VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu - zavirované PC

https://forum.viry.cz:443/viewtopic.php?t=146954

Stránka 1 z 1

Prosím o kontrolu logu - zavirované PC

Napsal: 22 lis 2015 19:00
od ivkanahodilova
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-11-2015
Ran by Iva (administrator) on IVA-PC (22-11-2015 18:57:24)
Running from C:\Users\Iva\Desktop
Loaded Profiles: Iva (Available Profiles: Iva)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc2.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeTray.exe
(Taiwan Shui Mu Chih Ching Technology Limited) C:\Program Files\WinZipper\winzipersvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\ASP\AdvancedSystemProtector.exe
(Cinema PlusV13.10) C:\Program Files\CinemaPlus-3.2cV13.10\94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-6.exe
(Cinema PlusV07.10) C:\Program Files\CinemaPlus-3.2cV07.10\74c06d22-9519-4805-9d33-0990bf16ee2f-10.exe
(tsvr.com) C:\Users\Iva\AppData\Roaming\TSv\TSvr.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\ProgramData\01e58235-010d-43b1-8340-277d43a75321\maintainer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(MyBrowser) C:\Program Files\MyBrowser\MyBrowser\Application\mybrowser.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(MyBrowser) C:\Program Files\MyBrowser\MyBrowser\Application\mybrowser.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_19_0_0_245_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Ghisler Software GmbH) C:\Program Files\Totalcmd\TOTALCMD.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Cinema PlusV13.10) C:\Program Files\CinemaPlus-3.2cV13.10\94be15cc-7c57-47f4-8cc9-735aa1db75fb-10.exe
(forum.viry.cz) C:\Users\Iva\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-10] (AVAST Software)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2014-03-24] (Logitech, Inc.)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\Run: [GoogleChromeAutoLaunch_931877040822C1640EC7A0875A73A438] => C:\Program Files\MyBrowser\MyBrowser\Application\mybrowser.exe [796160 2015-08-30] (MyBrowser)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\RunOnce: [Application Restart #1] => C:\Program Files\Avant Browser\webkit\webkit.exe [668408 2015-09-29] (The Chromium Authors)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\RunOnce: [Application Restart #2] => C:\Program Files\Avant Browser\webkit\webkit.exe [668408 2015-09-29] (The Chromium Authors)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\RunOnce: [Application Restart #3] => C:\Program Files\Avant Browser\webkit\webkit.exe [668408 2015-09-29] (The Chromium Authors)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\MountPoints2: {16a80df8-a5fd-11e3-a9d0-00219b3170a0} - E:\autorun.exe
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\MountPoints2: {b673d197-d577-11e4-a168-00219b3170a0} - F:\autorun.exe
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-20] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2014-03-07]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{FA1FC4A2-16F8-40A2-A06F-8EF71D83E7A2}: [DhcpNameServer] 192.168.100.1 192.168.3.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130919100609618099&GUID=00000000-0000-0000-0000-000000000000
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1445858917&fr ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1445858917&fr ... earchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&a ... earchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1445858917&fr ... earchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&a ... earchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {B6DDB2A5-A528-4C20-8406-3368FB01E529} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {F7BD9A9F-3458-4C29-B40A-C2B81111C467} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-22] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20] (AVAST Software)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-22] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-22] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-10-13] (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-10-13] (globalUpdate)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3296444741-4028167595-444839913-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Iva\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-09-28] (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-20] [not signed]
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-03-14] [not signed]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-20] (AVAST Software)
S2 globalUpdate; C:\Program Files\globalUpdate\Update\globalupdate.exe [68608 2015-10-13] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\globalupdate.exe [68608 2015-10-13] (globalUpdate) [File not signed] <==== ATTENTION
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1893896 2015-11-12] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IhPul; C:\Users\Iva\AppData\Roaming\TSv\TSvr.exe [396944 2015-09-21] (tsvr.com)
R2 iSafeService; C:\Program Files\Elex-tech\YAC\iSafeSvc.exe [118048 2015-08-19] (Elex do Brasil Participações Ltda)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-11-12] (LogMeIn, Inc.)
R2 MaintainerSvc6.89.573444; C:\ProgramData\01e58235-010d-43b1-8340-277d43a75321\maintainer.exe [128200 2015-10-22] ()
S2 MustangService_2015_10_10; C:\ProgramData\TempMoudleSet\MustangSer156.exe [236816 2015-10-09] (MustangService)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 winzipersvc; C:\Program Files\WinZipper\winzipersvc.exe [707760 2015-10-20] (Taiwan Shui Mu Chih Ching Technology Limited) <==== ATTENTION

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-11-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-11-10] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-20] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-11-02] (Disc Soft Ltd)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 iSafeKrnl; C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys [225896 2015-05-14] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys [97912 2015-08-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [45032 2015-08-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys [73232 2015-08-19] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [44712 2015-06-30] (Elex do Brasil Participações Ltda)
S3 usbcamcl; C:\Windows\System32\DRIVERS\usbcamcl.sys [28416 2011-08-18] (usb camera)
R1 {37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw; C:\Windows\System32\drivers\{37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw.sys [43144 2014-11-29] (StdLib)
R1 {51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw; C:\Windows\System32\drivers\{51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw.sys [43144 2014-11-02] (StdLib)
R1 {6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw; C:\Windows\System32\drivers\{6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw.sys [43144 2014-11-06] (StdLib)
R1 {9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw; C:\Windows\System32\drivers\{9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw.sys [43144 2014-11-12] (StdLib)
R1 {98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw; C:\Windows\System32\drivers\{98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw.sys [43144 2014-11-10] (StdLib)
R1 {a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw; C:\Windows\System32\drivers\{a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw.sys [43144 2014-11-04] (StdLib)
R1 {ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw; C:\Windows\System32\drivers\{ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw.sys [43144 2014-11-27] (StdLib)
R1 {adb41315-fba7-4b86-be27-b2401a20c8d2}Gw; C:\Windows\System32\drivers\{adb41315-fba7-4b86-be27-b2401a20c8d2}Gw.sys [43144 2014-11-18] (StdLib)
R1 {b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw; C:\Windows\System32\drivers\{b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw.sys [43144 2014-11-22] (StdLib)
R1 {b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw; C:\Windows\System32\drivers\{b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw.sys [43144 2014-12-01] (StdLib)
R1 {b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw; C:\Windows\System32\drivers\{b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw.sys [43144 2014-11-28] (StdLib)
R1 {c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw; C:\Windows\System32\drivers\{c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw.sys [43144 2014-11-16] (StdLib)
S3 cpuz134; \??\C:\Users\Iva\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 iSafeKrnlBoot; system32\DRIVERS\iSafeKrnlBoot.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-22 18:57 - 2015-11-22 18:57 - 00020941 ____C C:\Users\Iva\Desktop\FRST.txt
2015-11-22 18:56 - 2015-11-22 18:57 - 00000000 ___DC C:\FRST
2015-11-22 18:55 - 2015-11-22 18:55 - 00112640 ____C (forum.viry.cz) C:\Users\Iva\Desktop\FRSTLauncher.exe
2015-11-22 18:54 - 2015-11-22 18:54 - 01716736 ____C (Farbar) C:\Users\Iva\Desktop\FRST.exe
2015-11-22 18:47 - 2015-11-22 18:47 - 00000000 ___DC C:\Program Files\Common Files\Java
2015-11-22 18:46 - 2015-11-22 18:46 - 00000000 ___DC C:\Users\Iva\AppData\Roaming\Sun
2015-11-22 18:46 - 2015-11-22 18:46 - 00000000 ___DC C:\Users\Iva\.oracle_jre_usage
2015-11-22 18:44 - 2015-11-22 18:44 - 00000000 ___DC C:\Users\Iva\AppData\LocalLow\Oracle
2015-11-22 18:43 - 2015-11-22 18:43 - 00000652 ____C C:\Windows\LkmdfCoInst.log
2015-11-17 16:25 - 2015-11-17 16:25 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-11-17 16:25 - 2015-11-17 16:25 - 00000000 ___DC C:\Program Files\LogMeIn Hamachi
2015-11-15 12:06 - 2015-11-15 12:06 - 00000000 ___DC C:\ProgramData\TempMoudleSet
2015-11-12 19:02 - 2015-11-12 19:12 - 44311088 ____C C:\Users\Iva\Downloads\Seznam.cz (1).exe
2015-11-12 16:29 - 2015-11-12 19:00 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 19:07 - 2015-11-11 19:12 - 00000000 ___DC C:\56d85a9898984645d61ebf2a12dd45
2015-11-11 16:44 - 2015-11-11 19:05 - 20331520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 12854272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 16:44 - 2015-11-11 19:05 - 02279936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 16:44 - 2015-11-11 19:05 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 16:44 - 2015-11-11 19:05 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 16:44 - 2015-11-11 19:05 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 16:44 - 2015-11-11 19:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 16:44 - 2015-11-11 19:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 16:44 - 2015-11-11 19:05 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 16:39 - 2015-11-11 19:07 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 16:39 - 2015-11-11 19:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 16:39 - 2015-11-11 19:07 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 16:39 - 2015-11-11 19:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 16:39 - 2015-11-11 19:06 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 16:39 - 2015-11-11 19:06 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 03991488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 03935680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 16:38 - 2015-11-11 19:05 - 00712640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 16:33 - 2015-11-11 19:03 - 00371920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 16:33 - 2015-11-11 19:03 - 00251000 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 02955776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 16:33 - 2015-11-11 19:02 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 16:33 - 2015-11-11 19:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-09 20:04 - 2015-11-09 20:14 - 44312328 ____C C:\Users\Iva\Downloads\Seznam.cz.exe
2015-11-06 16:53 - 2015-11-06 16:53 - 00004245 ____C C:\Users\Iva\Downloads\stažený soubor
2015-10-30 14:50 - 2015-10-30 14:50 - 00772016 ____C (Reimage®) C:\Users\Iva\Downloads\ReimageRepair (2).exe
2015-10-27 16:03 - 2015-11-17 16:25 - 00000856 ____C C:\Users\Public\Desktop\LogMeIn Hamachi.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-22 18:57 - 2015-06-25 18:27 - 00000262 ____C C:\Windows\Tasks\PC-Mechanic Maintenance.job
2015-11-22 18:54 - 2015-10-13 15:54 - 00003122 ____C C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-6.job
2015-11-22 18:53 - 2015-10-13 15:53 - 00002096 ____C C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-10_user.job
2015-11-22 18:53 - 2015-09-25 15:30 - 00000004 ____C C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-11-22 18:53 - 2014-02-15 15:40 - 00000000 ___DC C:\ProgramData\Oracle
2015-11-22 18:51 - 2009-07-14 05:34 - 00032096 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-22 18:51 - 2009-07-14 05:34 - 00032096 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-22 18:48 - 2014-08-30 16:30 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-22 18:48 - 2014-02-15 15:39 - 00000000 ___DC C:\Program Files\Java
2015-11-22 18:46 - 2014-08-30 16:30 - 00278624 ____C (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-11-22 18:46 - 2014-08-30 16:30 - 00095840 ____C (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-11-22 18:46 - 2014-02-14 09:18 - 00000000 ___DC C:\Users\Iva
2015-11-22 18:43 - 2015-10-04 10:45 - 00011160 ____C C:\Windows\setupact.log
2015-11-22 18:43 - 2015-03-14 15:51 - 00016400 ____C (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-11-22 18:42 - 2015-10-08 07:42 - 00002096 ____C C:\Windows\Tasks\74c06d22-9519-4805-9d33-0990bf16ee2f-10_user.job
2015-11-22 18:42 - 2014-02-05 19:17 - 01107543 ____C C:\Windows\WindowsUpdate.log
2015-11-22 18:39 - 2015-01-01 13:46 - 00000000 ___DC C:\Users\Iva\AppData\Local\LogMeIn Hamachi
2015-11-22 18:37 - 2015-10-13 15:54 - 00002430 ____C C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-5_user.job
2015-11-22 18:37 - 2015-10-13 15:54 - 00002430 ____C C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-5.job
2015-11-22 18:37 - 2015-10-13 15:53 - 00005168 ____C C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-11.job
2015-11-22 18:37 - 2015-10-13 15:53 - 00003458 ____C C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-7.job
2015-11-22 18:37 - 2015-10-08 07:42 - 00005168 ____C C:\Windows\Tasks\74c06d22-9519-4805-9d33-0990bf16ee2f-11.job
2015-11-22 18:37 - 2015-10-01 17:10 - 00003458 ____C C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-1-7.job
2015-11-22 18:37 - 2015-10-01 17:10 - 00003122 ____C C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-1-6.job
2015-11-22 18:37 - 2015-10-01 17:10 - 00002430 ____C C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-5_user.job
2015-11-22 18:37 - 2015-10-01 17:10 - 00002430 ____C C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-5.job
2015-11-22 18:37 - 2015-10-01 17:09 - 00005502 ____C C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-7.job
2015-11-22 18:37 - 2015-10-01 17:09 - 00005502 ____C C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-6.job
2015-11-22 18:37 - 2015-10-01 17:09 - 00005168 ____C C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-11.job
2015-11-22 18:37 - 2015-10-01 17:09 - 00004478 ____C C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-3.job
2015-11-22 18:37 - 2015-10-01 17:09 - 00002096 ____C C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-10_user.job
2015-11-22 18:37 - 2015-09-30 16:52 - 00001040 ____C C:\Windows\Tasks\Crossbrowse.job
2015-11-22 18:37 - 2015-09-25 15:30 - 00005502 ____C C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-6.job
2015-11-22 18:37 - 2015-09-25 15:30 - 00005168 ____C C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-11.job
2015-11-22 18:37 - 2015-09-25 15:30 - 00005166 ____C C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-7.job
2015-11-22 18:37 - 2015-09-25 15:30 - 00004142 ____C C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-3.job
2015-11-22 18:37 - 2015-09-25 15:30 - 00003458 ____C C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-1-7.job
2015-11-22 18:37 - 2015-09-25 15:30 - 00003122 ____C C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-1-6.job
2015-11-22 18:37 - 2015-09-25 15:30 - 00002430 ____C C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-5_user.job
2015-11-22 18:37 - 2015-09-25 15:30 - 00002430 ____C C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-5.job
2015-11-22 18:37 - 2015-09-25 15:30 - 00000954 ____C C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-11-22 18:37 - 2015-09-25 15:29 - 00002096 ____C C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-10_user.job
2015-11-22 18:37 - 2015-09-25 15:28 - 00001032 ____C C:\Windows\Tasks\MyBrowser.job
2015-11-22 18:37 - 2015-06-25 18:27 - 00000262 ____C C:\Windows\Tasks\PC-Mechanic Subscription.job
2015-11-22 18:37 - 2015-06-25 18:27 - 00000256 ____C C:\Windows\Tasks\PC-Mechanic Startup.job
2015-11-22 18:37 - 2009-07-14 05:53 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2015-11-22 18:13 - 2014-07-08 19:11 - 00000914 ____C C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-22 18:01 - 2015-10-16 14:05 - 00000000 ___DC C:\Program Files\WinZipper
2015-11-22 16:58 - 2015-09-25 15:30 - 00000958 ____C C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-11-22 15:02 - 2015-10-04 13:17 - 00000242 ____C C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2015-11-22 09:09 - 2015-10-04 13:17 - 00000000 ___DC C:\Program Files\ASP
2015-11-21 22:30 - 2014-02-15 12:53 - 00000000 ___DC C:\Program Files\TeamViewer
2015-11-20 18:07 - 2010-11-20 22:01 - 01583226 ____C C:\Windows\system32\PerfStringBackup.INI
2015-11-15 12:06 - 2015-09-25 15:15 - 00000000 ___DC C:\Program Files\RayDld
2015-11-13 21:31 - 2014-04-19 18:04 - 00000000 ___DC C:\Users\Iva\AppData\Roaming\TeamViewer
2015-11-12 19:41 - 2009-07-14 05:33 - 00302056 ____C C:\Windows\system32\FNTCACHE.DAT
2015-11-12 11:50 - 2015-01-01 13:43 - 00027040 ___HC (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-11-11 21:41 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2015-11-11 21:12 - 2009-07-14 03:37 - 00000000 ___DC C:\Windows\Microsoft.NET
2015-11-11 19:42 - 2015-10-04 10:44 - 00021878 ____C C:\Windows\PFRO.log
2015-11-11 19:39 - 2011-04-12 02:46 - 00000000 ___DC C:\Program Files\Windows Journal
2015-11-11 19:21 - 2009-07-14 03:37 - 00000000 ___DC C:\Windows\system32\NDF
2015-11-11 19:14 - 2014-07-08 19:10 - 00780488 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-11-11 19:14 - 2014-07-08 19:10 - 00142536 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-11-11 19:12 - 2014-02-14 19:17 - 00000000 ___DC C:\Windows\system32\MRT
2015-11-11 19:07 - 2014-02-14 19:17 - 143250520 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-10 20:49 - 2015-10-04 15:24 - 00100352 __SHC C:\Users\Iva\Documents\Thumbs.db
2015-11-10 20:47 - 2015-10-18 15:16 - 00040702 ____C C:\Users\Iva\Documents\Faktura Milda.ods
2015-11-10 16:51 - 2014-02-14 18:13 - 00794952 ____C (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-11-10 16:51 - 2014-02-14 18:13 - 00435464 ____C (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-11-07 13:44 - 2014-02-14 18:29 - 00000000 ___DC C:\Users\Iva\AppData\Roaming\Skype
2015-11-07 13:13 - 2014-02-14 18:28 - 00000000 ___DC C:\ProgramData\Skype
2015-11-06 20:48 - 2015-10-04 13:17 - 00000959 ____C C:\Users\Public\Desktop\Advanced System~Protector.lnk
2015-11-06 20:48 - 2015-10-04 13:17 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector
2015-11-06 20:48 - 2014-07-17 21:09 - 00000000 ___DC C:\Users\Iva\AppData\Roaming\Systweak
2015-11-03 17:45 - 2015-10-04 13:17 - 00017872 ____C C:\Windows\system32\sasnative32.exe
2015-10-24 09:22 - 2015-10-07 19:20 - 00000000 ___DC C:\Users\Iva\AppData\Local\4C4C4544-1444249247-3310-8057-B5C04F57334A

==================== Files in the root of some directories =======

2015-10-03 07:58 - 2015-10-03 07:58 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsdE16.tmp
2015-10-03 11:03 - 2015-10-03 11:03 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsi9B4A.tmp
2015-10-05 13:55 - 2015-10-05 13:55 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsr4603.tmp
2015-10-02 19:19 - 2015-10-02 19:19 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsr5233.tmp
2015-10-06 17:43 - 2015-10-06 17:42 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nssBB8D.tmp
2015-10-04 11:19 - 2015-10-04 11:19 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsxDA5.tmp
2015-09-25 15:27 - 2015-10-16 14:02 - 0000102 ____C () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Some files in TEMP:
====================
C:\Users\Iva\AppData\Local\Temp\1742.exe
C:\Users\Iva\AppData\Local\Temp\7276.exe
C:\Users\Iva\AppData\Local\Temp\7545.exe
C:\Users\Iva\AppData\Local\Temp\8043.exe
C:\Users\Iva\AppData\Local\Temp\jre-8u66-windows-au.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-1-6.job => C:\Program Files\CinemaPlus-3.2cV01.10\537891f8-7b5c-4554-8f93-0f6bdc178de7-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-1-7.job => C:\Program Files\CinemaPlus-3.2cV01.10\537891f8-7b5c-4554-8f93-0f6bdc178de7-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-10_user.job => C:\Program Files\CinemaPlus-3.2cV01.10\537891f8-7b5c-4554-8f93-0f6bdc178de7-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-11.job => C:\Program Files\CinemaPlus-3.2cV01.10\537891f8-7b5c-4554-8f93-0f6bdc178de7-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-3.job => C:\Program Files\CinemaPlus-3.2cV01.10\537891f8-7b5c-4554-8f93-0f6bdc178de7-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-5.job => C:\Program Files\CinemaPlus-3.2cV01.10\537891f8-7b5c-4554-8f93-0f6bdc178de7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-5_user.job => C:\Program Files\CinemaPlus-3.2cV01.10\537891f8-7b5c-4554-8f93-0f6bdc178de7-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-6.job => C:\Program Files\CinemaPlus-3.2cV01.10\537891f8-7b5c-4554-8f93-0f6bdc178de7-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\537891f8-7b5c-4554-8f93-0f6bdc178de7-7.job => C:\Program Files\CinemaPlus-3.2cV01.10\537891f8-7b5c-4554-8f93-0f6bdc178de7-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\74c06d22-9519-4805-9d33-0990bf16ee2f-10_user.job => C:\Program Files\CinemaPlus-3.2cV07.10\74c06d22-9519-4805-9d33-0990bf16ee2f-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\74c06d22-9519-4805-9d33-0990bf16ee2f-11.job => C:\Program Files\CinemaPlus-3.2cV07.10\74c06d22-9519-4805-9d33-0990bf16ee2f-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-6.job => C:\Program Files\CinemaPlus-3.2cV13.10\94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-7.job => C:\Program Files\CinemaPlus-3.2cV13.10\94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-10_user.job => C:\Program Files\CinemaPlus-3.2cV13.10\94be15cc-7c57-47f4-8cc9-735aa1db75fb-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-11.job => C:\Program Files\CinemaPlus-3.2cV13.10\94be15cc-7c57-47f4-8cc9-735aa1db75fb-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-5.job => C:\Program Files\CinemaPlus-3.2cV13.10\94be15cc-7c57-47f4-8cc9-735aa1db75fb-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\94be15cc-7c57-47f4-8cc9-735aa1db75fb-5_user.job => C:\Program Files\CinemaPlus-3.2cV13.10\94be15cc-7c57-47f4-8cc9-735aa1db75fb-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\Crossbrowse.job => C:\Program Files\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-1-6.job => C:\Program Files\CinemaPlus-3.2cV25.09\f1961739-97cb-4197-ad2f-915f55b7ee49-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-1-7.job => C:\Program Files\CinemaPlus-3.2cV25.09\f1961739-97cb-4197-ad2f-915f55b7ee49-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-10_user.job => C:\Program Files\CinemaPlus-3.2cV25.09\f1961739-97cb-4197-ad2f-915f55b7ee49-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-11.job => C:\Program Files\CinemaPlus-3.2cV25.09\f1961739-97cb-4197-ad2f-915f55b7ee49-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-3.job => C:\Program Files\CinemaPlus-3.2cV25.09\f1961739-97cb-4197-ad2f-915f55b7ee49-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-5.job => C:\Program Files\CinemaPlus-3.2cV25.09\f1961739-97cb-4197-ad2f-915f55b7ee49-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-5_user.job => C:\Program Files\CinemaPlus-3.2cV25.09\f1961739-97cb-4197-ad2f-915f55b7ee49-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-6.job => C:\Program Files\CinemaPlus-3.2cV25.09\f1961739-97cb-4197-ad2f-915f55b7ee49-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\f1961739-97cb-4197-ad2f-915f55b7ee49-7.job => C:\Program Files\CinemaPlus-3.2cV25.09\f1961739-97cb-4197-ad2f-915f55b7ee49-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\MyBrowser.job => C:\Program Files\MyBrowser\MyBrowser\Application\utility.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC-Mechanic Maintenance.job => C:\Program Files\Uniblue\PC-Mechanic\pc-mechanic.exe
Task: C:\Windows\Tasks\PC-Mechanic Startup.job => C:\Program Files\Uniblue\PC-Mechanic\pc-mechanic.exe
Task: C:\Windows\Tasks\PC-Mechanic Subscription.job => C:\Program Files\Uniblue\PC-Mechanic\pc-mechanic.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files\RCP\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files\RCP\RegCleanPro.exe <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Iva\Desktop" je 2 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Prosím o kontrolu logu - zavirované PC

Napsal: 22 lis 2015 19:22
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Prosím o kontrolu logu - zavirované PC

Napsal: 22 lis 2015 19:40
od ivkanahodilova
# AdwCleaner v5.021 - Logfile created 22/11/2015 at 19:30:09
# Updated 14/11/2015 by Xplode
# Database : 2015-11-22.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : Iva - IVA-PC
# Running from : C:\Users\Iva\Desktop\adwcleaner_5.021.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : globalUpdate
[-] Service Deleted : globalUpdatem
[!] Service Not Deleted : iSafeKrnl
[!] Service Not Deleted : iSafeKrnlBoot
[!] Service Not Deleted : iSafeKrnlKit
[-] Service Deleted : iSafeKrnlMon
[!] Service Not Deleted : iSafeKrnlR3
[!] Service Not Deleted : iSafeNetFilter
[!] Service Not Deleted : iSafeService
[-] Service Deleted : winzipersvc
[-] Service Deleted : IhPul
[-] Service Deleted : MaintainerSvc6.89.573444

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\AnyProtectEx
[-] Folder Deleted : C:\Program Files\ASP
[-] Folder Deleted : C:\Program Files\globalUpdate
[-] Folder Deleted : C:\Program Files\WinZipper
[#] Folder Deleted : C:\Program Files\Elex-tech
[-] Folder Deleted : C:\Program Files\RCP
[-] Folder Deleted : C:\Program Files\Assets Manager
[-] Folder Deleted : C:\Program Files\Crossbrowse
[-] Folder Deleted : C:\Program Files\RayDld
[-] Folder Deleted : C:\Program Files\4C4C4544-1443190585-3310-8057-B5C04F57334A
[-] Folder Deleted : C:\Program Files\CinemaPlus-3.2cV01.10
[-] Folder Deleted : C:\Program Files\CinemaPlus-3.2cV02.10
[-] Folder Deleted : C:\Program Files\CinemaPlus-3.2cV07.10
[-] Folder Deleted : C:\Program Files\CinemaPlus-3.2cV13.10
[!] Folder Not Deleted : C:\Program Files\Crossbrowse
[-] Folder Deleted : C:\Program Files\MyBrowser
[-] Folder Deleted : C:\Program Files\MyBrowser 1.0.2V29.09
[-] Folder Deleted : C:\ProgramData\simplitec
[-] Folder Deleted : C:\ProgramData\smdmf
[-] Folder Deleted : C:\ProgramData\Systweak
[-] Folder Deleted : C:\ProgramData\01e58235-010d-43b1-8340-277d43a75321
[-] Folder Deleted : C:\ProgramData\1WdsManPro1
[-] Folder Deleted : C:\ProgramData\2WdsManPro2
[-] Folder Deleted : C:\ProgramData\5WdsManPro5
[-] Folder Deleted : C:\ProgramData\9WdsManPro9
[-] Folder Deleted : C:\ProgramData\BWdsManProB
[-] Folder Deleted : C:\ProgramData\FWdsManProF
[-] Folder Deleted : C:\ProgramData\gWdsManProg
[-] Folder Deleted : C:\ProgramData\iWdsManProi
[-] Folder Deleted : C:\ProgramData\JWdsManProJ
[-] Folder Deleted : C:\ProgramData\pWdsManProp
[-] Folder Deleted : C:\ProgramData\QWdsManProQ
[-] Folder Deleted : C:\ProgramData\tWdsManProt
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyBrowser
[-] Folder Deleted : C:\Users\Iva\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Iva\AppData\Local\Systweak
[-] Folder Deleted : C:\Users\Iva\AppData\Local\Crossbrowse
[!] Folder Not Deleted : C:\Users\Iva\AppData\Local\Crossbrowse
[-] Folder Deleted : C:\Users\Iva\AppData\Local\MyBrowser
[-] Folder Deleted : C:\Users\Iva\AppData\Local\4C4C4544-1444249247-3310-8057-B5C04F57334A
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\AnyProtectEx
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\Systweak
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\VOPackage
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\WinZipper
[#] Folder Deleted : C:\Users\Iva\AppData\Roaming\Elex-tech
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\TSv
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
[-] Folder Deleted : C:\Users\Iva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
[#] Folder Deleted : C:\Windows\system32\Tasks\RegClean Pro
[#] Folder Deleted : C:\Windows\system32\Tasks\Crossbrowse
[#] Folder Deleted : C:\Windows\system32\Tasks\Advanced System~Protector
[#] Folder Deleted : C:\Windows\system32\Tasks\Crossbrowse
[#] Folder Deleted : C:\Windows\system32\Tasks\MyBrowser

***** [ Files ] *****

[-] File Deleted : C:\task.vbs
[-] File Deleted : C:\Users\Iva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MyBrowser.lnk
[-] File Deleted : C:\Users\Iva\Desktop\AnyProtect.lnk
[-] File Deleted : C:\Users\Public\Desktop\RegClean Pro.lnk
[-] File Deleted : C:\Users\Public\Desktop\Advanced System~Protector.lnk
[-] File Deleted : C:\Users\Public\Desktop\MyBrowser.lnk
[-] File Deleted : C:\Windows\Reimage.ini
[-] File Deleted : C:\Windows\system32\roboot.exe
[-] File Deleted : C:\Windows\system32\sasnative32.exe
[-] File Deleted : C:\Windows\system32\drivers\iSafeNetFilter.sys
[-] File Deleted : C:\Windows\system32\drivers\{37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{adb41315-fba7-4b86-be27-b2401a20c8d2}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw.sys
[-] File Deleted : C:\Windows\system32\drivers\{c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw.sys

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : APSnotifierPP1
[-] Task Deleted : APSnotifierPP2
[-] Task Deleted : APSnotifierPP3
[-] Task Deleted : Crossbrowse
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
[-] Task Deleted : PC-Mechanic Maintenance
[-] Task Deleted : PC-Mechanic Startup
[-] Task Deleted : RegClean Pro
[-] Task Deleted : RegClean Pro_DEFAULT
[-] Task Deleted : RegClean Pro_UPDATES
[-] Task Deleted : PC-Mechanic Subscription
[-] Task Deleted : Advanced System~Protector
[-] Task Deleted : Advanced System~Protector_startup
[-] Task Deleted : MyBrowser
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-1-6
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-1-7
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-10_user
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-11
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-3
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-5
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-5_user
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-6
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-7
[-] Task Deleted : 74c06d22-9519-4805-9d33-0990bf16ee2f-10_user
[-] Task Deleted : 74c06d22-9519-4805-9d33-0990bf16ee2f-11
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-6
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-7
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-10_user
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-11
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-5
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-5_user
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-1-6
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-1-7
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-10_user
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-11
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-3
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-5
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-5_user
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-6
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-7
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-1-6
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-1-7
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-10_user
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-11
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-3
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-5
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-5_user
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-6
[-] Task Deleted : 537891f8-7b5c-4554-8f93-0f6bdc178de7-7
[-] Task Deleted : 74c06d22-9519-4805-9d33-0990bf16ee2f-10_user
[-] Task Deleted : 74c06d22-9519-4805-9d33-0990bf16ee2f-11
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-6
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-1-7
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-10_user
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-11
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-5
[-] Task Deleted : 94be15cc-7c57-47f4-8cc9-735aa1db75fb-5_user
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-1-6
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-1-7
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-10_user
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-11
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-3
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-5
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-5_user
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-6
[-] Task Deleted : f1961739-97cb-4197-ad2f-915f55b7ee49-7
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
[-] Key Deleted : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
[-] Key Deleted : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
[-] Key Deleted : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\CRSBRWSHTML
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse
[-] Value Deleted : HKLM\SOFTWARE\Classes\.htm\OpenWithProgids [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.html\OpenWithProgids [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\RegisteredApplications [Crossbrowse]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper
[-] Value Deleted : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\RegisteredApplications [MyBrowser]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mybrowser.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\mybrowser.exe
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\MyBrowser
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro
[-] Key Deleted : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Update PodoWeb
[-] Key Deleted : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Util PodoWeb
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures [MyBrowser.job]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures [MyBrowser.job.fp]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures [Crossbrowse.job]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures [Crossbrowse.job.fp]
[-] Key Deleted : HKLM\SOFTWARE\a7c99d22-3caa-4968-b8b2-77ca316f3800
[-] Key Deleted : HKLM\SOFTWARE\dd6cb864-22c2-44cc-baa2-1536b5a78dc3
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.001
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.7z
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.arj
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.bz2
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.bzip2
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.cab
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.cpio
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.deb
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.dmg
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.fat
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.gz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.gzip
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.hfs
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.iso
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.lha
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.lzh
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.lzma
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.ntfs
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.rar
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.rpm
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.squashfs
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.swm
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tar
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.taz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tbz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tbz2
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tgz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.tpz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.txz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.vhd
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.wim
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.xar
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.xz
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.z
[-] Key Deleted : HKLM\SOFTWARE\Classes\WinZipper.zip
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4F622628-7632-4B28-B184-D7BA0CA3273B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A563926-CF4B-4363-A760-F71E46205B7E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKCU\Software\AnyProtect
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\SmdmF
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\SystemK
[-] Key Deleted : HKCU\Software\systweak
[-] Key Deleted : HKCU\Software\V9
[-] Key Deleted : HKCU\Software\Reimage
[-] Key Deleted : HKCU\Software\CrossBrowser
[-] Key Deleted : HKCU\Software\reimagerepair
[-] Key Deleted : HKCU\Software\Linkey
[-] Key Deleted : HKCU\Software\YorkNewCin
[-] Key Deleted : HKCU\Software\HighDefAction
[-] Key Deleted : HKCU\Software\ArenaHD
[-] Key Deleted : HKCU\Software\Reg\Clean
[-] Key Deleted : HKCU\Software\CinemaPlus-3.2cV01.10-nv
[-] Key Deleted : HKCU\Software\CinemaPlus-3.2cV01.10-nv-ie
[-] Key Deleted : HKCU\Software\CinemaPlus-3.2cV07.10
[-] Key Deleted : HKCU\Software\CinemaPlus-3.2cV13.10
[-] Key Deleted : HKCU\Software\CinemaPlus-3.2cV13.10-nv-ie
[-] Key Deleted : HKCU\Software\Crossbrowse
[-] Key Deleted : HKCU\Software\MyBrowser
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Driver-Soft
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\hdcode
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\simplitec
[-] Key Deleted : HKLM\SOFTWARE\SmdmF
[-] Key Deleted : HKLM\SOFTWARE\SystemK
[-] Key Deleted : HKLM\SOFTWARE\systweak
[-] Key Deleted : HKLM\SOFTWARE\V9
[-] Key Deleted : HKLM\SOFTWARE\winzipersvc
[-] Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
[-] Key Deleted : HKLM\SOFTWARE\Elex-tech
[-] Key Deleted : HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKLM\SOFTWARE\WdsManPro
[-] Key Deleted : HKLM\SOFTWARE\RayDld
[-] Key Deleted : HKLM\SOFTWARE\ihpmserver
[-] Key Deleted : HKLM\SOFTWARE\Reg\Clean
[-] Key Deleted : HKLM\SOFTWARE\TSv
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV01.10-nv
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV01.10-nv-ie
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV02.10
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV07.10
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV13.10
[-] Key Deleted : HKLM\SOFTWARE\CinemaPlus-3.2cV13.10-nv-ie
[-] Key Deleted : HKLM\SOFTWARE\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\MyBrowser
[-] Key Deleted : HKLM\SOFTWARE\MyBrowser 1.0.2V29.09
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9563BC59-9556-4805-8CD4-886781779D8D}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean-Pro_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius Professional Edition_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PopupProduct
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaPlus-3.2cV07.10
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaPlus-3.2cV13.10
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyBrowser
[-] Key Deleted : HKU\.DEFAULT\Software\Elex-tech
[-] Key Deleted : HKU\.DEFAULT\Software\CinemaPlus-3.2cV01.10-nv
[-] Key Deleted : HKU\.DEFAULT\Software\CinemaPlus-3.2cV01.10-nv-ie
[-] Key Deleted : HKU\.DEFAULT\Software\CinemaPlus-3.2cV13.10-nv-ie
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\gamingwonderland.dl.tb.ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\inspsearch.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\kingtale3.inspsearch.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\reimagenetwork.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\televisionfanatic.dl.tb.ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\v9.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.v9.com

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [31952 bytes] ##########

Re: Prosím o kontrolu logu - zavirované PC

Napsal: 22 lis 2015 20:43
od Rudy
Dejte nový log FRST.

Re: Prosím o kontrolu logu - zavirované PC

Napsal: 22 lis 2015 21:26
od ivkanahodilova
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:22-11-2015
Ran by Iva (administrator) on IVA-PC (22-11-2015 21:23:04)
Running from C:\Users\Iva\Desktop
Loaded Profiles: Iva (Available Profiles: Iva)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeTray.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\46.0.2490.86\Installer\chrmstp.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_19_0_0_245_ActiveX.exe
(Ghisler Software GmbH) C:\Program Files\Totalcmd\TOTALCMD.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-10] (AVAST Software)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2014-03-24] (Logitech, Inc.)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\Run: [GoogleChromeAutoLaunch_931877040822C1640EC7A0875A73A438] => "C:\Program Files\MyBrowser\MyBrowser\Application\mybrowser.exe" --no-startup-window
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\RunOnce: [Application Restart #1] => C:\Program Files\Avant Browser\webkit\webkit.exe [668408 2015-09-29] (The Chromium Authors)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\RunOnce: [Application Restart #2] => C:\Program Files\Avant Browser\webkit\webkit.exe [668408 2015-09-29] (The Chromium Authors)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\RunOnce: [Application Restart #3] => C:\Program Files\Avant Browser\webkit\webkit.exe [668408 2015-09-29] (The Chromium Authors)
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\MountPoints2: {16a80df8-a5fd-11e3-a9d0-00219b3170a0} - E:\autorun.exe
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\MountPoints2: {b673d197-d577-11e4-a168-00219b3170a0} - F:\autorun.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-20] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2014-03-07]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{FA1FC4A2-16F8-40A2-A06F-8EF71D83E7A2}: [DhcpNameServer] 192.168.100.1 192.168.3.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130919100609618099&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://seznam.cz/
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1445858917&from= ... 9w1bbt8g9m
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1445858917&fr ... earchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&a ... earchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1445858917&fr ... earchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&a ... earchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {B6DDB2A5-A528-4C20-8406-3368FB01E529} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {F7BD9A9F-3458-4C29-B40A-C2B81111C467} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-22] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20] (AVAST Software)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-22] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-22] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-22] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-22] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3296444741-4028167595-444839913-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Iva\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-09-28] (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-20] [not signed]
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-03-14] [not signed]

Chrome:
=======
CHR Profile: C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-22]
CHR Extension: (Dokumenty Google) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-22]
CHR Extension: (Disk Google) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-22]
CHR Extension: (Avast Online Security) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-22]
CHR Extension: (Gmail) - C:\Users\Iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-22]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-20] (AVAST Software)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1893896 2015-11-12] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 iSafeService; C:\Program Files\Elex-tech\YAC\iSafeSvc.exe [118048 2015-08-19] (Elex do Brasil Participações Ltda)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-11-12] (LogMeIn, Inc.)
S2 MustangService_2015_10_10; C:\ProgramData\TempMoudleSet\MustangSer156.exe [236816 2015-10-09] (MustangService)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-11-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-11-10] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-20] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-11-02] (Disc Soft Ltd)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 iSafeKrnl; C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys [225896 2015-05-14] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys [97912 2015-08-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [45032 2015-08-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys [73232 2015-08-19] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [44712 2015-06-30] (Elex do Brasil Participações Ltda)
S3 usbcamcl; C:\Windows\System32\DRIVERS\usbcamcl.sys [28416 2011-08-18] (usb camera)
S3 cpuz134; \??\C:\Users\Iva\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 iSafeKrnlBoot; system32\DRIVERS\iSafeKrnlBoot.sys [X]
S1 {37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw; system32\drivers\{37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw.sys [X]
S1 {51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw; system32\drivers\{51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw.sys [X]
S1 {6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw; system32\drivers\{6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw.sys [X]
S1 {9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw; system32\drivers\{9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw.sys [X]
S1 {98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw; system32\drivers\{98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw.sys [X]
S1 {a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw; system32\drivers\{a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw.sys [X]
S1 {ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw; system32\drivers\{ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw.sys [X]
S1 {adb41315-fba7-4b86-be27-b2401a20c8d2}Gw; system32\drivers\{adb41315-fba7-4b86-be27-b2401a20c8d2}Gw.sys [X]
S1 {b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw; system32\drivers\{b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw.sys [X]
S1 {b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw; system32\drivers\{b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw.sys [X]
S1 {b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw; system32\drivers\{b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw.sys [X]
S1 {c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw; system32\drivers\{c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-22 21:22 - 2015-11-22 21:22 - 00001116 ____C C:\Users\Iva\Desktop\Total Commander – zástupce.lnk
2015-11-22 21:22 - 2015-11-22 21:22 - 00000000 ___DC C:\Users\Iva\Desktop\FRST-OlderVersion
2015-11-22 20:33 - 2015-11-22 20:33 - 00013185 ____C C:\Users\Iva\Desktop\Vyhledat aktualizace.lnk
2015-11-22 20:01 - 2015-11-22 20:01 - 00002161 ____C C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-22 20:01 - 2015-11-22 20:01 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-22 20:00 - 2015-11-22 21:05 - 00000934 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-22 20:00 - 2015-11-22 20:05 - 00000930 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-22 19:33 - 2015-11-22 19:33 - 00000000 ___DC C:\Users\Iva\AppData\Roaming\Elex-tech
2015-11-22 19:33 - 2015-06-30 03:50 - 00044712 ____C (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2015-11-22 19:27 - 2015-11-22 19:30 - 00000000 ___DC C:\AdwCleaner
2015-11-22 19:26 - 2015-11-22 19:26 - 01732096 ____C C:\Users\Iva\Desktop\adwcleaner_5.021.exe
2015-11-22 18:58 - 2015-11-22 18:58 - 00028310 ____C C:\Users\Iva\Desktop\Addition.txt
2015-11-22 18:57 - 2015-11-22 21:23 - 00019428 ____C C:\Users\Iva\Desktop\FRST.txt
2015-11-22 18:56 - 2015-11-22 21:23 - 00000000 ___DC C:\FRST
2015-11-22 18:54 - 2015-11-22 21:22 - 01717248 ____C (Farbar) C:\Users\Iva\Desktop\FRST.exe
2015-11-22 18:47 - 2015-11-22 18:47 - 00000000 ___DC C:\Program Files\Common Files\Java
2015-11-22 18:46 - 2015-11-22 18:46 - 00000000 ___DC C:\Users\Iva\AppData\Roaming\Sun
2015-11-22 18:46 - 2015-11-22 18:46 - 00000000 ___DC C:\Users\Iva\.oracle_jre_usage
2015-11-22 18:44 - 2015-11-22 18:44 - 00000000 ___DC C:\Users\Iva\AppData\LocalLow\Oracle
2015-11-22 18:43 - 2015-11-22 18:43 - 00000652 ____C C:\Windows\LkmdfCoInst.log
2015-11-17 16:25 - 2015-11-17 16:25 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-11-17 16:25 - 2015-11-17 16:25 - 00000000 ___DC C:\Program Files\LogMeIn Hamachi
2015-11-15 12:06 - 2015-11-15 12:06 - 00000000 ___DC C:\ProgramData\TempMoudleSet
2015-11-12 19:02 - 2015-11-12 19:12 - 44311088 ____C C:\Users\Iva\Downloads\Seznam.cz (1).exe
2015-11-12 16:29 - 2015-11-12 19:00 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 19:07 - 2015-11-11 19:12 - 00000000 ___DC C:\56d85a9898984645d61ebf2a12dd45
2015-11-11 16:44 - 2015-11-11 19:05 - 20331520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 12854272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 16:44 - 2015-11-11 19:05 - 02279936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 16:44 - 2015-11-11 19:05 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 16:44 - 2015-11-11 19:05 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 16:44 - 2015-11-11 19:05 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 16:44 - 2015-11-11 19:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 16:44 - 2015-11-11 19:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 16:44 - 2015-11-11 19:05 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 16:44 - 2015-11-11 19:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 16:39 - 2015-11-11 19:07 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 16:39 - 2015-11-11 19:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 16:39 - 2015-11-11 19:07 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 16:39 - 2015-11-11 19:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 16:39 - 2015-11-11 19:06 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 16:39 - 2015-11-11 19:06 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 03991488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 03935680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 16:39 - 2015-11-11 19:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 16:39 - 2015-11-11 19:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 16:39 - 2015-11-11 19:05 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 16:38 - 2015-11-11 19:05 - 00712640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 16:33 - 2015-11-11 19:03 - 00371920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 16:33 - 2015-11-11 19:03 - 00251000 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 02955776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 16:33 - 2015-11-11 19:02 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 16:33 - 2015-11-11 19:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 16:33 - 2015-11-11 19:02 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-09 20:04 - 2015-11-09 20:14 - 44312328 ____C C:\Users\Iva\Downloads\Seznam.cz.exe
2015-11-06 16:53 - 2015-11-06 16:53 - 00004245 ____C C:\Users\Iva\Downloads\stažený soubor
2015-10-30 14:50 - 2015-10-30 14:50 - 00772016 ____C (Reimage®) C:\Users\Iva\Downloads\ReimageRepair (2).exe
2015-10-27 16:03 - 2015-11-17 16:25 - 00000856 ____C C:\Users\Public\Desktop\LogMeIn Hamachi.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-22 21:20 - 2014-02-05 19:17 - 01135778 ____C C:\Windows\WindowsUpdate.log
2015-11-22 21:13 - 2014-07-08 19:11 - 00000914 ____C C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-22 20:26 - 2015-01-01 13:46 - 00000000 ___DC C:\Users\Iva\AppData\Local\LogMeIn Hamachi
2015-11-22 20:01 - 2014-02-14 17:39 - 00000000 ___DC C:\Program Files\Google
2015-11-22 20:00 - 2014-02-14 17:39 - 00000000 ___DC C:\Users\Iva\AppData\Local\Deployment
2015-11-22 19:43 - 2009-07-14 05:34 - 00032096 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-22 19:43 - 2009-07-14 05:34 - 00032096 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-22 19:33 - 2015-10-04 10:45 - 00011216 ____C C:\Windows\setupact.log
2015-11-22 19:33 - 2015-10-04 10:44 - 00539568 ____C C:\Windows\PFRO.log
2015-11-22 19:33 - 2009-07-14 05:53 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2015-11-22 18:53 - 2015-09-25 15:30 - 00000004 ____C C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-11-22 18:53 - 2014-02-15 15:40 - 00000000 ___DC C:\ProgramData\Oracle
2015-11-22 18:48 - 2014-08-30 16:30 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-22 18:48 - 2014-02-15 15:39 - 00000000 ___DC C:\Program Files\Java
2015-11-22 18:46 - 2014-08-30 16:30 - 00278624 ____C (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-11-22 18:46 - 2014-08-30 16:30 - 00095840 ____C (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-11-22 18:46 - 2014-02-14 09:18 - 00000000 ___DC C:\Users\Iva
2015-11-22 18:43 - 2015-03-14 15:51 - 00016400 ____C (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-11-21 22:30 - 2014-02-15 12:53 - 00000000 ___DC C:\Program Files\TeamViewer
2015-11-20 18:07 - 2010-11-20 22:01 - 01583226 ____C C:\Windows\system32\PerfStringBackup.INI
2015-11-13 21:31 - 2014-04-19 18:04 - 00000000 ___DC C:\Users\Iva\AppData\Roaming\TeamViewer
2015-11-12 19:41 - 2009-07-14 05:33 - 00302056 ____C C:\Windows\system32\FNTCACHE.DAT
2015-11-12 11:50 - 2015-01-01 13:43 - 00027040 ___HC (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-11-11 21:41 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2015-11-11 21:12 - 2009-07-14 03:37 - 00000000 ___DC C:\Windows\Microsoft.NET
2015-11-11 19:39 - 2011-04-12 02:46 - 00000000 ___DC C:\Program Files\Windows Journal
2015-11-11 19:21 - 2009-07-14 03:37 - 00000000 ___DC C:\Windows\system32\NDF
2015-11-11 19:14 - 2014-07-08 19:10 - 00780488 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-11-11 19:14 - 2014-07-08 19:10 - 00142536 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-11-11 19:12 - 2014-02-14 19:17 - 00000000 ___DC C:\Windows\system32\MRT
2015-11-11 19:07 - 2014-02-14 19:17 - 143250520 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-10 20:49 - 2015-10-04 15:24 - 00100352 __SHC C:\Users\Iva\Documents\Thumbs.db
2015-11-10 20:47 - 2015-10-18 15:16 - 00040702 ____C C:\Users\Iva\Documents\Faktura Milda.ods
2015-11-10 16:51 - 2014-02-14 18:13 - 00794952 ____C (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-11-10 16:51 - 2014-02-14 18:13 - 00435464 ____C (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-11-07 13:44 - 2014-02-14 18:29 - 00000000 ___DC C:\Users\Iva\AppData\Roaming\Skype
2015-11-07 13:13 - 2014-02-14 18:28 - 00000000 ___DC C:\ProgramData\Skype

==================== Files in the root of some directories =======

2015-10-03 07:58 - 2015-10-03 07:58 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsdE16.tmp
2015-10-03 11:03 - 2015-10-03 11:03 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsi9B4A.tmp
2015-10-05 13:55 - 2015-10-05 13:55 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsr4603.tmp
2015-10-02 19:19 - 2015-10-02 19:19 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsr5233.tmp
2015-10-06 17:43 - 2015-10-06 17:42 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nssBB8D.tmp
2015-10-04 11:19 - 2015-10-04 11:19 - 0613255 ____C (CMI Limited) C:\Users\Iva\AppData\Local\nsxDA5.tmp
2015-09-25 15:27 - 2015-10-16 14:02 - 0000102 ____C () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Some files in TEMP:
====================
C:\Users\Iva\AppData\Local\Temp\1742.exe
C:\Users\Iva\AppData\Local\Temp\7276.exe
C:\Users\Iva\AppData\Local\Temp\7545.exe
C:\Users\Iva\AppData\Local\Temp\8043.exe
C:\Users\Iva\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Iva\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-20 19:08

==================== End of FRST.txt ============================

Re: Prosím o kontrolu logu - zavirované PC

Napsal: 22 lis 2015 22:33
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\Run: [GoogleChromeAutoLaunch_931877040822C1640EC7A0875A73A438] => "C:\Program Files\MyBrowser\MyBrowser\Application\mybrowser.exe" --no-startup-window
C:\Program Files\MyBrowser\MyBrowser
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\MountPoints2: {16a80df8-a5fd-11e3-a9d0-00219b3170a0} - E:\autorun.exe
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\MountPoints2: {b673d197-d577-11e4-a168-00219b3170a0} - F:\autorun.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type= ... rx57x0z&q={searchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=144585 ... bbt8g9m&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?si ... &src=ds&p={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type= ... rx57x0z&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=144585 ... bbt8g9m&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?si ... &src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Toolbar: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
S1 {37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw; system32\drivers\{37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw.sys [X]
S1 {51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw; system32\drivers\{51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw.sys [X]
S1 {6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw; system32\drivers\{6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw.sys [X]
S1 {9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw; system32\drivers\{9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw.sys [X]
S1 {98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw; system32\drivers\{98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw.sys [X]
S1 {a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw; system32\drivers\{a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw.sys [X]
S1 {ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw; system32\drivers\{ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw.sys [X]
S1 {adb41315-fba7-4b86-be27-b2401a20c8d2}Gw; system32\drivers\{adb41315-fba7-4b86-be27-b2401a20c8d2}Gw.sys [X]
S1 {b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw; system32\drivers\{b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw.sys [X]
S1 {b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw; system32\drivers\{b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw.sys [X]
S1 {b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw; system32\drivers\{b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw.sys [X]
S1 {c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw; system32\drivers\{c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw.sys [X]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Iva\AppData\Local\nsdE16.tmp
C:\Users\Iva\AppData\Local\nsi9B4A.tmp
C:\Users\Iva\AppData\Local\nsr4603.tmp
C:\Users\Iva\AppData\Local\nsr5233.tmp
C:\Users\Iva\AppData\Local\nssBB8D.tmp
C:\Users\Iva\AppData\Local\nsxDA5.tmp
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Iva\AppData\Local\Temp
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosím o kontrolu logu - zavirované PC

Napsal: 22 lis 2015 23:34
od ivkanahodilova
Fix result of Farbar Recovery Scan Tool (x86) Version:22-11-2015
Ran by Iva (2015-11-22 23:28:00) Run:1
Running from C:\Users\Iva\Desktop
Loaded Profiles: Iva (Available Profiles: Iva)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\Run: [GoogleChromeAutoLaunch_931877040822C1640EC7A0875A73A438] => "C:\Program Files\MyBrowser\MyBrowser\Application\mybrowser.exe" --no-startup-window
C:\Program Files\MyBrowser\MyBrowser
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\MountPoints2: {16a80df8-a5fd-11e3-a9d0-00219b3170a0} - E:\autorun.exe
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\...\MountPoints2: {b673d197-d577-11e4-a168-00219b3170a0} - F:\autorun.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=144585891 ... 9w1bbt8g9m
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type= ... rx57x0z&q={searchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=144585 ... bbt8g9m&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?si ... &src=ds&p={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type= ... rx57x0z&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=144585 ... bbt8g9m&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?si ... &src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Toolbar: HKU\S-1-5-21-3296444741-4028167595-444839913-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
S1 {37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw; system32\drivers\{37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw.sys [X]
S1 {51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw; system32\drivers\{51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw.sys [X]
S1 {6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw; system32\drivers\{6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw.sys [X]
S1 {9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw; system32\drivers\{9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw.sys [X]
S1 {98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw; system32\drivers\{98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw.sys [X]
S1 {a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw; system32\drivers\{a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw.sys [X]
S1 {ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw; system32\drivers\{ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw.sys [X]
S1 {adb41315-fba7-4b86-be27-b2401a20c8d2}Gw; system32\drivers\{adb41315-fba7-4b86-be27-b2401a20c8d2}Gw.sys [X]
S1 {b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw; system32\drivers\{b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw.sys [X]
S1 {b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw; system32\drivers\{b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw.sys [X]
S1 {b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw; system32\drivers\{b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw.sys [X]
S1 {c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw; system32\drivers\{c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw.sys [X]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Iva\AppData\Local\nsdE16.tmp
C:\Users\Iva\AppData\Local\nsi9B4A.tmp
C:\Users\Iva\AppData\Local\nsr4603.tmp
C:\Users\Iva\AppData\Local\nsr5233.tmp
C:\Users\Iva\AppData\Local\nssBB8D.tmp
C:\Users\Iva\AppData\Local\nsxDA5.tmp
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Iva\AppData\Local\Temp
End
*****************

HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_931877040822C1640EC7A0875A73A438 => value removed successfully.
"C:\Program Files\MyBrowser\MyBrowser" => not found.
"HKU\S-1-5-21-3296444741-4028167595-444839913-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{16a80df8-a5fd-11e3-a9d0-00219b3170a0}" => key removed successfully.
HKCR\CLSID\{16a80df8-a5fd-11e3-a9d0-00219b3170a0} => key not found.
"HKU\S-1-5-21-3296444741-4028167595-444839913-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b673d197-d577-11e4-a168-00219b3170a0}" => key removed successfully.
HKCR\CLSID\{b673d197-d577-11e4-a168-00219b3170a0} => key not found.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera" => key removed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page => value could not remove.
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value could not remove.
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page => value could not remove.
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value could not remove.
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Error setting value.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key could not remove.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key could not remove.
HKCR\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => key could not remove.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key could not remove.
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key could not remove.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key could not remove.
HKCR\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key not found.
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => key could not remove.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => key not found.
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key could not remove.
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\S-1-5-21-3296444741-4028167595-444839913-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully.
{37853ded-5f26-4b06-88d4-a4f00ea1c972}Gw => service removed successfully.
{51d6aaf3-0bd7-47b0-8963-1c6f4d58b8fd}Gw => service removed successfully.
{6b9234ab-d79f-41db-86f9-8be7a3e9ee74}Gw => service removed successfully.
{9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw => service removed successfully.
{98e700ee-1d13-4cd6-97a6-d8d4d2f0a35b}Gw => service removed successfully.
{a2df9e48-ce26-4812-87d1-df6c5bed5ea9}Gw => service removed successfully.
{ab3b6fe8-8ffe-4d0c-aa1e-8030c4760982}Gw => service removed successfully.
{adb41315-fba7-4b86-be27-b2401a20c8d2}Gw => service removed successfully.
{b0ff63b8-ba6f-45bb-b13c-8474c0d8fc94}Gw => service removed successfully.
{b2aa7bb9-5668-402a-97c7-7dabffe0f82d}Gw => service removed successfully.
{b9f73d40-1a45-43a0-9a38-3e55d05b3bd4}Gw => service removed successfully.
{c0b542ce-0b43-4536-9ff3-886eaf9fb44c}Gw => service removed successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Users\Iva\AppData\Local\nsdE16.tmp => moved successfully
C:\Users\Iva\AppData\Local\nsi9B4A.tmp => moved successfully
C:\Users\Iva\AppData\Local\nsr4603.tmp => moved successfully
C:\Users\Iva\AppData\Local\nsr5233.tmp => moved successfully
C:\Users\Iva\AppData\Local\nssBB8D.tmp => moved successfully
C:\Users\Iva\AppData\Local\nsxDA5.tmp => moved successfully
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => moved successfully

"C:\Users\Iva\AppData\Local\Temp" folder move:

Could not move "C:\Users\Iva\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-11-22 23:29:50)

C:\Users\Iva\AppData\Local\Temp => moved successfully

==== End of Fixlog 23:29:50 ====

Re: Prosím o kontrolu logu - zavirované PC

Napsal: 23 lis 2015 18:03
od Rudy
Smazáno. Nastala nějaká změna?

Re: Prosím o kontrolu logu - zavirované PC

Napsal: 25 lis 2015 07:21
od ivkanahodilova
Zdá se to být v pořádku. Mohu nyní použité nástroje smazat/odinstalovat? Děkuji :fez:

Re: Prosím o kontrolu logu - zavirované PC

Napsal: 25 lis 2015 18:48
od Rudy
OK. Odinstalace/smazání je samozřejmě možné. Nemáte zač! :)

Re: Prosím o kontrolu logu - zavirované PC

Napsal: 27 lis 2015 00:33
od ivkanahodilova
Děkuji Vám :)

Re: Prosím o kontrolu logu - zavirované PC

Napsal: 27 lis 2015 17:45
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz