VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Dobrý den, potřeboval bych pomoc s virama a malware DĚKUJI

https://forum.viry.cz:443/viewtopic.php?t=150307

Stránka 1 z 3

Dobrý den, potřeboval bych pomoc s virama a malware DĚKUJI

Napsal: 17 říj 2016 13:48
od Merky
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2016
Ran by AspireG (administrator) on ASPIREG-PC (17-10-2016 14:34:31)
Running from C:\Users\AspireG\Desktop
Loaded Profiles: AspireG (Available Profiles: AspireG & Guest)
Platform: Windows 7 Home Premium (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.11.266\SSScheduler.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(forum.viry.cz) C:\Users\AspireG\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758280 2016-06-16] (APN)
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\Policies\system: [Shell] explorer.exe
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\MountPoints2: {03e12952-c3de-11df-a7ee-00262d8fe6e4} - F:\wubi.exe
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\MountPoints2: {5c2d4742-b21b-11e5-a7bc-00262d8fe6e4} - H:\LG_PC_Programs.exe
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\MountPoints2: {6f75db40-6081-11e4-b867-806e6f6e6963} - F:\setup.exe
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\MountPoints2: {6f75db41-6081-11e4-b867-806e6f6e6963} - G:\setup.exe
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\MountPoints2: {b3f73255-4bee-11e6-9bad-00262d8fe6e4} - F:\autorun.exe
ShellExecuteHooks-x32: - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-11] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-09-11] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-07-31]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{566A5067-95CE-4D3F-A64D-81CC6684E64E}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130886245434960301&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.amaizingsearches.info/?pid=1273&r=2014/04/01&hid=11780356437905707336&lg=EN&cc=CZ&unqvl=51
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=14147 ... E3280E3280
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=14147 ... E3280E3280
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130886245435116301&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2670199&CUI=UN31378477952583167
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=14147 ... E3280E3280
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=sm
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
URLSearchHook: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 - QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\AspireG\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
URLSearchHook: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
URLSearchHook: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=565&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=2522220171634425&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=565&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=2522220171634425&q={searchTerms}
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q={searchTerms}
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=1273&r=2014/04/01&hid=11780356437905707336&lg=EN&cc=CZ&unqvl=51
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = hxxp://search.qip.ru/search?query={searchTerms}&from=IE
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://asksearch.ask.com/redirect?client=ie&src=crm&tb=ATU-SAT&o=APN10241&locale=en_EU&apn_uid=43DCA117-327B-432F-B6C2-66AC26C10B54&apn_ptnrs=^AF8&apn_dtid=^YYYYYY^YY^CZ&apn_dbr=cr_15.0.874.102&itbv=11.1.0.182&doi=2012-09-29&q={searchTerms}&
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=sm
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ397
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {93DE1ECA-2B83-4711-90F6-DC57FC14E825} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2670199
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=565&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=2522220171634425&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = hxxp://search.qip.ru/search?query={searchTerms}&from=IE
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ397
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=1273&r=2014/04/01&hid=11780356437905707336&lg=EN&cc=CZ&unqvl=51
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {CD4FA6E1-8CDA-4ABC-BB13-F5F83F94D7B6} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {FCFDB4EB-F7B2-4D61-B99A-C2317531ACB3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Ask Shopping Toolbar -> {4154552D-5341-5400-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU-SAT\Passport_x64.dll [2016-06-16] (APN LLC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2016-03-21] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-03-21] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO-x32: Ask Shopping Toolbar -> {4154552D-5341-5400-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU-SAT\Passport.dll [2016-06-16] (APN LLC.)
BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: QIPBHO Class -> {95289393-33EA-4F8D-B952-483415B9C955} -> C:\Users\AspireG\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2012-11-26] (qip.ru)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
BHO-x32: No Name -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKLM - Ask Shopping Toolbar - {4154552D-5341-5400-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU-SAT\Passport_x64.dll [2016-06-16] (APN LLC.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKLM-x32 - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKLM-x32 - Ask Shopping Toolbar - {4154552D-5341-5400-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU-SAT\Passport.dll [2016-06-16] (APN LLC.)
Toolbar: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> Ask Shopping Toolbar - {4154552D-5341-5400-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU-SAT\Passport_x64.dll [2016-06-16] (APN LLC.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-04] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-04] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-04] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-04] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=14147 ... E3280E3280

FireFox:
========
FF ProfilePath: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default [2016-10-17]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\hf278yrv.default -> Ask.com
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\hf278yrv.default -> hxxp://websearch.amaizingsearches.info/?pid=1273&r=2014/04/01&hid=11780356437905707336&lg=EN&cc=CZ&unqvl=51&l=1&q=
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\hf278yrv.default -> WebSearch
FF SearchEngineOrder.1,S: Mozilla\Firefox\Profiles\hf278yrv.default -> WebSearch
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\hf278yrv.default -> Ask.com
FF SelectedSearchEngine,S: Mozilla\Firefox\Profiles\hf278yrv.default -> WebSearch
FF Homepage: Mozilla\Firefox\Profiles\hf278yrv.default -> hxxp://websearch.amaizingsearches.info/?pid=1273&r=2014/04/01&hid=11780356437905707336&lg=EN&cc=CZ&unqvl=51
FF NetworkProxy: Mozilla\Firefox\Profiles\hf278yrv.default -> type", 0
FF Extension: (hosts) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\05dd836e-2cbd-4204-9ff3-2f8a8665967d@a8876730-fb0c-4057-a2fc-f9c09d438e81.com [2013-07-04] [not signed]
FF Extension: (TotalPlusHD-3.1V31.10) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\6cfae8cc4676442fa78d9dcdf@bd4ea874e76d4af1994ba.com [2014-10-31] [not signed]
FF Extension: (DAEMON Tools Toolbar) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\DTToolbar@toolbarnet.com [2013-07-29] [not signed]
FF Extension: (Fast Start) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\faststartff@gmail.com [2014-10-31] [not signed]
FF Extension: (multifoxhultmann) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\multifox@hultmann [2014-11-04] [not signed]
FF Extension: (GamePlayLabs Plugin) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\plugin2@gameplaylabs.com [2011-04-08] [not signed]
FF Extension: (QipCounter) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\QipCounter@qip.ru.xpi [2012-08-24] [not signed]
FF Extension: (aTube Toolbar) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\toolbar@ask.com [2012-08-23] [not signed]
FF Extension: (Torntv 3) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\trtv3@trtv.com.xpi [2013-06-30] [not signed]
FF Extension: (Address Bar Search) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\{4D6A6C8E-1EB2-46e1-8CAA-40DAFDE3ED93} [2014-10-31] [not signed]
FF Extension: (ICQ Toolbar) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2013-07-29] [not signed]
FF Extension: (Free Lunch Design TB ) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\{a5ae8924-4036-420f-b7f6-a47e4b8f692e} [2013-07-29] [not signed]
FF Extension: (No Name) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\{a5ae8924-4036-420f-b7f6-a47e4b8f692e}.oldbackup [2012-09-21] [not signed]
FF Extension: (DVDVideoSoft Menu) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011-08-24] [not signed]
FF Extension: (Seznam lištička) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-07-14]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\ask-search.xml [2012-09-29]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\askcom.xml [2015-11-22]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\babylon.xml [2013-07-04]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\daemon-search.xml [2010-09-19]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-1.xml [2013-08-06]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-2.xml [2010-10-29]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-3.xml [2010-12-12]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-4.xml [2011-03-28]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-5.xml [2011-04-08]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-6.xml [2011-05-23]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-7.xml [2011-05-29]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-8.xml [2011-07-10]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-9.xml [2011-11-21]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin.xml [2010-10-19]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\ividi.xml [2013-08-30]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\qip-search.xml [2013-07-17]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\Search_Results.xml [2013-01-19]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\Web Search.xml [2012-12-27]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\WebSearch.xml [2014-04-01]
FF HKLM-x32\...\Firefox\Extensions: [OKitSpace@OKitSpace.es] - C:\Windows\system32\config\systemprofile\AppData\Roaming\okitSpace\Firefox => not found
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\extensions\faststartff@gmail.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-31] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-03-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2016-03-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-31] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll [No File]
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [No File]
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=14147 ... E3280E3280
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=14147 ... E3280E3280"
CHR DefaultSearchURL: Default -> hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
CHR DefaultSearchKeyword: Default -> mystartsearch
CHR Profile: C:\Users\AspireG\AppData\Local\Google\Chrome\User Data\Default [2016-07-31]
CHR Extension: (Torntv 3) - C:\Users\AspireG\AppData\Local\Google\Chrome\User Data\Default\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj [2015-11-15]
CHR Extension: (filklcnjkojnfbkcfooccecbjbfgfpaf) - C:\Users\AspireG\AppData\Local\Google\Chrome\User Data\Default\Extensions\filklcnjkojnfbkcfooccecbjbfgfpaf [2014-11-05]
CHR Extension: (Domain Error Assistant) - C:\Users\AspireG\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj [2015-11-15]
CHR Extension: (TotalPlusHD-3.1V31.10) - C:\Users\AspireG\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb [2014-10-31]
CHR Extension: (Slick Savings) - C:\Users\AspireG\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk [2015-07-25] [UpdateUrl: hxxp://www.mybrowserbar.com/update/wt/gc/coupons/update.xml] <==== ATTENTION
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\AspireG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (GamePlayLabs Plugin) - C:\Users\AspireG\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocphobfcfafpclibolpjdafgaffkaoci [2014-07-14]
CHR Extension: (No Name) - C:\Users\AspireG\AppData\Local\Form Cooking\Component [2015-11-26]
CHR Extension: (King Ninja) - C:\Users\AspireG\AppData\Local\King Ninja\Component [2015-12-31]
CHR HKLM-x32\...\Chrome\Extension: [bicnnkjibmphdeigoodpjlcklcnaobdj] - C:\Program Files (x86)\TornTV.com\torntv10.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]
CHR HKLM-x32\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\AspireG\AppData\Local\Torch\Plugins\TorchPlugin.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lbidgdoiglndbjlcnnifemecdhnpeabo] - C:\Users\AspireG\AppData\Roaming\okitSpace\Chrome\OKitSpace.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx [2013-04-26]
CHR HKLM-x32\...\Chrome\Extension: [ocphobfcfafpclibolpjdafgaffkaoci] - C:\Users\AspireG\AppData\Local\GamePlayLabs Plugin\gplplugin.crx [2011-03-15]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [198216 2016-06-16] (APN LLC.)
S4 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2013-12-05] ()
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMService; D:\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.11.266\McCHSvc.exe [235696 2015-12-02] (McAfee, Inc.)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
S4 NitroReaderDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [229392 2012-09-13] (Nitro PDF Software)
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S4 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [X]
S4 NTIBackupSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [X]
S4 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2016-03-22] () [File not signed]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2016-03-22] () [File not signed]
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [27136 2012-11-16] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [19968 2012-11-16] (Nokia)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-10-31] (Duplex Secure Ltd.)
S0 TPkd; no ImagePath
S3 vkdszuhd; no ImagePath
U3 aby21jxo; no ImagePath
S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\drivers\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
R3 gkernel; \??\C:\Users\AspireG\AppData\Local\Temp\gkernel.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-17 14:34 - 2016-10-17 14:35 - 00031713 _____ C:\Users\AspireG\Desktop\FRST.txt
2016-10-17 14:34 - 2016-10-17 14:34 - 00000000 ____D C:\FRST
2016-10-17 14:32 - 2016-10-17 14:33 - 00112640 _____ (forum.viry.cz) C:\Users\AspireG\Desktop\FRSTLauncher.exe
2016-10-17 14:31 - 2016-10-17 14:31 - 02406912 _____ (Farbar) C:\Users\AspireG\Desktop\FRST64.exe
2016-10-17 14:21 - 2016-10-17 14:21 - 03343856 _____ (Blizzard Entertainment) C:\Users\AspireG\Desktop\Heroes-of-the-Storm-Setup.exe
2016-10-16 22:40 - 2016-10-16 22:40 - 00001439 _____ C:\Users\Public\Desktop\League of Legends.lnk
2016-10-16 22:40 - 2016-10-16 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-10-16 22:37 - 2016-10-16 22:37 - 31336304 _____ (Riot Games) C:\Users\AspireG\Desktop\LeagueofLegends_EUNE_Installer_2016_05_13.exe
2016-09-24 03:53 - 2016-09-24 21:51 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-09-19 16:29 - 2016-10-17 13:51 - 00003476 _____ C:\Windows\System32\Tasks\Garena+ Plugin Host Service

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-17 14:29 - 2009-07-14 06:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-17 14:29 - 2009-07-14 06:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-17 14:21 - 2016-07-31 12:23 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-10-17 14:10 - 2016-07-31 19:26 - 00000000 ____D C:\Users\AspireG\AppData\Local\Battle.net
2016-10-17 14:10 - 2014-03-03 11:39 - 00000000 ____D C:\Users\AspireG\AppData\Local\CrashDumps
2016-10-17 14:06 - 2016-07-31 12:23 - 00000000 ____D C:\Users\AspireG\AppData\Roaming\Battle.net
2016-10-16 22:42 - 2014-10-30 17:22 - 00000000 ____D C:\Users\AspireG\AppData\Roaming\Riot Games
2016-10-15 19:55 - 2016-04-05 15:42 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

==================== Files in the root of some directories =======

2009-10-29 06:21 - 2009-02-10 21:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2002-08-29 19:33 - 2002-08-29 19:33 - 0319488 ____R () C:\Users\AspireG\AppData\Roaming\MafiaSetup.exe
2016-07-31 19:03 - 2016-07-31 19:05 - 0032256 ___SH () C:\Users\AspireG\AppData\Roaming\Thumbs.db
2010-11-04 02:15 - 2010-11-04 02:15 - 0024940 _____ () C:\Users\AspireG\AppData\Roaming\UserTile.png
2011-04-24 14:59 - 2011-04-24 14:59 - 0000000 _____ () C:\Users\AspireG\AppData\Local\{788661F8-0C23-4FCE-BA1D-75295EEDAC53}
2010-03-02 16:50 - 2010-03-02 16:53 - 0007747 _____ () C:\ProgramData\ArcadeDeluxe3.log
2009-10-29 06:22 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2011-07-18 19:17 - 2014-04-11 15:45 - 0000012 _____ () C:\ProgramData\ReminderNextRun
2014-01-22 12:48 - 2014-02-13 00:42 - 0000040 _____ () C:\ProgramData\spds90.txt

Some files in TEMP:
====================
C:\Users\AspireG\AppData\Local\Temp\AppInstaller.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


ATTENTION: ==> Could not access BCD.



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Epson Printer Software Downloader.job => C:\Program Files (x86)\EPSON\EPAPDL\E_SAPDL2.EXE
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d13e7cf2fc0456.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d16275856e309a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1ab60265b93ff.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\Windows\Tasks\WinThruster_DEFAULT.job => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== ATTENTION
Task: C:\Windows\Tasks\WinThruster_UPDATES.job => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== ATTENTION
Task: C:\Windows\Tasks\WinZipDriverUpdater_UPDATES.job => C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\AspireG\Desktop" je 26107 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****



==================== End Of Log ==============================

Re: Dobrý den, potřeboval bych pomoc s virama a malware DĚKU

Napsal: 17 říj 2016 13:50
od Merky
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2016
Ran by AspireG (17-10-2016 14:35:57)
Running from C:\Users\AspireG\Desktop
Windows 7 Home Premium (X64) (2010-09-16 10:55:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4209140738-1266058932-301308101-500 - Administrator - Disabled)
AspireG (S-1-5-21-4209140738-1266058932-301308101-1000 - Administrator - Enabled) => C:\Users\AspireG
ASPNET (S-1-5-21-4209140738-1266058932-301308101-1004 - Limited - Enabled)
Guest (S-1-5-21-4209140738-1266058932-301308101-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-4209140738-1266058932-301308101-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version: - Microsoft) Hidden
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.7006 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7006 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.29 - NewTech Infosystems)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.9.3 - Suyin Optronics Corp)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.5.0715 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3017 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\{AA3B06B1-E89A-43C6-A26B-7109DB4BEE7B}) (Version: 12.0.7.148 - Adobe Systems, Inc)
Age of Empires III - Complete Collection (HKLM-x32\...\Age of Empires III - Complete Collection_Origami_is1) (Version: 1.0 - R.G. Origami, Seraph1)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_OMUI.cs-cz_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_OMUI.cs-cz_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_OMUI.cs-cz_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.7 - Sereby Corporation)
Application Profiles (HKLM-x32\...\{039D5969-38EE-D83C-4009-6D4202602665}) (Version: 2.0.4218.33965 - Advanced Micro Devices, Inc.)
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C0F05}) (Version: 12.15.5.985 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1001}) (Version: 12.16.1.1557 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1002}) (Version: 12.16.2.1954 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1101}) (Version: 12.17.1.2558 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1200}) (Version: 12.18.0.3121 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1300}) (Version: 12.19.0.3598 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1500}) (Version: 12.21.0.4083 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1D00}) (Version: 12.29.0.1624 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C2201}) (Version: 12.34.1.2242 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C2300}) (Version: 12.35.0.2480 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C2803}) (Version: 12.40.3.4133 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C2804}) (Version: 12.40.4.535 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C2806}) (Version: 12.40.6.1065 - APN, LLC) <==== ATTENTION
ATI Catalyst Install Manager (HKLM\...\{FEC0590D-D4DE-DB7C-C625-657FC30CF927}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
aTube Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.2.0 - Ask.com) <==== ATTENTION
AVG PC TuneUp 2014 (cs-CZ) (x32 Version: 14.0.1001.380 - AVG) Hidden
Backup Manager Basic (x32 Version: 2.0.0.29 - NewTech Infosystems) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
ccc-core-static (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Counter-Strike 1.6 (HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\Counter-Strike 1.6) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
DirectX for Managed Code (HKLM\...\{FDF7187F-3960-4BEC-916D-98C9A83E3A68}_is1) (Version: 1.0.0.0 - Sereby Corporation)
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.00 - SEIKO EPSON Corporation)
Epson Printer Software Downloader (HKLM-x32\...\Epson Printer Software Downloader) (Version: - )
Epson Printer Software Downloader (x32 Version: 2.0.0 - SEIKO EPSON CORPORATION) Hidden
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4i - SEIKO EPSON CORPORATION)
EpsonNet Setup (HKLM-x32\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1a - SEIKO EPSON CORPORATION)
ESL Wire 1.19.0 (HKLM\...\ESL Wire_is1) (Version: - Turtle Entertainment GmbH)
Form Cooking (HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\{9563BC59-9556-4805-8CD4-886781779D8D}) (Version: 1.7.0 - Mart Component corp) <==== ATTENTION
Free YouTube to MP3 Converter version 3.12.12.827 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.12.827 - DVDVideoSoft Ltd.)
GamePark klient 2.0.9.0 (HKLM\...\{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1) (Version: 2.0.9.0 - GamePark)
GamePlayLabs Plugin (HKLM-x32\...\GamePlayLabs Plugin) (Version: - )
Garena+ (HKLM-x32\...\im) (Version: 2011 - Garena Online Pte Ltd.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.4.55 - Conexant Systems)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
iLivid (HKLM-x32\...\iLivid) (Version: 4.0.0.2410 - Bandoo Media Inc) <==== ATTENTION
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Just Cause Demo 1.00.0000 (HKLM-x32\...\{E766BDE2-A6DF-4066-B495-2B7BDFF01BB0}) (Version: 1.00.0000 - Eidos)
King Ninja (HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\{BF5F536C-B250-CE5B-51C3-50C09E202992}) (Version: 1.3.3 - Total Style corp) <==== ATTENTION
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.06 - Acer Inc.)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mat Hoffman's Pro BMX (HKLM-x32\...\Mat Hoffman's Pro BMX) (Version: - )
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version: - )
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0100-0405-0000-0000000FF1CE}_OMUI.cs-cz_{1FC5BC34-0301-40D2-9432-05BA220277B8}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Czech/èeština (HKLM-x32\...\OMUI.cs-cz) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (Czech) (HKLM-x32\...\{95120000-00AF-0405-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60830 (HKLM-x32\...\{c7ed0d4c-89c5-47fc-9e89-1088affe63f3}) (Version: 11.0.60830.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60830 (HKLM-x32\...\{9dba0447-b749-41ea-90bc-2aa19a9eb580}) (Version: 11.0.60830.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{99D7DE4C-2775-4B16-B155-7F09AE939E8E}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 49.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 49.0.1 (x64 cs)) (Version: 49.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 6 Service Pack 2 (KB2758696) (HKLM\...\{E1B33EF1-258C-4EC0-A340-D031100FE50D}) (Version: 6.20.2016.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
Nero 7 Ultra Edition (HKLM-x32\...\{91C0B95B-B83A-4828-A775-BBE2DD421029}) (Version: 7.02.9752 - Nero AG)
Nitro Reader 2 (HKLM\...\{C30BB9AD-F9E4-4506-B416-57C03702998D}) (Version: 2.5.0.45 - Nitro PDF Software)
NOD32 FiX 2.3.2 (HKLM-x32\...\{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1) (Version: 2.3.2 - B-effect)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 6.80.5.1 - )
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
Odinstalace tiskárny EPSON SX510W Series (HKLM\...\EPSON SX510W Series) (Version: - SEIKO EPSON Corporation)
Path of Exile (HKLM-x32\...\{ff24d2c4-7258-44cb-a5cc-85a5673b44fe}) (Version: 2.3.0.58302 - Grinding Gear Games)
Path of Exile (x32 Version: 2.3.0.58302 - Grinding Gear Games) Hidden
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
Pro Evolution Soccer 2013 (HKLM-x32\...\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}) (Version: 1.00.0000 - KONAMI)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30104 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\SeznamInstall) (Version: - Seznam.cz)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
The Simpsons Hit & Run(TM) (HKLM-x32\...\{F79AAB3A-B8B4-4AC7-94AB-1C4C076C6A89}) (Version: 1.00.000 - )
Update for 2007 Microsoft Office System (KB2284654) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Outlook 2007 Junk Email Filter (KB2483110) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{592B47F5-D305-431A-9781-ED6CBB44FA8B}) (Version: - Microsoft)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) (HKLM\...\3932CA781A7894D20116FDF60F878301800EA8AB) (Version: 09/11/2009 6.2.0.9407 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{068B46A0-8858-4CEB-80BC-A4AE787A05FC}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: 4.0.0.12911 - Blizzard Entertainment)
YTD Video Downloader 4.7.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.1 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {145DFE17-B39E-428C-BADC-A5DCBDF66635} - System32\Tasks\{B33386B6-27DA-43C2-BBE7-B641464236D1} => c:\users\aspireg\appdata\local\temp\cprogram files (x86)opera\opera.exe <==== ATTENTION
Task: {14C27CE9-6CC3-4DDE-8926-2A910947ED1C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {1C55713B-6116-4926-B7AC-54886F15CB9A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-24] (AVAST Software)
Task: {1E266A22-5DAE-44E5-9A91-DA11FAA0B7A5} - System32\Tasks\{9D9D0CC2-7800-4200-B149-3B315BF23CD0} => pcalua.exe -a "C:\Users\AspireG\Desktop\f\Fable The Lost Chapters CZ\Install\setup.exe" -d "C:\Users\AspireG\Desktop\f\Fable The Lost Chapters CZ\Install"
Task: {3231AE7C-9550-445D-9195-F94B561F2398} - System32\Tasks\{D262ED90-C497-4E32-B191-0617AE4E49A4} => c:\users\aspireg\appdata\local\temp\cprogram files (x86)opera\opera.exe <==== ATTENTION
Task: {32736384-F488-4AAE-904C-A0D927147604} - System32\Tasks\King Ninja2 => Rundll32.exe "C:\Users\AspireG\AppData\Local\King Ninja\{8429C2A0-6725-A22D-A371-6450FF46759C}\sdsafjty.dll",#1 <==== ATTENTION
Task: {37DF05B9-97A3-4AC0-B80A-682548C3B2AB} - System32\Tasks\RegistryCleanerKit Startup => C:\Program Files (x86)\Uniblue\RegistryCleanerKit\registrycleanerkit.exe <==== ATTENTION
Task: {3BA31272-003E-4CF5-AD24-92EDD67ACD3B} - System32\Tasks\{3FEC58EE-C930-4EC4-9506-97E273080F44} => Chrome.exe hxxp://ui.skype.com/ui/0/6.2.0.106/cs/abandoninstall?page=tsProgressBar
Task: {40264D7F-8BEB-43FF-BA77-BCF1047E1864} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-31] (Adobe Systems Incorporated)
Task: {51C074F5-0941-4532-8B34-A00DA851E432} - System32\Tasks\{FFF19BF5-037B-41F3-BFEA-D470DAE00244} => C:\Program Files (x86)\Skype\Phone\Skype.exe
Task: {5A680ADA-1A43-4F4F-A179-AE5D4AFA3732} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: {632230B4-E51C-48B4-B457-23B2163E9AF5} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {65F45B2E-6EBF-4271-818C-209D20611A64} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION
Task: {766021E5-E9DB-40A9-A7A1-C2D562AD063F} - System32\Tasks\{7DB61E77-9FC9-4716-A8FA-050432AF4BEB} => Chrome.exe hxxp://ui.skype.com/ui/0/6.2.0.106/cs/abandoninstall?page=tsProgressBar
Task: {786A6031-B65B-44D5-A276-078C57ECB24C} - System32\Tasks\FileAssociationManagerUpdater => C:\Program Files (x86)\FileAssociationManager\Updater.exe
Task: {8F58AAFE-1C23-4140-9E3E-06AC64F2BA95} - System32\Tasks\Epson Printer Software Downloader => C:\Program Files (x86)\EPSON\EPAPDL\E_SAPDL2.EXE
Task: {961B73CD-9D9F-4966-8502-67BE8107DC21} - System32\Tasks\{26C516DB-6FC9-4779-A7E6-054106F45159} => pcalua.exe -a F:\SETUP.EXE -d F:\
Task: {9714E2DC-3EF2-49A1-BC5C-2E675E76A1AE} - System32\Tasks\ResearcherUpdater => C:\Program Files (x86)\Smart Compute\Researcher\Updater.exe
Task: {9D964378-EA8A-4659-BD3A-1B5BA0E771E7} - System32\Tasks\PC Optimizer Pro64 startups => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: {C4FB0E9A-FC85-4052-9C4F-301CE1FAD543} - System32\Tasks\Garena+ Plugin Host Service => C:\Program Files (x86)\Garena Plus\ggdllhost.exe [2016-02-22] ()
Task: {CC0D99DA-8B5A-49C4-AEC2-B679DBE0C4A4} - System32\Tasks\RegistryCleanerKit Maintenance => C:\Program Files (x86)\Uniblue\RegistryCleanerKit\registrycleanerkit.exe <==== ATTENTION
Task: {D27B626C-76FF-47FD-B41D-3A65DED474BF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)
Task: {E1EEECA7-6BEE-4F0E-8D46-3EE81406972A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {E4852078-0CDF-4DD7-A83E-0A6F87F29497} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2009-07-14] (Microsoft Corporation)
Task: {E80184AE-9F7D-499E-BAAE-9BDB8F4D9E4D} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Epson Printer Software Downloader.job => C:\Program Files (x86)\EPSON\EPAPDL\E_SAPDL2.EXE
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d13e7cf2fc0456.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d16275856e309a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1ab60265b93ff.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\Windows\Tasks\WinThruster_DEFAULT.job => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== ATTENTION
Task: C:\Windows\Tasks\WinThruster_UPDATES.job => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== ATTENTION
Task: C:\Windows\Tasks\WinZipDriverUpdater_UPDATES.job => C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Re: Dobrý den, potřeboval bych pomoc s virama a malware DĚKU

Napsal: 17 říj 2016 16:47
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Dobrý den, potřeboval bych pomoc s virama a malware DĚKU

Napsal: 17 říj 2016 17:43
od Merky
Bohužel nejde mi to. Píše mi to "sqlite3.dll is corrupted or has been replaced. " Muj nt je totálně v hajzlu s prominutím. Nejde mi spustit v ovladácích panechel v sýstému Upřesnit nastavení, ani ochrana nic. A nejde víc věci a piše mi to většinou "systém windows nedokaze najit polozku blablabla" A ještě aby toho nebylo málo, Změnili se mi písmena ve windowsu v různé znaky, kolečka čárky apod. Ale jak u čeho, když mi najiždí windows tak to tam je, zaleží asi u různé velikosti písma... No každopádně děkuju za reakci a připadnou odpoved. Děkuji

Re: Dobrý den, potřeboval bych pomoc s virama a malware DĚKU

Napsal: 17 říj 2016 20:18
od Rudy
Zkuste obnovu systému k datu, kdy korketně fungoval.

Re: Dobrý den, potřeboval bych pomoc s virama a malware DĚKU

Napsal: 17 říj 2016 20:27
od Merky
Obnovit mi to jde do včerejška, a ujištuju, že to bude stejné.

Re: Dobrý den, potřeboval bych pomoc s virama a malware DĚKU

Napsal: 18 říj 2016 10:29
od Merky
Nejde mi ani zapnout branu firewall ani vypnout, tudiž je ted jakoby vypnutá piše mi to naky kod chyby 0x8007042c, nejde mi spustit upřesnit nastavení v sýstemu, piše mi to windir/system32/wf.msc, dále mi nejde spustit ochrana systému, ani nastaveni vzdaleného přistupu, pismena mám změněné v různé znaky ve windowsu, i ten program kterej ste mi poslal at tu hodím z něho log mam v těch znacích, takže nemyslím si že by to nějaka obnova spravila, to bude asi nějakej hlubší problém... byl bych rád kdyby na to někdo kouknul děkuji moc :(

Re: Dobrý den, potřeboval bych pomoc s virama a malware DĚKU

Napsal: 18 říj 2016 17:54
od Merky
Prosím kdyby se na mě někdo kouknul :(

Re: Dobrý den, potřeboval bych pomoc s virama a malware DĚKU

Napsal: 18 říj 2016 18:00
od Rudy
Merky píše:Prosím kdyby se na mě někdo kouknul :(
Uklidněte se, jsme tu ve svém volném čase. Přes den se něčím živíme, nebo studujeme. Náši zaměstanavatelé by asi moc rádi nebyli, kdybychom se v pracovní době věnovali fóru. Možná máte poškozený systém. Zkuste startmenu>přík. řádek>(napsat) sfc/scannow a odentrujte. Systém provede sken a případnou opravu systémových souborů.

Re: Dobrý den, potřeboval bych pomoc s virama a malware DĚKU

Napsal: 18 říj 2016 18:50
od Merky
Omlouvám se, ale je to pro mě celkem důležité a vidím, že tu lidem dokážete pomoct tak trochu nalehám, ale v pohodě.;-) Jinak k tomu problemů udělal jsem co jste napsal a napsalo mi to.. Program ochrana prostředků systemu windows nenašel žadné narušení integrity.

Re: Dobrý den, potřeboval bych pomoc s virama a malware DĚKU

Napsal: 18 říj 2016 19:58
od Rudy
OK. Zkuste tedy spustit ADW v nouz. režimu.

My se vám pokusíme pomoci, nemůžeme tu ale být neustále. :)

Re: Dobrý den, potřeboval bych pomoc s virama a malware DĚKU

Napsal: 18 říj 2016 20:21
od Merky
Zkusil jsem, ale napsal to zase stejnou chybu...

Re: Dobrý den, potřeboval bych pomoc s virama a malware DĚKU

Napsal: 18 říj 2016 20:59
od Rudy
OK. Sjedu to ručně. Pokud to nepomůže, zkuste tento postup: http://www.dlltool.com/vsksoft/pck/Dec- ... ice/cs-cz/ . PC máte silně zaneřádění svinstvem z různých obskurních webů.

Otevřte poznámkový blok a zkopírujte do něj:
Start
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C0F05}) (Version: 12.15.5.985 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1001}) (Version: 12.16.1.1557 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1002}) (Version: 12.16.2.1954 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1101}) (Version: 12.17.1.2558 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1200}) (Version: 12.18.0.3121 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1300}) (Version: 12.19.0.3598 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1500}) (Version: 12.21.0.4083 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1D00}) (Version: 12.29.0.1624 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C2201}) (Version: 12.34.1.2242 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C2300}) (Version: 12.35.0.2480 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C2803}) (Version: 12.40.3.4133 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C2804}) (Version: 12.40.4.535 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C2806}) (Version: 12.40.6.1065 - APN, LLC) <==== ATTENTION
ATI Catalyst Install Manager (HKLM\...\{FEC0590D-D4DE-DB7C-C625-657FC30CF927}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
aTube Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.2.0 - Ask.com) <==== ATTENTION
Form Cooking (HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\{9563BC59-9556-4805-8CD4-886781779D8D}) (Version: 1.7.0 - Mart Component corp) <==== ATTENTION
iLivid (HKLM-x32\...\iLivid) (Version: 4.0.0.2410 - Bandoo Media Inc) <==== ATTENTION
King Ninja (HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\{BF5F536C-B250-CE5B-51C3-50C09E202992}) (Version: 1.3.3 - Total Style corp) <==== ATTENTION
YTD Video Downloader 4.7.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.1 - GreenTree Applications SRL) <==== ATTENTION
Task: {145DFE17-B39E-428C-BADC-A5DCBDF66635} - System32\Tasks\{B33386B6-27DA-43C2-BBE7-B641464236D1} => c:\users\aspireg\appdata\local\temp\cprogram files (x86)opera\opera.exe <==== ATTENTION
Task: {3231AE7C-9550-445D-9195-F94B561F2398} - System32\Tasks\{D262ED90-C497-4E32-B191-0617AE4E49A4} => c:\users\aspireg\appdata\local\temp\cprogram files (x86)opera\opera.exe <==== ATTENTION
Task: {32736384-F488-4AAE-904C-A0D927147604} - System32\Tasks\King Ninja2 => Rundll32.exe "C:\Users\AspireG\AppData\Local\King Ninja\{8429C2A0-6725-A22D-A371-6450FF46759C}\sdsafjty.dll",#1 <==== ATTENTION
Task: {37DF05B9-97A3-4AC0-B80A-682548C3B2AB} - System32\Tasks\RegistryCleanerKit Startup => C:\Program Files (x86)\Uniblue\RegistryCleanerKit\registrycleanerkit.exe <==== ATTENTION
Task: {632230B4-E51C-48B4-B457-23B2163E9AF5} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {65F45B2E-6EBF-4271-818C-209D20611A64} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION
Task: {961B73CD-9D9F-4966-8502-67BE8107DC21} - System32\Tasks\{26C516DB-6FC9-4779-A7E6-054106F45159} => pcalua.exe -a F:\SETUP.EXE -d F:\
Task: {9D964378-EA8A-4659-BD3A-1B5BA0E771E7} - System32\Tasks\PC Optimizer Pro64 startups => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: {CC0D99DA-8B5A-49C4-AEC2-B679DBE0C4A4} - System32\Tasks\RegistryCleanerKit Maintenance => C:\Program Files (x86)\Uniblue\RegistryCleanerKit\registrycleanerkit.exe <==== ATTENTION
Task: {E80184AE-9F7D-499E-BAAE-9BDB8F4D9E4D} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\Windows\Tasks\WinThruster_DEFAULT.job => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== ATTENTION
Task: C:\Windows\Tasks\WinThruster_UPDATES.job => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== ATTENTION
C:\Program Files (x86)\AskPartnerNetwork\Toolbar
C:\Program Files (x86)\McAfee Security Scan
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\MountPoints2: {03e12952-c3de-11df-a7ee-00262d8fe6e4} - F:\wubi.exe
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\MountPoints2: {5c2d4742-b21b-11e5-a7bc-00262d8fe6e4} - H:\LG_PC_Programs.exe
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\MountPoints2: {6f75db40-6081-11e4-b867-806e6f6e6963} - F:\setup.exe
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\MountPoints2: {6f75db41-6081-11e4-b867-806e6f6e6963} - G:\setup.exe
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\MountPoints2: {b3f73255-4bee-11e6-9bad-00262d8fe6e4} - F:\autorun.exe
ShellExecuteHooks-x32: - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-07-31]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.amaizingsearches.info/ ... Z&unqvl=51
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type= ... 80E3280&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&t ... E3280E3280
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&t ... E3280E3280
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type= ... 80E3280&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource= ... 7952583167
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&t ... E3280E3280
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
URLSearchHook: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ie ... 1634425&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type= ... 80E3280&q={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ie ... 1634425&q={searchTerms}
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si= ... id=2937&q={searchTerms}
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=1273&r=2014/04/01&hid=11780356437905707336&lg=EN&cc=CZ&unqvl=51
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = hxxp://search.qip.ru/search?query={searchTerms}&from=IE
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://asksearch.ask.com/redirect?clien ... apn_ptnrs=^AF8&apn_dtid=^YYYYYY^YY^CZ&apn_dbr=cr_15.0.874.102&itbv=11.1.0.182&doi=2012-09-29&q={searchTerms}&
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type= ... 80E3280&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {93DE1ECA-2B83-4711-90F6-DC57FC14E825} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2670199
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ie ... 1634425&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = hxxp://search.qip.ru/search?query={searchTerms}&from=IE
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search/web?q={searchTerms}
BHO: Ask Shopping Toolbar -> {4154552D-5341-5400-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU-SAT\Passport_x64.dll [2016-06-16] (APN LLC.)
BHO-x32: Ask Shopping Toolbar -> {4154552D-5341-5400-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU-SAT\Passport.dll [2016-06-16] (APN LLC.)
BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: QIPBHO Class -> {95289393-33EA-4F8D-B952-483415B9C955} -> C:\Users\AspireG\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2012-11-26] (qip.ru)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
BHO-x32: No Name -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKLM - Ask Shopping Toolbar - {4154552D-5341-5400-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU-SAT\Passport_x64.dll [2016-06-16] (APN LLC.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKLM-x32 - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKLM-x32 - Ask Shopping Toolbar - {4154552D-5341-5400-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU-SAT\Passport.dll [2016-06-16] (APN LLC.)
Toolbar: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> Ask Shopping Toolbar - {4154552D-5341-5400-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU-SAT\Passport_x64.dll [2016-06-16] (APN LLC.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&t ... E3280E3280
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\hf278yrv.default -> Ask.com
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\hf278yrv.default -> hxxp://websearch.amaizingsearches.info/ ... =51&l=1&q=
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\hf278yrv.default -> WebSearch
FF SearchEngineOrder.1,S: Mozilla\Firefox\Profiles\hf278yrv.default -> WebSearch
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\hf278yrv.default -> Ask.com
FF SelectedSearchEngine,S: Mozilla\Firefox\Profiles\hf278yrv.default -> WebSearch
FF Homepage: Mozilla\Firefox\Profiles\hf278yrv.default -> hxxp://websearch.amaizingsearches.info/ ... Z&unqvl=51
FF Extension: (QipCounter) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\QipCounter@qip.ru.xpi [2012-08-24] [not signed]
FF Extension: (aTube Toolbar) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\toolbar@ask.com [2012-08-23] [not signed]
FF Extension: (Torntv 3) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\trtv3@trtv.com.xpi [2013-06-30] [not signed]
FF Extension: (Address Bar Search) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\{4D6A6C8E-1EB2-46e1-8CAA-40DAFDE3ED93} [2014-10-31] [not signed]
FF Extension: (ICQ Toolbar) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2013-07-29] [not signed]
FF Extension: (Free Lunch Design TB ) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\{a5ae8924-4036-420f-b7f6-a47e4b8f692e} [2013-07-29] [not signed]
FF Extension: (No Name) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\{a5ae8924-4036-420f-b7f6-a47e4b8f692e}.oldbackup [2012-09-21] [not signed]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\ask-search.xml [2012-09-29]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\askcom.xml [2015-11-22]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\babylon.xml [2013-07-04]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\daemon-search.xml [2010-09-19]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-1.xml [2013-08-06]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-2.xml [2010-10-29]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-3.xml [2010-12-12]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-4.xml [2011-03-28]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-5.xml [2011-04-08]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-6.xml [2011-05-23]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-7.xml [2011-05-29]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-8.xml [2011-07-10]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-9.xml [2011-11-21]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin.xml [2010-10-19]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\ividi.xml [2013-08-30]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\qip-search.xml [2013-07-17]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\Search_Results.xml [2013-01-19]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\Web Search.xml [2012-12-27]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\WebSearch.xml [2014-04-01]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll [No File]
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&t ... E3280E3280
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=14147 ... E3280E3280"
CHR DefaultSearchURL: Default -> hxxp://www.mystartsearch.com/web/?type= ... 80E3280&q={searchTerms}
CHR DefaultSearchKeyword: Default -> mystartsearch
CHR Extension: (Slick Savings) - C:\Users\AspireG\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk [2015-07-25] [UpdateUrl: hxxp://www.mybrowserbar.com/update/wt/g ... update.xml] <==== ATTENTION
CHR Extension: (No Name) - C:\Users\AspireG\AppData\Local\Form Cooking\Component [2015-11-26]
CHR Extension: (King Ninja) - C:\Users\AspireG\AppData\Local\King Ninja\Component [2015-12-31]
CHR HKLM-x32\...\Chrome\Extension: [bicnnkjibmphdeigoodpjlcklcnaobdj] - C:\Program Files (x86)\TornTV.com\torntv10.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]
CHR HKLM-x32\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\AspireG\AppData\Local\Torch\Plugins\TorchPlugin.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lbidgdoiglndbjlcnnifemecdhnpeabo] - C:\Users\AspireG\AppData\Roaming\okitSpace\Chrome\OKitSpace.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx [2013-04-26]
CHR HKLM-x32\...\Chrome\Extension: [ocphobfcfafpclibolpjdafgaffkaoci] - C:\Users\AspireG\AppData\Local\GamePlayLabs Plugin\gplplugin.crx [2011-03-15]
S0 TPkd; no ImagePath
S3 vkdszuhd; no ImagePath
U3 aby21jxo; no ImagePath
R3 gkernel; \??\C:\Users\AspireG\AppData\Local\Temp\gkernel.sys [X]
C:\Users\AspireG\AppData\Local\Temp
Task: C:\Windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\Windows\Tasks\WinThruster_DEFAULT.job => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== ATTENTION
Task: C:\Windows\Tasks\WinThruster_UPDATES.job => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== ATTENTION
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:
Velikost slozky "C:\Users\AspireG\Desktop" je 26107 MB.
To je příliš mnoho a může to zpomalovat start systému. Vytvořte v C:\Users\AspireG nobvou složku a přesuňte doni všechna data (kromě zástupců). Na plochu si pak pro snazší přístup dejte zástupce té složky.

