VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o radu a kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=146062

Stránka 1 z 1

Prosím o radu a kontrolu logu

Napsal: 15 zář 2015 17:59
od Psych0p4th
Dobrý den, ahoj
mám problém s počítačem cca 3 roky starém. Počítač funguje vcelku normálně až do doby než spustím prohlížeč (ať Chrome či Explorer). V té chvíli se jako domovská obrazovka spustí mystartsearch. Celý počítač se rapidně zpomalí, navíc začnou vyskakovat pop up okna jak na jakékoliv navštívené stránce, tak jako zcela nové karty. Mnohdy "vysadí" i klávesnice tak, že jdou psát pouze některé znaky a místo zvoleného odkazu naběhne zase reklama "na nějakej super čistící program". Přes nechtěné reklamy opravdu nejde vůbec na netu pracovat. Nehledě na fakt, že i když se webové stránky zavřou, počítač je nadále strašně zpomalený.

Zatím jsem to řešil:
Spybot Search
Adwcleaner
RogueKiller
Avast Browser CleanUp

I přesto, že mi v počítači tyto programy našli požehnaně a vše bylo zafixováno či odstraněno tak problém s pop up okny a zpomalením počítače zůstává. Ze zoufalosti jsem tedy ještě nainstaloval Pop-Up Stopper, opakovaně resetoval nastavení prohlížeče, ale bez většího výsledku.

Prosím Vás tedy o jakoukoliv radu co s tím, připojuji ještě log z HiJackThis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:07:59, on 15.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
C:\Windows\System32\WScript.exe
C:\Antivir\Spybot - Search & Destroy 2\SDTray.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe
C:\Program Files\baidu\pps.exe
C:\IQIYI Video\Common\QyKernel.exe
C:\Windows\system32\taskeng.exe
C:\Users\Děti\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\lcpmnccsnkcj.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Antivir\Antivir\hijackthis.exe
C:\Program Files\Adobe\Reader 11.0\Reader\Reader_sl.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXW1V14B5A
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll
O2 - BHO: °®ĆćŇŐÖúĘÖ - {FB4F6285-4C32-49F2-950F-A5998F9CEC6C} - C:\IQIYI Video\Common\Accelerator\IEHelper.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKLM\..\Run: [mncnkdxpSrv] C:\Windows\inf\mncnkdxp.vbe
O4 - HKLM\..\Run: [MSStp] C:\Windows\inf\msstp.vbe
O4 - HKLM\..\Run: [mnccsnkcjSrv] C:\Windows\system32\mnccsnkcj.vbe
O4 - HKLM\..\Run: [SDTray] "C:\Antivir\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Advanced SystemCare 8] "C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [apphide] C:\Program Files\baidu\pps.exe
O4 - HKCU\..\Run: [HCDNClient] "C:\IQIYI Video\Common\QyKernel.exe" -shell_start
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_E39AC27331BDA59634B87AD414421727] "C:\Program Files\MyBrowser\MyBrowser\Application\mybrowser.exe" --no-startup-window
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Antivir\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\Antivir\POP-UP~1\PSFree.exe"
O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse_IObitDel.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://www.mystartsearch.com/?type=hp&t ... XXW1V14B5A
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: Rename Save (biwejizu) - Unknown owner - C:\Users\Děti\AppData\Roaming\AC11364C-1424796770-DD11-A850-000EA68F7399\nsg5B05.tmpfs
O23 - Service: BrsHelper - Unknown owner - C:\PROGRA~1\YTDOWN~1\BROWSE~2.EXE (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Keyboard Close Down (hurygire) - Unknown owner - C:\Users\Děti\AppData\Roaming\AC11364C-1424796770-DD11-A850-000EA68F7399\jnsy93FD.tmp
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Antivir\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Antivir\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Antivir\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: WdsManPro Service (WdsManPro) - DTools LIMITED - C:\ProgramData\2WdsManPro2\WdsManPro.exe

--
End of file - 6691 bytes


Předem mnohokrát děkuji za jakékoliv tipy, rady a návody :)

Re: Prosím o radu a kontrolu logu

Napsal: 15 zář 2015 18:12
od altrok
Krasny den Vam preju :bye:


:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

:arrow: Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Re: Prosím o radu a kontrolu logu

Napsal: 16 zář 2015 15:37
od Psych0p4th
Tak zasílám log z FRST, prosím o kontrolu

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-09-2015
Ran by Děti (administrator) on DĚTI-PC (16-09-2015 16:22:59)
Running from C:\Users\Děti\Desktop
Loaded Profiles: Děti (Available Profiles: Děti)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
() C:\Users\Děti\AppData\Roaming\AC11364C-1424796770-DD11-A850-000EA68F7399\nsg5B05.tmpfs
() C:\Users\Děti\AppData\Roaming\AC11364C-1424796770-DD11-A850-000EA68F7399\jnsy93FD.tmp
(Safer-Networking Ltd.) C:\Antivir\Spybot - Search & Destroy 2\SDFSSvc.exe
(Cinema PlusV21.05) C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-6.exe
(Cinema PlusV22.08) C:\Program Files\CinemaPlus-3.2cV22.08\4932de55-3c05-4eae-8ee3-4b49051925f0-6.exe
(Cinema PlusV09.09) C:\Program Files\CinemaPlus-3.2cV09.09\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-6.exe
(Sense+) C:\Program Files\Sense\1404b271-27f4-45cf-aa02-c20ab5416857-6.exe
(Cinema PlusV01.06) C:\Program Files\CinemaPlus-3.2cV01.06\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-1-6.exe
(Cinema PlusV01.06) C:\Program Files\CinemaPlus-3.2cV01.06\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-6.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Sense+) C:\Program Files\Sense\1404b271-27f4-45cf-aa02-c20ab5416857-1-6.exe
(FileProperties_CompanyName) C:\Program Files\shopping blast\shopping_blast_notification_service.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Safer-Networking Ltd.) C:\Antivir\Spybot - Search & Destroy 2\SDTray.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe
() C:\Program Files\baidu\pps.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(iQIYI.COM) C:\IQIYI Video\Common\QyKernel.exe
(Panicware, Inc.) C:\Antivir\Pop-Up Stopper Free Edition\PSFree.exe
(Safer-Networking Ltd.) C:\Antivir\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TODO: <公司名>) C:\Program Files\SFK\SSFK.exe
(Safer-Networking Ltd.) C:\Antivir\Spybot - Search & Destroy 2\SDWSCSvc.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\AutoCare.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
() C:\Program Files\SFK\SFKEX.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(AVAST Software) C:\Users\Děti\AppData\Roaming\AVAST Software\Browser Cleanup\bcusched.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(forum.viry.cz) C:\Users\Děti\Desktop\FRSTLauncher (2).exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [351968 2014-09-08] ()
HKLM\...\Run: [mncnkdxpSrv] => C:\Windows\inf\mncnkdxp.vbe [1342 2014-01-19] ()
HKLM\...\Run: [MSStp] => C:\Windows\inf\msstp.vbe [1584 2014-03-05] ()
HKLM\...\Run: [mnccsnkcjSrv] => C:\Windows\system32\mnccsnkcj.vbe [7670 2014-03-05] ()
HKLM\...\Run: [SDTray] => C:\Antivir\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-576956717-2421588013-1555960161-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4826904 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-576956717-2421588013-1555960161-1000\...\Run: [Advanced SystemCare 8] => C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
HKU\S-1-5-21-576956717-2421588013-1555960161-1000\...\Run: [apphide] => C:\Program Files\baidu\pps.exe [77824 2015-08-12] ()
HKU\S-1-5-21-576956717-2421588013-1555960161-1000\...\Run: [HCDNClient] => C:\IQIYI Video\Common\QyKernel.exe [576104 2015-05-12] (iQIYI.COM)
HKU\S-1-5-21-576956717-2421588013-1555960161-1000\...\Run: [GoogleChromeAutoLaunch_E39AC27331BDA59634B87AD414421727] => "C:\Program Files\MyBrowser\MyBrowser\Application\mybrowser.exe" --no-startup-window
HKU\S-1-5-21-576956717-2421588013-1555960161-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-576956717-2421588013-1555960161-1000\...\Run: [Spybot-S&D Cleaning] => C:\Antivir\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-576956717-2421588013-1555960161-1000\...\Run: [PopUpStopperFreeEdition] => C:\Antivir\POP-UP~1\PSFree.exe [524288 2003-04-29] (Panicware, Inc.)
HKU\S-1-5-21-576956717-2421588013-1555960161-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-576956717-2421588013-1555960161-1000\...\RunOnce: [Application Restart #1] => C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse_IObitDel.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://www.mystartsearch.com/?type=hp&ts=1441808312&z (the data entry has 96 more characters).
BootExecute: autocheck autochk * sdnclean.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6FD574B0-FB1C-4A73-BD5C-BE7C24911EDE}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-576956717-2421588013-1555960161-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-576956717-2421588013-1555960161-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-576956717-2421588013-1555960161-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-576956717-2421588013-1555960161-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=14362 ... XXW1V14B5A
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-576956717-2421588013-1555960161-1000 -> DefaultScope {28CB51B1-FCC1-47E2-857B-8A5786B2FDEC} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-576956717-2421588013-1555960161-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.mystartsearch.com/web/?utm_source=b ... earchTerms}
SearchScopes: HKU\S-1-5-21-576956717-2421588013-1555960161-1000 -> {28CB51B1-FCC1-47E2-857B-8A5786B2FDEC} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-576956717-2421588013-1555960161-1000 -> {3EF9CB5A-5A15-4758-9947-F840BECE28E2} URL = hxxp://www.mystartsearch.com/web/?utm_source=b ... earchTerms}
SearchScopes: HKU\S-1-5-21-576956717-2421588013-1555960161-1000 -> {4657AAEE-4CB6-40FB-B3F7-2A39166D6775} URL = hxxp://www.mystartsearch.com/web/?utm_source=b ... earchTerms}
SearchScopes: HKU\S-1-5-21-576956717-2421588013-1555960161-1000 -> {70461A29-C918-4675-942F-99A271FBB8BB} URL = hxxp://www.mystartsearch.com/web/?utm_source=b ... earchTerms}
SearchScopes: HKU\S-1-5-21-576956717-2421588013-1555960161-1000 -> {81169942-890B-4D3D-AE9F-4233F35CDBC8} URL = hxxp://www.mystartsearch.com/web/?utm_source=b ... earchTerms}
SearchScopes: HKU\S-1-5-21-576956717-2421588013-1555960161-1000 -> {895F1101-CAD0-4AB3-8926-C02FC864E7C6} URL = hxxp://www.mystartsearch.com/web/?utm_source=b ... earchTerms}
SearchScopes: HKU\S-1-5-21-576956717-2421588013-1555960161-1000 -> {9C9F1ACB-336C-4289-AF2B-BCD068F51BE0} URL = hxxp://www.mystartsearch.com/web/?utm_source=b ... earchTerms}
SearchScopes: HKU\S-1-5-21-576956717-2421588013-1555960161-1000 -> {AD1A17A5-4954-4DA6-B5BF-EC39EFAD55B4} URL = hxxp://www.mystartsearch.com/web/?utm_source=b ... earchTerms}
SearchScopes: HKU\S-1-5-21-576956717-2421588013-1555960161-1000 -> {B9A93900-551B-4182-ABAF-B5B7B64472FA} URL = hxxp://www.mystartsearch.com/web/?utm_source=b ... earchTerms}
SearchScopes: HKU\S-1-5-21-576956717-2421588013-1555960161-1000 -> {D63CA8E9-FADE-45E5-8F0F-206E7537B341} URL = hxxp://www.mystartsearch.com/web/?utm_source=b ... earchTerms}
SearchScopes: HKU\S-1-5-21-576956717-2421588013-1555960161-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.mystartsearch.com/web/?utm_source=b ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-31] (Oracle Corporation)
BHO: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-31] (Oracle Corporation)
BHO: °®ĆćŇŐÖúĘÖ -> {FB4F6285-4C32-49F2-950F-A5998F9CEC6C} -> C:\IQIYI Video\Common\Accelerator\IEHelper.dll [2015-04-29] (爱奇艺)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=14423 ... XXW1V14B5A

FireFox:
========
FF Plugin: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll [2015-05-12] ()
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [2015-04-29] (爱奇艺公司)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-31] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-31] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-11-10] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [No File]
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-576956717-2421588013-1555960161-1000: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [2015-04-29] (爱奇艺公司)
FF Plugin HKU\S-1-5-21-576956717-2421588013-1555960161-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Děti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=14423 ... XXW1V14B5A
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=14423 ... XXW1V14B5A"
CHR DefaultSearchURL: Default -> hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
CHR DefaultSearchKeyword: Default -> mystartsearch
CHR Profile: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-12]
CHR Extension: (Disk Google) - C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-12]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-08-12]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-08-12]
CHR Extension: (YouTube) - C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-12]
CHR Extension: (Vyhledávání Google) - C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-10]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-08-12]
CHR Extension: (CinemaPlus-3.2cV22.08) - C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-09-16]
CHR Extension: (Gmail) - C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2006-01-01]

Opera:
=======
OPR Extension: (shopping blast) - C:\Users\Děti\AppData\Roaming\Opera Software\Opera Stable\Extensions\igedipimcmoahbhifkbkaceemknpnmej [2015-04-01]
OPR Extension: (nbkekaeindpfpcoldfckljplboolgkfm) - C:\Users\Děti\AppData\Roaming\Opera Software\Opera Stable\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2015-04-01]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [814880 2015-04-03] (IObit)
R2 hurygire; C:\Users\Děti\AppData\Roaming\AC11364C-1424796770-DD11-A850-000EA68F7399\jnsy93FD.tmp [95232 2015-02-24] () [File not signed]
R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [878912 2015-04-02] (IObit)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2006-01-01] (IObit)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
R2 SDScannerService; C:\Antivir\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Antivir\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Antivir\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SSFK; C:\Program Files\SFK\SSFK.exe [452096 2015-09-15] (TODO: <公司名>) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 biwejizu; C:\Users\Děti\AppData\Roaming\AC11364C-1424796770-DD11-A850-000EA68F7399\nsg5B05.tmpfs [X]
S2 BrsHelper; C:\PROGRA~1\YTDOWN~1\BROWSE~2.EXE [X]
S2 Update Any Angle; no ImagePath
S2 Update Edu App; no ImagePath
S2 Util Edu App; no ImagePath

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Atheros Communications, Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-04-07] (REALiX(tm))
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [35776 2011-05-17] (http://libusb-win32.sourceforge.net)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2014-05-07] (Samsung Electronics) [File not signed]
R1 {36ed28a4-ac0a-4653-91ff-10beb4246550}Gw; C:\Windows\System32\drivers\{36ed28a4-ac0a-4653-91ff-10beb4246550}Gw.sys [43144 2015-05-28] (StdLib)
R1 {3f1219df-4a4d-40a3-9537-f2a95f4016b3}Gw; C:\Windows\System32\drivers\{3f1219df-4a4d-40a3-9537-f2a95f4016b3}Gw.sys [43144 2015-05-21] (StdLib)
R1 {42f8f729-2fa8-44bb-b01a-28c57a8162c7}Gw; C:\Windows\System32\drivers\{42f8f729-2fa8-44bb-b01a-28c57a8162c7}Gw.sys [43144 2015-06-07] (StdLib)
R1 {6d909b76-923e-432f-ae89-e484975cf5de}Gw; C:\Windows\System32\drivers\{6d909b76-923e-432f-ae89-e484975cf5de}Gw.sys [43120 2015-07-06] (StdLib)
R1 {6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}Gw; C:\Windows\System32\drivers\{6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}Gw.sys [43144 2015-05-25] (StdLib)
R1 {848705a5-8a27-403e-9b59-732d0608bcbc}Gw; C:\Windows\System32\drivers\{848705a5-8a27-403e-9b59-732d0608bcbc}Gw.sys [43144 2015-05-27] (StdLib)
R1 {ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw; C:\Windows\System32\drivers\{ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw.sys [43144 2015-06-04] (StdLib)
R1 {eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw; C:\Windows\System32\drivers\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw.sys [43144 2015-06-01] (StdLib)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\DTI~1\AppData\Local\Temp\catchme.sys [X]
S3 cpuz134; \??\C:\Users\DTI~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 esgiguard; no ImagePath
S2 sbmntr; \??\C:\PROGRA~1\YTDOWN~1\sbmntr.sys [X]
S2 SPDRIVER_1.42.1.2082; \??\C:\Program Files\ShopperPro\JSDriver\1.42.1.2082\jsdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-16 16:22 - 2015-09-16 16:23 - 00022018 _____ C:\Users\Děti\Desktop\FRST.txt
2015-09-16 16:22 - 2015-09-16 16:23 - 00000000 ____D C:\FRST
2015-09-16 16:21 - 2015-09-16 16:21 - 00000000 ___RD C:\Program Files\Skype
2015-09-16 16:21 - 2015-09-16 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-16 16:21 - 2015-09-16 16:21 - 00000000 ____D C:\Program Files\Common Files\Skype
2015-09-16 16:20 - 2015-09-16 14:06 - 00112640 _____ (forum.viry.cz) C:\Users\Děti\Desktop\FRSTLauncher (2).exe
2015-09-16 16:20 - 2015-09-16 13:48 - 01695232 _____ (Farbar) C:\Users\Děti\Desktop\FRST.exe
2015-09-15 23:45 - 2015-09-15 23:45 - 00000000 ____D C:\Users\Děti\AppData\Roaming\vypnepra
2015-09-15 18:38 - 2015-09-15 18:38 - 00613255 _____ (CMI Limited) C:\Users\Děti\AppData\Local\nsn8CA1.tmp
2015-09-15 18:27 - 2015-09-15 18:27 - 00000000 ____D C:\Program Files\SFK
2015-09-15 18:26 - 2015-09-15 18:27 - 00000000 ____D C:\ProgramData\tWdsManProt
2015-09-15 18:05 - 2015-09-15 18:05 - 00001698 _____ C:\Users\Děti\Desktop\Pop-Up Control Center.lnk
2015-09-15 18:05 - 2015-09-15 18:05 - 00000771 _____ C:\Users\Děti\Desktop\Pop-Up Stopper Free Edition.lnk
2015-09-15 18:05 - 2015-09-15 18:05 - 00000000 ____D C:\Users\Děti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Panicware
2015-09-15 18:05 - 2015-09-15 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panicware
2015-09-15 17:55 - 2015-09-16 16:18 - 00000112 _____ C:\Windows\setupact.log
2015-09-15 17:55 - 2015-09-15 17:55 - 00000000 _____ C:\Windows\setuperr.log
2015-09-15 17:54 - 2015-09-16 16:17 - 00011712 _____ C:\Windows\PFRO.log
2015-09-15 17:51 - 2015-09-15 17:51 - 00000000 ____D C:\Users\Děti\AppData\Roaming\Microsoft\Windows\Start Menu\avast! Browser Cleanup
2015-09-15 17:51 - 2015-09-15 17:51 - 00000000 ____D C:\Users\Děti\AppData\Roaming\AVAST Software
2015-09-15 17:29 - 2015-09-15 17:30 - 00003169 _____ C:\Windows\wininit.ini
2015-09-15 16:40 - 2015-09-15 16:40 - 00003600 _____ C:\AdwCleaner[S2].txt
2015-09-15 16:33 - 2015-09-15 16:33 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-15 16:32 - 2015-09-15 16:32 - 00003454 _____ C:\AdwCleaner[R1].txt
2015-09-15 16:32 - 2015-09-15 16:32 - 00000317 _____ C:\AdwCleaner[S1].txt
2015-09-15 16:32 - 2015-09-15 16:32 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2015-09-15 16:23 - 2015-09-15 16:23 - 00000000 ____D C:\Users\Děti\AppData\Roaming\Malwarebytes
2015-09-15 16:22 - 2015-09-15 16:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-15 16:20 - 2015-09-15 17:28 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-09-15 16:20 - 2015-09-15 16:20 - 00001882 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-09-15 16:20 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2015-09-15 16:17 - 2015-09-15 18:05 - 00000000 ____D C:\Antivir
2015-09-15 16:17 - 2015-09-15 16:17 - 00000752 _____ C:\Users\Děti\Desktop\Vaness – zástupce.lnk
2015-09-15 16:16 - 2015-09-15 16:16 - 00000732 _____ C:\Users\Děti\Desktop\Petr – zástupce.lnk
2015-09-15 16:14 - 2015-09-15 22:22 - 00000675 _____ C:\Users\Děti\Desktop\Andrea – zástupce.lnk
2015-09-15 16:12 - 2015-09-15 16:16 - 00000664 _____ C:\Users\Děti\Desktop\Music – zástupce.lnk
2015-09-10 04:31 - 2015-09-10 04:31 - 00000000 ____D C:\Users\Děti\AppData\Local\Plugin Camera
2015-09-09 17:15 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 17:15 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 17:15 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-09 17:15 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-09 17:15 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 17:15 - 2015-08-05 19:40 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-09 17:14 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-09 17:14 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 17:14 - 2015-09-02 04:48 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-09 17:14 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-09 17:14 - 2015-09-02 03:36 - 02384896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 17:14 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 17:14 - 2015-08-05 19:41 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 17:14 - 2015-08-04 19:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-09 17:14 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 17:14 - 2015-08-04 19:47 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 17:14 - 2015-08-04 19:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 17:14 - 2015-08-04 19:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 17:14 - 2015-08-04 18:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-09 17:13 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 17:13 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 17:13 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-09 17:13 - 2015-08-15 07:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 17:13 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 17:13 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-09 17:13 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-09 17:13 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-09 17:13 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-09 17:13 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 17:13 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-09 17:13 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-09 17:13 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-09 17:13 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 17:13 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-09 17:13 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-09 17:13 - 2015-08-15 07:29 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-09 17:13 - 2015-08-15 07:24 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 17:13 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-09 17:13 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 17:13 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-09 17:13 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-09 17:13 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-09 17:13 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 17:13 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 17:13 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 17:13 - 2015-08-15 07:02 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 17:13 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 17:13 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-09 17:13 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 17:13 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 17:13 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 17:09 - 2015-08-26 19:56 - 02953728 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 17:09 - 2015-08-26 19:56 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 17:09 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 17:09 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 17:09 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 17:09 - 2015-08-26 19:56 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-09 17:09 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-09 17:09 - 2015-08-26 19:55 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 17:09 - 2015-08-26 19:55 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-09 17:09 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 17:09 - 2015-08-26 19:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 16:29 - 2015-09-16 16:18 - 00002432 _____ C:\Windows\Tasks\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-5.job
2015-09-09 16:29 - 2015-09-09 16:29 - 00002432 _____ C:\Windows\Tasks\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-5_user.job
2015-09-09 16:28 - 2015-09-16 16:18 - 00003460 _____ C:\Windows\Tasks\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-1-7.job
2015-09-09 16:28 - 2015-09-16 16:18 - 00003124 _____ C:\Windows\Tasks\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-1-6.job
2015-09-09 16:26 - 2015-09-16 16:18 - 00005504 _____ C:\Windows\Tasks\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-7.job
2015-09-09 16:26 - 2015-09-16 16:18 - 00005504 _____ C:\Windows\Tasks\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-6.job
2015-09-09 16:26 - 2015-09-16 16:18 - 00000956 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-09-09 16:26 - 2015-09-16 16:15 - 00000960 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-09-09 16:26 - 2015-09-09 16:27 - 00000000 ____D C:\Program Files\655c1c4b-3f66-4018-bb42-dfe021eac02e
2015-09-09 16:25 - 2015-09-16 16:18 - 00004480 _____ C:\Windows\Tasks\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-3.job
2015-09-09 16:25 - 2015-09-09 16:29 - 00000000 ____D C:\Program Files\CinemaPlus-3.2cV09.09
2015-09-09 16:25 - 2015-09-09 16:25 - 00002098 _____ C:\Windows\Tasks\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-10_user.job
2015-09-09 16:23 - 2015-09-09 16:23 - 00613255 _____ (CMI Limited) C:\Users\Děti\AppData\Local\nsc7A2C.tmp
2015-09-09 16:22 - 2015-09-16 16:22 - 00001034 _____ C:\Windows\Tasks\MyBrowser.job
2015-09-09 16:22 - 2015-09-09 16:22 - 00000000 ____D C:\Users\Děti\AppData\Local\MyBrowser
2015-09-09 16:20 - 2015-09-09 16:20 - 00000000 ____D C:\Program Files\MyBrowser
2015-09-09 16:19 - 2015-09-15 18:26 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-09-09 16:19 - 2015-09-09 16:20 - 00000000 ____D C:\ProgramData\2WdsManPro2
2015-09-09 16:19 - 2015-09-09 16:19 - 00000000 ____D C:\Users\Děti\AppData\Roaming\mystartsearch
2015-08-29 17:02 - 2015-08-29 17:02 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-08-29 17:02 - 2015-08-29 17:02 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-08-29 17:02 - 2015-08-29 17:02 - 00105408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-08-29 17:02 - 2015-08-29 17:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-08-29 17:02 - 2015-08-29 17:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 03989952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-08-29 17:01 - 2015-08-29 17:01 - 03934656 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-29 17:01 - 2015-08-29 17:01 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-29 17:01 - 2015-08-29 17:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-29 17:01 - 2015-08-29 17:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-29 17:01 - 2015-08-29 17:01 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-29 17:01 - 2015-08-29 17:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-29 17:01 - 2015-08-29 17:01 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-29 17:01 - 2015-08-29 17:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-29 17:01 - 2015-08-29 17:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-29 17:01 - 2015-08-29 17:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-29 17:01 - 2015-08-29 17:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-29 17:01 - 2015-08-29 17:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-29 16:59 - 2015-08-29 16:59 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-08-27 23:00 - 2015-08-27 23:00 - 00000000 ____D C:\Users\Děti\AppData\Roaming\gxealywx
2015-08-25 11:22 - 2015-08-25 11:22 - 00000000 ____D C:\Users\Děti\AppData\Roaming\aapzlitg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-16 16:21 - 2014-11-10 13:48 - 00000000 ____D C:\Users\Děti\AppData\Roaming\Skype
2015-09-16 16:21 - 2014-11-10 13:48 - 00000000 ____D C:\ProgramData\Skype
2015-09-16 16:20 - 2015-04-20 14:36 - 00000829 _____ C:\Users\Děti\rgut
2015-09-16 16:19 - 2014-11-10 13:25 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-16 16:18 - 2015-07-07 12:28 - 00002434 _____ C:\Windows\Tasks\2b5f01be-cce3-44b7-9889-162944b01d51-5.job
2015-09-16 16:18 - 2015-07-07 12:27 - 00005506 _____ C:\Windows\Tasks\2b5f01be-cce3-44b7-9889-162944b01d51-7.job
2015-09-16 16:18 - 2015-07-07 12:27 - 00005506 _____ C:\Windows\Tasks\2b5f01be-cce3-44b7-9889-162944b01d51-6.job
2015-09-16 16:18 - 2015-07-07 12:27 - 00003126 _____ C:\Windows\Tasks\2b5f01be-cce3-44b7-9889-162944b01d51-1-7.job
2015-09-16 16:18 - 2015-07-07 12:27 - 00003126 _____ C:\Windows\Tasks\2b5f01be-cce3-44b7-9889-162944b01d51-1-6.job
2015-09-16 16:18 - 2015-07-07 12:11 - 00003778 _____ C:\Windows\Tasks\778d3dab-180b-46f2-b68b-406eca7c6f90-1-7.job
2015-09-16 16:18 - 2015-07-07 12:11 - 00003434 _____ C:\Windows\Tasks\778d3dab-180b-46f2-b68b-406eca7c6f90-1-6.job
2015-09-16 16:18 - 2015-07-07 12:11 - 00003428 _____ C:\Windows\Tasks\1404b271-27f4-45cf-aa02-c20ab5416857-1-6.job
2015-09-16 16:18 - 2015-07-07 12:11 - 00002750 _____ C:\Windows\Tasks\778d3dab-180b-46f2-b68b-406eca7c6f90-5.job
2015-09-16 16:18 - 2015-07-07 12:11 - 00002744 _____ C:\Windows\Tasks\1404b271-27f4-45cf-aa02-c20ab5416857-5.job
2015-09-16 16:18 - 2015-07-07 12:10 - 00005822 _____ C:\Windows\Tasks\778d3dab-180b-46f2-b68b-406eca7c6f90-7.job
2015-09-16 16:18 - 2015-07-07 12:10 - 00005822 _____ C:\Windows\Tasks\778d3dab-180b-46f2-b68b-406eca7c6f90-6.job
2015-09-16 16:18 - 2015-07-07 12:10 - 00003428 _____ C:\Windows\Tasks\1404b271-27f4-45cf-aa02-c20ab5416857-1-7.job
2015-09-16 16:18 - 2015-07-07 12:09 - 00005816 _____ C:\Windows\Tasks\1404b271-27f4-45cf-aa02-c20ab5416857-7.job
2015-09-16 16:18 - 2015-07-07 12:09 - 00005816 _____ C:\Windows\Tasks\1404b271-27f4-45cf-aa02-c20ab5416857-6.job
2015-09-16 16:18 - 2015-07-07 11:42 - 00000364 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-09-16 16:18 - 2015-07-07 11:42 - 00000364 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-09-16 16:18 - 2015-06-01 17:10 - 00005470 _____ C:\Windows\Tasks\8b945b91-3180-42ac-8e48-d79db894c101-7.job
2015-09-16 16:18 - 2015-06-01 17:10 - 00005470 _____ C:\Windows\Tasks\8b945b91-3180-42ac-8e48-d79db894c101-6.job
2015-09-16 16:18 - 2015-06-01 17:10 - 00004446 _____ C:\Windows\Tasks\8b945b91-3180-42ac-8e48-d79db894c101-3.job
2015-09-16 16:18 - 2015-06-01 17:10 - 00003426 _____ C:\Windows\Tasks\8b945b91-3180-42ac-8e48-d79db894c101-1-7.job
2015-09-16 16:18 - 2015-06-01 17:10 - 00003090 _____ C:\Windows\Tasks\8b945b91-3180-42ac-8e48-d79db894c101-1-6.job
2015-09-16 16:18 - 2015-06-01 17:10 - 00002398 _____ C:\Windows\Tasks\8b945b91-3180-42ac-8e48-d79db894c101-5.job
2015-09-16 16:18 - 2015-06-01 16:34 - 00003124 _____ C:\Windows\Tasks\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-1-6.job
2015-09-16 16:18 - 2015-06-01 16:34 - 00002432 _____ C:\Windows\Tasks\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-5.job
2015-09-16 16:18 - 2015-06-01 16:33 - 00005504 _____ C:\Windows\Tasks\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-7.job
2015-09-16 16:18 - 2015-06-01 16:33 - 00005504 _____ C:\Windows\Tasks\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-6.job
2015-09-16 16:18 - 2015-06-01 16:33 - 00004480 _____ C:\Windows\Tasks\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-3.job
2015-09-16 16:18 - 2015-06-01 16:33 - 00003460 _____ C:\Windows\Tasks\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-1-7.job
2015-09-16 16:18 - 2015-05-21 17:33 - 00003426 _____ C:\Windows\Tasks\87b494d9-14de-43dd-9db8-23f9f52e9284-1-7.job
2015-09-16 16:18 - 2015-05-21 17:33 - 00003090 _____ C:\Windows\Tasks\87b494d9-14de-43dd-9db8-23f9f52e9284-1-6.job
2015-09-16 16:18 - 2015-05-21 17:33 - 00002432 _____ C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-5.job
2015-09-16 16:18 - 2015-05-21 17:33 - 00002398 _____ C:\Windows\Tasks\87b494d9-14de-43dd-9db8-23f9f52e9284-5.job
2015-09-16 16:18 - 2015-05-21 17:32 - 00005504 _____ C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-6.job
2015-09-16 16:18 - 2015-05-21 17:32 - 00005470 _____ C:\Windows\Tasks\87b494d9-14de-43dd-9db8-23f9f52e9284-7.job
2015-09-16 16:18 - 2015-05-21 17:32 - 00005470 _____ C:\Windows\Tasks\87b494d9-14de-43dd-9db8-23f9f52e9284-6.job
2015-09-16 16:18 - 2015-05-21 17:32 - 00005168 _____ C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-7.job
2015-09-16 16:18 - 2015-05-21 17:32 - 00004480 _____ C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-3.job
2015-09-16 16:18 - 2015-05-21 17:32 - 00004446 _____ C:\Windows\Tasks\87b494d9-14de-43dd-9db8-23f9f52e9284-3.job
2015-09-16 16:18 - 2015-05-21 17:32 - 00003460 _____ C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-1-7.job
2015-09-16 16:18 - 2015-05-21 17:32 - 00003124 _____ C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-1-6.job
2015-09-16 16:18 - 2015-05-21 17:30 - 00001042 _____ C:\Windows\Tasks\Crossbrowse.job
2015-09-16 16:18 - 2015-04-01 14:57 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-09-16 16:18 - 2015-04-01 13:57 - 00001324 _____ C:\Windows\Tasks\shopping_blast_notification_service.job
2015-09-16 16:18 - 2015-04-01 13:57 - 00000686 _____ C:\Windows\Tasks\shopping_blast_updating_service.job
2015-09-16 16:18 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-16 16:18 - 2006-01-01 01:41 - 00005504 _____ C:\Windows\Tasks\4932de55-3c05-4eae-8ee3-4b49051925f0-7.job
2015-09-16 16:18 - 2006-01-01 01:41 - 00005504 _____ C:\Windows\Tasks\4932de55-3c05-4eae-8ee3-4b49051925f0-6.job
2015-09-16 16:18 - 2006-01-01 01:41 - 00003460 _____ C:\Windows\Tasks\4932de55-3c05-4eae-8ee3-4b49051925f0-1-7.job
2015-09-16 16:18 - 2006-01-01 01:41 - 00003124 _____ C:\Windows\Tasks\4932de55-3c05-4eae-8ee3-4b49051925f0-1-6.job
2015-09-16 16:18 - 2006-01-01 01:41 - 00002432 _____ C:\Windows\Tasks\4932de55-3c05-4eae-8ee3-4b49051925f0-5.job
2015-09-16 16:18 - 2006-01-01 01:41 - 00000000 ____D C:\qycache
2015-09-16 16:18 - 2006-01-01 01:40 - 00004480 _____ C:\Windows\Tasks\4932de55-3c05-4eae-8ee3-4b49051925f0-3.job
2015-09-16 16:16 - 2014-11-10 13:25 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-16 16:16 - 2009-07-14 06:34 - 00028960 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-16 16:16 - 2009-07-14 06:34 - 00028960 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-16 16:15 - 2015-07-07 12:14 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-16 16:15 - 2015-07-07 11:42 - 00000366 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-09-16 07:30 - 2014-11-10 14:25 - 00000000 ____D C:\Andrea
2015-09-15 18:39 - 2006-01-01 01:57 - 00001003 _____ C:\Users\Děti\Desktop\AnyProtect.lnk
2015-09-15 17:54 - 2015-05-21 17:32 - 00000000 ____D C:\Program Files\GoHD
2015-09-15 17:52 - 2015-07-07 12:09 - 00000000 ____D C:\Program Files\globalUpdate
2015-09-15 17:52 - 2014-11-10 13:12 - 00000000 ____D C:\Users\Děti\AppData\Local\VirtualStore
2015-09-15 17:29 - 2015-05-21 17:30 - 00000000 ____D C:\Users\Děti\AppData\Roaming\systweak
2015-09-15 16:16 - 2015-02-11 21:43 - 00000000 ____D C:\Users\Děti\AppData\Roaming\Seznam.cz
2015-09-15 16:12 - 2015-04-07 17:15 - 00000000 ____D C:\ProgramData\ProductData
2015-09-14 22:08 - 2010-11-20 23:01 - 01582262 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-14 21:50 - 2014-11-10 14:25 - 00000000 ____D C:\Petr
2015-09-14 18:37 - 2015-04-19 12:59 - 00002127 _____ C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-09-14 18:37 - 2014-11-10 13:25 - 00000000 ____D C:\Users\Děti\AppData\Local\Google
2015-09-10 03:40 - 2009-07-14 06:33 - 00408304 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-10 03:38 - 2011-04-12 03:46 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 03:23 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-09-10 03:22 - 2015-04-29 21:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-10 03:16 - 2014-11-13 11:21 - 00000000 ____D C:\Windows\system32\MRT
2015-09-09 16:27 - 2015-06-01 17:10 - 00000000 ____D C:\Program Files\4ed4593d-f794-4aa3-be25-85801decff39
2015-09-09 16:11 - 2015-04-19 13:49 - 00000000 ____D C:\Users\Děti\Documents\Scan
2015-09-09 15:50 - 2015-04-07 17:22 - 67268608 _____ C:\Windows\system32\config\SOFTWARE.iobit
2015-09-09 15:50 - 2015-04-07 17:22 - 30883840 _____ C:\Windows\system32\config\COMPONENTS.iobit
2015-09-09 15:50 - 2015-04-07 17:22 - 00634880 _____ C:\Windows\system32\config\DEFAULT.iobit
2015-09-09 15:50 - 2015-04-07 17:22 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
2015-09-09 15:50 - 2015-04-07 17:22 - 00024576 _____ C:\Windows\system32\config\SAM.iobit
2015-08-29 16:57 - 2015-07-07 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2015-08-28 10:45 - 2015-03-02 17:50 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-08-26 18:36 - 2014-11-13 11:21 - 132039072 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-25 16:34 - 2015-03-31 15:50 - 00000000 ____D C:\Users\Děti\AppData\Roaming\.minecraft
2015-08-25 05:57 - 2006-01-01 01:24 - 00000000 ____D C:\Windows\Panther
2015-08-25 05:51 - 2015-07-10 15:47 - 00000000 ___HD C:\$Windows.~BT
2015-08-25 03:19 - 2009-07-14 06:53 - 00032598 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Děti\AppData\Roaming\4SBecGv6NAfgXw35
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Děti\AppData\Roaming\FHvsoV21w8qzXWAiwrj4A6JELe
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Děti\AppData\Roaming\FHvsoV21w8qzXWAiwrj4A6JELe.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Děti\AppData\Roaming\qNnL5e1tlXModgbT
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Děti\AppData\Roaming\qNnL5e1tlXModgbT.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Děti\AppData\Roaming\Tlx3786Zc0y4BM
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Děti\AppData\Roaming\Tlx3786Zc0y4BM.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Děti\AppData\Roaming\Vwus3HYdx
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Děti\AppData\Roaming\Vwus3HYdx.exe
2015-09-09 16:23 - 2015-09-09 16:23 - 0613255 _____ (CMI Limited) C:\Users\Děti\AppData\Local\nsc7A2C.tmp
2015-07-07 11:41 - 2015-07-07 11:41 - 0613255 _____ (CMI Limited) C:\Users\Děti\AppData\Local\nse6C34.tmp
2015-06-13 20:50 - 2015-06-13 20:50 - 0613255 _____ (CMI Limited) C:\Users\Děti\AppData\Local\nsf8C4.tmp
2015-06-08 19:00 - 2015-06-08 19:00 - 0613255 _____ (CMI Limited) C:\Users\Děti\AppData\Local\nsi7DF0.tmp
2015-06-01 17:12 - 2015-06-01 17:11 - 0613255 _____ (CMI Limited) C:\Users\Děti\AppData\Local\nsk1285.tmp
2015-09-15 18:38 - 2015-09-15 18:38 - 0613255 _____ (CMI Limited) C:\Users\Děti\AppData\Local\nsn8CA1.tmp
2015-06-17 18:24 - 2015-06-17 18:24 - 0613255 _____ (CMI Limited) C:\Users\Děti\AppData\Local\nsx7976.tmp
2015-05-21 20:06 - 2015-05-21 20:06 - 0613255 _____ (CMI Limited) C:\Users\Děti\AppData\Local\nsx9C64.tmp
2006-01-01 01:56 - 2006-01-01 01:56 - 0613255 _____ (CMI Limited) C:\Users\Děti\AppData\Local\nsz8DB9.tmp
2015-09-09 16:19 - 2015-09-15 18:26 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Some files in TEMP:
====================
C:\Users\Děti\AppData\Local\temp\3511.exe
C:\Users\Děti\AppData\Local\temp\986.exe
C:\Users\Děti\AppData\Local\temp\fsd953E.exe
C:\Users\Děti\AppData\Local\temp\fsdBF80.exe
C:\Users\Děti\AppData\Local\temp\Uninstall.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\1404b271-27f4-45cf-aa02-c20ab5416857-1-6.job => C:\Program Files\Sense\1404b271-27f4-45cf-aa02-c20ab5416857-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\1404b271-27f4-45cf-aa02-c20ab5416857-1-7.job => C:\Program Files\Sense\1404b271-27f4-45cf-aa02-c20ab5416857-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\1404b271-27f4-45cf-aa02-c20ab5416857-5.job => C:\Program Files\Sense\1404b271-27f4-45cf-aa02-c20ab5416857-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\1404b271-27f4-45cf-aa02-c20ab5416857-5_user.job => C:\Program Files\Sense\1404b271-27f4-45cf-aa02-c20ab5416857-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\1404b271-27f4-45cf-aa02-c20ab5416857-6.job => C:\Program Files\Sense\1404b271-27f4-45cf-aa02-c20ab5416857-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\1404b271-27f4-45cf-aa02-c20ab5416857-7.job => C:\Program Files\Sense\1404b271-27f4-45cf-aa02-c20ab5416857-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\2b5f01be-cce3-44b7-9889-162944b01d51-1-6.job => C:\Program Files\Internet Speed Checker\2b5f01be-cce3-44b7-9889-162944b01d51-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\2b5f01be-cce3-44b7-9889-162944b01d51-1-7.job => C:\Program Files\Internet Speed Checker\2b5f01be-cce3-44b7-9889-162944b01d51-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\2b5f01be-cce3-44b7-9889-162944b01d51-10_user.job => C:\Program Files\Internet Speed Checker\2b5f01be-cce3-44b7-9889-162944b01d51-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\2b5f01be-cce3-44b7-9889-162944b01d51-5.job => C:\Program Files\Internet Speed Checker\2b5f01be-cce3-44b7-9889-162944b01d51-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\2b5f01be-cce3-44b7-9889-162944b01d51-5_user.job => C:\Program Files\Internet Speed Checker\2b5f01be-cce3-44b7-9889-162944b01d51-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\2b5f01be-cce3-44b7-9889-162944b01d51-6.job => C:\Program Files\Internet Speed Checker\2b5f01be-cce3-44b7-9889-162944b01d51-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\2b5f01be-cce3-44b7-9889-162944b01d51-7.job => C:\Program Files\Internet Speed Checker\2b5f01be-cce3-44b7-9889-162944b01d51-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\4932de55-3c05-4eae-8ee3-4b49051925f0-1-6.job => C:\Program Files\CinemaPlus-3.2cV22.08\4932de55-3c05-4eae-8ee3-4b49051925f0-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\4932de55-3c05-4eae-8ee3-4b49051925f0-1-7.job => C:\Program Files\CinemaPlus-3.2cV22.08\4932de55-3c05-4eae-8ee3-4b49051925f0-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\4932de55-3c05-4eae-8ee3-4b49051925f0-10_user.job => C:\Program Files\CinemaPlus-3.2cV22.08\4932de55-3c05-4eae-8ee3-4b49051925f0-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\4932de55-3c05-4eae-8ee3-4b49051925f0-3.job => C:\Program Files\CinemaPlus-3.2cV22.08\4932de55-3c05-4eae-8ee3-4b49051925f0-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\4932de55-3c05-4eae-8ee3-4b49051925f0-5.job => C:\Program Files\CinemaPlus-3.2cV22.08\4932de55-3c05-4eae-8ee3-4b49051925f0-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\4932de55-3c05-4eae-8ee3-4b49051925f0-5_user.job => C:\Program Files\CinemaPlus-3.2cV22.08\4932de55-3c05-4eae-8ee3-4b49051925f0-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\4932de55-3c05-4eae-8ee3-4b49051925f0-6.job => C:\Program Files\CinemaPlus-3.2cV22.08\4932de55-3c05-4eae-8ee3-4b49051925f0-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\4932de55-3c05-4eae-8ee3-4b49051925f0-7.job => C:\Program Files\CinemaPlus-3.2cV22.08\4932de55-3c05-4eae-8ee3-4b49051925f0-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\778d3dab-180b-46f2-b68b-406eca7c6f90-1-6.job => C:\Program Files\Ge-Force\778d3dab-180b-46f2-b68b-406eca7c6f90-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\778d3dab-180b-46f2-b68b-406eca7c6f90-1-7.job => C:\Program Files\Ge-Force\778d3dab-180b-46f2-b68b-406eca7c6f90-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\778d3dab-180b-46f2-b68b-406eca7c6f90-10_user.job => C:\Program Files\Ge-Force\778d3dab-180b-46f2-b68b-406eca7c6f90-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\778d3dab-180b-46f2-b68b-406eca7c6f90-5.job => C:\Program Files\Ge-Force\778d3dab-180b-46f2-b68b-406eca7c6f90-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\778d3dab-180b-46f2-b68b-406eca7c6f90-5_user.job => C:\Program Files\Ge-Force\778d3dab-180b-46f2-b68b-406eca7c6f90-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\778d3dab-180b-46f2-b68b-406eca7c6f90-6.job => C:\Program Files\Ge-Force\778d3dab-180b-46f2-b68b-406eca7c6f90-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\778d3dab-180b-46f2-b68b-406eca7c6f90-7.job => C:\Program Files\Ge-Force\778d3dab-180b-46f2-b68b-406eca7c6f90-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\87b494d9-14de-43dd-9db8-23f9f52e9284-1-6.job => C:\Program Files\GoHD\87b494d9-14de-43dd-9db8-23f9f52e9284-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\87b494d9-14de-43dd-9db8-23f9f52e9284-1-7.job => C:\Program Files\GoHD\87b494d9-14de-43dd-9db8-23f9f52e9284-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\87b494d9-14de-43dd-9db8-23f9f52e9284-10_user.job => C:\Program Files\GoHD\87b494d9-14de-43dd-9db8-23f9f52e9284-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\87b494d9-14de-43dd-9db8-23f9f52e9284-3.job => C:\Program Files\GoHD\87b494d9-14de-43dd-9db8-23f9f52e9284-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\87b494d9-14de-43dd-9db8-23f9f52e9284-5.job => C:\Program Files\GoHD\87b494d9-14de-43dd-9db8-23f9f52e9284-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\87b494d9-14de-43dd-9db8-23f9f52e9284-5_user.job => C:\Program Files\GoHD\87b494d9-14de-43dd-9db8-23f9f52e9284-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\87b494d9-14de-43dd-9db8-23f9f52e9284-6.job => C:\Program Files\GoHD\87b494d9-14de-43dd-9db8-23f9f52e9284-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\87b494d9-14de-43dd-9db8-23f9f52e9284-7.job => C:\Program Files\GoHD\87b494d9-14de-43dd-9db8-23f9f52e9284-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\8b945b91-3180-42ac-8e48-d79db894c101-1-6.job => C:\Program Files\GoHD\8b945b91-3180-42ac-8e48-d79db894c101-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\8b945b91-3180-42ac-8e48-d79db894c101-1-7.job => C:\Program Files\GoHD\8b945b91-3180-42ac-8e48-d79db894c101-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\8b945b91-3180-42ac-8e48-d79db894c101-10_user.job => C:\Program Files\GoHD\8b945b91-3180-42ac-8e48-d79db894c101-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\8b945b91-3180-42ac-8e48-d79db894c101-3.job => C:\Program Files\GoHD\8b945b91-3180-42ac-8e48-d79db894c101-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\8b945b91-3180-42ac-8e48-d79db894c101-5.job => C:\Program Files\GoHD\8b945b91-3180-42ac-8e48-d79db894c101-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\8b945b91-3180-42ac-8e48-d79db894c101-5_user.job => C:\Program Files\GoHD\8b945b91-3180-42ac-8e48-d79db894c101-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\8b945b91-3180-42ac-8e48-d79db894c101-6.job => C:\Program Files\GoHD\8b945b91-3180-42ac-8e48-d79db894c101-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\8b945b91-3180-42ac-8e48-d79db894c101-7.job => C:\Program Files\GoHD\8b945b91-3180-42ac-8e48-d79db894c101-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-1-6.job => C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-1-7.job => C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-10_user.job => C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-3.job => C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-5.job => C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-5_user.job => C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-6.job => C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-7.job => C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\Crossbrowse.job => C:\Program Files\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: C:\Windows\Tasks\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-1-6.job => C:\Program Files\CinemaPlus-3.2cV09.09\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-1-7.job => C:\Program Files\CinemaPlus-3.2cV09.09\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-10_user.job => C:\Program Files\CinemaPlus-3.2cV09.09\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-3.job => C:\Program Files\CinemaPlus-3.2cV09.09\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-5.job => C:\Program Files\CinemaPlus-3.2cV09.09\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-5_user.job => C:\Program Files\CinemaPlus-3.2cV09.09\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-6.job => C:\Program Files\CinemaPlus-3.2cV09.09\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-7.job => C:\Program Files\CinemaPlus-3.2cV09.09\ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-1-6.job => C:\Program Files\CinemaPlus-3.2cV01.06\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-1-7.job => C:\Program Files\CinemaPlus-3.2cV01.06\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-10_user.job => C:\Program Files\CinemaPlus-3.2cV01.06\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-3.job => C:\Program Files\CinemaPlus-3.2cV01.06\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-5.job => C:\Program Files\CinemaPlus-3.2cV01.06\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-5_user.job => C:\Program Files\CinemaPlus-3.2cV01.06\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-6.job => C:\Program Files\CinemaPlus-3.2cV01.06\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-7.job => C:\Program Files\CinemaPlus-3.2cV01.06\ff3c79e4-2680-4bcd-ac63-ab1da95530b8-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MyBrowser.job => C:\Program Files\MyBrowser\MyBrowser\Application\utility.exe
Task: C:\Windows\Tasks\shopping_blast_notification_service.job => C:\Program Files\shopping blast\shopping_blast_notification_service.exeǪ/url='http:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='shopping blast' /appid='73143' /srcid='2913' /bic='9ffd2fd3eb3ab651b6f59323b2de435d' /verifier='f46648d1add624cd224793397fd3e7d2' /installerversion='1.50.3.10' /statsdomain='http:/stats.buildomserv.com/data.gif?' /errorsdomain='http:/stats.buildomserv.com/data.gif?' /monetizationdomain='http:/logs.buildomserv.com/monetization.gif <==== ATTENTION
Task: C:\Windows\Tasks\shopping_blast_updating_service.job => C:\Program Files\shopping blast\shopping_blast_updating_service.exe¯ /campid=2913 /verid=1 /url=http:/cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=shopping_blast_updating_service /funurl=http:/stats.buildomserv.com <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: IObit Malware Fighter (Disabled - Out of date) {A751AC20-3B48-5237-898A-78C4436BB78D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\D�ti\Desktop" je 6678 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Antivir\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Antivir\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\\Antivir\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Antivir\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Antivir\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Antivir\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Antivir\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Antivir\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Prosím o radu a kontrolu logu

Napsal: 16 zář 2015 19:07
od altrok
:arrow: Tolik haveti jsem dlouho nevidel :97: Cisteni jste provedl zastarolou verzi AdwCleaneru - postupujte proto dle navodu nize.
:arrow: Odinstalujte starou a zranitelnou verzi javy. Pokud javu potrebujete, pak nainstalujte novou z java.com - pozor na adware pri jeji instalaci http://forum.viry.cz/viewtopic.php?p=1374438#p1374438 . Z hlediska bezpecnosti (exploity) je lepsi ji nemit. Verze Javy, ktere v PC mate nainstalovane:
  • Java 8 Update 40

:arrow: Velikost plochy by nemela presahovat 200 MB. Zpomaluje se pak start i samotny chod celeho PC. Doporucuji hlavne velke soubory a slozky premistit napr. do Dokumentu a na plochu umistit pouze zastupce.


:arrow: Odinstalujte
  • Spybot - Search & Destroy 2
  • Seznam Software - pokud nepouzivate, protoze velice casto byva instalovan jako adware
  • Advanced System Care a dale i ostatni produkty od IObitu. Jsou to cinske smejdy, ktere svou karieru zapocaly kradezi databaze spolecnosti Malwarebytes a navic pri nekterych "opravach" timto produktem nekolikrat doslo k nakopnuti operacniho systemu takovym zpusobem, ze vse zcela vyresil az kompletni reinstall. Obecne jsem proti vsem zrychlovacum a optimizerum krome nekolik let odzkouseneho CCleaneru, ktery je v defaultnim nastaveni neskodny.

Re: Prosím o radu a kontrolu logu

Napsal: 17 zář 2015 17:44
od Psych0p4th
Tak vše uděláno dle návodu - při letmé zkoušce brouzdání po internetu rozhodně zlepšeno - již bez pop up oken.

Log z Adware:

# Updated 08/09/2015 by Xplode
# Database : 2015-09-15.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Děti - DĚTI-PC
# Running from : C:\Users\Děti\Desktop\adwcleaner_5.007.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : BrsHelper
[-] Service Deleted : sbmntr
[-] Service Deleted : SSFK
[-] Service Deleted : biwejizu
[-] Service Deleted : hurygire
[-] Service Deleted : Update Any Angle
[-] Service Deleted : Update Edu App
[-] Service Deleted : Util Edu App
[-] Service Deleted : SPDRIVER_1.42.1.2082

***** [ Folders ] *****

[-] Folder Deleted : C:\IQIYI Video
[-] Folder Deleted : C:\Program Files\AnyProtectEx
[-] Folder Deleted : C:\Program Files\globalUpdate
[-] Folder Deleted : C:\Program Files\Sense
[-] Folder Deleted : C:\Program Files\GoHD
[-] Folder Deleted : C:\Program Files\Crossbrowse
[-] Folder Deleted : C:\Program Files\shopping blast
[-] Folder Deleted : C:\Program Files\SFK
[-] Folder Deleted : C:\Program Files\MyBrowser
[!] Folder Not Deleted : C:\Program Files\shopping blast
[-] Folder Deleted : C:\Program Files\CinemaPlus-3.2cV01.06
[-] Folder Deleted : C:\Program Files\CinemaPlus-3.2cV09.09
[-] Folder Deleted : C:\Program Files\CinemaPlus-3.2cV21.05
[-] Folder Deleted : C:\Program Files\CinemaPlus-3.2cV22.08
[!] Folder Not Deleted : C:\Program Files\Crossbrowse
[!] Folder Not Deleted : C:\Program Files\GoHD
[!] Folder Not Deleted : C:\Program Files\MyBrowser
[!] Folder Not Deleted : C:\Program Files\Sense
[-] Folder Deleted : C:\ProgramData\Systweak
[-] Folder Deleted : C:\ProgramData\IHProtectUpDate
[-] Folder Deleted : C:\ProgramData\IQIYI Video
[-] Folder Deleted : C:\ProgramData\2WdsManPro2
[-] Folder Deleted : C:\ProgramData\tWdsManProt
[-] Folder Deleted : C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[-] Folder Deleted : C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector
[-] Folder Deleted : C:\Users\Děti\SupTab
[-] Folder Deleted : C:\Users\Děti\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Děti\AppData\Local\BrowserHelper
[-] Folder Deleted : C:\Users\Děti\AppData\Local\Crossbrowse
[-] Folder Deleted : C:\Users\Děti\AppData\Local\Windesk_Winsearch
[-] Folder Deleted : C:\Users\Děti\AppData\Local\SysassistByHotWheel
[-] Folder Deleted : C:\Users\Děti\AppData\Local\MyBrowser
[!] Folder Not Deleted : C:\Users\Děti\AppData\Local\Crossbrowse
[!] Folder Not Deleted : C:\Users\Děti\AppData\Local\MyBrowser
[-] Folder Deleted : C:\Users\Děti\AppData\Local\AC11364C-1424796905-DD11-A850-000EA68F7399
[-] Folder Deleted : C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp
[!] Folder Not Deleted : C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp
[-] Folder Deleted : C:\Users\Děti\AppData\Roaming\AnyProtectEx
[-] Folder Deleted : C:\Users\Děti\AppData\Roaming\Systweak
[-] Folder Deleted : C:\Users\Děti\AppData\Roaming\RHEng
[-] Folder Deleted : C:\Users\Děti\AppData\Roaming\mystartsearch
[-] Folder Deleted : C:\Users\Děti\AppData\Roaming\IQIYI Video
[-] Folder Deleted : C:\Users\Děti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup

***** [ Files ] *****

[-] File Deleted : C:\Program Files\Common Files\System\SysMenu.dll
[-] File Deleted : C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage
[-] File Deleted : C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0
[-] File Deleted : C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp
[-] File Deleted : C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fijhlnmmmgflacagjecncpmpnhjieggk_0.localstorage
[-] File Deleted : C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_fijhlnmmmgflacagjecncpmpnhjieggk_0
[-] File Deleted : C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fijhlnmmmgflacagjecncpmpnhjieggk
[-] File Deleted : C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage
[-] File Deleted : C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0
[-] File Deleted : C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp
[-] File Deleted : C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mmotraffic.com_0.localstorage
[-] File Deleted : C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
[-] File Deleted : C:\Users\Děti\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\crossbrowse.lnk
[-] File Deleted : C:\Users\Děti\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MyBrowser.lnk
[-] File Deleted : C:\Users\Děti\Desktop\AnyProtect.lnk
[-] File Deleted : C:\Windows\Reimage.ini
[-] File Deleted : C:\Windows\system32\sasnative32.exe
[-] File Deleted : C:\Windows\system32\drivers\{36ed28a4-ac0a-4653-91ff-10beb4246550}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{3f1219df-4a4d-40a3-9537-f2a95f4016b3}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{42f8f729-2fa8-44bb-b01a-28c57a8162c7}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{6d909b76-923e-432f-ae89-e484975cf5de}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{848705a5-8a27-403e-9b59-732d0608bcbc}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw.sys

***** [ Shortcuts ] *****

[-] Shortcut Disinfected : C:\Users\Děti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Děti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Adblock Pro.lnk
[-] Shortcut Disinfected : C:\Users\Děti\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk

***** [ Scheduled tasks ] *****

[-] Task Deleted : APSnotifierPP1
[-] Task Deleted : APSnotifierPP2
[-] Task Deleted : APSnotifierPP3
[-] Task Deleted : Crossbrowse
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
[-] Task Deleted : RegClean Pro
[-] Task Deleted : ReimageUpdater
[-] Task Deleted : SMupdate1
[-] Task Deleted : YTDownloader
[-] Task Deleted : YTDownloaderUpd
[-] Task Deleted : shopping_blast_updating_service
[-] Task Deleted : shopping_blast_notification_service
[-] Task Deleted : Microsoft\Windows\Multimedia\SMupdate3
[-] Task Deleted : Microsoft\Windows\Maintenance\SMupdate2
[-] Task Deleted : Advanced System~Protector
[-] Task Deleted : Advanced System~Protector_startup
[-] Task Deleted : MyBrowser
[-] Task Deleted : shopping_blast_notification_service
[-] Task Deleted : shopping_blast_updating_service
[-] Task Deleted : shopping_blast_notification_service
[-] Task Deleted : shopping_blast_updating_service
[-] Task Deleted : 1404b271-27f4-45cf-aa02-c20ab5416857-1-6
[-] Task Deleted : 1404b271-27f4-45cf-aa02-c20ab5416857-1-7
[-] Task Deleted : 1404b271-27f4-45cf-aa02-c20ab5416857-5
[-] Task Deleted : 1404b271-27f4-45cf-aa02-c20ab5416857-5_user
[-] Task Deleted : 1404b271-27f4-45cf-aa02-c20ab5416857-6
[-] Task Deleted : 1404b271-27f4-45cf-aa02-c20ab5416857-7
[-] Task Deleted : 2b5f01be-cce3-44b7-9889-162944b01d51-1-6
[-] Task Deleted : 2b5f01be-cce3-44b7-9889-162944b01d51-1-7
[-] Task Deleted : 2b5f01be-cce3-44b7-9889-162944b01d51-10_user
[-] Task Deleted : 2b5f01be-cce3-44b7-9889-162944b01d51-5
[-] Task Deleted : 2b5f01be-cce3-44b7-9889-162944b01d51-5_user
[-] Task Deleted : 2b5f01be-cce3-44b7-9889-162944b01d51-6
[-] Task Deleted : 2b5f01be-cce3-44b7-9889-162944b01d51-7
[-] Task Deleted : 4932de55-3c05-4eae-8ee3-4b49051925f0-1-6
[-] Task Deleted : 4932de55-3c05-4eae-8ee3-4b49051925f0-1-7
[-] Task Deleted : 4932de55-3c05-4eae-8ee3-4b49051925f0-10_user
[-] Task Deleted : 4932de55-3c05-4eae-8ee3-4b49051925f0-3
[-] Task Deleted : 4932de55-3c05-4eae-8ee3-4b49051925f0-5
[-] Task Deleted : 4932de55-3c05-4eae-8ee3-4b49051925f0-5_user
[-] Task Deleted : 4932de55-3c05-4eae-8ee3-4b49051925f0-6
[-] Task Deleted : 4932de55-3c05-4eae-8ee3-4b49051925f0-7
[-] Task Deleted : 778d3dab-180b-46f2-b68b-406eca7c6f90-1-6
[-] Task Deleted : 778d3dab-180b-46f2-b68b-406eca7c6f90-1-7
[-] Task Deleted : 778d3dab-180b-46f2-b68b-406eca7c6f90-10_user
[-] Task Deleted : 778d3dab-180b-46f2-b68b-406eca7c6f90-5
[-] Task Deleted : 778d3dab-180b-46f2-b68b-406eca7c6f90-5_user
[-] Task Deleted : 778d3dab-180b-46f2-b68b-406eca7c6f90-6
[-] Task Deleted : 778d3dab-180b-46f2-b68b-406eca7c6f90-7
[-] Task Deleted : 87b494d9-14de-43dd-9db8-23f9f52e9284-1-6
[-] Task Deleted : 87b494d9-14de-43dd-9db8-23f9f52e9284-1-7
[-] Task Deleted : 87b494d9-14de-43dd-9db8-23f9f52e9284-10_user
[-] Task Deleted : 87b494d9-14de-43dd-9db8-23f9f52e9284-3
[-] Task Deleted : 87b494d9-14de-43dd-9db8-23f9f52e9284-5
[-] Task Deleted : 87b494d9-14de-43dd-9db8-23f9f52e9284-5_user
[-] Task Deleted : 87b494d9-14de-43dd-9db8-23f9f52e9284-6
[-] Task Deleted : 87b494d9-14de-43dd-9db8-23f9f52e9284-7
[-] Task Deleted : 8b945b91-3180-42ac-8e48-d79db894c101-1-6
[-] Task Deleted : 8b945b91-3180-42ac-8e48-d79db894c101-1-7
[-] Task Deleted : 8b945b91-3180-42ac-8e48-d79db894c101-10_user
[-] Task Deleted : 8b945b91-3180-42ac-8e48-d79db894c101-3
[-] Task Deleted : 8b945b91-3180-42ac-8e48-d79db894c101-5
[-] Task Deleted : 8b945b91-3180-42ac-8e48-d79db894c101-5_user
[-] Task Deleted : 8b945b91-3180-42ac-8e48-d79db894c101-6
[-] Task Deleted : 8b945b91-3180-42ac-8e48-d79db894c101-7
[-] Task Deleted : aab72157-141a-4b3a-9bef-b0a5112fd240-1-6
[-] Task Deleted : aab72157-141a-4b3a-9bef-b0a5112fd240-1-7
[-] Task Deleted : aab72157-141a-4b3a-9bef-b0a5112fd240-10_user
[-] Task Deleted : aab72157-141a-4b3a-9bef-b0a5112fd240-3
[-] Task Deleted : aab72157-141a-4b3a-9bef-b0a5112fd240-5
[-] Task Deleted : aab72157-141a-4b3a-9bef-b0a5112fd240-5_user
[-] Task Deleted : aab72157-141a-4b3a-9bef-b0a5112fd240-6
[-] Task Deleted : aab72157-141a-4b3a-9bef-b0a5112fd240-7
[-] Task Deleted : ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-1-6
[-] Task Deleted : ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-1-7
[-] Task Deleted : ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-10_user
[-] Task Deleted : ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-3
[-] Task Deleted : ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-5
[-] Task Deleted : ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-5_user
[-] Task Deleted : ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-6
[-] Task Deleted : ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-7
[-] Task Deleted : ff3c79e4-2680-4bcd-ac63-ab1da95530b8-1-6
[-] Task Deleted : ff3c79e4-2680-4bcd-ac63-ab1da95530b8-1-7
[-] Task Deleted : ff3c79e4-2680-4bcd-ac63-ab1da95530b8-10_user
[-] Task Deleted : ff3c79e4-2680-4bcd-ac63-ab1da95530b8-3
[-] Task Deleted : ff3c79e4-2680-4bcd-ac63-ab1da95530b8-5
[-] Task Deleted : ff3c79e4-2680-4bcd-ac63-ab1da95530b8-5_user
[-] Task Deleted : ff3c79e4-2680-4bcd-ac63-ab1da95530b8-6
[-] Task Deleted : ff3c79e4-2680-4bcd-ac63-ab1da95530b8-7
[-] Task Deleted : 1404b271-27f4-45cf-aa02-c20ab5416857-1-6
[-] Task Deleted : 1404b271-27f4-45cf-aa02-c20ab5416857-1-7
[-] Task Deleted : 1404b271-27f4-45cf-aa02-c20ab5416857-5
[-] Task Deleted : 1404b271-27f4-45cf-aa02-c20ab5416857-6
[-] Task Deleted : 1404b271-27f4-45cf-aa02-c20ab5416857-7
[-] Task Deleted : 2b5f01be-cce3-44b7-9889-162944b01d51-1-6
[-] Task Deleted : 2b5f01be-cce3-44b7-9889-162944b01d51-1-7
[-] Task Deleted : 2b5f01be-cce3-44b7-9889-162944b01d51-5
[-] Task Deleted : 2b5f01be-cce3-44b7-9889-162944b01d51-6
[-] Task Deleted : 2b5f01be-cce3-44b7-9889-162944b01d51-7
[-] Task Deleted : 4932de55-3c05-4eae-8ee3-4b49051925f0-1-6
[-] Task Deleted : 4932de55-3c05-4eae-8ee3-4b49051925f0-1-7
[-] Task Deleted : 4932de55-3c05-4eae-8ee3-4b49051925f0-3
[-] Task Deleted : 4932de55-3c05-4eae-8ee3-4b49051925f0-5
[-] Task Deleted : 4932de55-3c05-4eae-8ee3-4b49051925f0-6
[-] Task Deleted : 4932de55-3c05-4eae-8ee3-4b49051925f0-7
[-] Task Deleted : 778d3dab-180b-46f2-b68b-406eca7c6f90-1-6
[-] Task Deleted : 778d3dab-180b-46f2-b68b-406eca7c6f90-1-7
[-] Task Deleted : 778d3dab-180b-46f2-b68b-406eca7c6f90-5
[-] Task Deleted : 778d3dab-180b-46f2-b68b-406eca7c6f90-6
[-] Task Deleted : 778d3dab-180b-46f2-b68b-406eca7c6f90-7
[-] Task Deleted : 87b494d9-14de-43dd-9db8-23f9f52e9284-1-6
[-] Task Deleted : 87b494d9-14de-43dd-9db8-23f9f52e9284-1-7
[-] Task Deleted : 87b494d9-14de-43dd-9db8-23f9f52e9284-3
[-] Task Deleted : 87b494d9-14de-43dd-9db8-23f9f52e9284-5
[-] Task Deleted : 87b494d9-14de-43dd-9db8-23f9f52e9284-6
[-] Task Deleted : 87b494d9-14de-43dd-9db8-23f9f52e9284-7
[-] Task Deleted : 8b945b91-3180-42ac-8e48-d79db894c101-1-6
[-] Task Deleted : 8b945b91-3180-42ac-8e48-d79db894c101-1-7
[-] Task Deleted : 8b945b91-3180-42ac-8e48-d79db894c101-3
[-] Task Deleted : 8b945b91-3180-42ac-8e48-d79db894c101-5
[-] Task Deleted : 8b945b91-3180-42ac-8e48-d79db894c101-6
[-] Task Deleted : 8b945b91-3180-42ac-8e48-d79db894c101-7
[-] Task Deleted : aab72157-141a-4b3a-9bef-b0a5112fd240-1-6
[-] Task Deleted : aab72157-141a-4b3a-9bef-b0a5112fd240-1-7
[-] Task Deleted : aab72157-141a-4b3a-9bef-b0a5112fd240-3
[-] Task Deleted : aab72157-141a-4b3a-9bef-b0a5112fd240-5
[-] Task Deleted : aab72157-141a-4b3a-9bef-b0a5112fd240-6
[-] Task Deleted : aab72157-141a-4b3a-9bef-b0a5112fd240-7
[-] Task Deleted : ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-1-6
[-] Task Deleted : ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-1-7
[-] Task Deleted : ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-3
[-] Task Deleted : ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-5
[-] Task Deleted : ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-6
[-] Task Deleted : ff0e55e0-0cf1-4ee4-9379-7f2899583b1b-7
[-] Task Deleted : ff3c79e4-2680-4bcd-ac63-ab1da95530b8-1-6
[-] Task Deleted : ff3c79e4-2680-4bcd-ac63-ab1da95530b8-1-7
[-] Task Deleted : ff3c79e4-2680-4bcd-ac63-ab1da95530b8-3
[-] Task Deleted : ff3c79e4-2680-4bcd-ac63-ab1da95530b8-5
[-] Task Deleted : ff3c79e4-2680-4bcd-ac63-ab1da95530b8-6
[-] Task Deleted : ff3c79e4-2680-4bcd-ac63-ab1da95530b8-7
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\YTDownloader.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\SysMenuExt
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\crossbrowse.exe
[-] Value Deleted : HKLM\SOFTWARE\RegisteredApplications [Crossbrowse]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
[-] Value Deleted : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
[-] Key Deleted : HKCU\Software\MozillaPlugins\@iqiyi.com/npWebPlayer
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@iqiyi.com/npWebPlayer
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@iqiyi.com/npclient
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [HCDNClient]
[-] Key Deleted : HKLM\SOFTWARE\Classes\qygameclient
[-] Key Deleted : HKLM\SOFTWARE\Classes\HCDNProxy
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [apphide]
[-] Value Deleted : HKLM\SOFTWARE\RegisteredApplications [MyBrowser]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mybrowser.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\mybrowser.exe
[!] Value Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures [Crossbrowse.job]
[!] Value Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures [Crossbrowse.job.fp]
[!] Value Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures [MyBrowser.job]
[!] Value Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures [MyBrowser.job.fp]
[-] Key Deleted : HKLM\SOFTWARE\0b4c8508-d972-4e47-8b80-4727782bf5d4
[-] Key Deleted : HKLM\SOFTWARE\101d874d-6c88-4a8f-a4fc-a81546c5590e
[-] Key Deleted : HKLM\SOFTWARE\171ff031-3e1c-48bb-9515-768cc4349ba2
[-] Key Deleted : HKLM\SOFTWARE\31f6bbe8-f145-4a15-8bea-ffc8eb8af226
[-] Key Deleted : HKLM\SOFTWARE\9b524aed-555c-488d-ac68-af0150182f7f
[-] Key Deleted : HKLM\SOFTWARE\ab2dd9cd-9bff-49a6-81c3-c269ed242275
[-] Key Deleted : HKLM\SOFTWARE\b00bf6e9-77f3-4548-bdae-fce6476cbd91
[-] Key Deleted : HKLM\SOFTWARE\dd31efe3-f303-4c5c-bb92-401dda669d56
[-] Key Deleted : HKLM\SOFTWARE\e8610999-28fc-45c3-9098-3cf14645263a
[-] Key Deleted : HKLM\SOFTWARE\eb96a415-4fcc-468a-a4f1-5eec85cfb29f
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{F3D0D36F-23F8-4682-A195-74C92B03D4AF-NOT}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{61CED8F3-2CB2-4C3C-9484-7530E1127A58}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{D96C1D26-5CDF-4506-9244-57233C3984DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{085CB97F-6D0B-487D-B94C-E11A736C38CE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{307B3CDB-9EE3-4137-9D18-F9AD6537ECEB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CF3CDEFB-31BE-43AE-B064-B9C62C883259}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D96C1D26-5CDF-4506-9244-57233C3984DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5CD76C57-6893-478A-B776-47E7C82504BE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D96C1D26-5CDF-4506-9244-57233C3984DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B6360BD3-5CD0-40D3-BD87-DAFF37889F50}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E1D75F62-CBBD-45C7-9D1D-6B5ECEC2E006}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E6F928E4-B672-4F3A-8CA2-53C4259235DE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6A8DA1-1731-465B-B036-B9E16EF26CAC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6BE0FB-8B18-4DFC-959F-233651CC4D7F}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E6A8DA1-2731-465B-B036-B9E16EF26CAC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAC94FEE-45B4-4FD4-9EEA-D8978EC96C6E}
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKCU\Software\AnyProtect
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\simplytech
[!] Key Not Deleted : HKCU\Software\Simplytech\HomeTab
[-] Key Deleted : HKCU\Software\GoHD
[-] Key Deleted : HKCU\Software\YTDownloader
[-] Key Deleted : HKCU\Software\WajIEnhance
[-] Key Deleted : HKCU\Software\TNT2
[-] Key Deleted : HKCU\Software\WajIntEnhance
[-] Key Deleted : HKCU\Software\CrossBrowser
[-] Key Deleted : HKCU\Software\SearchProtectWS
[-] Key Deleted : HKCU\Software\estdemin
[-] Key Deleted : HKCU\Software\Linkey
[-] Key Deleted : HKCU\Software\YorkNewCin
[-] Key Deleted : HKCU\Software\HighDefAction
[-] Key Deleted : HKCU\Software\ArenaHD
[-] Key Deleted : HKCU\Software\Kromtech
[-] Key Deleted : HKCU\Software\QyGameClient
[-] Key Deleted : HKCU\Software\MyBrowser
[-] Key Deleted : HKCU\Software\OB
[-] Key Deleted : HKCU\Software\shopping blast
[-] Key Deleted : HKCU\Software\CinemaPlus-3.2cV01.06
[-] Key Deleted : HKCU\Software\CinemaPlus-3.2cV21.05
[!] Key Not Deleted : HKCU\Software\GoHD
[!] Key Not Deleted : HKCU\Software\MyBrowser
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\Sense
[-] Key Deleted : HKLM\SOFTWARE\SupDp
[-] Key Deleted : HKLM\SOFTWARE\SupTab
[-] Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
[-] Key Deleted : HKLM\SOFTWARE\GoHD
[-] Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
[-] Key Deleted : HKLM\SOFTWARE\YTDownloader
[-] Key Deleted : HKLM\SOFTWARE\IHProtect
[-] Key Deleted : HKLM\SOFTWARE\WajIntEnhance
[-] Key Deleted : HKLM\SOFTWARE\AIM Toolbar
[-] Key Deleted : HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : HKLM\SOFTWARE\oursurfingSoftware
[-] Key Deleted : HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKLM\SOFTWARE\searchult
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV01.06
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV09.09
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV21.05
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV22.08
[!] Key Not Deleted : HKLM\SOFTWARE\GoHD
[!] Key Not Deleted : HKLM\SOFTWARE\Sense
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sense
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GoHD
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IQIYI Video
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaPlus-3.2cV01.06
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaPlus-3.2cV09.09
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaPlus-3.2cV21.05
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaPlus-3.2cV22.08
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GoHD
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sense
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\S-1-5-21-576956717-2421588013-1555960161-1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3EF9CB5A-5A15-4758-9947-F840BECE28E2}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4657AAEE-4CB6-40FB-B3F7-2A39166D6775}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70461A29-C918-4675-942F-99A271FBB8BB}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{81169942-890B-4D3D-AE9F-4233F35CDBC8}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{895F1101-CAD0-4AB3-8926-C02FC864E7C6}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9C9F1ACB-336C-4289-AF2B-BCD068F51BE0}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD1A17A5-4954-4DA6-B5BF-EC39EFAD55B4}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9A93900-551B-4182-ABAF-B5B7B64472FA}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D63CA8E9-FADE-45E5-8F0F-206E7537B341}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
[!] Key Not Deleted : HKU\S-1-5-21-576956717-2421588013-1555960161-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
[!] Key Not Deleted : HKU\S-1-5-21-576956717-2421588013-1555960161-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3EF9CB5A-5A15-4758-9947-F840BECE28E2}
[!] Key Not Deleted : HKU\S-1-5-21-576956717-2421588013-1555960161-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4657AAEE-4CB6-40FB-B3F7-2A39166D6775}
[!] Key Not Deleted : HKU\S-1-5-21-576956717-2421588013-1555960161-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70461A29-C918-4675-942F-99A271FBB8BB}
[!] Key Not Deleted : HKU\S-1-5-21-576956717-2421588013-1555960161-1000\Software\Microsoft\Internet Explorer\SearchScopes\{81169942-890B-4D3D-AE9F-4233F35CDBC8}
[!] Key Not Deleted : HKU\S-1-5-21-576956717-2421588013-1555960161-1000\Software\Microsoft\Internet Explorer\SearchScopes\{895F1101-CAD0-4AB3-8926-C02FC864E7C6}
[!] Key Not Deleted : HKU\S-1-5-21-576956717-2421588013-1555960161-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9C9F1ACB-336C-4289-AF2B-BCD068F51BE0}
[!] Key Not Deleted : HKU\S-1-5-21-576956717-2421588013-1555960161-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AD1A17A5-4954-4DA6-B5BF-EC39EFAD55B4}
[!] Key Not Deleted : HKU\S-1-5-21-576956717-2421588013-1555960161-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B9A93900-551B-4182-ABAF-B5B7B64472FA}
[!] Key Not Deleted : HKU\S-1-5-21-576956717-2421588013-1555960161-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D63CA8E9-FADE-45E5-8F0F-206E7537B341}
[!] Key Not Deleted : HKU\S-1-5-21-576956717-2421588013-1555960161-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command []

***** [ Web browsers ] *****

[-] [C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : mystartsearch
[-] [C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.mystartsearch.com/?type=hp&ts=14423 ... XXW1V14B5A
[-] [C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Deleted : hxxp://www.mystartsearch.com/webfavicon.ico
[-] [C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[-] [C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : papbadoldddalgcjcicnikcfenodpghp
[-] [C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : papbadoldddalgcjcicnikcfenodpghp
[-] [C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.mystartsearch.com/?type=hp&ts=14423 ... XXW1V14B5A

*************************

:: Winsock settings cleared

*************************

C:\AdwCleaner[R1].txt - [3454 bytes] - [15/09/2015 15:32:23]
C:\AdwCleaner[S1].txt - [317 bytes] - [15/09/2015 15:32:52]
C:\AdwCleaner[S2].txt - [3600 bytes] - [15/09/2015 15:40:03]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [36530 bytes] ##########

Děkuji :)

Re: Prosím o radu a kontrolu logu

Napsal: 17 zář 2015 19:43
od altrok
:arrow: Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=144868
  • Upozorneni: tento sken zabere od 30 minut po nekolik hodin
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz