-02-13 23:59 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-09-27 20:37 - 2015-09-27 20:37 - 01308672 _____ C:\Users\ASUS\Downloads\zoek.exe
2015-09-27 20:37 - 2015-08-02 22:27 - 00019757 _____ C:\zoek-results2015-08-02-202722.log
2015-09-27 20:36 - 2015-09-27 20:36 - 04328652 _____ C:\Users\ASUS\Downloads\zoek.rar
2015-09-27 20:36 - 2015-09-27 20:36 - 04328652 _____ C:\Users\ASUS\Desktop\zoek.rar
2015-09-25 12:46 - 2015-09-25 12:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-25 12:45 - 2015-09-25 12:45 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\ASUS\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-25 10:30 - 2015-09-28 16:02 - 00000000 ____D C:\ProgramData\Airron
2015-09-25 10:30 - 2015-09-25 10:30 - 00000000 ____D C:\ProgramData\ApplicationHosting
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1447694392-248528962-4126827209-1002Core.job => C:\Users\ASUS\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1447694392-248528962-4126827209-1002UA.job => C:\Users\ASUS\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value removed successfully
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\Software\Microsoft\Windows\CurrentVersion\Run\\EvolveClient => value removed successfully
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value removed successfully
HKU\S-1-5-21-1447694392-248528962-4126827209-1002\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value removed successfully
"C:\ProgramData\Airron\Haykix.dll" => Value data removed successfully.
"C:\ProgramData\Airron\Kantom.dll" => Value data removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
Chrome HomePage removed successfully
Chrome DefaultSearchURL removed successfully
Chrome DefaultSearchKeyword removed successfully
Chrome DefaultSuggestURL removed successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => moved successfully
Airron => service removed successfully
ApplicationHosting => service removed successfully
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => service removed successfully
gupdate1d0a83d726de062 => service removed successfully
gupdatem1d0a83d728293cb => service removed successfully
MBAMSwissArmy => Unable to stop service.
MBAMSwissArmy => service removed successfully
C:\WINDOWS\zoek-delete.exe => moved successfully
C:\Users\ASUS\Downloads\zoek.exe => moved successfully
C:\zoek-results2015-08-02-202722.log => moved successfully
C:\Users\ASUS\Downloads\zoek.rar => moved successfully
C:\Users\ASUS\Desktop\zoek.rar => moved successfully
C:\ProgramData\Malwarebytes => moved successfully
C:\Users\ASUS\Downloads\mbam-setup-2.1.8.1057.exe => moved successfully
C:\ProgramData\Airron => moved successfully
C:\ProgramData\ApplicationHosting => moved successfully
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1447694392-248528962-4126827209-1002Core.job => moved successfully
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1447694392-248528962-4126827209-1002UA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 23.2 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 18:18:32 ====
Re: nějaký viry ..
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remove disinfection tools
- Kliknete na Run
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak to s pc vypada.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: nějaký viry ..
hotovo BĚŽELO dobře do té doby než jsem teď něco zase stáhl(nejspíš nějaký vír) 
... a ta hláška po zapnutí notebooku se obejuvuje stále
... a ta hláška po zapnutí notebooku se obejuvuje stáleRe: nějaký viry ..
Co jste zase stahoval? Uz jste nainstaloval novy antivir?
Stahnete SystemLook http://jpshortstuff.247fixes.com/SystemLook_x64.exe a ulozte ho na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do okna zkopirujte tento skript
kliknete na Look a chvili pockejte
Mel by na vas vyskocit log s nazvem Systemlook
Ten mi sem zkopirujte
Stahnete SystemLook http://jpshortstuff.247fixes.com/SystemLook_x64.exe a ulozte ho na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do okna zkopirujte tento skript
Kód: Vybrat vše
:filefind
*VirtualBus*
:regfind
VirtualBus
:folderfind
*VirtualBus*
Mel by na vas vyskocit log s nazvem Systemlook
Ten mi sem zkopirujte
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: nějaký viry ..
Měl to být klíč k programu Mouse speed switcher ale byl to nějaký vir .. nevím po tom viru se mi nainstaloval nějaký nový prohlížeč Crossbrowse .. tak jestli by jste mi pomohli to nějak odstranit a poté bych už nainstaloval antivir a bylo by to hotové
========== filefind ==========
Searching for "*VirtualBus*"
C:\WINDOWS\Inf\ndisvirtualbus.inf --a---- 2452 bytes [15:32 22/08/2013] [15:32 22/08/2013] CDC0FA6E58FCCAD974376EBC41D1A41C
C:\WINDOWS\Inf\ndisvirtualbus.PNF --a---- 5924 bytes [14:46 22/08/2013] [14:39 03/10/2014] C4EB4901AD2C3C64990B3B153EF3E844
C:\WINDOWS\System32\drivers\NdisVirtualBus.sys --a---- 16384 bytes [11:36 22/08/2013] [11:36 22/08/2013] 1F58E48EF75F34C35D8E93A0DC535CFE
C:\WINDOWS\System32\drivers\cs-CZ\NdisVirtualBus.sys.mui --a---- 2560 bytes [14:53 18/03/2014] [14:53 18/03/2014] 1425E96380DF63AD5285998C17648E9C
C:\WINDOWS\System32\DriverStore\cs-CZ\NdisVirtualBus.inf_loc --a---- 228 bytes [14:53 18/03/2014] [14:53 18/03/2014] 9776ED5E3737984DF8DEF5F141A23C04
C:\WINDOWS\System32\DriverStore\FileRepository\ndisvirtualbus.inf_amd64_15ad0dbb0893c993\ndisvirtualbus.inf --a---- 2452 bytes [06:50 22/08/2013] [06:50 22/08/2013] CDC0FA6E58FCCAD974376EBC41D1A41C
C:\WINDOWS\System32\DriverStore\FileRepository\ndisvirtualbus.inf_amd64_15ad0dbb0893c993\ndisvirtualbus.PNF --a---- 5924 bytes [14:00 03/10/2014] [14:00 03/10/2014] 825A13853AEBF3A1265A69A7997114C6
C:\WINDOWS\WinSxS\amd64_microsoft-windows-n..irtualbus.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_a38243a8581a7635\NdisVirtualBus.sys.mui --a---- 2560 bytes [14:53 18/03/2014] [14:53 18/03/2014] 1425E96380DF63AD5285998C17648E9C
C:\WINDOWS\WinSxS\amd64_microsoft-windows-ndis-virtualbus_31bf3856ad364e35_6.3.9600.16384_none_4c214173f0122d9a\NdisVirtualBus.sys --a---- 16384 bytes [11:36 22/08/2013] [11:36 22/08/2013] 1F58E48EF75F34C35D8E93A0DC535CFE
C:\WINDOWS\WinSxS\amd64_ndisvirtualbus.inf.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_d568ec6778334b8e\NdisVirtualBus.inf_loc --a---- 228 bytes [14:53 18/03/2014] [14:53 18/03/2014] 9776ED5E3737984DF8DEF5F141A23C04
C:\WINDOWS\WinSxS\amd64_ndisvirtualbus.inf_31bf3856ad364e35_6.3.9600.16384_none_eba664ac0a66aece\NdisVirtualBus.inf --a---- 2452 bytes [06:50 22/08/2013] [06:50 22/08/2013] CDC0FA6E58FCCAD974376EBC41D1A41C
C:\WINDOWS\WinSxS\Manifests\amd64_microsoft-windows-ndis-virtualbus_31bf3856ad364e35_6.3.9600.16384_none_4c214173f0122d9a.manifest --a---- 368 bytes [15:21 22/08/2013] [15:21 22/08/2013] 143BE07D3A58CC59BD4924498136A185
C:\WINDOWS\WinSxS\Manifests\amd64_ndisvirtualbus.inf-languagepack_31bf3856ad364e35_6.3.9600.16384_cs-cz_7fc59c6031743f5d.manifest --a---- 275 bytes [14:51 18/03/2014] [14:51 18/03/2014] 8B325CCDC016026B651915201E0CB229
C:\WINDOWS\WinSxS\Manifests\amd64_ndisvirtualbus.inf.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_d568ec6778334b8e.manifest --a---- 259 bytes [14:52 18/03/2014] [14:52 18/03/2014] 3F3A1976741ACDD9102D35E7DD9BA11F
C:\WINDOWS\WinSxS\Manifests\amd64_ndisvirtualbus.inf_31bf3856ad364e35_6.3.9600.16384_none_eba664ac0a66aece.manifest --a---- 216 bytes [15:20 22/08/2013] [15:20 22/08/2013] 1A7F06BEAB91B8BAC8F77BE0CC7B95FC
========== regfind ==========
Searching for "VirtualBus"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-ndis-virtualbus_31bf3856ad364e35_none_a40e4c4de88926ea]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_ndisvirtualbus.inf-languagepack_31bf3856ad364e35_cs-cz_89bd90c68bf0087f]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_ndisvirtualbus.inf.resources_31bf3856ad364e35_cs-cz_38f28de74b302396]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_ndisvirtualbus.inf_31bf3856ad364e35_none_32ddd0433af18a56]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}\0002]
"InfPath"="ndisvirtualbus.inf"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}\0002]
"InfSection"="NdisVirtualBus_Device.NT"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}\0002]
"MatchingDeviceId"="ROOT\NdisVirtualBus"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ROOT\NDISVIRTUALBUS]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ROOT\NDISVIRTUALBUS\0000]
"HardwareID"="ROOT\NdisVirtualBus"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ROOT\NDISVIRTUALBUS\0000]
"Service"="NdisVirtualBus"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ROOT\NDISVIRTUALBUS\0000]
"DeviceDesc"="@ndisvirtualbus.inf,%ndisvirtualbus_devicedesc%;NDIS Virtual Network Adapter Enumerator"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ROOT\NDISVIRTUALBUS\0000]
"Mfg"="@ndisvirtualbus.inf,%msft%;Microsoft"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisVirtualBus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisVirtualBus]
"ImagePath"="\SystemRoot\System32\drivers\NdisVirtualBus.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisVirtualBus]
"DisplayName"="@%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisVirtualBus]
"Owners"="ndisvirtualbus.inf"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisVirtualBus\Enum]
"0"="ROOT\NDISVIRTUALBUS\0000"
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DeviceIds\Root\NdisVirtualBus]
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverInfFiles\ndisvirtualbus.inf]
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverInfFiles\ndisvirtualbus.inf]
@="ndisvirtualbus.inf_amd64_15ad0dbb0893c993"
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverInfFiles\ndisvirtualbus.inf]
"Active"="ndisvirtualbus.inf_amd64_15ad0dbb0893c993"
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverInfFiles\ndisvirtualbus.inf]
"Configurations"="NdisVirtualBus_Device.NT"
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverPackages\ndisvirtualbus.inf_amd64_15ad0dbb0893c993]
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverPackages\ndisvirtualbus.inf_amd64_15ad0dbb0893c993]
@="ndisvirtualbus.inf"
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverPackages\ndisvirtualbus.inf_amd64_15ad0dbb0893c993\Configurations\NdisVirtualBus_Device.NT]
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverPackages\ndisvirtualbus.inf_amd64_15ad0dbb0893c993\Configurations\NdisVirtualBus_Device.NT]
"Service"="NdisVirtualBus"
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverPackages\ndisvirtualbus.inf_amd64_15ad0dbb0893c993\Descriptors\ROOT\NdisVirtualBus]
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverPackages\ndisvirtualbus.inf_amd64_15ad0dbb0893c993\Descriptors\ROOT\NdisVirtualBus]
"Configuration"="NdisVirtualBus_Device.NT"
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverPackages\ndisvirtualbus.inf_amd64_15ad0dbb0893c993\Descriptors\ROOT\NdisVirtualBus]
"Description"="%ndisvirtualbus_devicedesc%"
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverPackages\ndisvirtualbus.inf_amd64_15ad0dbb0893c993\Strings]
"ndisvirtualbus_devicedesc"="NDIS Virtual Network Adapter Enumerator"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\ROOT\NDISVIRTUALBUS]
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\ROOT\NDISVIRTUALBUS\0000]
"HardwareIds"="ROOT\NdisVirtualBus"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\ROOT\NDISVIRTUALBUS\0000]
"DriverInfName"="ndisvirtualbus.inf"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\ROOT\NDISVIRTUALBUS\0000]
"MatchingDeviceId"="ROOT\NdisVirtualBus"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}\0002]
"InfPath"="ndisvirtualbus.inf"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}\0002]
"InfSection"="NdisVirtualBus_Device.NT"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}\0002]
"MatchingDeviceId"="ROOT\NdisVirtualBus"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ROOT\NDISVIRTUALBUS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ROOT\NDISVIRTUALBUS\0000]
"HardwareID"="ROOT\NdisVirtualBus"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ROOT\NDISVIRTUALBUS\0000]
"Service"="NdisVirtualBus"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ROOT\NDISVIRTUALBUS\0000]
"DeviceDesc"="@ndisvirtualbus.inf,%ndisvirtualbus_devicedesc%;NDIS Virtual Network Adapter Enumerator"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ROOT\NDISVIRTUALBUS\0000]
"Mfg"="@ndisvirtualbus.inf,%msft%;Microsoft"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisVirtualBus]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisVirtualBus]
"ImagePath"="\SystemRoot\System32\drivers\NdisVirtualBus.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisVirtualBus]
"DisplayName"="@%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisVirtualBus]
"Owners"="ndisvirtualbus.inf"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisVirtualBus\Enum]
"0"="ROOT\NDISVIRTUALBUS\0000"
========== folderfind ==========
Searching for "*VirtualBus*"
C:\WINDOWS\System32\DriverStore\FileRepository\ndisvirtualbus.inf_amd64_15ad0dbb0893c993 d------ [15:31 22/08/2013]
C:\WINDOWS\WinSxS\amd64_microsoft-windows-ndis-virtualbus_31bf3856ad364e35_6.3.9600.16384_none_4c214173f0122d9a d------ [15:27 22/08/2013]
C:\WINDOWS\WinSxS\amd64_ndisvirtualbus.inf.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_d568ec6778334b8e d------ [14:53 18/03/2014]
C:\WINDOWS\WinSxS\amd64_ndisvirtualbus.inf_31bf3856ad364e35_6.3.9600.16384_none_eba664ac0a66aece d------ [15:25 22/08/2013]
-= EOF =-
.. nevím po tom viru se mi nainstaloval nějaký nový prohlížeč Crossbrowse .. tak jestli by jste mi pomohli to nějak odstranit a poté bych už nainstaloval antivir a bylo by to hotové ========== filefind ==========
Searching for "*VirtualBus*"
C:\WINDOWS\Inf\ndisvirtualbus.inf --a---- 2452 bytes [15:32 22/08/2013] [15:32 22/08/2013] CDC0FA6E58FCCAD974376EBC41D1A41C
C:\WINDOWS\Inf\ndisvirtualbus.PNF --a---- 5924 bytes [14:46 22/08/2013] [14:39 03/10/2014] C4EB4901AD2C3C64990B3B153EF3E844
C:\WINDOWS\System32\drivers\NdisVirtualBus.sys --a---- 16384 bytes [11:36 22/08/2013] [11:36 22/08/2013] 1F58E48EF75F34C35D8E93A0DC535CFE
C:\WINDOWS\System32\drivers\cs-CZ\NdisVirtualBus.sys.mui --a---- 2560 bytes [14:53 18/03/2014] [14:53 18/03/2014] 1425E96380DF63AD5285998C17648E9C
C:\WINDOWS\System32\DriverStore\cs-CZ\NdisVirtualBus.inf_loc --a---- 228 bytes [14:53 18/03/2014] [14:53 18/03/2014] 9776ED5E3737984DF8DEF5F141A23C04
C:\WINDOWS\System32\DriverStore\FileRepository\ndisvirtualbus.inf_amd64_15ad0dbb0893c993\ndisvirtualbus.inf --a---- 2452 bytes [06:50 22/08/2013] [06:50 22/08/2013] CDC0FA6E58FCCAD974376EBC41D1A41C
C:\WINDOWS\System32\DriverStore\FileRepository\ndisvirtualbus.inf_amd64_15ad0dbb0893c993\ndisvirtualbus.PNF --a---- 5924 bytes [14:00 03/10/2014] [14:00 03/10/2014] 825A13853AEBF3A1265A69A7997114C6
C:\WINDOWS\WinSxS\amd64_microsoft-windows-n..irtualbus.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_a38243a8581a7635\NdisVirtualBus.sys.mui --a---- 2560 bytes [14:53 18/03/2014] [14:53 18/03/2014] 1425E96380DF63AD5285998C17648E9C
C:\WINDOWS\WinSxS\amd64_microsoft-windows-ndis-virtualbus_31bf3856ad364e35_6.3.9600.16384_none_4c214173f0122d9a\NdisVirtualBus.sys --a---- 16384 bytes [11:36 22/08/2013] [11:36 22/08/2013] 1F58E48EF75F34C35D8E93A0DC535CFE
C:\WINDOWS\WinSxS\amd64_ndisvirtualbus.inf.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_d568ec6778334b8e\NdisVirtualBus.inf_loc --a---- 228 bytes [14:53 18/03/2014] [14:53 18/03/2014] 9776ED5E3737984DF8DEF5F141A23C04
C:\WINDOWS\WinSxS\amd64_ndisvirtualbus.inf_31bf3856ad364e35_6.3.9600.16384_none_eba664ac0a66aece\NdisVirtualBus.inf --a---- 2452 bytes [06:50 22/08/2013] [06:50 22/08/2013] CDC0FA6E58FCCAD974376EBC41D1A41C
C:\WINDOWS\WinSxS\Manifests\amd64_microsoft-windows-ndis-virtualbus_31bf3856ad364e35_6.3.9600.16384_none_4c214173f0122d9a.manifest --a---- 368 bytes [15:21 22/08/2013] [15:21 22/08/2013] 143BE07D3A58CC59BD4924498136A185
C:\WINDOWS\WinSxS\Manifests\amd64_ndisvirtualbus.inf-languagepack_31bf3856ad364e35_6.3.9600.16384_cs-cz_7fc59c6031743f5d.manifest --a---- 275 bytes [14:51 18/03/2014] [14:51 18/03/2014] 8B325CCDC016026B651915201E0CB229
C:\WINDOWS\WinSxS\Manifests\amd64_ndisvirtualbus.inf.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_d568ec6778334b8e.manifest --a---- 259 bytes [14:52 18/03/2014] [14:52 18/03/2014] 3F3A1976741ACDD9102D35E7DD9BA11F
C:\WINDOWS\WinSxS\Manifests\amd64_ndisvirtualbus.inf_31bf3856ad364e35_6.3.9600.16384_none_eba664ac0a66aece.manifest --a---- 216 bytes [15:20 22/08/2013] [15:20 22/08/2013] 1A7F06BEAB91B8BAC8F77BE0CC7B95FC
========== regfind ==========
Searching for "VirtualBus"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-ndis-virtualbus_31bf3856ad364e35_none_a40e4c4de88926ea]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_ndisvirtualbus.inf-languagepack_31bf3856ad364e35_cs-cz_89bd90c68bf0087f]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_ndisvirtualbus.inf.resources_31bf3856ad364e35_cs-cz_38f28de74b302396]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_ndisvirtualbus.inf_31bf3856ad364e35_none_32ddd0433af18a56]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}\0002]
"InfPath"="ndisvirtualbus.inf"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}\0002]
"InfSection"="NdisVirtualBus_Device.NT"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}\0002]
"MatchingDeviceId"="ROOT\NdisVirtualBus"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ROOT\NDISVIRTUALBUS]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ROOT\NDISVIRTUALBUS\0000]
"HardwareID"="ROOT\NdisVirtualBus"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ROOT\NDISVIRTUALBUS\0000]
"Service"="NdisVirtualBus"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ROOT\NDISVIRTUALBUS\0000]
"DeviceDesc"="@ndisvirtualbus.inf,%ndisvirtualbus_devicedesc%;NDIS Virtual Network Adapter Enumerator"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ROOT\NDISVIRTUALBUS\0000]
"Mfg"="@ndisvirtualbus.inf,%msft%;Microsoft"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisVirtualBus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisVirtualBus]
"ImagePath"="\SystemRoot\System32\drivers\NdisVirtualBus.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisVirtualBus]
"DisplayName"="@%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisVirtualBus]
"Owners"="ndisvirtualbus.inf"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisVirtualBus\Enum]
"0"="ROOT\NDISVIRTUALBUS\0000"
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DeviceIds\Root\NdisVirtualBus]
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverInfFiles\ndisvirtualbus.inf]
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverInfFiles\ndisvirtualbus.inf]
@="ndisvirtualbus.inf_amd64_15ad0dbb0893c993"
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverInfFiles\ndisvirtualbus.inf]
"Active"="ndisvirtualbus.inf_amd64_15ad0dbb0893c993"
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverInfFiles\ndisvirtualbus.inf]
"Configurations"="NdisVirtualBus_Device.NT"
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverPackages\ndisvirtualbus.inf_amd64_15ad0dbb0893c993]
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverPackages\ndisvirtualbus.inf_amd64_15ad0dbb0893c993]
@="ndisvirtualbus.inf"
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverPackages\ndisvirtualbus.inf_amd64_15ad0dbb0893c993\Configurations\NdisVirtualBus_Device.NT]
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverPackages\ndisvirtualbus.inf_amd64_15ad0dbb0893c993\Configurations\NdisVirtualBus_Device.NT]
"Service"="NdisVirtualBus"
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverPackages\ndisvirtualbus.inf_amd64_15ad0dbb0893c993\Descriptors\ROOT\NdisVirtualBus]
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverPackages\ndisvirtualbus.inf_amd64_15ad0dbb0893c993\Descriptors\ROOT\NdisVirtualBus]
"Configuration"="NdisVirtualBus_Device.NT"
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverPackages\ndisvirtualbus.inf_amd64_15ad0dbb0893c993\Descriptors\ROOT\NdisVirtualBus]
"Description"="%ndisvirtualbus_devicedesc%"
[HKEY_LOCAL_MACHINE\SYSTEM\DriverDatabase\DriverPackages\ndisvirtualbus.inf_amd64_15ad0dbb0893c993\Strings]
"ndisvirtualbus_devicedesc"="NDIS Virtual Network Adapter Enumerator"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\ROOT\NDISVIRTUALBUS]
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\ROOT\NDISVIRTUALBUS\0000]
"HardwareIds"="ROOT\NdisVirtualBus"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\ROOT\NDISVIRTUALBUS\0000]
"DriverInfName"="ndisvirtualbus.inf"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\ROOT\NDISVIRTUALBUS\0000]
"MatchingDeviceId"="ROOT\NdisVirtualBus"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}\0002]
"InfPath"="ndisvirtualbus.inf"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}\0002]
"InfSection"="NdisVirtualBus_Device.NT"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}\0002]
"MatchingDeviceId"="ROOT\NdisVirtualBus"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ROOT\NDISVIRTUALBUS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ROOT\NDISVIRTUALBUS\0000]
"HardwareID"="ROOT\NdisVirtualBus"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ROOT\NDISVIRTUALBUS\0000]
"Service"="NdisVirtualBus"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ROOT\NDISVIRTUALBUS\0000]
"DeviceDesc"="@ndisvirtualbus.inf,%ndisvirtualbus_devicedesc%;NDIS Virtual Network Adapter Enumerator"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ROOT\NDISVIRTUALBUS\0000]
"Mfg"="@ndisvirtualbus.inf,%msft%;Microsoft"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisVirtualBus]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisVirtualBus]
"ImagePath"="\SystemRoot\System32\drivers\NdisVirtualBus.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisVirtualBus]
"DisplayName"="@%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisVirtualBus]
"Owners"="ndisvirtualbus.inf"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisVirtualBus\Enum]
"0"="ROOT\NDISVIRTUALBUS\0000"
========== folderfind ==========
Searching for "*VirtualBus*"
C:\WINDOWS\System32\DriverStore\FileRepository\ndisvirtualbus.inf_amd64_15ad0dbb0893c993 d------ [15:31 22/08/2013]
C:\WINDOWS\WinSxS\amd64_microsoft-windows-ndis-virtualbus_31bf3856ad364e35_6.3.9600.16384_none_4c214173f0122d9a d------ [15:27 22/08/2013]
C:\WINDOWS\WinSxS\amd64_ndisvirtualbus.inf.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_d568ec6778334b8e d------ [14:53 18/03/2014]
C:\WINDOWS\WinSxS\amd64_ndisvirtualbus.inf_31bf3856ad364e35_6.3.9600.16384_none_eba664ac0a66aece d------ [15:25 22/08/2013]
-= EOF =-
Re: nějaký viry ..
Jestli budete stahovat cracky, nema to smysl cistit, bude to zaliskane kazdou chvili.
Zopakujte krok s ADWCleanerem a s MBAM
Zopakujte krok s ADWCleanerem a s MBAM
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: nějaký viry ..
tak adw cleaner vše odstranil, děkuji, zde je log, nevím jestli je potřeba ale radši ho sem dám.. a zdá se že je vše v pořádku už jen nainstalovat nějaký ten antivir
# AdwCleaner v5.009 - Logfile created 02/10/2015 at 12:22:16
# Updated 27/09/2015 by Xplode
# Database : 2015-09-30.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : ASUS - PC
# Running from : C:\Users\ASUS\Desktop\adwcleaner_5.009.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : globalUpdate
[-] Service Deleted : globalUpdatem
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\Concom
[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\Program Files (x86)\Crossbrowse
[-] Folder Deleted : C:\Program Files (x86)\CinemaP-1.9cV29.09
[!] Folder Not Deleted : C:\Program Files (x86)\Crossbrowse
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
[!] Folder Not Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
[-] Folder Deleted : C:\Users\ASUS\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\ASUS\AppData\Local\Crossbrowse
[!] Folder Not Deleted : C:\Users\ASUS\AppData\Local\Crossbrowse
[-] Folder Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
[!] Folder Not Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
***** [ Files ] *****
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0.localstorage
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0.localstorage-journal
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0.localstorage
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0.localstorage-journal
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\crossbrowse.lnk
[-] File Deleted : C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk
[-] File Deleted : C:\Users\Public\Desktop\crossbrowse.lnk
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : Crossbrowse
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
[-] Task Deleted : amiupdaterExd
[-] Task Deleted : amiupdaterExi
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-1-6
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-1-7
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-10_user
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-3
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-5
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-5_user
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-6
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-7
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-1-6
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-1-7
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-10_user
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-3
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-5
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-5_user
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-6
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-7
[-] Task Deleted : Adobe Flash Player Updater
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\CRSBRWSHTML
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\crossbrowse.exe
[-] Value Deleted : HKLM\SOFTWARE\Classes\.htm\OpenWithProgids [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.html\OpenWithProgids [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\RegisteredApplications [Crossbrowse]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
[-] Value Deleted : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [CRSBRWSHTML]
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro
[-] Key Deleted : HKLM\SOFTWARE\47ef6e4c-09dd-4c6b-ba60-47bfb6fa33eb
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\CrossBrowser
[-] Key Deleted : HKCU\Software\Crossbrowse
[-] Key Deleted : HKCU\Software\YorkNewCin
[-] Key Deleted : HKCU\Software\HighDefAction
[-] Key Deleted : HKCU\Software\ArenaHD
[-] Key Deleted : HKCU\Software\CinemaP-1.9cV29.09
[!] Key Not Deleted : HKCU\Software\Crossbrowse
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKLM\SOFTWARE\CinemaP-1.9cV29.09
[!] Key Not Deleted : HKLM\SOFTWARE\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaP-1.9cV29.09
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse
[!] Key Not Deleted : [x64] HKCU\Software\GlobalUpdate
[!] Key Not Deleted : [x64] HKCU\Software\InstalledBrowserExtensions
[!] Key Not Deleted : [x64] HKCU\Software\CrossBrowser
[!] Key Not Deleted : [x64] HKCU\Software\Crossbrowse
[!] Key Not Deleted : [x64] HKCU\Software\YorkNewCin
[!] Key Not Deleted : [x64] HKCU\Software\HighDefAction
[!] Key Not Deleted : [x64] HKCU\Software\ArenaHD
[!] Key Not Deleted : [x64] HKCU\Software\CinemaP-1.9cV29.09
[!] Key Not Deleted : [x64] HKCU\Software\Crossbrowse
[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[!] Key Not Deleted : HKU\S-1-5-21-1447694392-248528962-4126827209-1002\Software\AppDataLow\Software\Crossrider
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
***** [ Web browsers ] *****
[-] [C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : lkadffjmnaiokkdncgdlecdegajoiemi
[-] [C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : lkadffjmnaiokkdncgdlecdegajoiemi
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [16125 bytes] ##########
# AdwCleaner v5.009 - Logfile created 02/10/2015 at 12:22:16
# Updated 27/09/2015 by Xplode
# Database : 2015-09-30.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : ASUS - PC
# Running from : C:\Users\ASUS\Desktop\adwcleaner_5.009.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : globalUpdate
[-] Service Deleted : globalUpdatem
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\Concom
[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\Program Files (x86)\Crossbrowse
[-] Folder Deleted : C:\Program Files (x86)\CinemaP-1.9cV29.09
[!] Folder Not Deleted : C:\Program Files (x86)\Crossbrowse
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
[!] Folder Not Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
[-] Folder Deleted : C:\Users\ASUS\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\ASUS\AppData\Local\Crossbrowse
[!] Folder Not Deleted : C:\Users\ASUS\AppData\Local\Crossbrowse
[-] Folder Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
[!] Folder Not Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
***** [ Files ] *****
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0.localstorage
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0.localstorage-journal
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0.localstorage
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0.localstorage-journal
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\ASUS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\crossbrowse.lnk
[-] File Deleted : C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk
[-] File Deleted : C:\Users\Public\Desktop\crossbrowse.lnk
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : Crossbrowse
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
[-] Task Deleted : amiupdaterExd
[-] Task Deleted : amiupdaterExi
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-1-6
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-1-7
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-10_user
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-3
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-5
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-5_user
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-6
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-7
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-1-6
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-1-7
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-10_user
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-3
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-5
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-5_user
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-6
[-] Task Deleted : 80dee9ad-e893-41d2-9f68-d5372f47e204-7
[-] Task Deleted : Adobe Flash Player Updater
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\CRSBRWSHTML
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\crossbrowse.exe
[-] Value Deleted : HKLM\SOFTWARE\Classes\.htm\OpenWithProgids [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.html\OpenWithProgids [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\RegisteredApplications [Crossbrowse]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
[-] Value Deleted : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [CRSBRWSHTML]
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro
[-] Key Deleted : HKLM\SOFTWARE\47ef6e4c-09dd-4c6b-ba60-47bfb6fa33eb
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\CrossBrowser
[-] Key Deleted : HKCU\Software\Crossbrowse
[-] Key Deleted : HKCU\Software\YorkNewCin
[-] Key Deleted : HKCU\Software\HighDefAction
[-] Key Deleted : HKCU\Software\ArenaHD
[-] Key Deleted : HKCU\Software\CinemaP-1.9cV29.09
[!] Key Not Deleted : HKCU\Software\Crossbrowse
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKLM\SOFTWARE\CinemaP-1.9cV29.09
[!] Key Not Deleted : HKLM\SOFTWARE\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaP-1.9cV29.09
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse
[!] Key Not Deleted : [x64] HKCU\Software\GlobalUpdate
[!] Key Not Deleted : [x64] HKCU\Software\InstalledBrowserExtensions
[!] Key Not Deleted : [x64] HKCU\Software\CrossBrowser
[!] Key Not Deleted : [x64] HKCU\Software\Crossbrowse
[!] Key Not Deleted : [x64] HKCU\Software\YorkNewCin
[!] Key Not Deleted : [x64] HKCU\Software\HighDefAction
[!] Key Not Deleted : [x64] HKCU\Software\ArenaHD
[!] Key Not Deleted : [x64] HKCU\Software\CinemaP-1.9cV29.09
[!] Key Not Deleted : [x64] HKCU\Software\Crossbrowse
[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[!] Key Not Deleted : HKU\S-1-5-21-1447694392-248528962-4126827209-1002\Software\AppDataLow\Software\Crossrider
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
***** [ Web browsers ] *****
[-] [C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : lkadffjmnaiokkdncgdlecdegajoiemi
[-] [C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : lkadffjmnaiokkdncgdlecdegajoiemi
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [16125 bytes] ##########
Re: nějaký viry ..
Fajn, obcas ADWCleaner pouzijte, myslim, ze ho budete sem tam potrebovat 
Tak uz nejaky nainstalujte, treba pak budete mit te haveti mene
7.11. pro neaktivitu
http://forum.viry.cz/viewtopic.php?f=12&t=123975
Tak uz nejaky nainstalujte, treba pak budete mit te haveti mene
7.11. pro neaktivitu
http://forum.viry.cz/viewtopic.php?f=12&t=123975Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?