Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-11-2015
Ran by Iva (administrator) on IVA-PC (22-11-2015 18:57:24)
Running from C:\Users\Iva\Desktop
Loaded Profiles: Iva (Available Profiles: Iva)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc2.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeTray.exe
(Taiwan Shui Mu Chih Ching Technology Limited) C:\Program Files\WinZipper\winzipersvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\ASP\AdvancedSystemProtector.exe
(Cinema PlusV13.10) C:\Program Files\CinemaPlus-3.2cV13.10\94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-6.exe
(Cinema PlusV07.10) C:\Program Files\CinemaPlus-3.2cV07.10\74c06d22-9519-4805-9d33-0990bf16ee2f-10.exe
(tsvr.com) C:\Users\Iva\AppData\Roaming\TSv\TSvr.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\ProgramData\01e58235-010d-43b1-8340-277d43a75321\maintainer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(MyBrowser) C:\Program Files\MyBrowser\MyBrowser\Application\mybrowser.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(MyBrowser) C:\Program Files\MyBrowser\MyBrowser\Application\mybrowser.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_19_0_0_245_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Ghisler Software GmbH) C:\Program Files\Totalcmd\TOTALCMD.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Cinema PlusV13.10) C:\Program Files\CinemaPlus-3.2cV13.10\94be15cc-7c57-47f4-8cc9-735aa1db75fb-10.exe
(forum.viry.cz) C:\Users\Iva\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-10] (AVAST Software)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2014-03-24] (Logitech, Inc.)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\Run: [GoogleChromeAutoLaunch_931877040822C1640EC7A0875A73A438] => C:\Program Files\MyBrowser\MyBrowser\Application\mybrowser.exe [796160 2015-08-30] (MyBrowser)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\RunOnce: [Application Restart #1] => C:\Program Files\Avant Browser\webkit\webkit.exe [668408 2015-09-29] (The Chromium Authors)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\RunOnce: [Application Restart #2] => C:\Program Files\Avant Browser\webkit\webkit.exe [668408 2015-09-29] (The Chromium Authors)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\RunOnce: [Application Restart #3] => C:\Program Files\Avant Browser\webkit\webkit.exe [668408 2015-09-29] (The Chromium Authors)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\MountPoints2: {16a80df8-a5fd-11e3-a9d0-00219b3170a0} - E:\autorun.exe
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\MountPoints2: {b673d197-d577-11e4-a168-00219b3170a0} - F:\autorun.exe
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-20] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2014-03-07]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{FA1FC4A2-16F8-40A2-A06F-8EF71D83E7A2}: [DhcpNameServer] 192.168.100.1 192.168.3.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130919100609618099&GUID=00000000-0000-0000-0000-000000000000
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1445858917&fr ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1445858917&fr ... earchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&a ... earchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1445858917&fr ... earchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&a ... earchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {B6DDB2A5-A528-4C20-8406-3368FB01E529} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {F7BD9A9F-3458-4C29-B40A-C2B81111C467} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-22] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20] (AVAST Software)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-22] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-22] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-10-13] (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-10-13] (globalUpdate)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3296444741-4028167595-444839913-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Iva\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-09-28] (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-20] [not signed]
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-03-14] [not signed]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-20] (AVAST Software)
S2 globalUpdate; C:\Program Files\globalUpdate\Update\globalupdate.exe [68608 2015-10-13] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\globalupdate.exe [68608 2015-10-13] (globalUpdate) [File not signed] <==== ATTENTION
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1893896 2015-11-12] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IhPul; C:\Users\Iva\AppData\Roaming\TSv\TSvr.exe [396944 2015-09-21] (tsvr.com)
R2 iSafeService; C:\Program Files\Elex-tech\YAC\iSafeSvc.exe [118048 2015-08-19] (Elex do Brasil Participações Ltda)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-11-12] (LogMeIn, Inc.)
R2 MaintainerSvc6.89.573444; C:\ProgramData\01e58235-010d-43b1-8340-277d43a75321\maintainer.exe [128200 2015-10-22] ()
S2 MustangService_2015_10_10; C:\ProgramData\TempMoudleSet\MustangSer156.exe [236816 2015-10-09] (MustangService)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 winzipersvc; C:\Program Files\WinZipper\winzipersvc.exe [707760 2015-10-20] (Taiwan Shui Mu Chih Ching Technology Limited) <==== ATTENTION
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-11-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-11-10] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-20] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-11-02] (Disc Soft Ltd)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 iSafeKrnl; C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys [225896 2015-05-14] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys [97912 2015-08-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [45032 2015-08-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys [73232 2015-08-19] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [44712 2015-06-30] (Elex do Brasil Participações Ltda)
S3 usbcamcl; C:\Windows\System32\DRIVERS\usbcamcl.sys [28416 2011-08-18] (usb camera)
R1 {37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw; C:\Windows\System32\drivers\{37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw.sys [43144 2014-11-29] (StdLib)
R1 {51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw; C:\Windows\System32\drivers\{51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw.sys [43144 2014-11-02] (StdLib)
R1 {6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw; C:\Windows\System32\drivers\{6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw.sys [43144 2014-11-06] (StdLib)
R1 {9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw; C:\Windows\System32\drivers\{9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw.sys [43144 2014-11-12] (StdLib)
R1 {98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw; C:\Windows\System32\drivers\{98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw.sys [43144 2014-11-10] (StdLib)
R1 {a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw; C:\Windows\System32\drivers\{a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw.sys [43144 2014-11-04] (StdLib)
R1 {ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw; C:\Windows\System32\drivers\{ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw.sys [43144 2014-11-27] (StdLib)
R1 {adb41315-fba7-4b86-be27-b2401a20c8d2}Gw; C:\Windows\System32\drivers\{adb41315-fba7-4b86-be27-b2401a20c8d2}Gw.sys [43144 2014-11-18] (StdLib)
R1 {b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw; C:\Windows\System32\drivers\{b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw.sys [43144 2014-11-22] (StdLib)
R1 {b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw; C:\Windows\System32\drivers\{b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw.sys [43144 2014-12-01] (StdLib)
R1 {b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw; C:\Windows\System32\drivers\{b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw.sys [43144 2014-11-28] (StdLib)
R1 {c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw; C:\Windows\System32\drivers\{c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw.sys [43144 2014-11-16] (StdLib)
S3 cpuz134; \??\C:\Users\Iva\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 iSafeKrnlBoot; system32\DRIVERS\iSafeKrnlBoot.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-22 18:57 - 2015-11-22 18:57 - 00020941 ____C C:\Users\Iva\Desktop\FRST.txt
2015-11-22 18:56 - 2015-11-22 18:57 - 00000000 ___DC C:\FRST
2015-11-22 18:55 - 2015-11-22 18:55 - 00112640 ____C (forum.viry.cz) C:\Users\Iva\Desktop\FRSTLauncher.exe
2015-11-22 18:54 - 2015-11-22 18:54 - 01716736 ____C (Farbar) C:\Users\Iva\Desktop\FRST.exe
2015-11-22 18:47 - 2015-11-22 18:47 - 00000000 ___DC C:\Program Files\Common Files\Java
2015-11-22 18:46 - 2015-11-22 18:46 - 00000000 ___DC C:\Users\Iva\AppData\Roaming\Sun
2015-11-22 18:46 - 2015-11-22 18:46 - 00000000 ___DC C:\Users\Iva\.oracle_jre_usage
2015-11-22 18:44 - 2015-11-22 18:44 - 00000000 ___DC C:\Users\Iva\AppData\LocalLow\Oracle
2015-11-22 18:43 - 2015-11-22 18:43 - 00000652 ____C C:\Windows\LkmdfCoInst.log
2015-11-17 16:25 - 2015-11-17 16:25 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-11-17 16:25 - 2015-11-17 16:25 - 00000000 ___DC C:\Program Files\LogMeIn Hamachi
2015-11-15 12:06 - 2015-11-15 12:06 - 00000000 ___DC C:\ProgramData\TempMoudleSet
2015-11-12 19:02 - 2015-11-12 19:12 - 44311088 ____C C:\Users\Iva\Downloads\Seznam.cz (1).exe
2015-11-12 16:29 - 2015-11-12 19:00 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 19:07 - 2015-11-11 19:12 - 00000000 ___DC C:\56d85a9898984645d61ebf2a12dd45
2015-11-11 16:44 - 2015-11-11 19:05 - 20331520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 12854272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 16:44 - 2015-11-11 19:05 - 02279936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 16:44 - 2015-11-11 19:05 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 16:44 - 2015-11-11 19:05 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 16:44 - 2015-11-11 19:05 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 16:44 - 2015-11-11 19:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 16:44 - 2015-11-11 19:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 16:44 - 2015-11-11 19:05 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 16:39 - 2015-11-11 19:07 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 16:39 - 2015-11-11 19:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 16:39 - 2015-11-11 19:07 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 16:39 - 2015-11-11 19:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 16:39 - 2015-11-11 19:06 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 16:39 - 2015-11-11 19:06 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 03991488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 03935680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 16:38 - 2015-11-11 19:05 - 00712640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 16:33 - 2015-11-11 19:03 - 00371920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 16:33 - 2015-11-11 19:03 - 00251000 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 02955776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 16:33 - 2015-11-11 19:02 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 16:33 - 2015-11-11 19:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-09 20:04 - 2015-11-09 20:14 - 44312328 ____C C:\Users\Iva\Downloads\Seznam.cz.exe
2015-11-06 16:53 - 2015-11-06 16:53 - 00004245 ____C C:\Users\Iva\Downloads\stažený soubor
2015-10-30 14:50 - 2015-10-30 14:50 - 00772016 ____C (Reimage®) C:\Users\Iva\Downloads\ReimageRepair (2).exe
2015-10-27 16:03 - 2015-11-17 16:25 - 00000856 ____C C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-22 18:57 - 2015-06-25 18:27 - 00000262 ____C C:\Windows\Tasks\PC-Mechanic Maintenance.job
2015-11-22 18:54 - 2015-10-13 15:54 - 00003122 ____C C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-6.job
2015-11-22 18:53 - 2015-10-13 15:53 - 00002096 ____C C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-10_user.job
2015-11-22 18:53 - 2015-09-25 15:30 - 00000004 ____C C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-11-22 18:53 - 2014-02-15 15:40 - 00000000 ___DC C:\ProgramData\Oracle
2015-11-22 18:51 - 2009-07-14 05:34 - 00032096 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-22 18:51 - 2009-07-14 05:34 - 00032096 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-22 18:48 - 2014-08-30 16:30 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-22 18:48 - 2014-02-15 15:39 - 00000000 ___DC C:\Program Files\Java
2015-11-22 18:46 - 2014-08-30 16:30 - 00278624 ____C (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-11-22 18:46 - 2014-08-30 16:30 - 00095840 ____C (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-11-22 18:46 - 2014-02-14 09:18 - 00000000 ___DC C:\Users\Iva
2015-11-22 18:43 - 2015-10-04 10:45 - 00011160 ____C C:\Windows\setupact.log
2015-11-22 18:43 - 2015-03-14 15:51 - 00016400 ____C (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-11-22 18:42 - 2015-10-08 07:42 - 00002096 ____C C:\Windows\Tasks\74c06d22-9519-4805-9d33-0990bf16ee2f-10_user.job
2015-11-22 18:42 - 2014-02-05 19:17 - 01107543 ____C C:\Windows\WindowsUpdate.log
2015-11-22 18:39 - 2015-01-01 13:46 - 00000000 ___DC C:\Users\Iva\AppData\Local\LogMeIn Hamachi
2015-11-22 18:37 - 2015-10-13 15:54 - 00002430 ____C C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-5_user.job
2015-11-22 18:37 - 2015-10-13 15:54 - 00002430 ____C C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-5.job
2015-11-22 18:37 - 2015-10-13 15:53 - 00005168 ____C C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-11.job
2015-11-22 18:37 - 2015-10-13 15:53 - 00003458 ____C C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-7.job
2015-11-22 18:37 - 2015-10-08 07:42 - 00005168 ____C C:\Windows\Tasks\74c06d22-9519-4805-9d33-0990bf16ee2f-11.job
2015-11-22 18:37 - 2015-10-01 17:10 - 00003458 ____C C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-1-7.job
2015-11-22 18:37 - 2015-10-01 17:10 - 00003122 ____C C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-1-6.job
2015-11-22 18:37 - 2015-10-01 17:10 - 00002430 ____C C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-5_user.job
2015-11-22 18:37 - 2015-10-01 17:10 - 00002430 ____C C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-5.job
2015-11-22 18:37 - 2015-10-01 17:09 - 00005502 ____C C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-7.job
2015-11-22 18:37 - 2015-10-01 17:09 - 00005502 ____C C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-6.job
2015-11-22 18:37 - 2015-10-01 17:09 - 00005168 ____C C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-11.job
2015-11-22 18:37 - 2015-10-01 17:09 - 00004478 ____C C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-3.job
2015-11-22 18:37 - 2015-10-01 17:09 - 00002096 ____C C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-10_user.job
2015-11-22 18:37 - 2015-09-30 16:52 - 00001040 ____C C:\Windows\Tasks\Crossbrowse.job
2015-11-22 18:37 - 2015-09-25 15:30 - 00005502 ____C C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-6.job
2015-11-22 18:37 - 2015-09-25 15:30 - 00005168 ____C C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-11.job
2015-11-22 18:37 - 2015-09-25 15:30 - 00005166 ____C C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-7.job
2015-11-22 18:37 - 2015-09-25 15:30 - 00004142 ____C C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-3.job
2015-11-22 18:37 - 2015-09-25 15:30 - 00003458 ____C C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-1-7.job
2015-11-22 18:37 - 2015-09-25 15:30 - 00003122 ____C C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-1-6.job
2015-11-22 18:37 - 2015-09-25 15:30 - 00002430 ____C C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-5_user.job
2015-11-22 18:37 - 2015-09-25 15:30 - 00002430 ____C C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-5.job
2015-11-22 18:37 - 2015-09-25 15:30 - 00000954 ____C C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-11-22 18:37 - 2015-09-25 15:29 - 00002096 ____C C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-10_user.job
2015-11-22 18:37 - 2015-09-25 15:28 - 00001032 ____C C:\Windows\Tasks\MyBrowser.job
2015-11-22 18:37 - 2015-06-25 18:27 - 00000262 ____C C:\Windows\Tasks\PC-Mechanic Subscription.job
2015-11-22 18:37 - 2015-06-25 18:27 - 00000256 ____C C:\Windows\Tasks\PC-Mechanic Startup.job
2015-11-22 18:37 - 2009-07-14 05:53 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2015-11-22 18:13 - 2014-07-08 19:11 - 00000914 ____C C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-22 18:01 - 2015-10-16 14:05 - 00000000 ___DC C:\Program Files\WinZipper
2015-11-22 16:58 - 2015-09-25 15:30 - 00000958 ____C C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-11-22 15:02 - 2015-10-04 13:17 - 00000242 ____C C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2015-11-22 09:09 - 2015-10-04 13:17 - 00000000 ___DC C:\Program Files\ASP
2015-11-21 22:30 - 2014-02-15 12:53 - 00000000 ___DC C:\Program Files\TeamViewer
2015-11-20 18:07 - 2010-11-20 22:01 - 01583226 ____C C:\Windows\system32\PerfStringBackup.INI
2015-11-15 12:06 - 2015-09-25 15:15 - 00000000 ___DC C:\Program Files\RayDld
2015-11-13 21:31 - 2014-04-19 18:04 - 00000000 ___DC C:\Users\Iva\AppData\Roaming\TeamViewer
2015-11-12 19:41 - 2009-07-14 05:33 - 00302056 ____C C:\Windows\system32\FNTCACHE.DAT
2015-11-12 11:50 - 2015-01-01 13:43 - 00027040 ___HC (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-11-11 21:41 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2015-11-11 21:12 - 2009-07-14 03:37 - 00000000 ___DC C:\Windows\Microsoft.NET
2015-11-11 19:42 - 2015-10-04 10:44 - 00021878 ____C C:\Windows\PFRO.log
2015-11-11 19:39 - 2011-04-12 02:46 - 00000000 ___DC C:\Program Files\Windows Journal
2015-11-11 19:21 - 2009-07-14 03:37 - 00000000 ___DC C:\Windows\system32\NDF
2015-11-11 19:14 - 2014-07-08 19:10 - 00780488 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-11-11 19:14 - 2014-07-08 19:10 - 00142536 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-11-11 19:12 - 2014-02-14 19:17 - 00000000 ___DC C:\Windows\system32\MRT
2015-11-11 19:07 - 2014-02-14 19:17 - 143250520 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-10 20:49 - 2015-10-04 15:24 - 00100352 __SHC C:\Users\Iva\Documents\Thumbs.db
2015-11-10 20:47 - 2015-10-18 15:16 - 00040702 ____C C:\Users\Iva\Documents\Faktura Milda.ods
2015-11-10 16:51 - 2014-02-14 18:13 - 00794952 ____C (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-11-10 16:51 - 2014-02-14 18:13 - 00435464 ____C (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-11-07 13:44 - 2014-02-14 18:29 - 00000000 ___DC C:\Users\Iva\AppData\Roaming\Skype
2015-11-07 13:13 - 2014-02-14 18:28 - 00000000 ___DC C:\ProgramData\Skype
2015-11-06 20:48 - 2015-10-04 13:17 - 00000959 ____C C:\Users\Public\Desktop\Advanced System~Protector.lnk
2015-11-06 20:48 - 2015-10-04 13:17 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector
2015-11-06 20:48 - 2014-07-17 21:09 - 00000000 ___DC C:\Users\Iva\AppData\Roaming\Systweak
2015-11-03 17:45 - 2015-10-04 13:17 - 00017872 ____C C:\Windows\system32\sasnative32.exe
2015-10-24 09:22 - 2015-10-07 19:20 - 00000000 ___DC C:\Users\Iva\AppData\Local\4C4C4544-1444249247-3310-8057-B5C04F57334A
==================== Files in the root of some directories =======
2015-10-03 07:58 - 2015-10-03 07:58 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsdE16.tmp
2015-10-03 11:03 - 2015-10-03 11:03 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsi9B4A.tmp
2015-10-05 13:55 - 2015-10-05 13:55 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsr4603.tmp
2015-10-02 19:19 - 2015-10-02 19:19 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsr5233.tmp
2015-10-06 17:43 - 2015-10-06 17:42 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nssBB8D.tmp
2015-10-04 11:19 - 2015-10-04 11:19 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsxDA5.tmp
2015-09-25 15:27 - 2015-10-16 14:02 - 0000102 ____C () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Some files in TEMP:
====================
C:\Users\Iva\AppData\Local\Temp\1742.exe
C:\Users\Iva\AppData\Local\Temp\7276.exe
C:\Users\Iva\AppData\Local\Temp\7545.exe
C:\Users\Iva\AppData\Local\Temp\8043.exe
C:\Users\Iva\AppData\Local\Temp\jre-8u66-windows-au.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-1-6.job => C:\Program Files\CinemaPlus-3.2cV01.10\537891f8-7b5c-4554-8f93-0f6bdc178de7-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-1-7.job => C:\Program Files\CinemaPlus-3.2cV01.10\537891f8-7b5c-4554-8f93-0f6bdc178de7-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-10_user.job => C:\Program Files\CinemaPlus-3.2cV01.10\537891f8-7b5c-4554-8f93-0f6bdc178de7-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-11.job => C:\Program Files\CinemaPlus-3.2cV01.10\537891f8-7b5c-4554-8f93-0f6bdc178de7-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-3.job => C:\Program Files\CinemaPlus-3.2cV01.10\537891f8-7b5c-4554-8f93-0f6bdc178de7-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-5.job => C:\Program Files\CinemaPlus-3.2cV01.10\537891f8-7b5c-4554-8f93-0f6bdc178de7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-5_user.job => C:\Program Files\CinemaPlus-3.2cV01.10\537891f8-7b5c-4554-8f93-0f6bdc178de7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-6.job => C:\Program Files\CinemaPlus-3.2cV01.10\537891f8-7b5c-4554-8f93-0f6bdc178de7-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-7.job => C:\Program Files\CinemaPlus-3.2cV01.10\537891f8-7b5c-4554-8f93-0f6bdc178de7-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\74c06d22-9519-4805-9d33-0990bf16ee2f-10_user.job => C:\Program Files\CinemaPlus-3.2cV07.10\74c06d22-9519-4805-9d33-0990bf16ee2f-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\74c06d22-9519-4805-9d33-0990bf16ee2f-11.job => C:\Program Files\CinemaPlus-3.2cV07.10\74c06d22-9519-4805-9d33-0990bf16ee2f-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-6.job => C:\Program Files\CinemaPlus-3.2cV13.10\94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-7.job => C:\Program Files\CinemaPlus-3.2cV13.10\94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-10_user.job => C:\Program Files\CinemaPlus-3.2cV13.10\94be15cc-7c57-47f4-8cc9-735aa1db75fb-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-11.job => C:\Program Files\CinemaPlus-3.2cV13.10\94be15cc-7c57-47f4-8cc9-735aa1db75fb-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-5.job => C:\Program Files\CinemaPlus-3.2cV13.10\94be15cc-7c57-47f4-8cc9-735aa1db75fb-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-5_user.job => C:\Program Files\CinemaPlus-3.2cV13.10\94be15cc-7c57-47f4-8cc9-735aa1db75fb-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\Crossbrowse.job => C:\Program Files\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-1-6.job => C:\Program Files\CinemaPlus-3.2cV25.09\f1961739-97cb-4197-ad2f-915f55b7ee49-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-1-7.job => C:\Program Files\CinemaPlus-3.2cV25.09\f1961739-97cb-4197-ad2f-915f55b7ee49-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-10_user.job => C:\Program Files\CinemaPlus-3.2cV25.09\f1961739-97cb-4197-ad2f-915f55b7ee49-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-11.job => C:\Program Files\CinemaPlus-3.2cV25.09\f1961739-97cb-4197-ad2f-915f55b7ee49-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-3.job => C:\Program Files\CinemaPlus-3.2cV25.09\f1961739-97cb-4197-ad2f-915f55b7ee49-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-5.job => C:\Program Files\CinemaPlus-3.2cV25.09\f1961739-97cb-4197-ad2f-915f55b7ee49-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-5_user.job => C:\Program Files\CinemaPlus-3.2cV25.09\f1961739-97cb-4197-ad2f-915f55b7ee49-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-6.job => C:\Program Files\CinemaPlus-3.2cV25.09\f1961739-97cb-4197-ad2f-915f55b7ee49-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-7.job => C:\Program Files\CinemaPlus-3.2cV25.09\f1961739-97cb-4197-ad2f-915f55b7ee49-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\MyBrowser.job => C:\Program Files\MyBrowser\MyBrowser\Application\utility.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC-Mechanic Maintenance.job => C:\Program Files\Uniblue\PC-Mechanic\pc-mechanic.exe
Task: C:\Windows\Tasks\PC-Mechanic Startup.job => C:\Program Files\Uniblue\PC-Mechanic\pc-mechanic.exe
Task: C:\Windows\Tasks\PC-Mechanic Subscription.job => C:\Program Files\Uniblue\PC-Mechanic\pc-mechanic.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files\RCP\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files\RCP\RegCleanPro.exe <==== ATTENTION
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Iva\Desktop" je 2 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu - zavirované PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
ivkanahodilova
- Návštěvník
- Příspěvky: 6
- Registrován: 22 lis 2015 18:50
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - zavirované PC
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
ivkanahodilova
- Návštěvník
- Příspěvky: 6
- Registrován: 22 lis 2015 18:50
Re: Prosím o kontrolu logu - zavirované PC
# AdwCleaner v5.021 - Logfile created 22/11/2015 at 19:30:09
# Updated 14/11/2015 by Xplode
# Database : 2015-11-22.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : Iva - IVA-PC
# Running from : C:\Users\Iva\Desktop\adwcleaner_5.021.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : globalUpdate
[-] Service Deleted : globalUpdatem
[!] Service Not Deleted : iSafeKrnl
[!] Service Not Deleted : iSafeKrnlBoot
[!] Service Not Deleted : iSafeKrnlKit
[-] Service Deleted : iSafeKrnlMon
[!] Service Not Deleted : iSafeKrnlR3
[!] Service Not Deleted : iSafeNetFilter
[!] Service Not Deleted : iSafeService
[-] Service Deleted : winzipersvc
[-] Service Deleted : IhPul
[-] Service Deleted : MaintainerSvc6.89.573444
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\AnyProtectEx
[-] Folder Deleted : C:\Program Files\ASP
[-] Folder Deleted : C:\Program Files\globalUpdate
[-] Folder Deleted : C:\Program Files\WinZipper
[#] Folder Deleted : C:\Program Files\Elex-tech
[-] Folder Deleted : C:\Program Files\RCP
[-] Folder Deleted : C:\Program Files\Assets Manager
[-] Folder Deleted : C:\Program Files\Crossbrowse
[-] Folder Deleted : C:\Program Files\RayDld
[-] Folder Deleted : C:\Program Files\4C4C4544-1443190585-3310-8057-B5C04F57334A
[-] Folder Deleted : C:\Program Files\CinemaPlus-3.2cV01.10
[-] Folder Deleted : C:\Program Files\CinemaPlus-3.2cV02.10
[-] Folder Deleted : C:\Program Files\CinemaPlus-3.2cV07.10
[-] Folder Deleted : C:\Program Files\CinemaPlus-3.2cV13.10
[!] Folder Not Deleted : C:\Program Files\Crossbrowse
[-] Folder Deleted : C:\Program Files\MyBrowser
[-] Folder Deleted : C:\Program Files\MyBrowser 1.0.2V29.09
[-] Folder Deleted : C:\ProgramData\simplitec
[-] Folder Deleted : C:\ProgramData\smdmf
[-] Folder Deleted : C:\ProgramData\Systweak
[-] Folder Deleted : C:\ProgramData\01e58235-010d-43b1-8340-277d43a75321
[-] Folder Deleted : C:\ProgramData\1WdsManPro1
[-] Folder Deleted : C:\ProgramData\2WdsManPro2
[-] Folder Deleted : C:\ProgramData\5WdsManPro5
[-] Folder Deleted : C:\ProgramData\9WdsManPro9
[-] Folder Deleted : C:\ProgramData\BWdsManProB
[-] Folder Deleted : C:\ProgramData\FWdsManProF
[-] Folder Deleted : C:\ProgramData\gWdsManProg
[-] Folder Deleted : C:\ProgramData\iWdsManProi
[-] Folder Deleted : C:\ProgramData\JWdsManProJ
[-] Folder Deleted : C:\ProgramData\pWdsManProp
[-] Folder Deleted : C:\ProgramData\QWdsManProQ
[-] Folder Deleted : C:\ProgramData\tWdsManProt
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyBrowser
[-] Folder Deleted : C:\Users\Iva\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Iva\AppData\Local\Systweak
[-] Folder Deleted : C:\Users\Iva\AppData\Local\Crossbrowse
[!] Folder Not Deleted : C:\Users\Iva\AppData\Local\Crossbrowse
[-] Folder Deleted : C:\Users\Iva\AppData\Local\MyBrowser
[-] Folder Deleted : C:\Users\Iva\AppData\Local\4C4C4544-1444249247-3310-8057-B5C04F57334A
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\AnyProtectEx
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\Systweak
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\VOPackage
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\WinZipper
[#] Folder Deleted : C:\Users\Iva\AppData\Roaming\Elex-tech
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\TSv
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
[#] Folder Deleted : C:\Windows\system32\Tasks\RegClean Pro
[#] Folder Deleted : C:\Windows\system32\Tasks\Crossbrowse
[#] Folder Deleted : C:\Windows\system32\Tasks\Advanced System~Protector
[#] Folder Deleted : C:\Windows\system32\Tasks\Crossbrowse
[#] Folder Deleted : C:\Windows\system32\Tasks\MyBrowser
***** [ Files ] *****
[-] File Deleted : C:\task.vbs
[-] File Deleted : C:\Users\Iva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MyBrowser.lnk
[-] File Deleted : C:\Users\Iva\Desktop\AnyProtect.lnk
[-] File Deleted : C:\Users\Public\Desktop\RegClean Pro.lnk
[-] File Deleted : C:\Users\Public\Desktop\Advanced System~Protector.lnk
[-] File Deleted : C:\Users\Public\Desktop\MyBrowser.lnk
[-] File Deleted : C:\Windows\Reimage.ini
[-] File Deleted : C:\Windows\system32\roboot.exe
[-] File Deleted : C:\Windows\system32\sasnative32.exe
[-] File Deleted : C:\Windows\system32\drivers\iSafeNetFilter.sys
[-] File Deleted : C:\Windows\system32\drivers\{37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{adb41315-fba7-4b86-be27-b2401a20c8d2}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw.sys
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : APSnotifierPP1
[-] Task Deleted : APSnotifierPP2
[-] Task Deleted : APSnotifierPP3
[-] Task Deleted : Crossbrowse
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
[-] Task Deleted : PC-Mechanic Maintenance
[-] Task Deleted : PC-Mechanic Startup
[-] Task Deleted : RegClean Pro
[-] Task Deleted : RegClean Pro_DEFAULT
[-] Task Deleted : RegClean Pro_UPDATES
[-] Task Deleted : PC-Mechanic Subscription
[-] Task Deleted : Advanced System~Protector
[-] Task Deleted : Advanced System~Protector_startup
[-] Task Deleted : MyBrowser
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-1-6
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-1-7
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-10_user
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-11
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-3
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-5
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-5_user
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-6
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-7
[-] Task Deleted : 74c06d22-9519-4805-9d33-0990bf16ee2f-10_user
[-] Task Deleted : 74c06d22-9519-4805-9d33-0990bf16ee2f-11
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-6
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-7
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-10_user
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-11
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-5
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-5_user
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-1-6
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-1-7
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-10_user
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-11
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-3
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-5
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-5_user
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-6
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-7
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-1-6
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-1-7
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-10_user
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-11
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-3
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-5
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-5_user
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-6
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-7
[-] Task Deleted : 74c06d22-9519-4805-9d33-0990bf16ee2f-10_user
[-] Task Deleted : 74c06d22-9519-4805-9d33-0990bf16ee2f-11
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-6
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-7
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-10_user
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-11
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-5
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-5_user
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-1-6
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-1-7
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-10_user
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-11
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-3
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-5
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-5_user
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-6
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-7
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
[-] Key Deleted : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
[-] Key Deleted : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
[-] Key Deleted : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\CRSBRWSHTML
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse
[-] Value Deleted : HKLM\SOFTWARE\Classes\.htm\OpenWithProgids [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.html\OpenWithProgids [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\RegisteredApplications [Crossbrowse]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper
[-] Value Deleted : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\RegisteredApplications [MyBrowser]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mybrowser.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\mybrowser.exe
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\MyBrowser
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro
[-] Key Deleted : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Update PodoWeb
[-] Key Deleted : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Util PodoWeb
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures [MyBrowser.job]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures [MyBrowser.job.fp]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures [Crossbrowse.job]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures [Crossbrowse.job.fp]
[-] Key Deleted : HKLM\SOFTWARE\a7c99d22-3caa-4968-b8b2-77ca316f3800
[-] Key Deleted : HKLM\SOFTWARE\dd6cb864-22c2-44cc-baa2-1536b5a78dc3
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.001
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.7z
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.arj
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.bz2
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.bzip2
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.cab
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.cpio
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.deb
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.dmg
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.fat
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.gz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.gzip
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.hfs
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.iso
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.lha
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.lzh
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.lzma
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.ntfs
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.rar
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.rpm
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.squashfs
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.swm
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tar
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.taz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tbz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tbz2
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tgz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tpz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.txz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.vhd
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.wim
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.xar
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.xz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.z
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.zip
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4F622628-7632-4B28-B184-D7BA0CA3273B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A563926-CF4B-4363-A760-F71E46205B7E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKCU\Software\AnyProtect
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\SmdmF
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\SystemK
[-] Key Deleted : HKCU\Software\systweak
[-] Key Deleted : HKCU\Software\V9
[-] Key Deleted : HKCU\Software\Reimage
[-] Key Deleted : HKCU\Software\CrossBrowser
[-] Key Deleted : HKCU\Software\reimagerepair
[-] Key Deleted : HKCU\Software\Linkey
[-] Key Deleted : HKCU\Software\YorkNewCin
[-] Key Deleted : HKCU\Software\HighDefAction
[-] Key Deleted : HKCU\Software\ArenaHD
[-] Key Deleted : HKCU\Software\Reg\Clean
[-] Key Deleted : HKCU\Software\CinemaPlus-3.2cV01.10-nv
[-] Key Deleted : HKCU\Software\CinemaPlus-3.2cV01.10-nv-ie
[-] Key Deleted : HKCU\Software\CinemaPlus-3.2cV07.10
[-] Key Deleted : HKCU\Software\CinemaPlus-3.2cV13.10
[-] Key Deleted : HKCU\Software\CinemaPlus-3.2cV13.10-nv-ie
[-] Key Deleted : HKCU\Software\Crossbrowse
[-] Key Deleted : HKCU\Software\MyBrowser
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Driver-Soft
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\hdcode
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\simplitec
[-] Key Deleted : HKLM\SOFTWARE\SmdmF
[-] Key Deleted : HKLM\SOFTWARE\SystemK
[-] Key Deleted : HKLM\SOFTWARE\systweak
[-] Key Deleted : HKLM\SOFTWARE\V9
[-] Key Deleted : HKLM\SOFTWARE\winzipersvc
[-] Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
[-] Key Deleted : HKLM\SOFTWARE\Elex-tech
[-] Key Deleted : HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKLM\SOFTWARE\WdsManPro
[-] Key Deleted : HKLM\SOFTWARE\RayDld
[-] Key Deleted : HKLM\SOFTWARE\ihpmserver
[-] Key Deleted : HKLM\SOFTWARE\Reg\Clean
[-] Key Deleted : HKLM\SOFTWARE\TSv
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV01.10-nv
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV01.10-nv-ie
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV02.10
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV07.10
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV13.10
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV13.10-nv-ie
[-] Key Deleted : HKLM\SOFTWARE\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\MyBrowser
[-] Key Deleted : HKLM\SOFTWARE\MyBrowser 1.0.2V29.09
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9563BC59-9556-4805-8CD4-886781779D8D}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean-Pro_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius Professional Edition_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PopupProduct
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaPlus-3.2cV07.10
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaPlus-3.2cV13.10
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyBrowser
[-] Key Deleted : HKU\.DEFAULT\Software\Elex-tech
[-] Key Deleted : HKU\.DEFAULT\Software\CinemaPlus-3.2cV01.10-nv
[-] Key Deleted : HKU\.DEFAULT\Software\CinemaPlus-3.2cV01.10-nv-ie
[-] Key Deleted : HKU\.DEFAULT\Software\CinemaPlus-3.2cV13.10-nv-ie
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\gamingwonderland.dl.tb.ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\inspsearch.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\kingtale3.inspsearch.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\reimagenetwork.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\televisionfanatic.dl.tb.ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\v9.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.v9.com
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [31952 bytes] ##########
# Updated 14/11/2015 by Xplode
# Database : 2015-11-22.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : Iva - IVA-PC
# Running from : C:\Users\Iva\Desktop\adwcleaner_5.021.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : globalUpdate
[-] Service Deleted : globalUpdatem
[!] Service Not Deleted : iSafeKrnl
[!] Service Not Deleted : iSafeKrnlBoot
[!] Service Not Deleted : iSafeKrnlKit
[-] Service Deleted : iSafeKrnlMon
[!] Service Not Deleted : iSafeKrnlR3
[!] Service Not Deleted : iSafeNetFilter
[!] Service Not Deleted : iSafeService
[-] Service Deleted : winzipersvc
[-] Service Deleted : IhPul
[-] Service Deleted : MaintainerSvc6.89.573444
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\AnyProtectEx
[-] Folder Deleted : C:\Program Files\ASP
[-] Folder Deleted : C:\Program Files\globalUpdate
[-] Folder Deleted : C:\Program Files\WinZipper
[#] Folder Deleted : C:\Program Files\Elex-tech
[-] Folder Deleted : C:\Program Files\RCP
[-] Folder Deleted : C:\Program Files\Assets Manager
[-] Folder Deleted : C:\Program Files\Crossbrowse
[-] Folder Deleted : C:\Program Files\RayDld
[-] Folder Deleted : C:\Program Files\4C4C4544-1443190585-3310-8057-B5C04F57334A
[-] Folder Deleted : C:\Program Files\CinemaPlus-3.2cV01.10
[-] Folder Deleted : C:\Program Files\CinemaPlus-3.2cV02.10
[-] Folder Deleted : C:\Program Files\CinemaPlus-3.2cV07.10
[-] Folder Deleted : C:\Program Files\CinemaPlus-3.2cV13.10
[!] Folder Not Deleted : C:\Program Files\Crossbrowse
[-] Folder Deleted : C:\Program Files\MyBrowser
[-] Folder Deleted : C:\Program Files\MyBrowser 1.0.2V29.09
[-] Folder Deleted : C:\ProgramData\simplitec
[-] Folder Deleted : C:\ProgramData\smdmf
[-] Folder Deleted : C:\ProgramData\Systweak
[-] Folder Deleted : C:\ProgramData\01e58235-010d-43b1-8340-277d43a75321
[-] Folder Deleted : C:\ProgramData\1WdsManPro1
[-] Folder Deleted : C:\ProgramData\2WdsManPro2
[-] Folder Deleted : C:\ProgramData\5WdsManPro5
[-] Folder Deleted : C:\ProgramData\9WdsManPro9
[-] Folder Deleted : C:\ProgramData\BWdsManProB
[-] Folder Deleted : C:\ProgramData\FWdsManProF
[-] Folder Deleted : C:\ProgramData\gWdsManProg
[-] Folder Deleted : C:\ProgramData\iWdsManProi
[-] Folder Deleted : C:\ProgramData\JWdsManProJ
[-] Folder Deleted : C:\ProgramData\pWdsManProp
[-] Folder Deleted : C:\ProgramData\QWdsManProQ
[-] Folder Deleted : C:\ProgramData\tWdsManProt
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyBrowser
[-] Folder Deleted : C:\Users\Iva\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Iva\AppData\Local\Systweak
[-] Folder Deleted : C:\Users\Iva\AppData\Local\Crossbrowse
[!] Folder Not Deleted : C:\Users\Iva\AppData\Local\Crossbrowse
[-] Folder Deleted : C:\Users\Iva\AppData\Local\MyBrowser
[-] Folder Deleted : C:\Users\Iva\AppData\Local\4C4C4544-1444249247-3310-8057-B5C04F57334A
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\AnyProtectEx
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\Systweak
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\VOPackage
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\WinZipper
[#] Folder Deleted : C:\Users\Iva\AppData\Roaming\Elex-tech
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\TSv
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
[#] Folder Deleted : C:\Windows\system32\Tasks\RegClean Pro
[#] Folder Deleted : C:\Windows\system32\Tasks\Crossbrowse
[#] Folder Deleted : C:\Windows\system32\Tasks\Advanced System~Protector
[#] Folder Deleted : C:\Windows\system32\Tasks\Crossbrowse
[#] Folder Deleted : C:\Windows\system32\Tasks\MyBrowser
***** [ Files ] *****
[-] File Deleted : C:\task.vbs
[-] File Deleted : C:\Users\Iva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MyBrowser.lnk
[-] File Deleted : C:\Users\Iva\Desktop\AnyProtect.lnk
[-] File Deleted : C:\Users\Public\Desktop\RegClean Pro.lnk
[-] File Deleted : C:\Users\Public\Desktop\Advanced System~Protector.lnk
[-] File Deleted : C:\Users\Public\Desktop\MyBrowser.lnk
[-] File Deleted : C:\Windows\Reimage.ini
[-] File Deleted : C:\Windows\system32\roboot.exe
[-] File Deleted : C:\Windows\system32\sasnative32.exe
[-] File Deleted : C:\Windows\system32\drivers\iSafeNetFilter.sys
[-] File Deleted : C:\Windows\system32\drivers\{37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{adb41315-fba7-4b86-be27-b2401a20c8d2}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw.sys
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : APSnotifierPP1
[-] Task Deleted : APSnotifierPP2
[-] Task Deleted : APSnotifierPP3
[-] Task Deleted : Crossbrowse
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
[-] Task Deleted : PC-Mechanic Maintenance
[-] Task Deleted : PC-Mechanic Startup
[-] Task Deleted : RegClean Pro
[-] Task Deleted : RegClean Pro_DEFAULT
[-] Task Deleted : RegClean Pro_UPDATES
[-] Task Deleted : PC-Mechanic Subscription
[-] Task Deleted : Advanced System~Protector
[-] Task Deleted : Advanced System~Protector_startup
[-] Task Deleted : MyBrowser
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-1-6
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-1-7
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-10_user
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-11
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-3
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-5
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-5_user
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-6
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-7
[-] Task Deleted : 74c06d22-9519-4805-9d33-0990bf16ee2f-10_user
[-] Task Deleted : 74c06d22-9519-4805-9d33-0990bf16ee2f-11
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-6
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-7
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-10_user
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-11
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-5
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-5_user
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-1-6
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-1-7
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-10_user
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-11
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-3
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-5
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-5_user
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-6
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-7
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-1-6
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-1-7
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-10_user
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-11
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-3
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-5
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-5_user
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-6
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-7
[-] Task Deleted : 74c06d22-9519-4805-9d33-0990bf16ee2f-10_user
[-] Task Deleted : 74c06d22-9519-4805-9d33-0990bf16ee2f-11
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-6
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-7
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-10_user
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-11
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-5
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-5_user
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-1-6
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-1-7
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-10_user
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-11
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-3
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-5
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-5_user
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-6
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-7
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
[-] Key Deleted : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
[-] Key Deleted : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
[-] Key Deleted : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\CRSBRWSHTML
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse
[-] Value Deleted : HKLM\SOFTWARE\Classes\.htm\OpenWithProgids [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.html\OpenWithProgids [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\RegisteredApplications [Crossbrowse]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper
[-] Value Deleted : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\RegisteredApplications [MyBrowser]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mybrowser.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\mybrowser.exe
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\MyBrowser
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro
[-] Key Deleted : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Update PodoWeb
[-] Key Deleted : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Util PodoWeb
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures [MyBrowser.job]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures [MyBrowser.job.fp]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures [Crossbrowse.job]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures [Crossbrowse.job.fp]
[-] Key Deleted : HKLM\SOFTWARE\a7c99d22-3caa-4968-b8b2-77ca316f3800
[-] Key Deleted : HKLM\SOFTWARE\dd6cb864-22c2-44cc-baa2-1536b5a78dc3
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.001
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.7z
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.arj
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.bz2
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.bzip2
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.cab
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.cpio
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.deb
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.dmg
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.fat
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.gz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.gzip
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.hfs
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.iso
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.lha
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.lzh
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.lzma
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.ntfs
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.rar
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.rpm
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.squashfs
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.swm
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tar
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.taz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tbz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tbz2
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tgz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tpz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.txz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.vhd
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.wim
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.xar
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.xz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.z
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.zip
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4F622628-7632-4B28-B184-D7BA0CA3273B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A563926-CF4B-4363-A760-F71E46205B7E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKCU\Software\AnyProtect
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\SmdmF
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\SystemK
[-] Key Deleted : HKCU\Software\systweak
[-] Key Deleted : HKCU\Software\V9
[-] Key Deleted : HKCU\Software\Reimage
[-] Key Deleted : HKCU\Software\CrossBrowser
[-] Key Deleted : HKCU\Software\reimagerepair
[-] Key Deleted : HKCU\Software\Linkey
[-] Key Deleted : HKCU\Software\YorkNewCin
[-] Key Deleted : HKCU\Software\HighDefAction
[-] Key Deleted : HKCU\Software\ArenaHD
[-] Key Deleted : HKCU\Software\Reg\Clean
[-] Key Deleted : HKCU\Software\CinemaPlus-3.2cV01.10-nv
[-] Key Deleted : HKCU\Software\CinemaPlus-3.2cV01.10-nv-ie
[-] Key Deleted : HKCU\Software\CinemaPlus-3.2cV07.10
[-] Key Deleted : HKCU\Software\CinemaPlus-3.2cV13.10
[-] Key Deleted : HKCU\Software\CinemaPlus-3.2cV13.10-nv-ie
[-] Key Deleted : HKCU\Software\Crossbrowse
[-] Key Deleted : HKCU\Software\MyBrowser
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Driver-Soft
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\hdcode
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\simplitec
[-] Key Deleted : HKLM\SOFTWARE\SmdmF
[-] Key Deleted : HKLM\SOFTWARE\SystemK
[-] Key Deleted : HKLM\SOFTWARE\systweak
[-] Key Deleted : HKLM\SOFTWARE\V9
[-] Key Deleted : HKLM\SOFTWARE\winzipersvc
[-] Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
[-] Key Deleted : HKLM\SOFTWARE\Elex-tech
[-] Key Deleted : HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKLM\SOFTWARE\WdsManPro
[-] Key Deleted : HKLM\SOFTWARE\RayDld
[-] Key Deleted : HKLM\SOFTWARE\ihpmserver
[-] Key Deleted : HKLM\SOFTWARE\Reg\Clean
[-] Key Deleted : HKLM\SOFTWARE\TSv
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV01.10-nv
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV01.10-nv-ie
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV02.10
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV07.10
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV13.10
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV13.10-nv-ie
[-] Key Deleted : HKLM\SOFTWARE\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\MyBrowser
[-] Key Deleted : HKLM\SOFTWARE\MyBrowser 1.0.2V29.09
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9563BC59-9556-4805-8CD4-886781779D8D}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean-Pro_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius Professional Edition_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PopupProduct
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaPlus-3.2cV07.10
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaPlus-3.2cV13.10
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyBrowser
[-] Key Deleted : HKU\.DEFAULT\Software\Elex-tech
[-] Key Deleted : HKU\.DEFAULT\Software\CinemaPlus-3.2cV01.10-nv
[-] Key Deleted : HKU\.DEFAULT\Software\CinemaPlus-3.2cV01.10-nv-ie
[-] Key Deleted : HKU\.DEFAULT\Software\CinemaPlus-3.2cV13.10-nv-ie
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\gamingwonderland.dl.tb.ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\inspsearch.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\kingtale3.inspsearch.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\reimagenetwork.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\televisionfanatic.dl.tb.ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\v9.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.v9.com
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [31952 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - zavirované PC
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
ivkanahodilova
- Návštěvník
- Příspěvky: 6
- Registrován: 22 lis 2015 18:50
Re: Prosím o kontrolu logu - zavirované PC
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:22-11-2015
Ran by Iva (administrator) on IVA-PC (22-11-2015 21:23:04)
Running from C:\Users\Iva\Desktop
Loaded Profiles: Iva (Available Profiles: Iva)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeTray.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\46.0.2490.86\Installer\chrmstp.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_19_0_0_245_ActiveX.exe
(Ghisler Software GmbH) C:\Program Files\Totalcmd\TOTALCMD.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-10] (AVAST Software)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2014-03-24] (Logitech, Inc.)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\Run: [GoogleChromeAutoLaunch_931877040822C1640EC7A0875A73A438] => "C:\Program Files\MyBrowser\MyBrowser\Application\mybrowser.exe" --no-startup-window
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\RunOnce: [Application Restart #1] => C:\Program Files\Avant Browser\webkit\webkit.exe [668408 2015-09-29] (The Chromium Authors)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\RunOnce: [Application Restart #2] => C:\Program Files\Avant Browser\webkit\webkit.exe [668408 2015-09-29] (The Chromium Authors)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\RunOnce: [Application Restart #3] => C:\Program Files\Avant Browser\webkit\webkit.exe [668408 2015-09-29] (The Chromium Authors)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\MountPoints2: {16a80df8-a5fd-11e3-a9d0-00219b3170a0} - E:\autorun.exe
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\MountPoints2: {b673d197-d577-11e4-a168-00219b3170a0} - F:\autorun.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-20] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2014-03-07]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{FA1FC4A2-16F8-40A2-A06F-8EF71D83E7A2}: [DhcpNameServer] 192.168.100.1 192.168.3.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130919100609618099&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://seznam.cz/
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1445858917&fr ... earchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&a ... earchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1445858917&fr ... earchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&a ... earchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {B6DDB2A5-A528-4C20-8406-3368FB01E529} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {F7BD9A9F-3458-4C29-B40A-C2B81111C467} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-22] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20] (AVAST Software)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-22] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-22] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-22] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-22] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3296444741-4028167595-444839913-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Iva\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-09-28] (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-20] [not signed]
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-03-14] [not signed]
Chrome:
=======
CHR Profile: C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-22]
CHR Extension: (Dokumenty Google) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-22]
CHR Extension: (Disk Google) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-22]
CHR Extension: (Avast Online Security) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-22]
CHR Extension: (Gmail) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-22]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-20] (AVAST Software)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1893896 2015-11-12] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 iSafeService; C:\Program Files\Elex-tech\YAC\iSafeSvc.exe [118048 2015-08-19] (Elex do Brasil Participações Ltda)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-11-12] (LogMeIn, Inc.)
S2 MustangService_2015_10_10; C:\ProgramData\TempMoudleSet\MustangSer156.exe [236816 2015-10-09] (MustangService)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-11-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-11-10] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-20] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-11-02] (Disc Soft Ltd)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 iSafeKrnl; C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys [225896 2015-05-14] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys [97912 2015-08-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [45032 2015-08-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys [73232 2015-08-19] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [44712 2015-06-30] (Elex do Brasil Participações Ltda)
S3 usbcamcl; C:\Windows\System32\DRIVERS\usbcamcl.sys [28416 2011-08-18] (usb camera)
S3 cpuz134; \??\C:\Users\Iva\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 iSafeKrnlBoot; system32\DRIVERS\iSafeKrnlBoot.sys [X]
S1 {37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw; system32\drivers\{37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw.sys [X]
S1 {51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw; system32\drivers\{51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw.sys [X]
S1 {6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw; system32\drivers\{6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw.sys [X]
S1 {9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw; system32\drivers\{9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw.sys [X]
S1 {98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw; system32\drivers\{98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw.sys [X]
S1 {a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw; system32\drivers\{a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw.sys [X]
S1 {ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw; system32\drivers\{ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw.sys [X]
S1 {adb41315-fba7-4b86-be27-b2401a20c8d2}Gw; system32\drivers\{adb41315-fba7-4b86-be27-b2401a20c8d2}Gw.sys [X]
S1 {b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw; system32\drivers\{b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw.sys [X]
S1 {b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw; system32\drivers\{b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw.sys [X]
S1 {b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw; system32\drivers\{b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw.sys [X]
S1 {c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw; system32\drivers\{c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-22 21:22 - 2015-11-22 21:22 - 00001116 ____C C:\Users\Iva\Desktop\Total Commander – zástupce.lnk
2015-11-22 21:22 - 2015-11-22 21:22 - 00000000 ___DC C:\Users\Iva\Desktop\FRST-OlderVersion
2015-11-22 20:33 - 2015-11-22 20:33 - 00013185 ____C C:\Users\Iva\Desktop\Vyhledat aktualizace.lnk
2015-11-22 20:01 - 2015-11-22 20:01 - 00002161 ____C C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-22 20:01 - 2015-11-22 20:01 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-22 20:00 - 2015-11-22 21:05 - 00000934 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-22 20:00 - 2015-11-22 20:05 - 00000930 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-22 19:33 - 2015-11-22 19:33 - 00000000 ___DC C:\Users\Iva\AppData\Roaming\Elex-tech
2015-11-22 19:33 - 2015-06-30 03:50 - 00044712 ____C (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2015-11-22 19:27 - 2015-11-22 19:30 - 00000000 ___DC C:\AdwCleaner
2015-11-22 19:26 - 2015-11-22 19:26 - 01732096 ____C C:\Users\Iva\Desktop\adwcleaner_5.021.exe
2015-11-22 18:58 - 2015-11-22 18:58 - 00028310 ____C C:\Users\Iva\Desktop\Addition.txt
2015-11-22 18:57 - 2015-11-22 21:23 - 00019428 ____C C:\Users\Iva\Desktop\FRST.txt
2015-11-22 18:56 - 2015-11-22 21:23 - 00000000 ___DC C:\FRST
2015-11-22 18:54 - 2015-11-22 21:22 - 01717248 ____C (Farbar) C:\Users\Iva\Desktop\FRST.exe
2015-11-22 18:47 - 2015-11-22 18:47 - 00000000 ___DC C:\Program Files\Common Files\Java
2015-11-22 18:46 - 2015-11-22 18:46 - 00000000 ___DC C:\Users\Iva\AppData\Roaming\Sun
2015-11-22 18:46 - 2015-11-22 18:46 - 00000000 ___DC C:\Users\Iva\.oracle_jre_usage
2015-11-22 18:44 - 2015-11-22 18:44 - 00000000 ___DC C:\Users\Iva\AppData\LocalLow\Oracle
2015-11-22 18:43 - 2015-11-22 18:43 - 00000652 ____C C:\Windows\LkmdfCoInst.log
2015-11-17 16:25 - 2015-11-17 16:25 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-11-17 16:25 - 2015-11-17 16:25 - 00000000 ___DC C:\Program Files\LogMeIn Hamachi
2015-11-15 12:06 - 2015-11-15 12:06 - 00000000 ___DC C:\ProgramData\TempMoudleSet
2015-11-12 19:02 - 2015-11-12 19:12 - 44311088 ____C C:\Users\Iva\Downloads\Seznam.cz (1).exe
2015-11-12 16:29 - 2015-11-12 19:00 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 19:07 - 2015-11-11 19:12 - 00000000 ___DC C:\56d85a9898984645d61ebf2a12dd45
2015-11-11 16:44 - 2015-11-11 19:05 - 20331520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 12854272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 16:44 - 2015-11-11 19:05 - 02279936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 16:44 - 2015-11-11 19:05 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 16:44 - 2015-11-11 19:05 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 16:44 - 2015-11-11 19:05 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 16:44 - 2015-11-11 19:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 16:44 - 2015-11-11 19:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 16:44 - 2015-11-11 19:05 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 16:39 - 2015-11-11 19:07 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 16:39 - 2015-11-11 19:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 16:39 - 2015-11-11 19:07 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 16:39 - 2015-11-11 19:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 16:39 - 2015-11-11 19:06 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 16:39 - 2015-11-11 19:06 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 03991488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 03935680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 16:38 - 2015-11-11 19:05 - 00712640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 16:33 - 2015-11-11 19:03 - 00371920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 16:33 - 2015-11-11 19:03 - 00251000 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 02955776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 16:33 - 2015-11-11 19:02 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 16:33 - 2015-11-11 19:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-09 20:04 - 2015-11-09 20:14 - 44312328 ____C C:\Users\Iva\Downloads\Seznam.cz.exe
2015-11-06 16:53 - 2015-11-06 16:53 - 00004245 ____C C:\Users\Iva\Downloads\stažený soubor
2015-10-30 14:50 - 2015-10-30 14:50 - 00772016 ____C (Reimage®) C:\Users\Iva\Downloads\ReimageRepair (2).exe
2015-10-27 16:03 - 2015-11-17 16:25 - 00000856 ____C C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-22 21:20 - 2014-02-05 19:17 - 01135778 ____C C:\Windows\WindowsUpdate.log
2015-11-22 21:13 - 2014-07-08 19:11 - 00000914 ____C C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-22 20:26 - 2015-01-01 13:46 - 00000000 ___DC C:\Users\Iva\AppData\Local\LogMeIn Hamachi
2015-11-22 20:01 - 2014-02-14 17:39 - 00000000 ___DC C:\Program Files\Google
2015-11-22 20:00 - 2014-02-14 17:39 - 00000000 ___DC C:\Users\Iva\AppData\Local\Deployment
2015-11-22 19:43 - 2009-07-14 05:34 - 00032096 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-22 19:43 - 2009-07-14 05:34 - 00032096 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-22 19:33 - 2015-10-04 10:45 - 00011216 ____C C:\Windows\setupact.log
2015-11-22 19:33 - 2015-10-04 10:44 - 00539568 ____C C:\Windows\PFRO.log
2015-11-22 19:33 - 2009-07-14 05:53 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2015-11-22 18:53 - 2015-09-25 15:30 - 00000004 ____C C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-11-22 18:53 - 2014-02-15 15:40 - 00000000 ___DC C:\ProgramData\Oracle
2015-11-22 18:48 - 2014-08-30 16:30 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-22 18:48 - 2014-02-15 15:39 - 00000000 ___DC C:\Program Files\Java
2015-11-22 18:46 - 2014-08-30 16:30 - 00278624 ____C (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-11-22 18:46 - 2014-08-30 16:30 - 00095840 ____C (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-11-22 18:46 - 2014-02-14 09:18 - 00000000 ___DC C:\Users\Iva
2015-11-22 18:43 - 2015-03-14 15:51 - 00016400 ____C (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-11-21 22:30 - 2014-02-15 12:53 - 00000000 ___DC C:\Program Files\TeamViewer
2015-11-20 18:07 - 2010-11-20 22:01 - 01583226 ____C C:\Windows\system32\PerfStringBackup.INI
2015-11-13 21:31 - 2014-04-19 18:04 - 00000000 ___DC C:\Users\Iva\AppData\Roaming\TeamViewer
2015-11-12 19:41 - 2009-07-14 05:33 - 00302056 ____C C:\Windows\system32\FNTCACHE.DAT
2015-11-12 11:50 - 2015-01-01 13:43 - 00027040 ___HC (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-11-11 21:41 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2015-11-11 21:12 - 2009-07-14 03:37 - 00000000 ___DC C:\Windows\Microsoft.NET
2015-11-11 19:39 - 2011-04-12 02:46 - 00000000 ___DC C:\Program Files\Windows Journal
2015-11-11 19:21 - 2009-07-14 03:37 - 00000000 ___DC C:\Windows\system32\NDF
2015-11-11 19:14 - 2014-07-08 19:10 - 00780488 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-11-11 19:14 - 2014-07-08 19:10 - 00142536 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-11-11 19:12 - 2014-02-14 19:17 - 00000000 ___DC C:\Windows\system32\MRT
2015-11-11 19:07 - 2014-02-14 19:17 - 143250520 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-10 20:49 - 2015-10-04 15:24 - 00100352 __SHC C:\Users\Iva\Documents\Thumbs.db
2015-11-10 20:47 - 2015-10-18 15:16 - 00040702 ____C C:\Users\Iva\Documents\Faktura Milda.ods
2015-11-10 16:51 - 2014-02-14 18:13 - 00794952 ____C (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-11-10 16:51 - 2014-02-14 18:13 - 00435464 ____C (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-11-07 13:44 - 2014-02-14 18:29 - 00000000 ___DC C:\Users\Iva\AppData\Roaming\Skype
2015-11-07 13:13 - 2014-02-14 18:28 - 00000000 ___DC C:\ProgramData\Skype
==================== Files in the root of some directories =======
2015-10-03 07:58 - 2015-10-03 07:58 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsdE16.tmp
2015-10-03 11:03 - 2015-10-03 11:03 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsi9B4A.tmp
2015-10-05 13:55 - 2015-10-05 13:55 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsr4603.tmp
2015-10-02 19:19 - 2015-10-02 19:19 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsr5233.tmp
2015-10-06 17:43 - 2015-10-06 17:42 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nssBB8D.tmp
2015-10-04 11:19 - 2015-10-04 11:19 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsxDA5.tmp
2015-09-25 15:27 - 2015-10-16 14:02 - 0000102 ____C () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Some files in TEMP:
====================
C:\Users\Iva\AppData\Local\Temp\1742.exe
C:\Users\Iva\AppData\Local\Temp\7276.exe
C:\Users\Iva\AppData\Local\Temp\7545.exe
C:\Users\Iva\AppData\Local\Temp\8043.exe
C:\Users\Iva\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Iva\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-20 19:08
==================== End of FRST.txt ============================
Ran by Iva (administrator) on IVA-PC (22-11-2015 21:23:04)
Running from C:\Users\Iva\Desktop
Loaded Profiles: Iva (Available Profiles: Iva)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeTray.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\46.0.2490.86\Installer\chrmstp.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_19_0_0_245_ActiveX.exe
(Ghisler Software GmbH) C:\Program Files\Totalcmd\TOTALCMD.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-10] (AVAST Software)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2014-03-24] (Logitech, Inc.)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\Run: [GoogleChromeAutoLaunch_931877040822C1640EC7A0875A73A438] => "C:\Program Files\MyBrowser\MyBrowser\Application\mybrowser.exe" --no-startup-window
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\RunOnce: [Application Restart #1] => C:\Program Files\Avant Browser\webkit\webkit.exe [668408 2015-09-29] (The Chromium Authors)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\RunOnce: [Application Restart #2] => C:\Program Files\Avant Browser\webkit\webkit.exe [668408 2015-09-29] (The Chromium Authors)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\RunOnce: [Application Restart #3] => C:\Program Files\Avant Browser\webkit\webkit.exe [668408 2015-09-29] (The Chromium Authors)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\MountPoints2: {16a80df8-a5fd-11e3-a9d0-00219b3170a0} - E:\autorun.exe
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\MountPoints2: {b673d197-d577-11e4-a168-00219b3170a0} - F:\autorun.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-20] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2014-03-07]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{FA1FC4A2-16F8-40A2-A06F-8EF71D83E7A2}: [DhcpNameServer] 192.168.100.1 192.168.3.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130919100609618099&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://seznam.cz/
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1445858917&fr ... earchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&a ... earchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1445858917&fr ... earchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&a ... earchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {B6DDB2A5-A528-4C20-8406-3368FB01E529} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {F7BD9A9F-3458-4C29-B40A-C2B81111C467} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-22] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20] (AVAST Software)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-22] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-22] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-22] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-22] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3296444741-4028167595-444839913-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Iva\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-09-28] (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-20] [not signed]
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-03-14] [not signed]
Chrome:
=======
CHR Profile: C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-22]
CHR Extension: (Dokumenty Google) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-22]
CHR Extension: (Disk Google) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-22]
CHR Extension: (Avast Online Security) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-22]
CHR Extension: (Gmail) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-22]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-20] (AVAST Software)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1893896 2015-11-12] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 iSafeService; C:\Program Files\Elex-tech\YAC\iSafeSvc.exe [118048 2015-08-19] (Elex do Brasil Participações Ltda)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-11-12] (LogMeIn, Inc.)
S2 MustangService_2015_10_10; C:\ProgramData\TempMoudleSet\MustangSer156.exe [236816 2015-10-09] (MustangService)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-11-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-11-10] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-20] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-11-02] (Disc Soft Ltd)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 iSafeKrnl; C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys [225896 2015-05-14] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys [97912 2015-08-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [45032 2015-08-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys [73232 2015-08-19] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [44712 2015-06-30] (Elex do Brasil Participações Ltda)
S3 usbcamcl; C:\Windows\System32\DRIVERS\usbcamcl.sys [28416 2011-08-18] (usb camera)
S3 cpuz134; \??\C:\Users\Iva\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 iSafeKrnlBoot; system32\DRIVERS\iSafeKrnlBoot.sys [X]
S1 {37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw; system32\drivers\{37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw.sys [X]
S1 {51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw; system32\drivers\{51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw.sys [X]
S1 {6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw; system32\drivers\{6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw.sys [X]
S1 {9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw; system32\drivers\{9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw.sys [X]
S1 {98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw; system32\drivers\{98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw.sys [X]
S1 {a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw; system32\drivers\{a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw.sys [X]
S1 {ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw; system32\drivers\{ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw.sys [X]
S1 {adb41315-fba7-4b86-be27-b2401a20c8d2}Gw; system32\drivers\{adb41315-fba7-4b86-be27-b2401a20c8d2}Gw.sys [X]
S1 {b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw; system32\drivers\{b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw.sys [X]
S1 {b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw; system32\drivers\{b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw.sys [X]
S1 {b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw; system32\drivers\{b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw.sys [X]
S1 {c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw; system32\drivers\{c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-22 21:22 - 2015-11-22 21:22 - 00001116 ____C C:\Users\Iva\Desktop\Total Commander – zástupce.lnk
2015-11-22 21:22 - 2015-11-22 21:22 - 00000000 ___DC C:\Users\Iva\Desktop\FRST-OlderVersion
2015-11-22 20:33 - 2015-11-22 20:33 - 00013185 ____C C:\Users\Iva\Desktop\Vyhledat aktualizace.lnk
2015-11-22 20:01 - 2015-11-22 20:01 - 00002161 ____C C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-22 20:01 - 2015-11-22 20:01 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-22 20:00 - 2015-11-22 21:05 - 00000934 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-22 20:00 - 2015-11-22 20:05 - 00000930 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-22 19:33 - 2015-11-22 19:33 - 00000000 ___DC C:\Users\Iva\AppData\Roaming\Elex-tech
2015-11-22 19:33 - 2015-06-30 03:50 - 00044712 ____C (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2015-11-22 19:27 - 2015-11-22 19:30 - 00000000 ___DC C:\AdwCleaner
2015-11-22 19:26 - 2015-11-22 19:26 - 01732096 ____C C:\Users\Iva\Desktop\adwcleaner_5.021.exe
2015-11-22 18:58 - 2015-11-22 18:58 - 00028310 ____C C:\Users\Iva\Desktop\Addition.txt
2015-11-22 18:57 - 2015-11-22 21:23 - 00019428 ____C C:\Users\Iva\Desktop\FRST.txt
2015-11-22 18:56 - 2015-11-22 21:23 - 00000000 ___DC C:\FRST
2015-11-22 18:54 - 2015-11-22 21:22 - 01717248 ____C (Farbar) C:\Users\Iva\Desktop\FRST.exe
2015-11-22 18:47 - 2015-11-22 18:47 - 00000000 ___DC C:\Program Files\Common Files\Java
2015-11-22 18:46 - 2015-11-22 18:46 - 00000000 ___DC C:\Users\Iva\AppData\Roaming\Sun
2015-11-22 18:46 - 2015-11-22 18:46 - 00000000 ___DC C:\Users\Iva\.oracle_jre_usage
2015-11-22 18:44 - 2015-11-22 18:44 - 00000000 ___DC C:\Users\Iva\AppData\LocalLow\Oracle
2015-11-22 18:43 - 2015-11-22 18:43 - 00000652 ____C C:\Windows\LkmdfCoInst.log
2015-11-17 16:25 - 2015-11-17 16:25 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-11-17 16:25 - 2015-11-17 16:25 - 00000000 ___DC C:\Program Files\LogMeIn Hamachi
2015-11-15 12:06 - 2015-11-15 12:06 - 00000000 ___DC C:\ProgramData\TempMoudleSet
2015-11-12 19:02 - 2015-11-12 19:12 - 44311088 ____C C:\Users\Iva\Downloads\Seznam.cz (1).exe
2015-11-12 16:29 - 2015-11-12 19:00 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 19:07 - 2015-11-11 19:12 - 00000000 ___DC C:\56d85a9898984645d61ebf2a12dd45
2015-11-11 16:44 - 2015-11-11 19:05 - 20331520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 12854272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 16:44 - 2015-11-11 19:05 - 02279936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 16:44 - 2015-11-11 19:05 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 16:44 - 2015-11-11 19:05 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 16:44 - 2015-11-11 19:05 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 16:44 - 2015-11-11 19:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 16:44 - 2015-11-11 19:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 16:44 - 2015-11-11 19:05 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 16:39 - 2015-11-11 19:07 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 16:39 - 2015-11-11 19:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 16:39 - 2015-11-11 19:07 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 16:39 - 2015-11-11 19:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 16:39 - 2015-11-11 19:06 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 16:39 - 2015-11-11 19:06 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 03991488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 03935680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 16:38 - 2015-11-11 19:05 - 00712640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 16:33 - 2015-11-11 19:03 - 00371920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 16:33 - 2015-11-11 19:03 - 00251000 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 02955776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 16:33 - 2015-11-11 19:02 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 16:33 - 2015-11-11 19:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-09 20:04 - 2015-11-09 20:14 - 44312328 ____C C:\Users\Iva\Downloads\Seznam.cz.exe
2015-11-06 16:53 - 2015-11-06 16:53 - 00004245 ____C C:\Users\Iva\Downloads\stažený soubor
2015-10-30 14:50 - 2015-10-30 14:50 - 00772016 ____C (Reimage®) C:\Users\Iva\Downloads\ReimageRepair (2).exe
2015-10-27 16:03 - 2015-11-17 16:25 - 00000856 ____C C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-22 21:20 - 2014-02-05 19:17 - 01135778 ____C C:\Windows\WindowsUpdate.log
2015-11-22 21:13 - 2014-07-08 19:11 - 00000914 ____C C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-22 20:26 - 2015-01-01 13:46 - 00000000 ___DC C:\Users\Iva\AppData\Local\LogMeIn Hamachi
2015-11-22 20:01 - 2014-02-14 17:39 - 00000000 ___DC C:\Program Files\Google
2015-11-22 20:00 - 2014-02-14 17:39 - 00000000 ___DC C:\Users\Iva\AppData\Local\Deployment
2015-11-22 19:43 - 2009-07-14 05:34 - 00032096 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-22 19:43 - 2009-07-14 05:34 - 00032096 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-22 19:33 - 2015-10-04 10:45 - 00011216 ____C C:\Windows\setupact.log
2015-11-22 19:33 - 2015-10-04 10:44 - 00539568 ____C C:\Windows\PFRO.log
2015-11-22 19:33 - 2009-07-14 05:53 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2015-11-22 18:53 - 2015-09-25 15:30 - 00000004 ____C C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-11-22 18:53 - 2014-02-15 15:40 - 00000000 ___DC C:\ProgramData\Oracle
2015-11-22 18:48 - 2014-08-30 16:30 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-22 18:48 - 2014-02-15 15:39 - 00000000 ___DC C:\Program Files\Java
2015-11-22 18:46 - 2014-08-30 16:30 - 00278624 ____C (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-11-22 18:46 - 2014-08-30 16:30 - 00095840 ____C (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-11-22 18:46 - 2014-02-14 09:18 - 00000000 ___DC C:\Users\Iva
2015-11-22 18:43 - 2015-03-14 15:51 - 00016400 ____C (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-11-21 22:30 - 2014-02-15 12:53 - 00000000 ___DC C:\Program Files\TeamViewer
2015-11-20 18:07 - 2010-11-20 22:01 - 01583226 ____C C:\Windows\system32\PerfStringBackup.INI
2015-11-13 21:31 - 2014-04-19 18:04 - 00000000 ___DC C:\Users\Iva\AppData\Roaming\TeamViewer
2015-11-12 19:41 - 2009-07-14 05:33 - 00302056 ____C C:\Windows\system32\FNTCACHE.DAT
2015-11-12 11:50 - 2015-01-01 13:43 - 00027040 ___HC (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-11-11 21:41 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2015-11-11 21:12 - 2009-07-14 03:37 - 00000000 ___DC C:\Windows\Microsoft.NET
2015-11-11 19:39 - 2011-04-12 02:46 - 00000000 ___DC C:\Program Files\Windows Journal
2015-11-11 19:21 - 2009-07-14 03:37 - 00000000 ___DC C:\Windows\system32\NDF
2015-11-11 19:14 - 2014-07-08 19:10 - 00780488 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-11-11 19:14 - 2014-07-08 19:10 - 00142536 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-11-11 19:12 - 2014-02-14 19:17 - 00000000 ___DC C:\Windows\system32\MRT
2015-11-11 19:07 - 2014-02-14 19:17 - 143250520 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-10 20:49 - 2015-10-04 15:24 - 00100352 __SHC C:\Users\Iva\Documents\Thumbs.db
2015-11-10 20:47 - 2015-10-18 15:16 - 00040702 ____C C:\Users\Iva\Documents\Faktura Milda.ods
2015-11-10 16:51 - 2014-02-14 18:13 - 00794952 ____C (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-11-10 16:51 - 2014-02-14 18:13 - 00435464 ____C (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-11-07 13:44 - 2014-02-14 18:29 - 00000000 ___DC C:\Users\Iva\AppData\Roaming\Skype
2015-11-07 13:13 - 2014-02-14 18:28 - 00000000 ___DC C:\ProgramData\Skype
==================== Files in the root of some directories =======
2015-10-03 07:58 - 2015-10-03 07:58 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsdE16.tmp
2015-10-03 11:03 - 2015-10-03 11:03 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsi9B4A.tmp
2015-10-05 13:55 - 2015-10-05 13:55 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsr4603.tmp
2015-10-02 19:19 - 2015-10-02 19:19 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsr5233.tmp
2015-10-06 17:43 - 2015-10-06 17:42 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nssBB8D.tmp
2015-10-04 11:19 - 2015-10-04 11:19 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsxDA5.tmp
2015-09-25 15:27 - 2015-10-16 14:02 - 0000102 ____C () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Some files in TEMP:
====================
C:\Users\Iva\AppData\Local\Temp\1742.exe
C:\Users\Iva\AppData\Local\Temp\7276.exe
C:\Users\Iva\AppData\Local\Temp\7545.exe
C:\Users\Iva\AppData\Local\Temp\8043.exe
C:\Users\Iva\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Iva\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-20 19:08
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - zavirované PC
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\Run: [GoogleChromeAutoLaunch_931877040822C1640EC7A0875A73A438] => "C:\Program Files\MyBrowser\MyBrowser\Application\mybrowser.exe" --no-startup-window
C:\Program Files\MyBrowser\MyBrowser
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\MountPoints2: {16a80df8-a5fd-11e3-a9d0-00219b3170a0} - E:\autorun.exe
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\MountPoints2: {b673d197-d577-11e4-a168-00219b3170a0} - F:\autorun.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type= ... rx57x0z&q={searchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=144585 ... bbt8g9m&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?si ... &src=ds&p={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type= ... rx57x0z&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=144585 ... bbt8g9m&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?si ... &src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Toolbar: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
S1 {37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw; system32\drivers\{37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw.sys [X]
S1 {51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw; system32\drivers\{51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw.sys [X]
S1 {6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw; system32\drivers\{6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw.sys [X]
S1 {9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw; system32\drivers\{9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw.sys [X]
S1 {98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw; system32\drivers\{98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw.sys [X]
S1 {a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw; system32\drivers\{a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw.sys [X]
S1 {ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw; system32\drivers\{ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw.sys [X]
S1 {adb41315-fba7-4b86-be27-b2401a20c8d2}Gw; system32\drivers\{adb41315-fba7-4b86-be27-b2401a20c8d2}Gw.sys [X]
S1 {b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw; system32\drivers\{b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw.sys [X]
S1 {b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw; system32\drivers\{b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw.sys [X]
S1 {b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw; system32\drivers\{b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw.sys [X]
S1 {c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw; system32\drivers\{c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw.sys [X]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Iva\AppData\Local\nsdE16.tmp
C:\Users\Iva\AppData\Local\nsi9B4A.tmp
C:\Users\Iva\AppData\Local\nsr4603.tmp
C:\Users\Iva\AppData\Local\nsr5233.tmp
C:\Users\Iva\AppData\Local\nssBB8D.tmp
C:\Users\Iva\AppData\Local\nsxDA5.tmp
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Iva\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
ivkanahodilova
- Návštěvník
- Příspěvky: 6
- Registrován: 22 lis 2015 18:50
Re: Prosím o kontrolu logu - zavirované PC
Fix result of Farbar Recovery Scan Tool (x86) Version:22-11-2015
Ran by Iva (2015-11-22 23:28:00) Run:1
Running from C:\Users\Iva\Desktop
Loaded Profiles: Iva (Available Profiles: Iva)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\Run: [GoogleChromeAutoLaunch_931877040822C1640EC7A0875A73A438] => "C:\Program Files\MyBrowser\MyBrowser\Application\mybrowser.exe" --no-startup-window
C:\Program Files\MyBrowser\MyBrowser
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\MountPoints2: {16a80df8-a5fd-11e3-a9d0-00219b3170a0} - E:\autorun.exe
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\MountPoints2: {b673d197-d577-11e4-a168-00219b3170a0} - F:\autorun.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type= ... rx57x0z&q={searchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=144585 ... bbt8g9m&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?si ... &src=ds&p={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type= ... rx57x0z&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=144585 ... bbt8g9m&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?si ... &src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Toolbar: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
S1 {37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw; system32\drivers\{37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw.sys [X]
S1 {51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw; system32\drivers\{51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw.sys [X]
S1 {6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw; system32\drivers\{6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw.sys [X]
S1 {9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw; system32\drivers\{9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw.sys [X]
S1 {98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw; system32\drivers\{98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw.sys [X]
S1 {a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw; system32\drivers\{a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw.sys [X]
S1 {ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw; system32\drivers\{ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw.sys [X]
S1 {adb41315-fba7-4b86-be27-b2401a20c8d2}Gw; system32\drivers\{adb41315-fba7-4b86-be27-b2401a20c8d2}Gw.sys [X]
S1 {b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw; system32\drivers\{b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw.sys [X]
S1 {b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw; system32\drivers\{b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw.sys [X]
S1 {b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw; system32\drivers\{b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw.sys [X]
S1 {c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw; system32\drivers\{c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw.sys [X]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Iva\AppData\Local\nsdE16.tmp
C:\Users\Iva\AppData\Local\nsi9B4A.tmp
C:\Users\Iva\AppData\Local\nsr4603.tmp
C:\Users\Iva\AppData\Local\nsr5233.tmp
C:\Users\Iva\AppData\Local\nssBB8D.tmp
C:\Users\Iva\AppData\Local\nsxDA5.tmp
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Iva\AppData\Local\Temp
End
*****************
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_931877040822C1640EC7A0875A73A438 => value removed successfully.
"C:\Program Files\MyBrowser\MyBrowser" => not found.
"HKU\S-1-5-21-3296444741-4028167595-444839913-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{16a80df8-a5fd-11e3-a9d0-00219b3170a0}" => key removed successfully.
HKCR\CLSID\{16a80df8-a5fd-11e3-a9d0-00219b3170a0} => key not found.
"HKU\S-1-5-21-3296444741-4028167595-444839913-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b673d197-d577-11e4-a168-00219b3170a0}" => key removed successfully.
HKCR\CLSID\{b673d197-d577-11e4-a168-00219b3170a0} => key not found.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera" => key removed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page => value could not remove.
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value could not remove.
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page => value could not remove.
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value could not remove.
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Error setting value.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key could not remove.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key could not remove.
HKCR\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => key could not remove.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key could not remove.
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key could not remove.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key could not remove.
HKCR\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key not found.
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => key could not remove.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => key not found.
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key could not remove.
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully.
{37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw => service removed successfully.
{51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw => service removed successfully.
{6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw => service removed successfully.
{9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw => service removed successfully.
{98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw => service removed successfully.
{a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw => service removed successfully.
{ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw => service removed successfully.
{adb41315-fba7-4b86-be27-b2401a20c8d2}Gw => service removed successfully.
{b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw => service removed successfully.
{b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw => service removed successfully.
{b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw => service removed successfully.
{c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw => service removed successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Users\Iva\AppData\Local\nsdE16.tmp => moved successfully
C:\Users\Iva\AppData\Local\nsi9B4A.tmp => moved successfully
C:\Users\Iva\AppData\Local\nsr4603.tmp => moved successfully
C:\Users\Iva\AppData\Local\nsr5233.tmp => moved successfully
C:\Users\Iva\AppData\Local\nssBB8D.tmp => moved successfully
C:\Users\Iva\AppData\Local\nsxDA5.tmp => moved successfully
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => moved successfully
"C:\Users\Iva\AppData\Local\Temp" folder move:
Could not move "C:\Users\Iva\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-11-22 23:29:50)
C:\Users\Iva\AppData\Local\Temp => moved successfully
==== End of Fixlog 23:29:50 ====
Ran by Iva (2015-11-22 23:28:00) Run:1
Running from C:\Users\Iva\Desktop
Loaded Profiles: Iva (Available Profiles: Iva)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\Run: [GoogleChromeAutoLaunch_931877040822C1640EC7A0875A73A438] => "C:\Program Files\MyBrowser\MyBrowser\Application\mybrowser.exe" --no-startup-window
C:\Program Files\MyBrowser\MyBrowser
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\MountPoints2: {16a80df8-a5fd-11e3-a9d0-00219b3170a0} - E:\autorun.exe
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\MountPoints2: {b673d197-d577-11e4-a168-00219b3170a0} - F:\autorun.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type= ... rx57x0z&q={searchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=144585 ... bbt8g9m&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?si ... &src=ds&p={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type= ... rx57x0z&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=144585 ... bbt8g9m&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?si ... &src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Toolbar: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
S1 {37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw; system32\drivers\{37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw.sys [X]
S1 {51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw; system32\drivers\{51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw.sys [X]
S1 {6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw; system32\drivers\{6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw.sys [X]
S1 {9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw; system32\drivers\{9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw.sys [X]
S1 {98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw; system32\drivers\{98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw.sys [X]
S1 {a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw; system32\drivers\{a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw.sys [X]
S1 {ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw; system32\drivers\{ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw.sys [X]
S1 {adb41315-fba7-4b86-be27-b2401a20c8d2}Gw; system32\drivers\{adb41315-fba7-4b86-be27-b2401a20c8d2}Gw.sys [X]
S1 {b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw; system32\drivers\{b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw.sys [X]
S1 {b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw; system32\drivers\{b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw.sys [X]
S1 {b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw; system32\drivers\{b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw.sys [X]
S1 {c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw; system32\drivers\{c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw.sys [X]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Iva\AppData\Local\nsdE16.tmp
C:\Users\Iva\AppData\Local\nsi9B4A.tmp
C:\Users\Iva\AppData\Local\nsr4603.tmp
C:\Users\Iva\AppData\Local\nsr5233.tmp
C:\Users\Iva\AppData\Local\nssBB8D.tmp
C:\Users\Iva\AppData\Local\nsxDA5.tmp
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Iva\AppData\Local\Temp
End
*****************
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_931877040822C1640EC7A0875A73A438 => value removed successfully.
"C:\Program Files\MyBrowser\MyBrowser" => not found.
"HKU\S-1-5-21-3296444741-4028167595-444839913-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{16a80df8-a5fd-11e3-a9d0-00219b3170a0}" => key removed successfully.
HKCR\CLSID\{16a80df8-a5fd-11e3-a9d0-00219b3170a0} => key not found.
"HKU\S-1-5-21-3296444741-4028167595-444839913-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b673d197-d577-11e4-a168-00219b3170a0}" => key removed successfully.
HKCR\CLSID\{b673d197-d577-11e4-a168-00219b3170a0} => key not found.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera" => key removed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page => value could not remove.
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value could not remove.
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page => value could not remove.
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value could not remove.
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Error setting value.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key could not remove.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key could not remove.
HKCR\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => key could not remove.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key could not remove.
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key could not remove.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key could not remove.
HKCR\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key not found.
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => key could not remove.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => key not found.
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key could not remove.
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully.
{37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw => service removed successfully.
{51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw => service removed successfully.
{6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw => service removed successfully.
{9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw => service removed successfully.
{98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw => service removed successfully.
{a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw => service removed successfully.
{ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw => service removed successfully.
{adb41315-fba7-4b86-be27-b2401a20c8d2}Gw => service removed successfully.
{b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw => service removed successfully.
{b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw => service removed successfully.
{b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw => service removed successfully.
{c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw => service removed successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Users\Iva\AppData\Local\nsdE16.tmp => moved successfully
C:\Users\Iva\AppData\Local\nsi9B4A.tmp => moved successfully
C:\Users\Iva\AppData\Local\nsr4603.tmp => moved successfully
C:\Users\Iva\AppData\Local\nsr5233.tmp => moved successfully
C:\Users\Iva\AppData\Local\nssBB8D.tmp => moved successfully
C:\Users\Iva\AppData\Local\nsxDA5.tmp => moved successfully
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => moved successfully
"C:\Users\Iva\AppData\Local\Temp" folder move:
Could not move "C:\Users\Iva\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-11-22 23:29:50)
C:\Users\Iva\AppData\Local\Temp => moved successfully
==== End of Fixlog 23:29:50 ====
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - zavirované PC
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
ivkanahodilova
- Návštěvník
- Příspěvky: 6
- Registrován: 22 lis 2015 18:50
Re: Prosím o kontrolu logu - zavirované PC
Zdá se to být v pořádku. Mohu nyní použité nástroje smazat/odinstalovat? Děkuji 
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - zavirované PC
OK. Odinstalace/smazání je samozřejmě možné. Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
ivkanahodilova
- Návštěvník
- Příspěvky: 6
- Registrován: 22 lis 2015 18:50
Re: Prosím o kontrolu logu - zavirované PC
Děkuji Vám
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - zavirované PC
Rádo se stalo!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?