Logfile of random's system information tool 1.10 (written by random/random)
Run by Frappy at 2016-03-26 10:53:12
Microsoft Windows 8.1 Pro
System drive C: has 13 GB (17%) free of 78 GB
Total RAM: 8144 MB (75% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:53:15, on 26. 3. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal
Running processes:
C:\Windows\Pixart\Pac7302\Monitor.exe
G:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Opera\36.0.2130.32\opera.exe
C:\Program Files (x86)\Opera\36.0.2130.32\opera_crashreporter.exe
C:\Program Files (x86)\Opera\36.0.2130.32\opera.exe
C:\Program Files (x86)\Opera\36.0.2130.32\opera.exe
C:\Program Files (x86)\Opera\36.0.2130.32\opera.exe
C:\Program Files (x86)\Opera\36.0.2130.32\opera.exe
C:\Program Files (x86)\Opera\36.0.2130.32\opera.exe
C:\Program Files (x86)\Opera\36.0.2130.32\opera.exe
C:\Program Files (x86)\Opera\36.0.2130.32\opera.exe
C:\Program Files\trend micro\Frappy.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKLM\..\Run: [YouCam Service7] "C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [ QQPCTray] "C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCTRAY.EXE" /regrun /qqrepair
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [EADM] "G:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\PROGRA~1\CCleaner\CCLEAN~1.EXE" /MONITOR
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [ProgLauncher] C:\Program Files\ProgDVB\ProgLauncher.exe
O4 - HKCU\..\Run: [Discord] C:\Users\Frappy\AppData\Local\Discord\app-0.0.286\Discord.exe
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "G:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [EvolveClient] "C:\Program Files\Echobit\Evolve\EvolveClient.exe" -autorun
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted IP range: http://192.168.0.1
O15 - ESC Trusted IP range: http://192.168.0.1
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CheatDefender - Unknown owner - C:\Program Files (x86)\UCBrowser\Application\UCProtect.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - Unknown owner - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Evolve Service (EvoSvc) - Echobit LLC - C:\Program Files\Echobit\Evolve\EvoSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - Unknown owner - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (file missing)
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - G:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - G:\Program Files (x86)\Owervolf\Overwolf\OverwolfUpdater.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: QQPCMgr RTP Service (QQPCRTP) - Tencent - C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCRTP.exe
O23 - Service: QQRepair224 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: QQRepair834 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: QQRepairFixSVC - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Survarium-Steam Update Service - Unknown owner - G:\Steamgames\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TAOFrame - Tencent - C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\TAOFrame.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: UC??????? (UCBrowserSvc) - Unknown owner - C:\Program Files (x86)\UCBrowser\Application\UCService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vmms.exe,-10 (vmms) - Unknown owner - C:\WINDOWS\system32\vmms.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11702 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCRTP.exe" -r
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
atieclxx
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\HitmanPro\hmpsched.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\UCBrowser\Application\UCProtect.exe" -s
dashost.exe {1af97180-9063-40f8-b8ce60e11a570b09}
C:\WINDOWS\system32\PnkBstrA.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
C:\WINDOWS\Explorer.EXE
taskhostex.exe
"C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe" /s
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\UCBrowser\Application\UCService.exe"
C:\WINDOWS\system32\vmms.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3609fb5b-a6a8-4093-a2cc-628ac6607b5a -SystemEventPortName:HostProcess-32e14d01-970c-4b5f-a325-b72c96129cd4 -IoCancelEventPortName:HostProcess-8268293a-7380-41b8-9da0-708fc3a0a7b0 -NonStateChangingEventPortName:HostProcess-b695f16e-7808-4d3a-912f-79e272efd85d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e0469e08-3981-4c3b-ba54-735c074a9bd7 -DeviceGroupId:WpdFsGroup
"C:\Program Files\iTunes\iTunesHelper.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\Pixart\Pac7302\Monitor.exe"
"G:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"G:\Program Files\TortoiseSVN\bin\TSVNCache.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -scheduled -critical
"C:\Program Files (x86)\Opera\36.0.2130.32\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\36.0.2130.32\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=5980
"C:\Program Files (x86)\Opera\36.0.2130.32\opera.exe" --type=gpu-process --channel="5980.0.684142285\1639986386" --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=5988 --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,14,31,60 --gpu-vendor-id=0x1002 --gpu-device-id=0x683d --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.300.1025.0 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=5988 --ignored=" --type=renderer "
"C:\Program Files (x86)\Opera\36.0.2130.32\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=5988 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="5980.2.1633400855\1299147510"
"C:\Program Files (x86)\Opera\36.0.2130.32\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=5988 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="5980.3.1858023798\1764111912"
"C:\Program Files (x86)\Opera\36.0.2130.32\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=5988 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="5980.4.1439368374\399808901"
"C:\Program Files (x86)\Opera\36.0.2130.32\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=5988 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="5980.6.808941384\229049448"
"C:\Program Files (x86)\Opera\36.0.2130.32\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=5988 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="5980.7.269595258\1900300250"
"C:\Program Files (x86)\Opera\36.0.2130.32\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=5988 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="5980.8.123769789\1954980220"
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Frappy\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-16 551520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}]
电脑管家网页防火墙 - C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\TSWebMon64.dat [2016-03-23 415584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-16 212576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-16 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-16 172640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05 508240]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-07-11 170280]
"StartCN"=C:\Program Files\AMD\CNext\CNext\cnext.exe [2015-11-18 4859592]
"PAC7302_Monitor"=C:\WINDOWS\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EADM"=G:\Program Files (x86)\Origin\Origin.exe [2016-02-06 3639280]
"CCleaner Monitoring"=C:\PROGRA~1\CCleaner\CCLEAN~1.EXE [2014-07-23 6265624]
"AdobeBridge"= []
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2015-04-26 43816]
"ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2015-04-26 43816]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2015-04-26 43816]
"ProgLauncher"=C:\Program Files\ProgDVB\ProgLauncher.exe [2015-12-02 589248]
"Discord"=C:\Users\Frappy\AppData\Local\Discord\app-0.0.286\Discord.exe [2016-03-05 53420216]
"Zoner Photo Studio Autoupdate"=G:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]
"EvolveClient"=C:\Program Files\Echobit\Evolve\EvolveClient.exe [2016-03-14 3334528]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2015-04-16 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]
"Raptr"=C:\PROGRA~2\Raptr\raptrstub.exe [2015-12-02 56080]
"YouCam Service7"=C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe [2015-06-23 454072]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29 594992]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []
" QQPCTray"=C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCTRAY.EXE [2016-03-23 355296]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\QQPCRTP]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"vidc.tscc"=C:\WINDOWS\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\WINDOWS\SysWOW64\tsc2_codec64.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-24 20:43:11 ----A---- C:\WINDOWS\system32\sdnclean64.exe
2016-03-24 20:43:10 ----D---- C:\ProgramData\Spybot - Search & Destroy
2016-03-24 17:59:48 ----D---- C:\ProgramData\HitmanPro
2016-03-24 16:24:48 ----D---- C:\Users\Frappy\AppData\Roaming\Enigma Software Group
2016-03-24 16:24:31 ----D---- C:\sh4ldr
2016-03-24 16:23:39 ----A---- C:\WINDOWS\system32\drivers\EsgScanner.sys
2016-03-24 16:23:27 ----D---- C:\Program Files\Enigma Software Group
2016-03-24 16:11:45 ----A---- C:\WINDOWS\SYSWOW64\drivers\TS888x64.sys
2016-03-23 19:52:25 ----A---- C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-03-23 19:49:38 ----D---- C:\extensions
2016-03-23 19:04:11 ----A---- C:\WINDOWS\SYSWOW64\drivers\TsFltMgr.sys
2016-03-23 19:03:04 ----A---- C:\Users\Frappy\AppData\Roaming\GiftBag.db
2016-03-23 19:02:37 ----A---- C:\WINDOWS\system32\drivers\TAOKernel64.sys
2016-03-23 19:02:37 ----A---- C:\WINDOWS\system32\drivers\TAOAccelerator64.sys
2016-03-23 19:02:35 ----D---- C:\Program Files\Common Files\Tencent
2016-03-23 19:02:01 ----D---- C:\ProgramData\TXQMPC
2016-03-23 19:01:53 ----A---- C:\WINDOWS\system32\drivers\TFsFltX64.sys
2016-03-23 19:01:37 ----D---- C:\Program Files (x86)\Tencent
2016-03-23 19:01:32 ----D---- C:\Users\Frappy\AppData\Roaming\Tencent
2016-03-23 19:01:31 ----D---- C:\ProgramData\Tencent
2016-03-23 18:51:34 ----A---- C:\WINDOWS\system32\drivers\ucguard.sys
2016-03-23 18:51:12 ----D---- C:\Program Files (x86)\UCBrowser
2016-03-14 20:29:39 ----D---- C:\Users\Frappy\AppData\Roaming\Evolve
2016-03-14 20:19:33 ----A---- C:\WINDOWS\system32\drivers\evolve.sys
2016-03-14 19:54:20 ----D---- C:\Program Files\Echobit
2016-03-14 19:53:57 ----D---- C:\ProgramData\Echobit
2016-03-14 19:28:21 ----D---- C:\ProgramData\Tunngle
2016-03-14 19:28:21 ----D---- C:\Program Files (x86)\Tunngle
2016-03-14 18:27:29 ----D---- C:\Users\Frappy\AppData\Roaming\TeamViewer
2016-03-13 20:31:32 ----D---- C:\WINDOWS\Simple Port Forwarding
2016-03-13 20:31:32 ----D---- C:\Program Files (x86)\Simple Port Forwarding
2016-03-13 20:31:27 ----A---- C:\WINDOWS\Simple Port Forwarding Setup Log.txt
2016-03-13 20:30:30 ----D---- C:\Users\Frappy\AppData\Roaming\UnknownApplicationVendor
2016-03-13 19:17:48 ----D---- C:\Users\Frappy\AppData\Roaming\PortForward.com
2016-03-13 19:17:48 ----D---- C:\Program Files (x86)\Portforward
2016-03-13 18:25:04 ----D---- C:\Users\Frappy\AppData\Roaming\EurekaLog
2016-03-13 17:52:37 ----D---- C:\Users\Frappy\AppData\Roaming\Factorio
2016-03-13 17:42:22 ----A---- C:\WINDOWS\SYSWOW64\Access.dat
2016-03-13 16:57:29 ----D---- C:\Users\Frappy\AppData\Roaming\Tunngle
2016-03-10 20:18:20 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2016-03-09 21:53:41 ----A---- C:\WINDOWS\system32\javaws.exe
2016-03-03 00:21:30 ----A---- C:\WINDOWS\system32\drivers\asw6E7F.tmp
2016-03-03 00:21:29 ----A---- C:\WINDOWS\system32\drivers\asw6D65.tmp
2016-03-03 00:21:29 ----A---- C:\WINDOWS\system32\drivers\asw6D25.tmp
2016-03-03 00:21:29 ----A---- C:\WINDOWS\system32\drivers\asw6CE6.tmp
2016-03-03 00:21:29 ----A---- C:\WINDOWS\system32\drivers\asw6CA6.tmp
2016-03-03 00:21:29 ----A---- C:\WINDOWS\system32\drivers\asw6C57.tmp
2016-03-03 00:21:29 ----A---- C:\WINDOWS\system32\drivers\asw6B0E.tmp
2016-03-03 00:21:29 ----A---- C:\WINDOWS\system32\drivers\asw6A90.tmp
2016-03-03 00:21:29 ----A---- C:\WINDOWS\system32\drivers\asw6A41.tmp
2016-03-03 00:20:05 ----SD---- C:\WINDOWS\SYSWOW64\Microsoft
======List of files/folders modified in the last 1 month======
2016-03-26 10:53:15 ----D---- C:\WINDOWS\Prefetch
2016-03-26 10:53:14 ----D---- C:\Program Files\trend micro
2016-03-26 10:51:51 ----D---- C:\WINDOWS\Temp
2016-03-26 10:50:23 ----D---- C:\WINDOWS\system32\drivers
2016-03-26 10:34:34 ----D---- C:\WINDOWS\System32
2016-03-26 10:33:01 ----SHD---- C:\System Volume Information
2016-03-25 23:02:23 ----D---- C:\Users\Frappy\AppData\Roaming\TS3Client
2016-03-25 23:02:00 ----D---- C:\WINDOWS\system32\sru
2016-03-25 23:01:49 ----D---- C:\Users\Frappy\AppData\Roaming\OBS
2016-03-25 19:31:30 ----D---- C:\Program Files (x86)\Common Files
2016-03-24 21:31:02 ----D---- C:\Users\Frappy\AppData\Roaming\Skype
2016-03-24 20:59:01 ----SHD---- C:\WINDOWS\Installer
2016-03-24 20:59:01 ----SHD---- C:\Config.Msi
2016-03-24 20:59:01 ----D---- C:\ProgramData\Skype
2016-03-24 20:58:52 ----RD---- C:\Program Files (x86)\Skype
2016-03-24 20:52:01 ----D---- C:\Program Files\Common Files\AV
2016-03-24 20:52:00 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-03-24 20:43:14 ----SD---- C:\ProgramData\Microsoft
2016-03-24 20:43:10 ----HD---- C:\ProgramData
2016-03-24 19:03:26 ----SHD---- C:\WINDOWS\BitLockerDiscoveryVolumeContents
2016-03-24 19:00:09 ----D---- C:\WINDOWS\SysWOW64
2016-03-24 18:32:35 ----D---- C:\Program Files\HitmanPro
2016-03-24 18:21:37 ----D---- C:\WINDOWS\Microsoft.NET
2016-03-24 16:24:46 ----D---- C:\WINDOWS\system32\Tasks
2016-03-24 16:23:27 ----RD---- C:\Program Files
2016-03-24 16:11:45 ----D---- C:\WINDOWS\SYSWOW64\drivers
2016-03-23 21:46:23 ----RD---- C:\Program Files (x86)
2016-03-23 21:46:20 ----D---- C:\ProgramData\CCP
2016-03-23 20:04:12 ----D---- C:\WINDOWS\Tasks
2016-03-23 20:03:57 ----D---- C:\Users\Frappy\AppData\Roaming\Seznam.cz
2016-03-23 19:02:35 ----D---- C:\Program Files\Common Files
2016-03-23 19:01:58 ----RSD---- C:\WINDOWS\Fonts
2016-03-17 19:23:47 ----D---- C:\Program Files (x86)\Opera
2016-03-16 21:37:47 ----D---- C:\WINDOWS\system32\DriverStore
2016-03-16 21:37:47 ----D---- C:\WINDOWS\Inf
2016-03-15 22:22:59 ----D---- C:\Windows
2016-03-15 22:21:20 ----D---- C:\ProgramData\Package Cache
2016-03-15 22:19:44 ----D---- C:\WINDOWS\SoftwareDistribution
2016-03-15 14:23:21 ----D---- C:\WINDOWS\system32\config
2016-03-14 18:27:31 ----D---- C:\Program Files (x86)\TeamViewer
2016-03-13 21:33:53 ----D---- C:\WINDOWS\system32\NDF
2016-03-13 17:31:44 ----D---- C:\WINDOWS\Minidump
2016-03-13 16:36:06 ----D---- C:\WINDOWS\LiveKernelReports
2016-03-10 08:33:06 ----D---- C:\Users\Frappy\AppData\Roaming\vlc
2016-03-09 21:53:16 ----D---- C:\Program Files\Java
2016-03-07 20:59:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-04 12:49:53 ----D---- C:\Users\Frappy\AppData\Roaming\uTorrent
2016-03-03 19:14:23 ----D---- C:\Program Files (x86)\BKF Safe Network
2016-03-03 15:30:37 ----A---- C:\WINDOWS\win.ini
2016-03-03 00:21:56 ----D---- C:\ProgramData\AVAST Software
2016-03-02 21:11:32 ----D---- C:\Users\Frappy\AppData\Roaming\Battle.net
2016-03-02 21:11:32 ----D---- C:\ProgramData\Battle.net
2016-02-28 11:40:01 ----D---- C:\Users\Frappy\AppData\Roaming\discord
2016-02-27 17:15:23 ----D---- C:\ProgramData\Origin
2016-02-27 16:08:09 ----D---- C:\Users\Frappy\AppData\Roaming\Origin
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2013-11-06 83176]
R0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2013-11-06 43240]
R0 dlkmdldr;dlkmdldr; C:\WINDOWS\system32\drivers\dlkmdldr.sys [2015-12-10 18960]
R1 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2015-05-14 68960]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2016-02-23 27552]
R1 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2015-02-16 11552]
R1 QMUdisk;tencent QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QMUdisk64.sys [2016-03-02 184536]
R1 softaal;softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\softaal64.sys [2016-03-23 35128]
R1 SRepairDrv;SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [2016-03-26 168568]
R1 TSSysKit;TSSysKit; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\TSSysKit64.sys [2016-03-23 87352]
R1 UCGuard;UCGuard; C:\WINDOWS\system32\DRIVERS\ucguard.sys [2016-03-18 80768]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2015-02-16 72216]
R2 QQSysMonX64;QQSysMonX64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQSysMonX64.sys [2016-03-23 138040]
R2 TAOAccelerator;Tencent TAOAccelerator driver.; \??\C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys [2016-03-15 101472]
R2 TAOKernelDriver;Tencent TAO kernel driver.; \??\C:\WINDOWS\system32\Drivers\TAOKernel64.sys [2016-03-23 274232]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-11-18 23960064]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-11-18 671232]
R3 AtiHDAudioService;@oem22.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWB6.sys [2015-07-15 102912]
R3 clwvd7;@oem40.inf,%clwvd.DeviceDesc% Service;CyberLink WebCam Virtual Driver 7.0 Service; C:\WINDOWS\system32\DRIVERS\clwvd7.sys [2015-03-24 42968]
R3 dlkmd;dlkmd; C:\WINDOWS\system32\drivers\dlkmd.sys [2015-12-10 450576]
R3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2016-03-24 15920]
R3 EvolveVirtualAdapter;@oem20.inf,%EvolveVirtualAdapter.Service.DispName%;Evolve Virtual Miniport Driver; C:\WINDOWS\system32\DRIVERS\evolve.sys [2016-03-14 21656]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2015-11-12 45680]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 tap0901t;@oem1.inf,%DeviceDescription%;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 TFsFlt;TFsFlt; C:\WINDOWS\system32\Drivers\TFsFltX64.sys [2016-03-23 87864]
R3 TS888x64;TS888x64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\TS888x64.sys [2016-03-26 38520]
S0 amdkmafd;@oem16.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S1 TSDefenseBt;TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\TSDefenseBT64.sys [2016-03-23 28984]
S2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys []
S2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2015-11-02 303616]
S2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2015-11-02 35328]
S2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys []
S2 re2dluikmj;re2dluikmj; \??\C:\WINDOWS\Temp\tmrcsm0lsmq.sys []
S3 AVerAF15DMBTH64;@oem10.inf,%AVerAF15DMBTH.ServiceName%;AVerMedia A850 USB; C:\WINDOWS\System32\Drivers\AVerAF15DMBTH64.sys [2010-11-25 593024]
S3 dg_ssudbus;@oem10.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 DisplayLinkUsbIo_x64;DisplayLinkUsbIo_x64; C:\WINDOWS\system32\DRIVERS\DisplayLinkUsbIo_x64_7.9.1336.0.sys [2016-01-17 58640]
S3 EsgScanner;EsgScanner; C:\WINDOWS\system32\DRIVERS\EsgScanner.sys [2016-03-24 22704]
S3 lunparser;@%systemroot%\system32\drivers\lunparser.sys,-10010; C:\WINDOWS\system32\drivers\lunparser.sys [2015-05-14 19456]
S3 PAC7302;@oem38.inf,%str_ServiceName%;PAC7302 VGA USB Camera; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-06-14 526848]
S3 passthruparser;@%systemroot%\system32\drivers\passthruparser.sys,-10010; C:\WINDOWS\system32\drivers\passthruparser.sys [2015-05-14 22016]
S3 pvhdparser;@%systemroot%\system32\drivers\pvhdparser.sys,-10010; C:\WINDOWS\system32\drivers\pvhdparser.sys [2015-05-14 27136]
S3 ssudmdm;@oem23.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 tap0901;@oem12.inf,%DeviceDescription%;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2011-04-26 31232]
S3 TrueSight;TrueSight; \??\C:\Windows\System32\drivers\TrueSight.sys [2015-08-21 35064]
S3 usb_rndisx;@netrndis.inf,%usb_rndis.Service.DispName%;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-08-22 20992]
S3 USBAAPL64;@oem21.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl64.sys [2015-06-10 54784]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
S3 vhdparser;@%systemroot%\system32\drivers\vhdparser.sys,-10010; C:\WINDOWS\system32\drivers\vhdparser.sys [2015-05-14 19456]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-02-09 2020056]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-11-18 246272]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-07-28 344064]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-05-29 77128]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2015-08-12 127752]
R2 CheatDefender;CheatDefender; C:\Program Files (x86)\UCBrowser\Application\UCProtect.exe [2016-03-23 2737664]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2015-02-24 76152]
R2 QQPCRTP;QQPCMgr RTP Service; C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCRTP.exe [2016-03-23 301728]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-03-02 6942480]
R2 UCBrowserSvc;UC浏览器基础服务; C:\Program Files (x86)\UCBrowser\Application\UCService.exe [2016-03-18 605856]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-07-11 644904]
S2 DisplayLinkService;DisplayLinkManager; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-16 154440]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -s []
S2 QQRepair224;QQRepair224; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair224 [2016-03-26 136512]
S2 QQRepair834;QQRepair834; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair834 []
S2 QQRepairFixSVC;QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepairFixSVC [2016-03-26 136512]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-01-29 327296]
S2 SpyHunter 4 Service;SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [2016-03-24 1042304]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-10 269504]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2016-02-20 1352736]
S3 EvoSvc;Evolve Service; C:\Program Files\Echobit\Evolve\EvoSvc.exe [2016-03-14 1583488]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-16 154440]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-04-21 136120]
S3 Origin Client Service;Origin Client Service; G:\Program Files (x86)\Origin\OriginClientService.exe [2016-02-06 2104840]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; G:\Program Files (x86)\Owervolf\Overwolf\OverwolfUpdater.exe [2016-02-11 1009904]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-03-18 835664]
S3 Survarium-Steam Update Service;Survarium-Steam Update Service; G:\Steamgames\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe [2015-08-27 96856]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2015-04-16 517096]
S3 TAOFrame;TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\TAOFrame.exe [2016-03-23 297952]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2015-12-22 814064]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nějaké čínské programy :-(
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Ve dnech 5.9. - 7.9.2025 budou někteří z nás na každoročním srazu teamu našeho fóra. V této době se může stát, že budete o něco déle čekat na naší odezvu. Děkujeme a omlouváme se.
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Ve dnech 5.9. - 7.9.2025 budou někteří z nás na každoročním srazu teamu našeho fóra. V této době se může stát, že budete o něco déle čekat na naší odezvu. Děkujeme a omlouváme se.
-
Rudy
- Site Admin
- Příspěvky: 119490
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nějaké čínské programy :-(
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
ceddrik
- Návštěvník
- Příspěvky: 68
- Registrován: 06 zář 2007 18:13
- Bydliště: Ostrava
- Kontaktovat uživatele:
Re: Nějaké čínské programy :-(
# AdwCleaner v5.105 - Logfile created 26/03/2016 at 12:02:59
# Updated 21/03/2016 by Xplode
# Database : 2016-03-25.2 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : Frappy - FRAPPY
# Running from : G:\Stahovánà Opera\scoped_dir_5980_23934\adwcleaner_5.105.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : QQPCRTP
[-] Service Deleted : TAOAccelerator
[-] Service Deleted : TSDefenseBt
[-] Service Deleted : TSSysKit
[-] Service Deleted : QMUdisk
[-] Service Deleted : TS888x64
[-] Service Deleted : QQSysMonX64
[-] Service Deleted : TFsFlt
[-] Service Deleted : TAOFrame
[-] Service Deleted : TAOKernelDriver
[-] Service Deleted : softaal
[-] Service Deleted : UCBrowserSvc
[!] Service Not Deleted : SRepairDrv
***** [ Folders ] *****
[#] Folder Deleted : C:\Program Files (x86)\tencent
[-] Folder Deleted : C:\Program Files (x86)\Common Files\tencent
[#] Folder Deleted : C:\Program Files\Common Files\tencent
[#] Folder Deleted : C:\ProgramData\tencent
[-] Folder Deleted : C:\ProgramData\TXQMPC
[-] Folder Deleted : C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm
[-] Folder Deleted : C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecnphlgnajanjnkcmbpancdjoidceilk
[J] Folder Not Deleted : C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecnphlgnajanjnkcmbpancdjoidceilk
[-] Folder Deleted : C:\Users\Frappy\AppData\Roaming\tencent
[-] Folder Deleted : C:\Users\Frappy\AppData\Roaming\Opera Software\Opera Stable\Extensions\ecnphlgnajanjnkcmbpancdjoidceilk
[J] Folder Not Deleted : C:\Users\Frappy\AppData\Roaming\Opera Software\Opera Stable\Extensions\ecnphlgnajanjnkcmbpancdjoidceilk
[-] Folder Deleted : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\tencent
***** [ Files ] *****
[-] File Deleted : C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[-] File Deleted : C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage
[-] File Deleted : C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage-journal
[#] File Deleted : C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage
[#] File Deleted : C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage-journal
[-] File Deleted : C:\Users\Frappy\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage
[-] File Deleted : C:\Users\Frappy\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage-journal
[#] File Deleted : C:\Users\Frappy\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage
[#] File Deleted : C:\Users\Frappy\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage-journal
[-] File Deleted : C:\Users\Frappy\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.tatango.com_0.localstorage
[-] File Deleted : C:\Users\Frappy\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.tatango.com_0.localstorage-journal
[-] File Deleted : C:\WINDOWS\SysNative\drivers\TAOAccelerator64.sys
[-] File Deleted : C:\WINDOWS\SysNative\drivers\TAOKernel64.sys
[#] File Deleted : C:\WINDOWS\SysNative\drivers\TFsFltX64.sys
[-] File Deleted : C:\WINDOWS\SysWOW64\drivers\TsFltMgr.sys
[-] File Deleted : C:\WINDOWS\SysWOW64\drivers\TS888x64.sys
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@qq.com/QQPCMgr
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
[-] Key Deleted : HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\QMContextUninstall
[-] Key Deleted : HKEY_CLASSES_ROOT\Folder\ShellEx\ContextMenuHandlers\QMContextUninstall
[-] Key Deleted : HKLM\SOFTWARE\Classes\metnsd
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0EEDB912-C5FA-486F-8334-57288578C627}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63332668-8CE1-445D-A5EE-25929176714E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC0FA563-E0F2-406F-8659-1E728458A91E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{88260EA6-BC91-42DF-ABEF-4A683E8A3C23}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C097DF1-0716-4FA1-84A9-025BC1E7B03F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{29B6CFD5-0064-411A-8C42-9890C83F9921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D4801E96-E7A1-45F6-B124-7A36DFB40B81}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16EE6530-8649-4F42-A9E4-F6A3295AF975}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved [{63332668-8CE1-445D-A5EE-25929176714E}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CBDECEF7-7A29-4CBF-A009-2673D82C7BF9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{63332668-8CE1-445D-A5EE-25929176714E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D4801E96-E7A1-45F6-B124-7A36DFB40B81}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D4801E96-E7A1-45F6-B124-7A36DFB40B81}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKLM\SOFTWARE\SecureWebChannel
[-] Key Deleted : HKLM\SOFTWARE\hohosearchSoftware
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QQPCMgr
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tab]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{A3981199-ECF6-467E-9BF8-22729C06D26B}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{AE8AA925-2BD7-422C-9B20-9638CBA38CCB}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{2DF710DB-F192-4571-AB47-C03E703CA977}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{CE016C3E-B538-4F81-845D-A4B4465B64CD}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{0538E6BD-57E9-4974-B467-F78367A2886B}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{36AE2174-FA90-42CC-82F8-5D32176DB993}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{79D8F182-BC0D-4258-8DE8-42EAA0DA904A}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{98AE8294-78E0-4805-99C1-488CF4635808}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{E2065D54-EC52-4721-9C0D-B04B286E472E}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{ABC738D6-140A-46F7-9D47-36BBF0A3E300}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{42ADC979-BF50-4E8F-A6E4-0E6600C6C969}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{D71A71F6-C70D-4251-A856-AEBFB795D43B}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{5E221778-C71D-42BB-928D-50A7C1327C69}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{58E44954-0E11-497C-85F3-0D484264F5C0}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{C4F0895F-40B7-4A52-80A0-A32B3BD6E67C}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{D2E0A7B5-329D-411D-9F80-F64B2D7BEDF3}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{C5CCDB4B-C3B7-4357-8A95-E071CFA623EF}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{13D89A1F-47E3-4242-8B14-3AAB210B3E1F}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{8BEFD56D-8EF4-49E1-AC7A-5E3017F4772B}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{6822F2AD-B750-4D4E-9C50-AB5B729230E8}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{9C79267E-41FD-45DC-84DF-2D887D4BEA04}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{5A476511-1181-4306-B2D4-6488276F2CCE}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{C2023504-8E93-4850-BEC5-48ED16A1EF8F}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{FDC180D5-9081-4343-A7A5-1090E40851DC}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{B9427FBB-CF6E-4FAC-9A63-34DBB2745A7A}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{78B79930-56F8-4FD9-B30B-7A30D9A93085}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{6E4705A1-03FD-45BC-B20A-D4E7FDB47847}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{72B54A37-D5E5-40AB-B6D0-2D3EA9F20706}]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\akamaihd.net
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.reimagenetwork.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdncache-a.akamaihd.net
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\contextualyield.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\foxi69.tlscdn.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ividijs.info
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mystartsearch.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\reimagenetwork.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\tlscdn.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\videodownloadconverter.dl.tb.ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\view.contextualyield.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.mystartsearch.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.yourtango.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\yourtango.com
[-] Value Deleted : HKU\S-1-5-21-1766096757-1684294531-2525756948-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [apphide]
[-] Value Deleted : HKU\S-1-5-21-1766096757-1684294531-2525756948-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [HCDNClient]
[-] Value Deleted : HKU\S-1-5-21-1766096757-1684294531-2525756948-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [InetStat]
[-] Value Deleted : HKU\S-1-5-21-1766096757-1684294531-2525756948-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [pcspeedup]
***** [ Web browsers ] *****
[-] [C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.mysites123.com/?type=hp&ts=14587590 ... 6H9SA6H9SA
[-] [C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Deleted : hxxp://mysites123.com/wefavicon.ico
[-] [C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ecnphlgnajanjnkcmbpancdjoidceilk
[-] [C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ecnphlgnajanjnkcmbpancdjoidceilk
[-] [C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.mysites123.com/?type=hp&ts=14587590 ... 6H9SA6H9SA
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [14732 bytes] - [26/03/2016 12:02:59]
C:\AdwCleaner\AdwCleaner[C4].txt - [4183 bytes] - [09/10/2015 14:53:43]
C:\AdwCleaner\AdwCleaner[C5].txt - [1702 bytes] - [20/11/2015 13:57:34]
C:\AdwCleaner\AdwCleaner[C6].txt - [737 bytes] - [20/11/2015 21:17:06]
C:\AdwCleaner\AdwCleaner[C7].txt - [830 bytes] - [25/11/2015 00:22:07]
C:\AdwCleaner\AdwCleaner[R2].txt - [2032 bytes] - [02/08/2015 08:07:32]
C:\AdwCleaner\AdwCleaner[R3].txt - [11406 bytes] - [12/08/2015 11:57:30]
C:\AdwCleaner\AdwCleaner[R4].txt - [1200 bytes] - [21/08/2015 17:14:48]
C:\AdwCleaner\AdwCleaner[R5].txt - [1018 bytes] - [07/09/2015 18:34:11]
C:\AdwCleaner\AdwCleaner[S0].txt - [1723 bytes] - [02/08/2015 08:18:22]
C:\AdwCleaner\AdwCleaner[S10].txt - [727 bytes] - [24/11/2015 22:23:17]
C:\AdwCleaner\AdwCleaner[S1].txt - [20666 bytes] - [12/08/2015 11:59:28]
C:\AdwCleaner\AdwCleaner[S2].txt - [792 bytes] - [21/08/2015 17:16:41]
C:\AdwCleaner\AdwCleaner[S7].txt - [3873 bytes] - [09/10/2015 14:52:00]
C:\AdwCleaner\AdwCleaner[S8].txt - [1544 bytes] - [20/11/2015 13:54:57]
C:\AdwCleaner\AdwCleaner[S9].txt - [645 bytes] - [20/11/2015 21:15:12]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [15899 bytes] ##########
# Updated 21/03/2016 by Xplode
# Database : 2016-03-25.2 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : Frappy - FRAPPY
# Running from : G:\Stahovánà Opera\scoped_dir_5980_23934\adwcleaner_5.105.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : QQPCRTP
[-] Service Deleted : TAOAccelerator
[-] Service Deleted : TSDefenseBt
[-] Service Deleted : TSSysKit
[-] Service Deleted : QMUdisk
[-] Service Deleted : TS888x64
[-] Service Deleted : QQSysMonX64
[-] Service Deleted : TFsFlt
[-] Service Deleted : TAOFrame
[-] Service Deleted : TAOKernelDriver
[-] Service Deleted : softaal
[-] Service Deleted : UCBrowserSvc
[!] Service Not Deleted : SRepairDrv
***** [ Folders ] *****
[#] Folder Deleted : C:\Program Files (x86)\tencent
[-] Folder Deleted : C:\Program Files (x86)\Common Files\tencent
[#] Folder Deleted : C:\Program Files\Common Files\tencent
[#] Folder Deleted : C:\ProgramData\tencent
[-] Folder Deleted : C:\ProgramData\TXQMPC
[-] Folder Deleted : C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm
[-] Folder Deleted : C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecnphlgnajanjnkcmbpancdjoidceilk
[J] Folder Not Deleted : C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecnphlgnajanjnkcmbpancdjoidceilk
[-] Folder Deleted : C:\Users\Frappy\AppData\Roaming\tencent
[-] Folder Deleted : C:\Users\Frappy\AppData\Roaming\Opera Software\Opera Stable\Extensions\ecnphlgnajanjnkcmbpancdjoidceilk
[J] Folder Not Deleted : C:\Users\Frappy\AppData\Roaming\Opera Software\Opera Stable\Extensions\ecnphlgnajanjnkcmbpancdjoidceilk
[-] Folder Deleted : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\tencent
***** [ Files ] *****
[-] File Deleted : C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[-] File Deleted : C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage
[-] File Deleted : C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage-journal
[#] File Deleted : C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage
[#] File Deleted : C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage-journal
[-] File Deleted : C:\Users\Frappy\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage
[-] File Deleted : C:\Users\Frappy\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage-journal
[#] File Deleted : C:\Users\Frappy\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage
[#] File Deleted : C:\Users\Frappy\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage-journal
[-] File Deleted : C:\Users\Frappy\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.tatango.com_0.localstorage
[-] File Deleted : C:\Users\Frappy\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.tatango.com_0.localstorage-journal
[-] File Deleted : C:\WINDOWS\SysNative\drivers\TAOAccelerator64.sys
[-] File Deleted : C:\WINDOWS\SysNative\drivers\TAOKernel64.sys
[#] File Deleted : C:\WINDOWS\SysNative\drivers\TFsFltX64.sys
[-] File Deleted : C:\WINDOWS\SysWOW64\drivers\TsFltMgr.sys
[-] File Deleted : C:\WINDOWS\SysWOW64\drivers\TS888x64.sys
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@qq.com/QQPCMgr
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
[-] Key Deleted : HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\QMContextUninstall
[-] Key Deleted : HKEY_CLASSES_ROOT\Folder\ShellEx\ContextMenuHandlers\QMContextUninstall
[-] Key Deleted : HKLM\SOFTWARE\Classes\metnsd
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0EEDB912-C5FA-486F-8334-57288578C627}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63332668-8CE1-445D-A5EE-25929176714E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC0FA563-E0F2-406F-8659-1E728458A91E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{88260EA6-BC91-42DF-ABEF-4A683E8A3C23}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C097DF1-0716-4FA1-84A9-025BC1E7B03F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{29B6CFD5-0064-411A-8C42-9890C83F9921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D4801E96-E7A1-45F6-B124-7A36DFB40B81}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16EE6530-8649-4F42-A9E4-F6A3295AF975}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved [{63332668-8CE1-445D-A5EE-25929176714E}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CBDECEF7-7A29-4CBF-A009-2673D82C7BF9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{63332668-8CE1-445D-A5EE-25929176714E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D4801E96-E7A1-45F6-B124-7A36DFB40B81}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D4801E96-E7A1-45F6-B124-7A36DFB40B81}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKLM\SOFTWARE\SecureWebChannel
[-] Key Deleted : HKLM\SOFTWARE\hohosearchSoftware
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QQPCMgr
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tab]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{A3981199-ECF6-467E-9BF8-22729C06D26B}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{AE8AA925-2BD7-422C-9B20-9638CBA38CCB}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{2DF710DB-F192-4571-AB47-C03E703CA977}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{CE016C3E-B538-4F81-845D-A4B4465B64CD}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{0538E6BD-57E9-4974-B467-F78367A2886B}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{36AE2174-FA90-42CC-82F8-5D32176DB993}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{79D8F182-BC0D-4258-8DE8-42EAA0DA904A}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{98AE8294-78E0-4805-99C1-488CF4635808}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{E2065D54-EC52-4721-9C0D-B04B286E472E}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{ABC738D6-140A-46F7-9D47-36BBF0A3E300}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{42ADC979-BF50-4E8F-A6E4-0E6600C6C969}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{D71A71F6-C70D-4251-A856-AEBFB795D43B}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{5E221778-C71D-42BB-928D-50A7C1327C69}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{58E44954-0E11-497C-85F3-0D484264F5C0}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{C4F0895F-40B7-4A52-80A0-A32B3BD6E67C}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{D2E0A7B5-329D-411D-9F80-F64B2D7BEDF3}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{C5CCDB4B-C3B7-4357-8A95-E071CFA623EF}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{13D89A1F-47E3-4242-8B14-3AAB210B3E1F}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{8BEFD56D-8EF4-49E1-AC7A-5E3017F4772B}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{6822F2AD-B750-4D4E-9C50-AB5B729230E8}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{9C79267E-41FD-45DC-84DF-2D887D4BEA04}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{5A476511-1181-4306-B2D4-6488276F2CCE}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{C2023504-8E93-4850-BEC5-48ED16A1EF8F}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{FDC180D5-9081-4343-A7A5-1090E40851DC}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{B9427FBB-CF6E-4FAC-9A63-34DBB2745A7A}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{78B79930-56F8-4FD9-B30B-7A30D9A93085}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{6E4705A1-03FD-45BC-B20A-D4E7FDB47847}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{72B54A37-D5E5-40AB-B6D0-2D3EA9F20706}]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\akamaihd.net
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.reimagenetwork.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdncache-a.akamaihd.net
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\contextualyield.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\foxi69.tlscdn.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ividijs.info
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mystartsearch.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\reimagenetwork.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\tlscdn.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\videodownloadconverter.dl.tb.ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\view.contextualyield.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.mystartsearch.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.yourtango.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\yourtango.com
[-] Value Deleted : HKU\S-1-5-21-1766096757-1684294531-2525756948-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [apphide]
[-] Value Deleted : HKU\S-1-5-21-1766096757-1684294531-2525756948-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [HCDNClient]
[-] Value Deleted : HKU\S-1-5-21-1766096757-1684294531-2525756948-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [InetStat]
[-] Value Deleted : HKU\S-1-5-21-1766096757-1684294531-2525756948-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [pcspeedup]
***** [ Web browsers ] *****
[-] [C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.mysites123.com/?type=hp&ts=14587590 ... 6H9SA6H9SA
[-] [C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Deleted : hxxp://mysites123.com/wefavicon.ico
[-] [C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ecnphlgnajanjnkcmbpancdjoidceilk
[-] [C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ecnphlgnajanjnkcmbpancdjoidceilk
[-] [C:\Users\Frappy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.mysites123.com/?type=hp&ts=14587590 ... 6H9SA6H9SA
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [14732 bytes] - [26/03/2016 12:02:59]
C:\AdwCleaner\AdwCleaner[C4].txt - [4183 bytes] - [09/10/2015 14:53:43]
C:\AdwCleaner\AdwCleaner[C5].txt - [1702 bytes] - [20/11/2015 13:57:34]
C:\AdwCleaner\AdwCleaner[C6].txt - [737 bytes] - [20/11/2015 21:17:06]
C:\AdwCleaner\AdwCleaner[C7].txt - [830 bytes] - [25/11/2015 00:22:07]
C:\AdwCleaner\AdwCleaner[R2].txt - [2032 bytes] - [02/08/2015 08:07:32]
C:\AdwCleaner\AdwCleaner[R3].txt - [11406 bytes] - [12/08/2015 11:57:30]
C:\AdwCleaner\AdwCleaner[R4].txt - [1200 bytes] - [21/08/2015 17:14:48]
C:\AdwCleaner\AdwCleaner[R5].txt - [1018 bytes] - [07/09/2015 18:34:11]
C:\AdwCleaner\AdwCleaner[S0].txt - [1723 bytes] - [02/08/2015 08:18:22]
C:\AdwCleaner\AdwCleaner[S10].txt - [727 bytes] - [24/11/2015 22:23:17]
C:\AdwCleaner\AdwCleaner[S1].txt - [20666 bytes] - [12/08/2015 11:59:28]
C:\AdwCleaner\AdwCleaner[S2].txt - [792 bytes] - [21/08/2015 17:16:41]
C:\AdwCleaner\AdwCleaner[S7].txt - [3873 bytes] - [09/10/2015 14:52:00]
C:\AdwCleaner\AdwCleaner[S8].txt - [1544 bytes] - [20/11/2015 13:54:57]
C:\AdwCleaner\AdwCleaner[S9].txt - [645 bytes] - [20/11/2015 21:15:12]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [15899 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119490
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nějaké čínské programy :-(
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?