Re: Dobrý den, potřeboval bych pomoc s virama a malware DĚKU

Napsal: 18 říj 2016 21:13
od Merky
Fix result of Farbar Recovery Scan Tool (x64) Version: 16-10-2016
Ran by AspireG (18-10-2016 22:01:27) Run:2
Running from C:\Users\AspireG\Desktop
Loaded Profiles: AspireG (Available Profiles: AspireG & Guest)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C0F05}) (Version: 12.15.5.985 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1001}) (Version: 12.16.1.1557 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1002}) (Version: 12.16.2.1954 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1101}) (Version: 12.17.1.2558 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1200}) (Version: 12.18.0.3121 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1300}) (Version: 12.19.0.3598 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1500}) (Version: 12.21.0.4083 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1D00}) (Version: 12.29.0.1624 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C2201}) (Version: 12.34.1.2242 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C2300}) (Version: 12.35.0.2480 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C2803}) (Version: 12.40.3.4133 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C2804}) (Version: 12.40.4.535 - APN, LLC) <==== ATTENTION
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C2806}) (Version: 12.40.6.1065 - APN, LLC) <==== ATTENTION
ATI Catalyst Install Manager (HKLM\...\{FEC0590D-D4DE-DB7C-C625-657FC30CF927}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
aTube Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.2.0 - Ask.com) <==== ATTENTION
Form Cooking (HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\{9563BC59-9556-4805-8CD4-886781779D8D}) (Version: 1.7.0 - Mart Component corp) <==== ATTENTION
iLivid (HKLM-x32\...\iLivid) (Version: 4.0.0.2410 - Bandoo Media Inc) <==== ATTENTION
King Ninja (HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\{BF5F536C-B250-CE5B-51C3-50C09E202992}) (Version: 1.3.3 - Total Style corp) <==== ATTENTION
YTD Video Downloader 4.7.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.1 - GreenTree Applications SRL) <==== ATTENTION
Task: {145DFE17-B39E-428C-BADC-A5DCBDF66635} - System32\Tasks\{B33386B6-27DA-43C2-BBE7-B641464236D1} => c:\users\aspireg\appdata\local\temp\cprogram files (x86)opera\opera.exe <==== ATTENTION
Task: {3231AE7C-9550-445D-9195-F94B561F2398} - System32\Tasks\{D262ED90-C497-4E32-B191-0617AE4E49A4} => c:\users\aspireg\appdata\local\temp\cprogram files (x86)opera\opera.exe <==== ATTENTION
Task: {32736384-F488-4AAE-904C-A0D927147604} - System32\Tasks\King Ninja2 => Rundll32.exe "C:\Users\AspireG\AppData\Local\King Ninja\{8429C2A0-6725-A22D-A371-6450FF46759C}\sdsafjty.dll",#1 <==== ATTENTION
Task: {37DF05B9-97A3-4AC0-B80A-682548C3B2AB} - System32\Tasks\RegistryCleanerKit Startup => C:\Program Files (x86)\Uniblue\RegistryCleanerKit\registrycleanerkit.exe <==== ATTENTION
Task: {632230B4-E51C-48B4-B457-23B2163E9AF5} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {65F45B2E-6EBF-4271-818C-209D20611A64} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION
Task: {961B73CD-9D9F-4966-8502-67BE8107DC21} - System32\Tasks\{26C516DB-6FC9-4779-A7E6-054106F45159} => pcalua.exe -a F:\SETUP.EXE -d F:\
Task: {9D964378-EA8A-4659-BD3A-1B5BA0E771E7} - System32\Tasks\PC Optimizer Pro64 startups => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: {CC0D99DA-8B5A-49C4-AEC2-B679DBE0C4A4} - System32\Tasks\RegistryCleanerKit Maintenance => C:\Program Files (x86)\Uniblue\RegistryCleanerKit\registrycleanerkit.exe <==== ATTENTION
Task: {E80184AE-9F7D-499E-BAAE-9BDB8F4D9E4D} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\Windows\Tasks\WinThruster_DEFAULT.job => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== ATTENTION
Task: C:\Windows\Tasks\WinThruster_UPDATES.job => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== ATTENTION
C:\Program Files (x86)\AskPartnerNetwork\Toolbar
C:\Program Files (x86)\McAfee Security Scan
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\MountPoints2: {03e12952-c3de-11df-a7ee-00262d8fe6e4} - F:\wubi.exe
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\MountPoints2: {5c2d4742-b21b-11e5-a7bc-00262d8fe6e4} - H:\LG_PC_Programs.exe
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\MountPoints2: {6f75db40-6081-11e4-b867-806e6f6e6963} - F:\setup.exe
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\MountPoints2: {6f75db41-6081-11e4-b867-806e6f6e6963} - G:\setup.exe
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\MountPoints2: {b3f73255-4bee-11e6-9bad-00262d8fe6e4} - F:\autorun.exe
ShellExecuteHooks-x32: - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-07-31]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.amaizingsearches.info/ ... Z&unqvl=51
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type= ... 80E3280&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&t ... E3280E3280
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&t ... E3280E3280
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type= ... 80E3280&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource= ... 7952583167
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&t ... E3280E3280
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si= ... bs=true&q=
URLSearchHook: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ie ... 1634425&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type= ... 80E3280&q={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ie ... 1634425&q={searchTerms}
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si= ... id=2937&q={searchTerms}
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=1273&r=2014/04/01&hid=11780356437905707336&lg=EN&cc=CZ&unqvl=51
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = hxxp://search.qip.ru/search?query={searchTerms}&from=IE
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://asksearch.ask.com/redirect?clien ... apn_ptnrs=^AF8&apn_dtid=^YYYYYY^YY^CZ&apn_dbr=cr_15.0.874.102&itbv=11.1.0.182&doi=2012-09-29&q={searchTerms}&
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type= ... 80E3280&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {93DE1ECA-2B83-4711-90F6-DC57FC14E825} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2670199
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ie ... 1634425&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = hxxp://search.qip.ru/search?query={searchTerms}&from=IE
SearchScopes: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search/web?q={searchTerms}
BHO: Ask Shopping Toolbar -> {4154552D-5341-5400-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU-SAT\Passport_x64.dll [2016-06-16] (APN LLC.)
BHO-x32: Ask Shopping Toolbar -> {4154552D-5341-5400-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU-SAT\Passport.dll [2016-06-16] (APN LLC.)
BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: QIPBHO Class -> {95289393-33EA-4F8D-B952-483415B9C955} -> C:\Users\AspireG\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2012-11-26] (qip.ru)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
BHO-x32: No Name -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKLM - Ask Shopping Toolbar - {4154552D-5341-5400-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU-SAT\Passport_x64.dll [2016-06-16] (APN LLC.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKLM-x32 - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKLM-x32 - Ask Shopping Toolbar - {4154552D-5341-5400-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU-SAT\Passport.dll [2016-06-16] (APN LLC.)
Toolbar: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKU\S-1-5-21-4209140738-1266058932-301308101-1000 -> Ask Shopping Toolbar - {4154552D-5341-5400-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU-SAT\Passport_x64.dll [2016-06-16] (APN LLC.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&t ... E3280E3280
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\hf278yrv.default -> Ask.com
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\hf278yrv.default -> hxxp://websearch.amaizingsearches.info/ ... =51&l=1&q=
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\hf278yrv.default -> WebSearch
FF SearchEngineOrder.1,S: Mozilla\Firefox\Profiles\hf278yrv.default -> WebSearch
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\hf278yrv.default -> Ask.com
FF SelectedSearchEngine,S: Mozilla\Firefox\Profiles\hf278yrv.default -> WebSearch
FF Homepage: Mozilla\Firefox\Profiles\hf278yrv.default -> hxxp://websearch.amaizingsearches.info/ ... Z&unqvl=51
FF Extension: (QipCounter) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\QipCounter@qip.ru.xpi [2012-08-24] [not signed]
FF Extension: (aTube Toolbar) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\toolbar@ask.com [2012-08-23] [not signed]
FF Extension: (Torntv 3) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\trtv3@trtv.com.xpi [2013-06-30] [not signed]
FF Extension: (Address Bar Search) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\{4D6A6C8E-1EB2-46e1-8CAA-40DAFDE3ED93} [2014-10-31] [not signed]
FF Extension: (ICQ Toolbar) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2013-07-29] [not signed]
FF Extension: (Free Lunch Design TB ) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\{a5ae8924-4036-420f-b7f6-a47e4b8f692e} [2013-07-29] [not signed]
FF Extension: (No Name) - C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\{a5ae8924-4036-420f-b7f6-a47e4b8f692e}.oldbackup [2012-09-21] [not signed]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\ask-search.xml [2012-09-29]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\askcom.xml [2015-11-22]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\babylon.xml [2013-07-04]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\daemon-search.xml [2010-09-19]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-1.xml [2013-08-06]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-2.xml [2010-10-29]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-3.xml [2010-12-12]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-4.xml [2011-03-28]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-5.xml [2011-04-08]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-6.xml [2011-05-23]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-7.xml [2011-05-29]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-8.xml [2011-07-10]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-9.xml [2011-11-21]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin.xml [2010-10-19]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\ividi.xml [2013-08-30]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\qip-search.xml [2013-07-17]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\Search_Results.xml [2013-01-19]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\Web Search.xml [2012-12-27]
FF SearchPlugin: C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\WebSearch.xml [2014-04-01]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll [No File]
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&t ... E3280E3280
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=14147 ... E3280E3280"
CHR DefaultSearchURL: Default -> hxxp://www.mystartsearch.com/web/?type= ... 80E3280&q={searchTerms}
CHR DefaultSearchKeyword: Default -> mystartsearch
CHR Extension: (Slick Savings) - C:\Users\AspireG\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk [2015-07-25] [UpdateUrl: hxxp://www.mybrowserbar.com/update/wt/g ... update.xml] <==== ATTENTION
CHR Extension: (No Name) - C:\Users\AspireG\AppData\Local\Form Cooking\Component [2015-11-26]
CHR Extension: (King Ninja) - C:\Users\AspireG\AppData\Local\King Ninja\Component [2015-12-31]
CHR HKLM-x32\...\Chrome\Extension: [bicnnkjibmphdeigoodpjlcklcnaobdj] - C:\Program Files (x86)\TornTV.com\torntv10.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]
CHR HKLM-x32\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\AspireG\AppData\Local\Torch\Plugins\TorchPlugin.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lbidgdoiglndbjlcnnifemecdhnpeabo] - C:\Users\AspireG\AppData\Roaming\okitSpace\Chrome\OKitSpace.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx [2013-04-26]
CHR HKLM-x32\...\Chrome\Extension: [ocphobfcfafpclibolpjdafgaffkaoci] - C:\Users\AspireG\AppData\Local\GamePlayLabs Plugin\gplplugin.crx [2011-03-15]
S0 TPkd; no ImagePath
S3 vkdszuhd; no ImagePath
U3 aby21jxo; no ImagePath
R3 gkernel; \??\C:\Users\AspireG\AppData\Local\Temp\gkernel.sys [X]
C:\Users\AspireG\AppData\Local\Temp
Task: C:\Windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\Windows\Tasks\WinThruster_DEFAULT.job => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== ATTENTION
Task: C:\Windows\Tasks\WinThruster_UPDATES.job => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== ATTENTION
End
*****************

Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C0F05}) (Version: 12.15.5.985 - APN, LLC) <==== ATTENTION => Error: No automatic fix found for this entry.
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1001}) (Version: 12.16.1.1557 - APN, LLC) <==== ATTENTION => Error: No automatic fix found for this entry.
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1002}) (Version: 12.16.2.1954 - APN, LLC) <==== ATTENTION => Error: No automatic fix found for this entry.
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1101}) (Version: 12.17.1.2558 - APN, LLC) <==== ATTENTION => Error: No automatic fix found for this entry.
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1200}) (Version: 12.18.0.3121 - APN, LLC) <==== ATTENTION => Error: No automatic fix found for this entry.
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1300}) (Version: 12.19.0.3598 - APN, LLC) <==== ATTENTION => Error: No automatic fix found for this entry.
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1500}) (Version: 12.21.0.4083 - APN, LLC) <==== ATTENTION => Error: No automatic fix found for this entry.
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C1D00}) (Version: 12.29.0.1624 - APN, LLC) <==== ATTENTION => Error: No automatic fix found for this entry.
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C2201}) (Version: 12.34.1.2242 - APN, LLC) <==== ATTENTION => Error: No automatic fix found for this entry.
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C2300}) (Version: 12.35.0.2480 - APN, LLC) <==== ATTENTION => Error: No automatic fix found for this entry.
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C2803}) (Version: 12.40.3.4133 - APN, LLC) <==== ATTENTION => Error: No automatic fix found for this entry.
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C2804}) (Version: 12.40.4.535 - APN, LLC) <==== ATTENTION => Error: No automatic fix found for this entry.
Ask Shopping Toolbar (HKLM-x32\...\{4154552D-5341-5400-76A7-A758B70C2806}) (Version: 12.40.6.1065 - APN, LLC) <==== ATTENTION => Error: No automatic fix found for this entry.
ATI Catalyst Install Manager (HKLM\...\{FEC0590D-D4DE-DB7C-C625-657FC30CF927}) (Version: 3.0.754.0 - ATI Technologies, Inc.) => Error: No automatic fix found for this entry.
aTube Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.2.0 - Ask.com) <==== ATTENTION => Error: No automatic fix found for this entry.
Form Cooking (HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\{9563BC59-9556-4805-8CD4-886781779D8D}) (Version: 1.7.0 - Mart Component corp) <==== ATTENTION => Error: No automatic fix found for this entry.
iLivid (HKLM-x32\...\iLivid) (Version: 4.0.0.2410 - Bandoo Media Inc) <==== ATTENTION => Error: No automatic fix found for this entry.
King Ninja (HKU\S-1-5-21-4209140738-1266058932-301308101-1000\...\{BF5F536C-B250-CE5B-51C3-50C09E202992}) (Version: 1.3.3 - Total Style corp) <==== ATTENTION => Error: No automatic fix found for this entry.
YTD Video Downloader 4.7.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.1 - GreenTree Applications SRL) <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{145DFE17-B39E-428C-BADC-A5DCBDF66635}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{145DFE17-B39E-428C-BADC-A5DCBDF66635}" => key removed successfully
C:\Windows\System32\Tasks\{B33386B6-27DA-43C2-BBE7-B641464236D1} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B33386B6-27DA-43C2-BBE7-B641464236D1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3231AE7C-9550-445D-9195-F94B561F2398}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3231AE7C-9550-445D-9195-F94B561F2398}" => key removed successfully
C:\Windows\System32\Tasks\{D262ED90-C497-4E32-B191-0617AE4E49A4} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D262ED90-C497-4E32-B191-0617AE4E49A4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{32736384-F488-4AAE-904C-A0D927147604}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32736384-F488-4AAE-904C-A0D927147604}" => key removed successfully
C:\Windows\System32\Tasks\King Ninja2 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\King Ninja2" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{37DF05B9-97A3-4AC0-B80A-682548C3B2AB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37DF05B9-97A3-4AC0-B80A-682548C3B2AB}" => key removed successfully
C:\Windows\System32\Tasks\RegistryCleanerKit Startup => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegistryCleanerKit Startup" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{632230B4-E51C-48B4-B457-23B2163E9AF5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{632230B4-E51C-48B4-B457-23B2163E9AF5}" => key removed successfully
C:\Windows\System32\Tasks\Go for FilesUpdate => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Go for FilesUpdate" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65F45B2E-6EBF-4271-818C-209D20611A64}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65F45B2E-6EBF-4271-818C-209D20611A64}" => key removed successfully
C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{961B73CD-9D9F-4966-8502-67BE8107DC21}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{961B73CD-9D9F-4966-8502-67BE8107DC21}" => key removed successfully
C:\Windows\System32\Tasks\{26C516DB-6FC9-4779-A7E6-054106F45159} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{26C516DB-6FC9-4779-A7E6-054106F45159}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9D964378-EA8A-4659-BD3A-1B5BA0E771E7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D964378-EA8A-4659-BD3A-1B5BA0E771E7}" => key removed successfully
C:\Windows\System32\Tasks\PC Optimizer Pro64 startups => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Optimizer Pro64 startups" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC0D99DA-8B5A-49C4-AEC2-B679DBE0C4A4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC0D99DA-8B5A-49C4-AEC2-B679DBE0C4A4}" => key removed successfully
C:\Windows\System32\Tasks\RegistryCleanerKit Maintenance => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegistryCleanerKit Maintenance" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E80184AE-9F7D-499E-BAAE-9BDB8F4D9E4D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E80184AE-9F7D-499E-BAAE-9BDB8F4D9E4D}" => key removed successfully
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA" => key removed successfully
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\PC Optimizer Pro64 startups.job => moved successfully
C:\Windows\Tasks\WinThruster_DEFAULT.job => moved successfully
C:\Windows\Tasks\WinThruster_UPDATES.job => moved successfully

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar" folder move:

Could not move "C:\Program Files (x86)\AskPartnerNetwork\Toolbar" => Scheduled to move on reboot.


"C:\Program Files (x86)\McAfee Security Scan" folder move:

Could not move "C:\Program Files (x86)\McAfee Security Scan" => Scheduled to move on reboot.

"HKU\S-1-5-21-4209140738-1266058932-301308101-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{03e12952-c3de-11df-a7ee-00262d8fe6e4}" => key removed successfully
HKCR\CLSID\{03e12952-c3de-11df-a7ee-00262d8fe6e4} => key not found.
"HKU\S-1-5-21-4209140738-1266058932-301308101-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c2d4742-b21b-11e5-a7bc-00262d8fe6e4}" => key removed successfully
HKCR\CLSID\{5c2d4742-b21b-11e5-a7bc-00262d8fe6e4} => key not found.
"HKU\S-1-5-21-4209140738-1266058932-301308101-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f75db40-6081-11e4-b867-806e6f6e6963}" => key removed successfully
HKCR\CLSID\{6f75db40-6081-11e4-b867-806e6f6e6963} => key not found.
"HKU\S-1-5-21-4209140738-1266058932-301308101-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f75db41-6081-11e4-b867-806e6f6e6963}" => key removed successfully
HKCR\CLSID\{6f75db41-6081-11e4-b867-806e6f6e6963} => key not found.
"HKU\S-1-5-21-4209140738-1266058932-301308101-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b3f73255-4bee-11e6-9bad-00262d8fe6e4}" => key removed successfully
HKCR\CLSID\{b3f73255-4bee-11e6-9bad-00262d8fe6e4} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => value removed successfully
HKCR\Wow6432Node\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub)" => key removed successfully
HKCR\Wow6432Node\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub)" => key removed successfully
HKCR\Wow6432Node\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" => key removed successfully
HKCR\Wow6432Node\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder)" => key removed successfully
HKCR\Wow6432Node\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark)" => key removed successfully
HKCR\Wow6432Node\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => key not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => moved successfully
C:\Program Files (x86)\McAfee Security Scan\3.11.266\SSScheduler.exe => moved successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} => value removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" => key removed successfully
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" => key removed successfully
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => key removed successfully
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}" => key removed successfully
HKCR\Wow6432Node\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => key not found.
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-4209140738-1266058932-301308101-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}" => key removed successfully
HKCR\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => key not found.
"HKU\S-1-5-21-4209140738-1266058932-301308101-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKU\S-1-5-21-4209140738-1266058932-301308101-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{93DE1ECA-2B83-4711-90F6-DC57FC14E825}" => key removed successfully
HKCR\CLSID\{93DE1ECA-2B83-4711-90F6-DC57FC14E825} => key not found.
"HKU\S-1-5-21-4209140738-1266058932-301308101-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" => key removed successfully
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => key not found.
"HKU\S-1-5-21-4209140738-1266058932-301308101-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}" => key removed successfully
HKCR\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} => key not found.
"HKU\S-1-5-21-4209140738-1266058932-301308101-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}" => key removed successfully
HKCR\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4154552D-5341-5400-76A7-7A786E7484D7}" => key removed successfully
"HKCR\CLSID\{4154552D-5341-5400-76A7-7A786E7484D7}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4154552D-5341-5400-76A7-7A786E7484D7}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{4154552D-5341-5400-76A7-7A786E7484D7}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" => key removed successfully
HKCR\Wow6432Node\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => key removed successfully
HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} => key not found.
HKCR\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully
HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} => value removed successfully
HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{4154552D-5341-5400-76A7-7A786E7484D7} => value removed successfully
HKCR\CLSID\{4154552D-5341-5400-76A7-7A786E7484D7} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} => value removed successfully
HKCR\Wow6432Node\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} => value removed successfully
HKCR\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{4154552D-5341-5400-76A7-7A786E7484D7} => value removed successfully
HKCR\Wow6432Node\CLSID\{4154552D-5341-5400-76A7-7A786E7484D7} => key not found.
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => value removed successfully
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => key not found.
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} => value removed successfully
HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => key not found.
HKU\S-1-5-21-4209140738-1266058932-301308101-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4154552D-5341-5400-76A7-7A786E7484D7} => value removed successfully
HKCR\CLSID\{4154552D-5341-5400-76A7-7A786E7484D7} => key not found.
"HKCR\PROTOCOLS\Handler\grooveLocalGWS" => key removed successfully
HKCR\CLSID\{88FED34C-F0CA-4636-A375-3CB6248B04CD} => key not found.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => value restored successfully
Firefox DefaultSearchEngine removed successfully
Firefox DefaultSearchUrl removed successfully
Firefox SearchEngineOrder.1 removed successfully
Firefox SearchEngineOrder.1,S removed successfully
Firefox SelectedSearchEngine removed successfully
Firefox SelectedSearchEngine,S removed successfully
Firefox "homepage" removed successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\QipCounter@qip.ru.xpi => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\toolbar@ask.com => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\trtv3@trtv.com.xpi => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\{4D6A6C8E-1EB2-46e1-8CAA-40DAFDE3ED93} => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07} => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\{a5ae8924-4036-420f-b7f6-a47e4b8f692e} => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\Extensions\{a5ae8924-4036-420f-b7f6-a47e4b8f692e}.oldbackup => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\ask-search.xml => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\askcom.xml => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\babylon.xml => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\daemon-search.xml => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-1.xml => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-2.xml => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-3.xml => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-4.xml => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-5.xml => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-6.xml => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-7.xml => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-8.xml => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin-9.xml => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\icqplugin.xml => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\ividi.xml => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\qip-search.xml => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\Search_Results.xml => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\Web Search.xml => moved successfully
C:\Users\AspireG\AppData\Roaming\Mozilla\Firefox\Profiles\hf278yrv.default\searchplugins\WebSearch.xml => moved successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@nitropdf.com/NitroPDF" => key removed successfully
Chrome HomePage => removed successfully
Chrome StartupUrls => removed successfully
Chrome DefaultSearchURL => removed successfully
Chrome DefaultSearchKeyword => removed successfully
C:\Users\AspireG\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk <==== ATTENTION => not found
C:\Users\AspireG\AppData\Local\Form Cooking\Component => moved successfully
C:\Users\AspireG\AppData\Local\King Ninja\Component => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj" => key removed successfully
C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lbidgdoiglndbjlcnnifemecdhnpeabo" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk" => key removed successfully
C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci" => key removed successfully
C:\Users\AspireG\AppData\Local\GamePlayLabs Plugin\gplplugin.crx => moved successfully
TPkd => service removed successfully
vkdszuhd => service removed successfully
aby21jxo => service not found.
gkernel => Unable to stop service.
gkernel => service removed successfully

"C:\Users\AspireG\AppData\Local\Temp" folder move:

Could not move "C:\Users\AspireG\AppData\Local\Temp" => Scheduled to move on reboot.

C:\Windows\Tasks\PC Optimizer Pro64 startups.job => not found.
C:\Windows\Tasks\WinThruster_DEFAULT.job => not found.
C:\Windows\Tasks\WinThruster_UPDATES.job => not found.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 18-10-2016 22:06:54)

C:\Program Files (x86)\AskPartnerNetwork\Toolbar => Is moved successfully
C:\Program Files (x86)\McAfee Security Scan => moved successfully
C:\Users\AspireG\AppData\Local\Temp => moved successfully

==== End of Fixlog 22:06:56 ====

Re: Dobrý den, potřeboval bych pomoc s virama a malware DĚKU

Napsal: 18 říj 2016 21:25
od Merky
A s tím programem na to sqlite3.dll, jak už jsem psál výše mám problém s těmi písmeny a u některých programů mi to dělá že nevidím vůbec nic .. názvy atd prostě nevidím.. a u toho programu mi to zrovna dělá , takže nevím co mám dělat :(
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz