Logfile of random's system information tool 1.10 (written by random/random)
Run by Gagarin at 2015-02-14 17:41:06
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 25 GB (18%) free of 140 GB
Total RAM: 4007 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:41:30, on 14.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Users\Gagarin\Desktop\quietHDD.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
C:\Program Files\trend micro\Gagarin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=6826
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Increase performance and video formats for your HTML5 <video> - ##TOOLBAR_DISABLED_##{326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Funmoods Helper Object - ##TOOLBAR_DISABLED_##{75ebb0aa-4214-4cb4-90ec-e3e07ecd04f7} - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll
O2 - BHO: Google Toolbar Helper - ##TOOLBAR_DISABLED_##{aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Vizuální záložky - ##TOOLBAR_DISABLED_##{c93f72a2-2162-4bba-a07a-f13663c297a6} - C:\Program Files (x86)\Yandex\YandexBarIE\fastdial.dll
O2 - BHO: Kwyshell MidpX BHO - ##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e} - C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - ##TOOLBAR_DISABLED_##{2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Yandex.Bar - ##TOOLBAR_DISABLED_##{91397d20-1446-11d4-8af4-0040ca1127b6} - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll
O3 - Toolbar: Funmoods Toolbar - ##TOOLBAR_DISABLED_##{a4c272ec-ed9e-4ace-a6f2-9558c7f29ef3} - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll
O3 - Toolbar: Kwyshell MidpX - ##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e} - C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [DU Meter] C:\Program Files (x86)\DU Meter\DUMeter.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: quietHDD – zástupce.lnk = Gagarin\Desktop\quietHDD.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: Export do &Tahiti - C:\Program Files (x86)\LightComp eDoklady Skenováni\iehelper.html
O8 - Extra context menu item: Link to &MidpX - C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - (no file)
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - (no file)
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Bluetooth 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Reimage® - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Splashtop® Remote Service (SplashtopRemoteService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Splashtop Software Updater Service (SSUService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14869 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe" -switch-3be2f036c43042cdb03588591c9325c3
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\WLANExt.exe 26674800
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
\??\C:\Windows\system32\conhost.exe "59173208119078471742099143054-655075195-972978508-1362335848597520783501297123
"taskhost.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\DU Meter\DUMeterSvc.exe" /startedbyscm:E1F6D4BE-40E33354-DUMeterService
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
taskeng.exe {6BE4A3B6-DD63-4BC9-8AF3-65B1341CEEC6}
"C:\Program Files\P4G\BatteryLife.exe"
taskeng.exe {6F7E1E49-B5D5-4130-8CB2-A8B28C655E70}
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Users\Gagarin\Desktop\quietHDD.exe"
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\enterprise 1.1\4fa2116b-e112-49ed-9d9c-a5989d8ac246-6.exe" /rawdata=NqW5Ahhe8V2f1CSFJU6XeyNwP9Pl8+JZBMjSGHaza9DDSkmu0gum1xGjRfHVVaHTEhndFgxlyMpQ7uQfWnrIebc12dhPZRidP+WNdTZ4hNtwDCPPJwLKdYmDcq68nSQrsB/G7Q89Hpk/ldMvE1lOc6xHshadrBksUmfrinZ7ueVJBPxTje9o4adzAn5vJ9q7ScSwV6EWtYO+mur/mkOPGQ9fWpF7+7lzPzxH+loY1lal/HYfMSRHzsRW2cZSzp/byb+tGvhyom1G2UW3dtzQ9X5XtEcAkLfnIm+zWlRRkXvL/YFOxpXWUY73sMIu6Ol7/3+dQoiO5sgSMsywjTIj71iilRUMJjT5kk+AvLfqVR0Kp9piF/Qvr0WvTl6CIJ0jF0b6+HmOKd8UPD9os6kcfPcNwRLMMa4EcrdaRbWRVjmnVgEYylcsV3NsgHPHUOkgjPKcVLdHtS47whtzEqngZY6S6Iqa+oUxn0rgz4HbzgCf3NZ+5zCHnfw9oPK/qe88XgHBKTZWWJLpse3q3Npk5xzG7OgRF4K5wjosiYB1RYIk2KcTPC4Suv+4pC3NWiySKyG1V5RyyYxtnG9hhizw8vuc2pwVOClJXjS3jmClEk2bVay22aLjmNlDXmNTbQGjO7Bp0ZmtndomxyfNI0uFwa+dzJXvnJwFZ0KRYFEE32V3ZyWLwON6TcYMEUyUw6H9xo7wYKrHpYlnb+MOWurmYcK+XsYq2FJTlG4o3U/e48f8MjkQqmHcTPbhMM9dtT16Fd850P/yBm0wlNJNt7tbKVvn8bNn+jwWIOZM4nGi4LI3NApv/iWhnkLpLTcV5JzgeKD8QuntG79ge8JNoLye0I6/l+YsPXveq6oGM8ep40QD0lNyZUAb4yWl1LFArpeoHaRFTP4Y5k/J8bEKekAxiqb4P6PHqjdV1H1hIot2HP71upUipPyXB+ow/q3J4UMKQ+xY/ratuqMrahEjnaZkAR6bZJAhZgrlqzD9FeUQ2/zxQTCBpEreTN1JmET0l+tvo2C9UdEogcSCc6HHqzsRQIyHt8QAALNHx2lOQxicz9zmFJQFHB+qYstdm6kivLKMahhy9t9bYeZJWSe8nd1vBi0LFZQLibPxUhMTgtzCI/WK9dB3HaY08LWXA+pXgj3FQEts85JLdSwWncJuq3c8YjnrouqBlJDVs0PxtlBBLrywcyf9AzJF0I1Oot4rUWhHpFB/vNHn4WMqTJcYdzOoDuQ7FcFiHCWVMBoBhp1tgHNAmUGzQHrDJnog5iF0qXkPNQ9ikFW1TRG73KeR58BRtQsrAi0NDce35ei5EIOdYYBEh16kgeake1vcEmCmw9axZbJxrAlawx92nRGerTEf4DTznqq1t6GqckmSesHcV1wndFgxTT+Q/6FdSI5mp24vPREdrrLe8q3p2Ao5wQkgc/pmWfHbkeHkV0ovnHbyR0Qsi6a3yVmUI78G+DzIB5G6e3Ob1kQYdyStUVQqnKmjqHynUTQ32BkDEphYqgMl7ZC17Dkb3QnfH497EMQvvzgSX+3t+hKxz13dpjkUVir5A6dNL1iY56fPlZFGuF7o07YgBE9vtKjBmI2L49322YBM7yhp690G+NNLh+eSiwPnF+Ty1nMuQGJQQXcSwz6OqTCcv0i7mBeMZvUF9sLvO3AEGhdmOQUATrF3RVcCPQtlY8BlC1GRT01/4bGKCvE65JYKeQt4t+MQ+Lw24hBwlsrnmNg5VtuvP2GyWqs2fShoJ63Re7ol/GVvuQj32PMva+Nq8iVw55bRTBSCgwVcUdrS5zGjrVa57qUNHxxa45s0WB7bifxtqmDM86rdzBHLRLl/rZVMW9DxsgSnxGMahXZ6Zberbvm3GX2W1E0rP+gKyWWt0FPqO4L7CiLWJQ+MU5fwJSjxxmLsBbyzYn1HX65VcO7EmtEdT4e37xXGepND0CgOXNMOSAANgyuC8g3fKxn/NC395D6SD79OXeqUPAqwg67voxnhdWBPaIZdxsraEb+mkviKpJpogS0WqEU/Uagx+/7B26M+7Y1+zF2j1PpTb9ZDWRSLr5RzAxyRio+/Vetq03a6SRh7CSn0OI/SI6PT9PCbPtg1XxvRtVhomaY75r4IHFdJ81crWYv6lZLMwJiGRoiEp7vlhJ/auEe1HFDPvJDnTJ9xBVqGR3NpqkmwVVGWy+RQmM56n/AyF8557rempQ6R1chgXW2+f0cJpqVzkKHv76g1cAC/yDytil/XOGkQZoO0kKdu3JsbQQV7fwCA3LCqKFdgRhJi8ditvIaFkyerXf7j/hCaphdnIHFraWiLTjKPXJBWpRb/ZtWUOj+kTh9YE8iZZfc73f6J8ZXO0zKWOohiSfGX9dRmw9cSj5o/6CS7hvDJ6Ly0ywvEA7UJSFeAyLv0zx1Z3uJEMmurBbLvS7O3R4e1EVGw62RbPlwlVamiUxi/XpxdEbHWDMcItS9HSz9VxXa0jIfZJnYx/MCMQiWTp+2IcMzUJLS6wr+JzyNLXaTwNOMSRNGQlXSDnoK5XJBvCWNyainsF2+JGkdxCGaJRIzH7aj3tixV
ATKOSD.exe
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\enterprise 1.1\4fa2116b-e112-49ed-9d9c-a5989d8ac246-1-6.exe" /rawdata=SUm34WG6ycPRlKYnCt4dcH/FUpf8SeghqLdcNoO0mT8WVR1WI+0dCT0dyqbOqusvl7+qnRJBGFyjZHPfRlRk9WB/8mHnk87lNcctqeqm7vHGRl4ullBTyiasm93ZRx7fhSOg+07xDaNwSmB5Y+WtuiEFdM4pwVNjRCDE+PZEhYd/SpFcYDpt5u/fKVvulmGxpUFlotJN/F8xhqZY0ilGVVPTljzqn4qskQN3TGaiiaC0GB2shktEeBiyAdELqxNvuOX3vdse31It+ox4VTANnClJ+76lkXNFyTxZhoivShkVVSuMwMJVRDw6ZL/7FiP0KbwmpgEl1mq65IwHqVwaOVqRHE3tuGrBQPAHtg0aQfa65uMVH+o3JjxLw8oc4Q0R1zxtyvAQGOBdoGgh5fUYpwwc68VccUhsAbf0WFP7Oti+pgYDplrrV45mBq+RGkWUNctuR8sP2N2zL2d9s9h7khR+qPhzPqSHQkdBF6JxFxMPEc6aFx4TDpuIs+V80bzhAQyfcTTW5u6Bhl0skIeAwE1qBsb6Nv3w9nFyMXP8pVQcAfq36/+uh7Lhwl7b+JzY0POE0IEXIsSuS3ayVqU6NOtdiTxDSFtdxuRw3piLTnBJn4LUSsQrnxcVVTcL7bNE+CUWHHUtUPenHydHgQyGF0rPQXpA3hs1X22DLhqktJEFJT7yrxB0SdSH1pejqHqnJsyNxLGAov8KZ9ZHzc0etFh/ksExBka9urfMF7NRpORh5kkNsrJwzcw3nW1t7dwOgud6s8xwh7ktMef+bIspYXUcHSJVqDzKogA4r77BqAuHvJ/b/PUozPjaRkQY5uDLlTjP9cabhGWDNNBPwM57f4Ci2vTvcAsY3XPS/B+Ij1NnZFyKqvqycuvr3T+ztPXm2LrBJhfAVnZap2PoEpVItHstCgXmTQIULoems2V2f0DxzmmPnwYBb6MOUJf1dKeizxADTLIxigS5GYyKTsop2HMTzKwZH/afn3s9Jm77YD117Jd1hU+wJ3Q4iIW+OoSCoAPoZQAT/nMGbWYt0IckfXayWpdhAoZvX2e0pFsziRLAHNOn3IV9Jbb9Jgc8oSts+B5Bn+uMvDb0WP3qgI01lKOA+u7T87CEyRmtPwJtgSdi2V3tqAWYEwi2rBU/UvSdw05g2kyXop0qSaTxqfzZiSB2qAShEgRBqs/0UxqZPfulypXiHPaYwO3V+L+6xju1wJHbV8XbNO4K1vEwttIB1WSsRIUsluqqhX4ainzQb8KzZimQjJJj7Pm6CS7C9pVY5WsWoNhHsKbHBhPPbL1UgBN2LFBXnPnDNMeUEUcjij+K3UOMX/WuhGr+im20IF+SvOpYKWpaBvwf7DJwRWJY8w==
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe"
"C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 6f41e42a-635b-42fa-acc1-628bbc2db3c6 1
\??\C:\Windows\system32\conhost.exe "-114017015312712918375652014421084237594366174550262952001-12042146932036555158
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "263278603-455210596489808662-7024255089143074-16781112531873062995-1499043599
"C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe"
"C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\TurboBoost\TurboBoost.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Trend Micro\Titanium\TiMiniService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\alg.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"taskhost.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2940.1746db80.1607466960 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 2940 "\\.\pipe\gecko-crash-server-pipe.2940" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe" --proxy-stub-channel=Flash4052.60016220.7575 --host-broker-channel=Flash4052.60016220.31951 --host-pid=4052 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe" --channel=6652.003EF7D4.382680083 --proxy-stub-channel=Flash4052.60016220.7575 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll" --host-npapi-version=27 --type=renderer
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe15_ Global\UsGthrCtrlFltPipeMssGthrPipe15 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"C:\Users\Gagarin\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\4fa2116b-e112-49ed-9d9c-a5989d8ac246-1-6.job - C:\Program Files (x86)\enterprise 1.1\4fa2116b-e112-49ed-9d9c-a5989d8ac246-1-6.exe /rawdata=SUm34WG6ycPRlKYnCt4dcH/FUpf8SeghqLdcNoO0mT8WVR1WI+0dCT0dyqbOqusvl7+qnRJBGFyjZHPfRlRk9WB/8mHnk87lNcctqeqm7vHGRl4ullBTyiasm93ZRx7fhSOg+07xDaNwSmB5Y+WtuiEFdM4pwVNjRCDE+PZEhYd/SpFcYDpt5u/fKVvulmGxpUFlotJN/F8xhqZY0ilGVVPTljzqn4qskQN3TGaiiaC0GB2shktEeBiyAdELqxNvuOX3vdse31It+ox4VTANnClJ+76lkXNFyTxZhoivShkVVSuMwMJVRDw6ZL/7FiP0KbwmpgEl1mq65IwHqVwaOVqRHE3tuGrBQPAHtg0aQfa65uMVH+o3JjxLw8oc4Q0R1zxtyvAQGOBdoGgh5fUYpwwc68VccUhsAbf0WFP7Oti+pgYDplrrV45mBq+RGkWUNctuR8sP2N2zL2d9s9h7khR+qPhzPqSHQkdBF6JxFxMPEc6aFx4TDpuIs+V80bzhAQyfcTTW5u6Bhl0skIeAwE1qBsb6Nv3w9nFyMXP8pVQcAfq36/+uh7Lhwl7b+JzY0POE0IEXIsSuS3ayVqU6NOtdiTxDSFtdxuRw3piLTnBJn4LUSsQrnxcVVTcL7bNE+CUWHHUtUPenHydHgQyGF0rPQXpA3hs1X22DLhqktJEFJT7yrxB0SdSH1pejqHqnJsyNxLGAov8KZ9ZHzc0etFh/ksExBka9urfMF7NRpORh5kkNsrJwzcw3nW1t7dwOgud6s8xwh7ktMef+bIspYXUcHSJVqDzKogA4r77BqAuHvJ/b/PUozPjaRkQY5uDLlTjP9cabhGWDNNBPwM57f4Ci2vTvcAsY3XPS/B+Ij1NnZFyKqvqycuvr3T+ztPXm2LrBJhfAVnZap2PoEpVItHstCgXmTQIULoems2V2f0DxzmmPnwYBb6MOUJf1dKeizxADTLIxigS5GYyKTsop2HMTzKwZH/afn3s9Jm77YD117Jd1hU+wJ3Q4iIW+OoSCoAPoZQAT/nMGbWYt0IckfXayWpdhAoZvX2e0pFsziRLAHNOn3IV9Jbb9Jgc8oSts+B5Bn+uMvDb0WP3qgI01lKOA+u7T87CEyRmtPwJtgSdi2V3tqAWYEwi2rBU/UvSdw05g2kyXop0qSaTxqfzZiSB2qAShEgRBqs/0UxqZPfulypXiHPaYwO3V+L+6xju1wJHbV8XbNO4K1vEwttIB1WSsRIUsluqqhX4ainzQb8KzZimQjJJj7Pm6CS7C9pVY5WsWoNhHsKbHBhPPbL1UgBN2LFBXnPnDNMeUEUcjij+K3UOMX/WuhGr+im20IF+SvOpYKWpaBvwf7DJwRWJY8w==
C:\Windows\tasks\4fa2116b-e112-49ed-9d9c-a5989d8ac246-1-7.job - C:\Program Files (x86)\enterprise 1.1\4fa2116b-e112-49ed-9d9c-a5989d8ac246-1-7.exe /rawdata=JIFUWDVUP8T2DQ1/GVNjJgwDK9JavBSnDLW2SxDe+6gt8tXds+R0aBIGK5teup4X8vXA6xnz5ZAoSf2bYr5x+0bUl7V8gLN8gY0yH61gyE3dHpya8PZKuK0JVVH8rYsjf/qoRkMOu/5Hy7Kmi3xPc1CeWtFIAogcixlSKlaAir00Tm1Oxi0IVsNiC0v2AuwkZRRQKRdgyfPMvBrvGPR+oAbqu7+Rjm/z4hkoz/BjQ1D61HBKH70OqOUNoldE8heZ+sw2cJAknPlJEdhauuUzk88AwFRO1rb3/WpvcWuYCXyYXV+5I62QxyFh0SEhBQnRWOqXaZlKgIEPAecxZpErasHwW9JCZw3v23O61uBWF7QUIShWQwQEt+H7GBoSq9Nimxtc2G5wCZTCoXMRVVs62ktnffK3JRx3JnF9no6ILOQIEZZG03MDb8FIYML0dNjXyzTD+hzOSEXResEri2zW0BuXSmToYhWtQhPDTFCN2NU8A8nF2jk6kAebgfkJDnFSMR4Wze8Pitt2gLRWhT2Pmgn99xiRAGr+9UIQsqEZPmOlRpsM6tdalQnD96GUKnFAw/xKgDDEdL6GZhZhLvoJilWYcVvDDasBs7qVLRmElUWn9C7VnnY7KeykwnH1dp00XCs7j7/HRoM6d9XRyWkD0JAQuq4F70ictpdbcfkQkQ+5ZmHfDlsQWcQTvB9U297pZbCm1IL0jUrNHU3OCv9yLjSBNJdc1dKezAMVysRLi1Ik2xU3vyadMGgkO3o21WrN30DeahDuQA0oYAVg8Z1Qyc9JQfDehi4aERbrGe69vBKRycii9Yl1VAGKSLZSgcbxZ2N0tojnmJIGoWOeosB2kGAWvU8Aiv8GaUk+i3uIi1Vw7iErd1KMjQdS65ato7ihLlQch7fxtZdhx0g9NewQOBcVwO0CuaKrFPnNW4rGZIfl4B7E69fHz4c8st0PDZAH1T53eVusB9qFTqs2Qc3Y6URcfBnhf4WYPX6LxxWkt+xPQPbJdMUsaSPxD8ff339mPQxbcC1J4hAlnzi1bAs2kBbv0dRiZ814+JgAa3jUOv5RnpMqvpirQd5B7Sx09zVlpogeEueMFCBCqp5k/wkBoZ7BE6l2ga+PTSnB7uH0msUxmIw3QzXLM3rpdIsKaESqjDCofldRNoQvOLBh9pORddkdY0J4b3z7ajBybBd3lV95GUmIDFeMJqlYMZjUS4jpHumJ+RYwpHKW9B8xM8pACVSQdwnpzC8heoPwZr+BHxDnLXzhWIN9gahzM8n4SAvRYDJJQ4/rKV/6ghrIwiBguW43babhe3ohZb2joMY36hQYrpDoR8aGBVT3aCMyB0BYe5gojD13PSE6gRl6zhkq7g01frjEZKzKpwOX0iOndbfjedEJb3AfAeQqASnSzSxn6E6IHJOzLEjDKT2kJfJPUwJS0Pn80zLJrf9wXIyG1yZuAL9rjaBmXbmPj0kk8NYeyj6hesztGwN+exe6q/lEYNSqTNiGBmZa+1ixo9wDp6dpPjle+FutW2bZk8l2Y8fF
C:\Windows\tasks\4fa2116b-e112-49ed-9d9c-a5989d8ac246-10_user.job - C:\Program Files (x86)\enterprise 1.1\4fa2116b-e112-49ed-9d9c-a5989d8ac246-10.exe /rawdata=CcNe5YaOQydx0Y1GAz/umm1YiOHPgnhB4alvM5IOeRhwrYymwf3tXHhANefrLBay1qcrnl2g9npjj/c9CbMIL+t6PtmH6muA4gPLcQLXGMyOqNJKdBfKW0qKKgS4AVKuLRJbsIJgRx1VvlTHmXPA1PxzEJX2w5LdAobW32Tgfs1YAnJDqO0/9p4FVsCY2TsvP2702bIg7FAtqf6DXUS+fajsSA7wCVaY4Wo5oOMZBkTyhyTW4w7O3/07yqEljmGFSb5oz+e0znoFV8jy2v8F6a2tCID7w8go71/0MWVfAZBkyISxF7qqgGxoGfSa1WUVEqqIGr7oEM7NQi8B2+uJ6Brakl3/eFTJlwDrIijazas2XxSCa4QBQ/8gh7NaN1rX1FjVQcdUAjOlT5Z8KdKMEm6kibhNkDpLIQjfBP2A2DcD/VvuAeZ0BvXfJBfIoOWiRU5UZ7Ezj/9vsEq84ud//rxEAfX9muj3R0aHr6OcodC48UDuNFnK7f/33U3vALmJHUjPq6W6XgnfUiTgcgsjamVvd98cOA0KP0OvEyGrGWzscpEeIJEWbDVs44sS8tBw5Y5hh1iyyO1x+2pEs4SM9fWdmwfP5ZTdUmhdvEo0bxEpc2XMtRo0hmQWzuB2zMyOy32ezP132wLzoaJd2mMfHQtJIFXRc3WhVWIXPGNSphUxr3y1c+hTMXrtbyEXRwPsmMAznFQ8UE7jiZLxIDqKmmVWnfzfGtEH6/cylGqblYs/iDu6ZpZAJlySpG+FzSO3JHQTYWQ98bbQ7VA+7M0YfMCme/c8t1zciSzw7U+mSCR+mO2iP9pIboS9IB5ppCRsE8rX5GB48TYVBTiG2WIgqQ==
C:\Windows\tasks\4fa2116b-e112-49ed-9d9c-a5989d8ac246-4.job - C:\Program Files (x86)\enterprise 1.1\4fa2116b-e112-49ed-9d9c-a5989d8ac246-4.exe /rawdata=JonrnVWsu54rJVCSmFDM+Ypc9qINUWzpijGnUKP2a6DhJMriQER2VB1Gf37n7tU1BczsMS1uutFnfb6bTzL6D5dmabfjrOpMSGM/tNQivfnG5EsqtbSx7HjsGnk10tuRdYRO7AhjgJIu0f/+9aCxjR2deJwen5mFLHGvBq2ZWskeKuS+ekuWZccLv2WUakO5fOgmdhjIsKJYKy2h0hATqr2lOm3J2ggr0pbDc70y2aK+eeAj+e1uQvONYi58Tirw5O73rdNEJjW0lRqn+QUNhWtX4Gp2bbhD3B+gONEm3O7KjprYmgI3glKL0N3mk0JlfFVZ67NMstiGboTggBIevyRzVJCSkgY2jw61KrUAOK6p4KCPhMKICaqtQrfHjBv8Y9j9SWiPsF51Z0dqtSP61pJTC4aYG3PAkxVxrJ6aMT3XM6DJ9krHpSwDmWD679YbK/RrbDP8iP7v3e7qHgnoEBQslKvGeXP5vncQ5Ha/DtNXMKEE1su5/iiuaYTxw0xMdJFXaQkEt+23lcG1c/uw4fPT0qgxn5FQ3a96cZUHFTYsqZmMLoqvFMHw0/wsGpKL17AaLq5rDM3936MPZpIawelVidJC+HQDKXyLDYMTm2VjmmIgEL6ZIwT3Qh2CWaUoF5S+a4D5pGPcfiLPODdCnz8Bw40fzePk0YcAaF0mFAFDnyHbDp9TtKEBAeA057AuunB7xbuhvyExFEfbEPE6VkTlvotTYNcQmBCpWv6i5ZzAJbde6yclYtLYS7HAywrxjxGvK2HDTfZ1QIbISeBQudyfk5qrJuCCv6ROIki2pmJ1JRloJ6G/80wR/OwUMM8k2Vd6yC+d1CckRfAUSGch6TQ0tisAjFUPp2yADgJ8Qmj/V0DqBkp1ew6WsCrnjLPcGxpqnE16r8gZhABm71/NPhlTU+LEPYc3z4GbtiTIwFnFOc4OzpayK8iIjSedtDli5doOFu6wRGj72hM8zfjMCOemvrp/W5um9yQS7S+5TpHa+7pf3pgzTFn1iPqUaDGrsnN+Rt61Ob0Xz3836znODbXSEUUJTx6n1M+MYZF/00XpyfHJbuTYI6F9pNcnezvQEtnZjHXDOk5CcocEE3d3xHQ73mfSP8ebO1pdafBLGVbzgdWTlPNe7PooQ0uzQbPX+N3fvygePW33hRkV+gasyqI+ZrquRFFaQRdk58GNDpgHH5Zp7BChVYeCakl2X7EA7Vl1yxqhMz+ibwxyZwE88/TXc6TQNZYGUS/eB8CckCrh44yBw9fBgifS8eCNIqZ8fZ3qeJ4Ll8vv74f3DYInXUSFpRGdMc7no0KOtrE6LGZF+PSWPZcKJ8x2CfpHrSCwuuDuMD0CRkLEkEGWPJDnWAN0dnAphWYelcnEgbviA3M0+URf9UpuxEu0fdZlIn71P2ZKhRvuKzl1AuvFepz6D1gqod2nEbITuYq2UthAe+UkfWGDNX6ANP18wVlVJ1sYzTMjkraNVvBz97IhZEBBbuBq9Rk+RLEhwN/zFOjKbsjrNNiNZE7esxc9dLHj2C9ppmfur2l6FmUq7MAz9pjKvtu0rpgGjZQvnVhYO3jo+7i+Zy57PDe5mmKalt7EPJZmLW/M8s4j8NpHlpBNDWCTl5SMDA1V7fWxfUyZP+92VLue6zWtEhsusCDXUJ10c/CecRhJJ+xosciSx7LExTixGNmxx//4+wZa3KdvKnJ77bRWCECBm5pWwMkUzJ9T/AYAfk+jt0dsbiDYOLxUj1T6D98wRlN1ezH2ggRZ+6JZjOm28KpI81Qk1kwFXSnFjwvkLQINgVs0iLE6OI64gx7tkfN5J4u6zj7nLbR4OAFQMAxGL+ac3zvoHUX3H05PD9Hv7yn8tv+XAZj/hEMtPWsPiA==
C:\Windows\tasks\4fa2116b-e112-49ed-9d9c-a5989d8ac246-5.job - C:\Program Files (x86)\enterprise 1.1\4fa2116b-e112-49ed-9d9c-a5989d8ac246-5.exe /rawdata=wwSKThFJH8Hy7P3ipNWm0BeEyZdmBx6VsDPo8utfPf+KssqNgBFDNf9iAQS/t93cWF4OwjMEF1gIW9RkzH5ufjtSQlufxdaEyEfIxZE40jp2x7H2yrADHs0HWiE4tsudUH5MOihtbLnvzgxPblEIyo61TEqsuKJ7ewpvA3aKxKF+WAKpDsTys0uyShhM/ifIfRLCQpVH/7dBpYYO24UepD/yElzcvdqzRgYdHDil8K3873QvYVgpSYIUWt+5bcrCQf+YplSqlT50Qf59oBmct7yO+hNVU5sW2tuPkvVVVTFB05BvgwGMjBw4B8TdJjvbv3UdxHFpuAqNzGUhATvJOSzI9wSQWPbkMlrXseYPLed7r+Kz+b4lBC8e5goMuio/nXZBhFDQalTwJTbq57WojWcLuaP4BCg+o4YRfE9l6z/Me3xrwwGkqRiFlXcu+LJKKfUzcF7uKHW5908VY1fLcCHqxH/ItFTlEL91X5xs3L0Lik9om98fKEl6lbgpGQRkt/jZ2TemCPwZoKJ7ZVIiORLNzazb9jxR+76M1TwhG6SMxocXSeneFX9JQ+wE+XRQE9yBDEAtmlTXD5RKKdzehFtgZvQ+CqQlSuwuh9IJYBmRBrmzkanwv7Fcc3+XgLBTRA25wEH5N1fX6U/MnRZx377Z+CkV1d4LFtMF567lgc0yG9uaxRcPC3K7hXV6UfbPGzEi1KBKniqdCEZIoKNYPsweyrDvcUKmIx6RtPoJxTRHmog1dUU/6EHb+CT8rHVTX6zPwIWKNitjJSOtJWqhxjbj0DDQvEdEB5/VXOKShlIDkx6BokmXw8YC5NDjaJfoeTOcUN8obzRKnerGLG4Gr4SkkiV/bCjtGQu39m1BhQoWF5mibmKuGl8Qf3lsG4UMBEVNOxa4Efwvn++vpM+l2oRBdVQomhB/1Jlw/wtT7b/kqOyv3yx5vBeJ2twNEl/rP8UHwGxhq/Iev+arAMOmCsG36KHQumlSpvUYuPVLMTen9qdF6Dqu2G398MzluG4m
C:\Windows\tasks\4fa2116b-e112-49ed-9d9c-a5989d8ac246-5_user.job - C:\Program Files (x86)\enterprise 1.1\4fa2116b-e112-49ed-9d9c-a5989d8ac246-5.exe /rawdata=wwSKThFJH8Hy7P3ipNWm0BeEyZdmBx6VsDPo8utfPf+KssqNgBFDNf9iAQS/t93cWF4OwjMEF1gIW9RkzH5ufjtSQlufxdaEyEfIxZE40jp2x7H2yrADHs0HWiE4tsudUH5MOihtbLnvzgxPblEIyo61TEqsuKJ7ewpvA3aKxKF+WAKpDsTys0uyShhM/ifIfRLCQpVH/7dBpYYO24UepD/yElzcvdqzRgYdHDil8K3873QvYVgpSYIUWt+5bcrCQf+YplSqlT50Qf59oBmct7yO+hNVU5sW2tuPkvVVVTFB05BvgwGMjBw4B8TdJjvbv3UdxHFpuAqNzGUhATvJOSzI9wSQWPbkMlrXseYPLed7r+Kz+b4lBC8e5goMuio/nXZBhFDQalTwJTbq57WojWcLuaP4BCg+o4YRfE9l6z/Me3xrwwGkqRiFlXcu+LJKKfUzcF7uKHW5908VY1fLcCHqxH/ItFTlEL91X5xs3L0Lik9om98fKEl6lbgpGQRkt/jZ2TemCPwZoKJ7ZVIiORLNzazb9jxR+76M1TwhG6SMxocXSeneFX9JQ+wE+XRQE9yBDEAtmlTXD5RKKdzehFtgZvQ+CqQlSuwuh9IJYBmRBrmzkanwv7Fcc3+XgLBTRA25wEH5N1fX6U/MnRZx377Z+CkV1d4LFtMF567lgc0yG9uaxRcPC3K7hXV6UfbPGzEi1KBKniqdCEZIoKNYPsweyrDvcUKmIx6RtPoJxTRHmog1dUU/6EHb+CT8rHVTX6zPwIWKNitjJSOtJWqhxjbj0DDQvEdEB5/VXOKShlIDkx6BokmXw8YC5NDjaJfoeTOcUN8obzRKnerGLG4Gr2etycgh8ae7qrYv9Tft2XOPfoRg0u8YHanEmvPHgHORQMhQAM3sv+UFDAS5zZxT2QOdq1oJ8FkJM7hn1/ruHRl/BpCcasbzp+X9RvrI+hwIlKjcZ/kis1Jl9ubhRgfNyuFDKWjGXcN7RB05VBOZhOKvtiyJjCMUpenqOMGI/vJC
C:\Windows\tasks\4fa2116b-e112-49ed-9d9c-a5989d8ac246-6.job - C:\Program Files (x86)\enterprise 1.1\4fa2116b-e112-49ed-9d9c-a5989d8ac246-6.exe /rawdata=NqW5Ahhe8V2f1CSFJU6XeyNwP9Pl8+JZBMjSGHaza9DDSkmu0gum1xGjRfHVVaHTEhndFgxlyMpQ7uQfWnrIebc12dhPZRidP+WNdTZ4hNtwDCPPJwLKdYmDcq68nSQrsB/G7Q89Hpk/ldMvE1lOc6xHshadrBksUmfrinZ7ueVJBPxTje9o4adzAn5vJ9q7ScSwV6EWtYO+mur/mkOPGQ9fWpF7+7lzPzxH+loY1lal/HYfMSRHzsRW2cZSzp/byb+tGvhyom1G2UW3dtzQ9X5XtEcAkLfnIm+zWlRRkXvL/YFOxpXWUY73sMIu6Ol7/3+dQoiO5sgSMsywjTIj71iilRUMJjT5kk+AvLfqVR0Kp9piF/Qvr0WvTl6CIJ0jF0b6+HmOKd8UPD9os6kcfPcNwRLMMa4EcrdaRbWRVjmnVgEYylcsV3NsgHPHUOkgjPKcVLdHtS47whtzEqngZY6S6Iqa+oUxn0rgz4HbzgCf3NZ+5zCHnfw9oPK/qe88XgHBKTZWWJLpse3q3Npk5xzG7OgRF4K5wjosiYB1RYIk2KcTPC4Suv+4pC3NWiySKyG1V5RyyYxtnG9hhizw8vuc2pwVOClJXjS3jmClEk2bVay22aLjmNlDXmNTbQGjO7Bp0ZmtndomxyfNI0uFwa+dzJXvnJwFZ0KRYFEE32V3ZyWLwON6TcYMEUyUw6H9xo7wYKrHpYlnb+MOWurmYcK+XsYq2FJTlG4o3U/e48f8MjkQqmHcTPbhMM9dtT16Fd850P/yBm0wlNJNt7tbKVvn8bNn+jwWIOZM4nGi4LI3NApv/iWhnkLpLTcV5JzgeKD8QuntG79ge8JNoLye0I6/l+YsPXveq6oGM8ep40QD0lNyZUAb4yWl1LFArpeoHaRFTP4Y5k/J8bEKekAxiqb4P6PHqjdV1H1hIot2HP71upUipPyXB+ow/q3J4UMKQ+xY/ratuqMrahEjnaZkAR6bZJAhZgrlqzD9FeUQ2/zxQTCBpEreTN1JmET0l+tvo2C9UdEogcSCc6HHqzsRQIyHt8QAALNHx2lOQxicz9zmFJQFHB+qYstdm6kivLKMahhy9t9bYeZJWSe8nd1vBi0LFZQLibPxUhMTgtzCI/WK9dB3HaY08LWXA+pXgj3FQEts85JLdSwWncJuq3c8YjnrouqBlJDVs0PxtlBBLrywcyf9AzJF0I1Oot4rUWhHpFB/vNHn4WMqTJcYdzOoDuQ7FcFiHCWVMBoBhp1tgHNAmUGzQHrDJnog5iF0qXkPNQ9ikFW1TRG73KeR58BRtQsrAi0NDce35ei5EIOdYYBEh16kgeake1vcEmCmw9axZbJxrAlawx92nRGerTEf4DTznqq1t6GqckmSesHcV1wndFgxTT+Q/6FdSI5mp24vPREdrrLe8q3p2Ao5wQkgc/pmWfHbkeHkV0ovnHbyR0Qsi6a3yVmUI78G+DzIB5G6e3Ob1kQYdyStUVQqnKmjqHynUTQ32BkDEphYqgMl7ZC17Dkb3QnfH497EMQvvzgSX+3t+hKxz13dpjkUVir5A6dNL1iY56fPlZFGuF7o07YgBE9vtKjBmI2L49322YBM7yhp690G+NNLh+eSiwPnF+Ty1nMuQGJQQXcSwz6OqTCcv0i7mBeMZvUF9sLvO3AEGhdmOQUATrF3RVcCPQtlY8BlC1GRT01/4bGKCvE65JYKeQt4t+MQ+Lw24hBwlsrnmNg5VtuvP2GyWqs2fShoJ63Re7ol/GVvuQj32PMva+Nq8iVw55bRTBSCgwVcUdrS5zGjrVa57qUNHxxa45s0WB7bifxtqmDM86rdzBHLRLl/rZVMW9DxsgSnxGMahXZ6Zberbvm3GX2W1E0rP+gKyWWt0FPqO4L7CiLWJQ+MU5fwJSjxxmLsBbyzYn1HX65VcO7EmtEdT4e37xXGepND0CgOXNMOSAANgyuC8g3fKxn/NC395D6SD79OXeqUPAqwg67voxnhdWBPaIZdxsraEb+mkviKpJpogS0WqEU/Uagx+/7B26M+7Y1+zF2j1PpTb9ZDWRSLr5RzAxyRio+/Vetq03a6SRh7CSn0OI/SI6PT9PCbPtg1XxvRtVhomaY75r4IHFdJ81crWYv6lZLMwJiGRoiEp7vlhJ/auEe1HFDPvJDnTJ9xBVqGR3NpqkmwVVGWy+RQmM56n/AyF8557rempQ6R1chgXW2+f0cJpqVzkKHv76g1cAC/yDytil/XOGkQZoO0kKdu3JsbQQV7fwCA3LCqKFdgRhJi8ditvIaFkyerXf7j/hCaphdnIHFraWiLTjKPXJBWpRb/ZtWUOj+kTh9YE8iZZfc73f6J8ZXO0zKWOohiSfGX9dRmw9cSj5o/6CS7hvDJ6Ly0ywvEA7UJSFeAyLv0zx1Z3uJEMmurBbLvS7O3R4e1EVGw62RbPlwlVamiUxi/XpxdEbHWDMcItS9HSz9VxXa0jIfZJnYx/MCMQiWTp+2IcMzUJLS6wr+JzyNLXaTwNOMSRNGQlXSDnoK5XJBvCWNyainsF2+JGkdxCGaJRIzH7aj3tixV
C:\Windows\tasks\4fa2116b-e112-49ed-9d9c-a5989d8ac246-7.job - C:\Program Files (x86)\enterprise 1.1\4fa2116b-e112-49ed-9d9c-a5989d8ac246-7.exe /rawdata=ir0RiNFZYTye0QTCySPmNrjqv5442RgAnuj2iRAOIeoY2V8yuc4C72JrzthEarDwuKJvq6xdpAeeVYw7h6JUyZNcA3KnI1uvMibhRlAgq0+zBcYYXX4sr1jR24wGuQL2HyxYryNy6ini8qNSvXNXRs4mieeLyo9lxRHqCLPRiP1myF6sRTpmTNacJeNgxMUwVM+T+8IaFjmRfODjP1C8dUY3IR1kMnKjOee6TA1zztKQi2dvIPXMF/Bt+B7eItLL+Y4QiKxDMuWFvjA6mCY4NtL8NPhT0b9sQESCM5lIEPXPa+3G/7cYCtZFVDVx4ywMdEPg1UJksVpgQyxbsgcthG3kv0YxgmXXgbKhyvC7FtPTIhKLptnK7yyl2uzohiTAzdo7JcCdHsNqF8EtEt8iuqaILlNBt7PHs8Kjnany9IRrKgtvJTWhnXYnSVdc1ybfpT6B6LlVQgQjvD12iyguN1cw6uIyPAZIrjkB8x1ywXAYn75kf8X+cTER8TI5McbNuZd2K+sbYbWPehYzNYnPffB6dvOg+8wjFM+AUoDVqPrtHiOBVBhTC4ieBeEc04pCdrIzTJ5N6dqXV9W+SZFOQ+Rxae4bwYrzlXvGBqjVU9OoppT5Z2bAK0LevE02zYakvBDEY26QBT0YuYtd/ifTpig3FCqKw6cpNLgCyjO5VPwATsLGoukymjTYYRV/A1mFlFPD4yaf/s0lJR7gpRTlwmYRYW31cGaepyeqzUvA6shwKG+cqw7T3GBzEJ18p07jpvR/grASVeOg0h7n86WBDZvyd+Ji6vBqXRd9vLFDTEF7GN6SvR5EKksWJtANgZmyv/cSlBaKUsWxuHNxFhYiqDH94BuP2DZSYN0F3+NhnuCXaIF63SJCd7iajvF3Sdy3Q5UwOKF1lkmWdzc/zkGcElUihFP6cLNZcJ2t/cIzEwOQGXnHZPX2e0iLJ1shpJUlCPqEtAfsNI+q7UsuluyuL0OT4AL9KyHoRkzVK2U7UzFr8Bl3Bs6bfEcsjDQM2bR4qTC3q0GjntFFbX7tUf/l/0q0R7e0zWnC7AURy6f0eZdBoZoZkdoT31CRU8uZ5OtwtThfsiRqNkR7kJwWUK+zjZ+vdcsWnSck1xtibGrjjrH4MezYeK7CEcIlwz05cKoO+H7o3y4gcUorwMOMRNWLaw9C20Uh0UIgJfzzbEmnuWFKU13Mq9am+QDR13MVGEzVaztcam0kWY7fs5SznECYOUM6SxgoVqbdrBSu8RmMolavD5Mlxl8awCzGwRwJWyP1cO7nRY9WmjdglonS3vzdYF0HdEgS2ftXE2A5lCi6y1THfCBcqg0mQduGr5LraBjcAuyqe05wePR+R0FT8ui1MAtRquzjo/L1zBofwmAAa+8jgqSPfi376nh02yUZQyn0yS4L0gbc7ITttTjqzSWRfexI2AI0BW3906Rd9IWc8Ty3p707Wc1mZ+8UhSfyXVDUhu/geda+eLnva7kktS777YuDClV3TTb0Zj9wLjCYI9II0fH7Ed5sbrerjtciAM8zkuwgbmU5NFWLXBLrmFcMKSmRN5x7bZz+IghfTtcoMH70byDHvh52OsrR5hexGzvDJK4WVfyPYOXgW29RSmm7r+AxUiTo5DeXCmrO2Dd8s2BSZuQ8sn/iodWdz80ao2FJxj65/hXTk/Ny16XyQLvZLBfRUOY/9cvRRWDM3ZYFqWG/Ch38TQ5e2rhKajt1kRtyE1nLUf91LPd834n1LpQZH2k/tSRdwkIP3X/JKGvrJLaQgje9ih/K1HyH5NuDoZYob7926/YeWaARcILIMQTZsAafjyTg98X+OrDoAQz3cIvp/HAqhf+7axcJNgPL9K2E9MArx0Y++Uve6PPA1MH9/RnGTVt0+IOXwYMi95rKeOW/y2VTUzVZmcLX5L83NqR6Brp+N8Mo+W1ChzgsOset3mkHjDaqqqAkrBOGhBD8Lh3QqkIXsA7DDA2scG1r5eGiQPYE6xOv/nGLIop9O/xuReZ5dThChc/g3wkkuKu6assq6/r8QlyB4g24QdOfcSEYNfG/gZTOW14Gz37/ISn6RVPEHSzyP7jqWoOI0IL0XoZPEDQoSL2D2uOjbGs6xXZ1kJMa8TOUv7ZkhH54Jas8nolHmKNd8EBlOw2hvSHtGfDl+2wBAblKZggql93bbe4zKdRM5wtnlCSE8iHhUklsiasJ5XNoXoMKn81NkTfIq5pf02N0uVjbFX74JNmsLVi3fa13dusPNb/XL1tkeswbODtwqDlewOea5m8s1oDzy7PFKkWLD88qLEc3p3MPn5CWggpvI0O3s/BjMwvEMKTj1Z3WAGcW9zopaYYcO8ODDDErmzt5TcL3XGJI5cIIPE7nyGMoZkArlLqeJ1Syh5/nskbVi6NM6hqloWSrK7KXXZpkvN773kaq5UPKS8eeD4GkrXZGPRCtAFl4x11XhNoJ9eS4PGCg3sd6B6C9aqw1xUP+NE1FD/4bGRpQU3PIfpJ/NxvgIjGbAOXwAYGzzGguCepmK2egxcakdhwknnkUGAQmv3ruI0mH4vWMLbdmTDAL
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
prefs.js - "browser.startup.homepage" - "http://www.search.ask.com/?tpid=ORJ-SPE ... psv=&pt=tb"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.296 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.296 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\
e38c01fb-ffb2-4c7e-b4c7-1f47c844d855@gmail.com
ffxtlbr@funmoods.com
yasearch@yandex.ru
C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\
ask-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\##TOOLBAR_DISABLED_##{aa58ed58-01dd-4d91-8333-cf10577473f7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-28 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\##TOOLBAR_DISABLED_##{326e768d-4182-46fd-9c16-1449a49795f4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\##TOOLBAR_DISABLED_##{75ebb0aa-4214-4cb4-90ec-e3e07ecd04f7}]
Funmoods Helper Object - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll [2012-01-25 241888]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\##TOOLBAR_DISABLED_##{aa58ed58-01dd-4d91-8333-cf10577473f7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-28 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\##TOOLBAR_DISABLED_##{c93f72a2-2162-4bba-a07a-f13663c297a6}]
Vizuální záložky - C:\Program Files (x86)\Yandex\YandexBarIE\fastdial.dll [2011-10-13 2697528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e}]
Kwyshell MidpX - C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll [2004-12-03 100864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-26 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-08-16 3942048]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-26 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
##TOOLBAR_DISABLED_##{2318c2b1-4965-11d4-9b18-009027a5cd4f} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-28 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
##TOOLBAR_DISABLED_##{2318c2b1-4965-11d4-9b18-009027a5cd4f} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-28 194504]
##TOOLBAR_DISABLED_##{91397d20-1446-11d4-8af4-0040ca1127b6} - Yandex.Bar - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll [2011-10-20 12336440]
##TOOLBAR_DISABLED_##{a4c272ec-ed9e-4ace-a6f2-9558c7f29ef3} - Funmoods Toolbar - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll [2012-01-25 251856]
##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e} - Kwyshell MidpX - C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll [2004-12-03 100864]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-05-17 2226280]
"IntelPAN"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-05-02 1935120]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30 10372368]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-10-21 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-10-21 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-10-21 416024]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2015-01-30 1332296]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-12-13 2824504]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-12-13 2531472]
"TNOD UP"=C:\Program Files (x86)\TNod User & Password Finder\TNODUP.exe [2011-09-18 1892352]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
"AdobeBridge"= []
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2014-11-27 466144]
"DU Meter"=C:\Program Files (x86)\DU Meter\DUMeter.exe [2009-08-07 2647064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-12-01 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-05-17 11855976]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SonicMasterTray"=C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [2010-07-09 984400]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-23 1601536]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Family Tree Builder Update"=C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2013-12-09 2532864]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2015-01-20 3977576]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
C:\Users\Gagarin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
quietHDD – zástupce.lnk - C:\Users\Gagarin\Desktop\quietHDD.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-10-21 390144]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SplashtopRemoteService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-02-14 15:47:19 ----D---- C:\Windows\SYSWOW64\NV
2015-02-14 15:47:19 ----D---- C:\Windows\system32\NV
2015-02-14 15:46:03 ----D---- C:\Windows\LastGood
2015-02-14 15:45:01 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-02-14 15:45:01 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-02-14 15:45:01 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-02-14 15:45:01 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-02-14 15:45:01 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-02-14 15:45:01 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-02-14 15:45:01 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-02-14 15:45:01 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-02-14 15:45:01 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-02-14 15:45:01 ----A---- C:\Windows\system32\nvopencl.dll
2015-02-14 15:45:01 ----A---- C:\Windows\system32\nvoglv64.dll
2015-02-14 15:45:01 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-02-14 15:45:01 ----A---- C:\Windows\system32\NvIFR64.dll
2015-02-14 15:45:01 ----A---- C:\Windows\system32\NvFBC64.dll
2015-02-14 15:45:01 ----A---- C:\Windows\system32\nvdispgenco6434752.dll
2015-02-14 15:45:01 ----A---- C:\Windows\system32\nvdispco6434752.dll
2015-02-14 15:45:01 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-02-14 15:45:01 ----A---- C:\Windows\system32\nvcuvid.dll
2015-02-14 15:45:01 ----A---- C:\Windows\system32\nvcuda.dll
2015-02-14 15:45:01 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2015-02-14 15:45:01 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-02-14 15:45:00 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-02-14 15:45:00 ----A---- C:\Windows\system32\nvcompiler.dll
2015-02-13 12:42:28 ----D---- C:\Users\Gagarin\AppData\Roaming\Sierra
2015-02-12 15:20:40 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-12 15:20:39 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-12 15:20:39 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-12 15:20:39 ----A---- C:\Windows\system32\jscript9.dll
2015-02-11 15:42:20 ----A---- C:\Windows\system32\invagent.dll
2015-02-11 15:42:20 ----A---- C:\Windows\system32\generaltel.dll
2015-02-11 15:42:20 ----A---- C:\Windows\system32\devinv.dll
2015-02-11 15:42:20 ----A---- C:\Windows\system32\appraiser.dll
2015-02-11 15:42:20 ----A---- C:\Windows\system32\aitstatic.exe
2015-02-11 15:42:20 ----A---- C:\Windows\system32\aeinv.dll
2015-02-11 15:42:19 ----A---- C:\Windows\system32\aepdu.dll
2015-02-11 15:42:18 ----A---- C:\Windows\system32\aepic.dll
2015-02-11 15:42:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-11 15:42:09 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-11 15:42:09 ----A---- C:\Windows\system32\schannel.dll
2015-02-11 15:42:08 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-11 15:42:08 ----A---- C:\Windows\system32\kerberos.dll
2015-02-11 15:42:07 ----A---- C:\Windows\system32\wdigest.dll
2015-02-11 15:42:07 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-11 15:42:07 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-11 15:42:06 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-11 15:42:06 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-11 15:42:06 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-11 15:42:05 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-11 15:42:05 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-11 15:42:05 ----A---- C:\Windows\system32\credssp.dll
2015-02-11 15:41:32 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-11 15:41:32 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-11 15:41:31 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-11 15:41:31 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-11 15:41:31 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-11 15:41:31 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-11 15:41:31 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-11 15:41:30 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-11 15:41:30 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-11 15:41:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-11 15:41:30 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-11 15:41:30 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-11 15:41:30 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-11 15:41:30 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 15:41:30 ----A---- C:\Windows\system32\iernonce.dll
2015-02-11 15:41:29 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-11 15:41:29 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-11 15:41:28 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-11 15:41:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-11 15:41:28 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-11 15:41:28 ----A---- C:\Windows\system32\urlmon.dll
2015-02-11 15:41:28 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 15:41:28 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-11 15:41:27 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-11 15:41:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-11 15:41:27 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-11 15:41:27 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 15:41:27 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-11 15:41:27 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-11 15:41:26 ----A---- C:\Windows\system32\iesetup.dll
2015-02-11 15:41:26 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-11 15:41:25 ----A---- C:\Windows\system32\iertutil.dll
2015-02-11 15:41:24 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-11 15:41:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-11 15:41:24 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-11 15:41:24 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-11 15:41:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-11 15:41:23 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-11 15:41:22 ----A---- C:\Windows\system32\ieui.dll
2015-02-11 15:41:22 ----A---- C:\Windows\system32\ieframe.dll
2015-02-11 15:41:22 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-11 15:41:21 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-11 15:41:21 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-11 15:41:20 ----A---- C:\Windows\system32\wininet.dll
2015-02-11 15:41:20 ----A---- C:\Windows\system32\vbscript.dll
2015-02-11 15:41:19 ----A---- C:\Windows\system32\msrating.dll
2015-02-11 15:41:19 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-11 15:41:19 ----A---- C:\Windows\system32\mshtml.dll
2015-02-11 15:39:20 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-11 15:39:19 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-11 15:39:13 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-11 15:39:13 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-11 15:39:13 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-11 15:39:13 ----A---- C:\Windows\system32\sspicli.dll
2015-02-11 15:39:13 ----A---- C:\Windows\system32\lsass.exe
2015-02-11 15:39:13 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-11 15:39:13 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-11 15:39:13 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-11 15:39:13 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-11 15:39:13 ----A---- C:\Windows\system32\auditpol.exe
2015-02-11 15:39:13 ----A---- C:\Windows\system32\adtschema.dll
2015-02-11 15:39:12 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-11 15:39:12 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-11 15:39:12 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-11 15:39:12 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-11 15:39:12 ----A---- C:\Windows\system32\secur32.dll
2015-02-11 15:39:12 ----A---- C:\Windows\system32\msobjs.dll
2015-02-11 15:39:12 ----A---- C:\Windows\system32\msaudite.dll
2015-02-11 15:38:29 ----A---- C:\Windows\system32\cryptsvc.dll
2015-02-11 15:38:29 ----A---- C:\Windows\system32\crypt32.dll
2015-02-11 15:38:28 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-02-11 15:38:28 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-02-11 15:38:28 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-11 15:38:28 ----A---- C:\Windows\system32\wintrust.dll
2015-02-11 15:37:59 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-11 15:37:59 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-11 15:37:55 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-02-11 15:37:55 ----A---- C:\Windows\system32\mstscax.dll
2015-02-11 15:37:54 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2015-02-11 15:36:41 ----A---- C:\Windows\system32\scesrv.dll
2015-02-11 15:36:40 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-11 15:36:32 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-11 15:36:31 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-11 15:36:31 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-11 15:36:30 ----A---- C:\Windows\system32\srcore.dll
2015-02-11 15:36:30 ----A---- C:\Windows\system32\rstrui.exe
2015-02-11 15:36:29 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-11 15:36:29 ----A---- C:\Windows\system32\srclient.dll
2015-02-11 15:34:56 ----A---- C:\Windows\system32\win32k.sys
2015-02-09 20:24:05 ----D---- C:\Program Files (x86)\globalUpdate
2015-02-09 20:24:05 ----D---- C:\Program Files (x86)\2ac39b98-e3d8-4973-8fda-a2c34e11cefa
2015-02-09 20:23:58 ----D---- C:\Program Files (x86)\enterprise 1.1
2015-02-01 17:41:34 ----A---- C:\Windows\level.ini
2015-01-27 15:23:16 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-26 21:57:07 ----D---- C:\ProgramData\Splashtop
2015-01-26 21:56:44 ----D---- C:\Program Files (x86)\Splashtop
2015-01-25 19:04:42 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
======List of files/folders modified in the last 1 month======
2015-02-14 17:41:29 ----D---- C:\Program Files\Trend Micro
2015-02-14 17:30:19 ----D---- C:\Windows\inf
2015-02-14 17:30:18 ----D---- C:\Windows\Temp
2015-02-14 17:30:18 ----D---- C:\Windows\debug
2015-02-14 17:30:18 ----D---- C:\Windows
2015-02-14 15:52:30 ----D---- C:\Windows\System32
2015-02-14 15:47:21 ----D---- C:\Windows\Prefetch
2015-02-14 15:47:19 ----D---- C:\Windows\SysWOW64
2015-02-14 15:47:18 ----D---- C:\ProgramData\NVIDIA
2015-02-14 15:47:17 ----D---- C:\temp
2015-02-14 15:46:06 ----D---- C:\Windows\system32\drivers
2015-02-14 15:45:57 ----D---- C:\Windows\system32\DriverStore
2015-02-14 15:16:45 ----D---- C:\Users\Gagarin\AppData\Roaming\Skype
2015-02-14 10:59:59 ----D---- C:\Program Files (x86)\The KMPlayer
2015-02-14 10:37:56 ----D---- C:\Windows\system32\config
2015-02-14 10:22:57 ----D---- C:\Windows\system32\Tasks
2015-02-13 20:38:19 ----A---- C:\Windows\system32\acovcnt.exe
2015-02-13 15:22:32 ----SHD---- C:\System Volume Information
2015-02-13 14:51:40 ----D---- C:\Windows\rescache
2015-02-13 10:49:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-12 19:31:37 ----D---- C:\Windows\winsxs
2015-02-12 19:30:47 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-12 19:30:47 ----D---- C:\Windows\system32\en-US
2015-02-11 21:26:00 ----D---- C:\Windows\system32\catroot2
2015-02-11 21:15:37 ----SD---- C:\Windows\system32\CompatTel
2015-02-11 21:15:36 ----D---- C:\Windows\system32\appraiser
2015-02-11 21:15:35 ----D---- C:\Windows\system32\cs-CZ
2015-02-11 21:15:35 ----D---- C:\Program Files\Internet Explorer
2015-02-11 21:15:34 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-11 21:15:31 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-11 16:01:55 ----D---- C:\Windows\system32\catroot
2015-02-11 15:59:39 ----SHD---- C:\Windows\Installer
2015-02-11 15:59:39 ----HD---- C:\Config.Msi
2015-02-11 15:59:22 ----D---- C:\Program Files\Microsoft Security Client
2015-02-11 15:59:22 ----D---- C:\Program Files (x86)\Microsoft Security Client
2015-02-11 15:58:45 ----D---- C:\Windows\system32\MRT
2015-02-11 15:54:35 ----A---- C:\Windows\system32\MRT.exe
2015-02-10 22:58:27 ----D---- C:\Users\Gagarin\AppData\Roaming\vlc
2015-02-10 15:14:48 ----A---- C:\Windows\system32\ServiceFilter.ini
2015-02-09 20:25:05 ----D---- C:\Windows\Tasks
2015-02-09 20:24:21 ----D---- C:\Program Files (x86)\Advanced Disk Recovery
2015-02-09 20:24:05 ----RD---- C:\Program Files (x86)
2015-02-05 22:01:44 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-02-05 22:01:44 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-02-05 22:01:44 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-02-05 22:01:44 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-02-05 22:01:44 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-02-05 22:01:44 ----A---- C:\Windows\system32\nvinitx.dll
2015-02-05 22:01:44 ----A---- C:\Windows\system32\nvapi64.dll
2015-02-05 20:07:04 ----A---- C:\Windows\system32\nvcpl.dll
2015-02-05 20:07:03 ----A---- C:\Windows\system32\nvsvc64.dll
2015-02-05 20:07:00 ----A---- C:\Windows\system32\nvvsvc.exe
2015-02-05 20:07:00 ----A---- C:\Windows\system32\nvsvcr.dll
2015-02-05 20:07:00 ----A---- C:\Windows\system32\nvshext.dll
2015-02-05 20:06:59 ----A---- C:\Windows\system32\nvmctray.dll
2015-02-05 20:06:59 ----A---- C:\Windows\system32\nv3dappshextr.dll
2015-02-05 20:06:59 ----A---- C:\Windows\system32\nv3dappshext.dll
2015-01-29 15:20:38 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-28 14:57:44 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-26 21:57:07 ----HD---- C:\ProgramData
2015-01-21 20:34:33 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-11-15 274696]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-02-05 31376]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-05-25 17536]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-01 279616]
R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys [2010-09-18 105552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-12-15 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-12-15 43680]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-11-15 124560]
R2 tmactmon;tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [2010-09-18 90704]
R2 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [2010-09-18 144464]
R2 tmevtmgr;tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [2010-09-18 67664]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-04-16 13832]
R3 AMPPAL;Virtuální adaptér Intel(R) Centrino(R) Bluetooth 3.0 + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2011-04-21 294912]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-06-02 128488]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-06-02 401896]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 iBtFltCoex;iBtFltCoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-22 59904]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-10-21 12310112]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-05-17 2872680]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-12-13 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-01-13 413800]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 SABKUTIL;SABKUTIL; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys []
S3 AMPPALP;Protokol Intel(R) Centrino(R) Bluetooth 3.0 + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2011-04-21 294912]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 cpuz134;cpuz134; \??\C:\Users\Gagarin\AppData\Local\Temp\cpuz134\cpuz134_x64.sys []
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2010-08-03 290920]
S3 SABProcEnum;SABProcEnum; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-23 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-03-03 379520]
R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
R2 DUMeterSvc;DU Meter Service; C:\Program Files (x86)\DU Meter\DUMeterSvc.exe [2009-08-07 1387544]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-05-02 1517328]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-12-13 1148560]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2015-01-20 2485608]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2015-01-14 417552]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-01-30 23784]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-12-13 1701520]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-12-13 19823248]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-02-05 935056]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-01-13 76888]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-05-02 844560]
R2 ReimageRealTimeProtector;Reimage Real Time Protector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-01-14 7410024]
R2 SplashtopRemoteService;Splashtop® Remote Service; C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2015-01-09 695648]
R2 SSUService;Splashtop Software Updater Service; C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2013-10-09 609056]
R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-01-30 366512]
R3 TiMiniService;TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-09-18 241488]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-02-09 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-02-09 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-11 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-27 114800]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-01-25 407336]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-02 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu pomaly net,reklamy a zpomalený ntb
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
kulisek523
- Návštěvník
- Příspěvky: 37
- Registrován: 08 lis 2014 20:17
Re: Prosím o kontrolu pomaly net,reklamy a zpomalený ntb
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Po spusteni probehne stazeni databaze
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; resethosts; emptyclsid; IEdefaults; FFdefaults; CHRdefaults; emptyIEcache; emptyFFcache; emptyCHRcache; emptyalltemp; emptyflash; emptyjava; emptyrecycle.bin;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.-
kulisek523
- Návštěvník
- Příspěvky: 37
- Registrován: 08 lis 2014 20:17
Re: Prosím o kontrolu pomaly net,reklamy a zpomalený ntb
log adwcleaner
# AdwCleaner v4.110 - Logfile created 14/02/2015 at 19:25:26
# Updated 05/02/2015 by Xplode
# Database : 2015-02-05.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Gagarin - GAGARIN-PC
# Running from : C:\Users\Gagarin\Desktop\adwcleaner_4.110.exe
# Option : Cleaning
***** [ Services ] *****
[#] Service Deleted : APNMCP
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : ReimageRealTimeProtector
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\Reimage Protector
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\Funmoods
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\PANDORA.TV
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Program Files\Reimage
Folder Deleted : C:\Users\Gagarin\AppData\Local\apn
Folder Deleted : C:\Users\Gagarin\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\Gagarin\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Gagarin\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Gagarin\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\ffxtlbr@funmoods.com
Folder Deleted : C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\yasearch@yandex.ru
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
File Deleted : C:\Windows\Reimage.ini
File Deleted : C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\ask-search.xml
File Deleted : C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\user.js
***** [ Scheduled tasks ] *****
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : ReimageUpdater
Task Deleted : 4fa2116b-e112-49ed-9d9c-a5989d8ac246-1-6
Task Deleted : 4fa2116b-e112-49ed-9d9c-a5989d8ac246-1-7
Task Deleted : 4fa2116b-e112-49ed-9d9c-a5989d8ac246-10_user
Task Deleted : 4fa2116b-e112-49ed-9d9c-a5989d8ac246-4
Task Deleted : 4fa2116b-e112-49ed-9d9c-a5989d8ac246-5
Task Deleted : 4fa2116b-e112-49ed-9d9c-a5989d8ac246-5_user
Task Deleted : 4fa2116b-e112-49ed-9d9c-a5989d8ac246-6
Task Deleted : 4fa2116b-e112-49ed-9d9c-a5989d8ac246-7
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\f
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{91397D20-1446-11D4-8AF4-0040CA1127B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{91397D20-1446-11D4-8AF4-0040CA1127B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{91397D20-1446-11D4-8AF4-0040CA1127B6}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\Reimage
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Funmoods
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2AA44AF4-C116-4219-B800-4573E7E6D421}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Reimage
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17631
-\\ Mozilla Firefox v35.0.1 (x86 cs)
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.search.ask.com/?tpid=ORJ-SPE&o=APN1 ... =ff_34.0.5[...]
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.ae38c01fbffb24c7eb4c71f47c844d855gmailcom62170.62170.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22deal[...]
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "14b73da71dfe0975edec6e6ca7780ac0");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.aflt", "kno");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.dfltLng", "");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.excTlbr", false);
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.id", "b62a3eb9000000000000ac72896946b0");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.instlDay", "15367");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.instlRef", "");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.newTab", false);
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.prdct", "funmoods");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.tlbrId", "base");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=kno&q=");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.1613:38:17");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.xpiState", "{\"app-profile\":{\"e38c01fb-ffb2-4c7e-b4c7-1f47c844d855@gmail.com\":{\"d\":\"C:\\\\Users\\\\Gagarin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\nahd6h[...]
-\\ Google Chrome v
-\\ Chromium v
*************************
AdwCleaner[R0].txt - [9152 bytes] - [12/11/2014 15:57:12]
AdwCleaner[R1].txt - [15945 bytes] - [14/02/2015 19:07:42]
AdwCleaner[R2].txt - [16006 bytes] - [14/02/2015 19:23:04]
AdwCleaner[S0].txt - [16146 bytes] - [14/02/2015 19:25:26]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16206 bytes] ##########
# AdwCleaner v4.110 - Logfile created 14/02/2015 at 19:25:26
# Updated 05/02/2015 by Xplode
# Database : 2015-02-05.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Gagarin - GAGARIN-PC
# Running from : C:\Users\Gagarin\Desktop\adwcleaner_4.110.exe
# Option : Cleaning
***** [ Services ] *****
[#] Service Deleted : APNMCP
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : ReimageRealTimeProtector
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\Reimage Protector
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\Funmoods
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\PANDORA.TV
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Program Files\Reimage
Folder Deleted : C:\Users\Gagarin\AppData\Local\apn
Folder Deleted : C:\Users\Gagarin\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\Gagarin\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Gagarin\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Gagarin\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\ffxtlbr@funmoods.com
Folder Deleted : C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\yasearch@yandex.ru
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
File Deleted : C:\Windows\Reimage.ini
File Deleted : C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\ask-search.xml
File Deleted : C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\user.js
***** [ Scheduled tasks ] *****
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : ReimageUpdater
Task Deleted : 4fa2116b-e112-49ed-9d9c-a5989d8ac246-1-6
Task Deleted : 4fa2116b-e112-49ed-9d9c-a5989d8ac246-1-7
Task Deleted : 4fa2116b-e112-49ed-9d9c-a5989d8ac246-10_user
Task Deleted : 4fa2116b-e112-49ed-9d9c-a5989d8ac246-4
Task Deleted : 4fa2116b-e112-49ed-9d9c-a5989d8ac246-5
Task Deleted : 4fa2116b-e112-49ed-9d9c-a5989d8ac246-5_user
Task Deleted : 4fa2116b-e112-49ed-9d9c-a5989d8ac246-6
Task Deleted : 4fa2116b-e112-49ed-9d9c-a5989d8ac246-7
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\f
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{91397D20-1446-11D4-8AF4-0040CA1127B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{91397D20-1446-11D4-8AF4-0040CA1127B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{91397D20-1446-11D4-8AF4-0040CA1127B6}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\Reimage
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Funmoods
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2AA44AF4-C116-4219-B800-4573E7E6D421}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Reimage
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17631
-\\ Mozilla Firefox v35.0.1 (x86 cs)
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.search.ask.com/?tpid=ORJ-SPE&o=APN1 ... =ff_34.0.5[...]
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.ae38c01fbffb24c7eb4c71f47c844d855gmailcom62170.62170.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22deal[...]
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "14b73da71dfe0975edec6e6ca7780ac0");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.aflt", "kno");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.dfltLng", "");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.excTlbr", false);
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.id", "b62a3eb9000000000000ac72896946b0");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.instlDay", "15367");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.instlRef", "");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.newTab", false);
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.prdct", "funmoods");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.tlbrId", "base");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=kno&q=");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.1613:38:17");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");
[nahd6ha2.default\prefs.js] - Line Deleted : user_pref("extensions.xpiState", "{\"app-profile\":{\"e38c01fb-ffb2-4c7e-b4c7-1f47c844d855@gmail.com\":{\"d\":\"C:\\\\Users\\\\Gagarin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\nahd6h[...]
-\\ Google Chrome v
-\\ Chromium v
*************************
AdwCleaner[R0].txt - [9152 bytes] - [12/11/2014 15:57:12]
AdwCleaner[R1].txt - [15945 bytes] - [14/02/2015 19:07:42]
AdwCleaner[R2].txt - [16006 bytes] - [14/02/2015 19:23:04]
AdwCleaner[S0].txt - [16146 bytes] - [14/02/2015 19:25:26]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16206 bytes] ##########
Re: Prosím o kontrolu pomaly net,reklamy a zpomalený ntb
Pokracujte Zoekem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
kulisek523
- Návštěvník
- Příspěvky: 37
- Registrován: 08 lis 2014 20:17
Re: Prosím o kontrolu pomaly net,reklamy a zpomalený ntb
Zoek.exe v5.0.0.0 Updated 13-February-2015
Tool run by Gagarin on ne 15.02.2015 at 0:22:40,31.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gagarin\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2015-02-14-183915.log 2014 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{326E768D-4182-46FD-9C16-1449A49795F4} deleted successfully
HKEY_USERS\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{326E768D-4182-46FD-9C16-1449A49795F4} deleted successfully
HKEY_USERS\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA58ED58-01DD-4D91-8333-CF10577473F7} deleted successfully
HKEY_USERS\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA58ED58-01DD-4D91-8333-CF10577473F7} deleted successfully
HKEY_USERS\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C93F72A2-2162-4BBA-A07A-F13663C297A6} deleted successfully
HKEY_USERS\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C93F72A2-2162-4BBA-A07A-F13663C297A6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{91397D20-1446-11D4-8AF4-0040CA1127B6} deleted successfully
HKEY_USERS\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{22C7F6C6-8D67-4534-92B5-529A0EC09405} deleted successfully
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSUService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SSUService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\splashtopremoteservice deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\splashtopremoteservice deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\splashtopremoteservice deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\splashtopremoteservice deleted successfully
==== FireFox Fix ======================
Deleted from C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\prefs.js:
user_pref("browser.search.defaultenginename", "Seznam");
user_pref("browser.search.selectedEngine", "Seznam");
Added to C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\prefs.js:
ProfilePath: C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_15.02.2015_0111_.backup
==== Deleting Files \ Folders ======================
C:\Users\Gagarin\AppData\Roaming\ProtectDISC deleted
C:\Program Files (x86)\Advanced Disk Recovery\70cf6ce5-6868-4dff-9f0c-e615e42ea271.dll deleted
C:\Program Files (x86)\Advanced Disk Recovery\2ac39b98-e3d8-4973-8fda-a2c34e11cefa.dll deleted
C:\PROGRA~2\Texas Holdem Poker 3D Deluxe Edition DeLEGiON deleted
C:\PROGRA~2\ProtectDisc Driver Installer deleted
C:\PROGRA~2\BitLord deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~2\Splashtop deleted
C:\PROGRA~2\2ac39b98-e3d8-4973-8fda-a2c34e11cefa deleted
C:\user.js deleted
C:\PROGRA~3\Splashtop deleted
C:\Users\Gagarin\AppData\Local\cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitLord deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair deleted
C:\Users\Gagarin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord deleted
C:\rei deleted
C:\Users\Gagarin\AppData\LocalLow\boost_interprocess deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\e38c01fb-ffb2-4c7e-b4c7-1f47c844d855@gmail.com deleted
"C:\Windows\Installer\3b8cb7.msi" deleted
"C:\Users\Gagarin\AppData\Local\{2EA12113-029D-4F4A-955E-B58479127F1C}" deleted
"C:\Users\Gagarin\AppData\Local\{FE1E5405-3667-4270-A885-4ACA91EFA8C4}" deleted
"C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\toolbar_ORJ-SPE@apn.ask.com.xpi" deleted
"C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\toolbar_ORJ-SPE@apn.ask.com.xpi" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5" [29.12.2011 22:46]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
- Undetermined - e38c01fb-ffb2-4c7e-b4c7-1f47c844d855@gmail.com
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
0FC325593893749364EC4A733E7D9100 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll - Shockwave Flash
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[16.08.2011 07:20]
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12.12.2011 14:13]
Click to call with Skype - Gagarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
==== Chromium Startpages ======================
C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com/",
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/?clid=6826"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/?clid=6826"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{399a1442-7377-49e7-8d77-6dc9ed5968c1} Zbozi Url="http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826"
{5cf5d387-d87c-4408-9a6b-301b0713d62a} Mapy Url="http://www.mapy.cz/?query={searchTerms} ... earch_6826"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... FB_csCZ460"
{eb97f7df-1773-4916-aae6-5af74da8c69d} Firmy Url="http://www.firmy.cz/phr/{searchTerms}"
==== Reset Google Chrome ======================
C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F405350054677A7A857BC08110 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Splashtop Software Updater deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5350-4500-76A7-A758B70C1801} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2A425F405350054677A7A857BC08110 deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gagarin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Gagarin\AppData\Local\Mozilla\Firefox\Profiles\nahd6ha2.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=1619 folders=126 206855478 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Gagarin\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Gagarin\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on ne 15.02.2015 at 2:45:20,08 ======================
Tool run by Gagarin on ne 15.02.2015 at 0:22:40,31.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gagarin\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2015-02-14-183915.log 2014 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{326E768D-4182-46FD-9C16-1449A49795F4} deleted successfully
HKEY_USERS\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{326E768D-4182-46FD-9C16-1449A49795F4} deleted successfully
HKEY_USERS\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA58ED58-01DD-4D91-8333-CF10577473F7} deleted successfully
HKEY_USERS\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA58ED58-01DD-4D91-8333-CF10577473F7} deleted successfully
HKEY_USERS\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C93F72A2-2162-4BBA-A07A-F13663C297A6} deleted successfully
HKEY_USERS\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C93F72A2-2162-4BBA-A07A-F13663C297A6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{91397D20-1446-11D4-8AF4-0040CA1127B6} deleted successfully
HKEY_USERS\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{22C7F6C6-8D67-4534-92B5-529A0EC09405} deleted successfully
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSUService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SSUService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\splashtopremoteservice deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\splashtopremoteservice deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\splashtopremoteservice deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\splashtopremoteservice deleted successfully
==== FireFox Fix ======================
Deleted from C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\prefs.js:
user_pref("browser.search.defaultenginename", "Seznam");
user_pref("browser.search.selectedEngine", "Seznam");
Added to C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\prefs.js:
ProfilePath: C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_15.02.2015_0111_.backup
==== Deleting Files \ Folders ======================
C:\Users\Gagarin\AppData\Roaming\ProtectDISC deleted
C:\Program Files (x86)\Advanced Disk Recovery\70cf6ce5-6868-4dff-9f0c-e615e42ea271.dll deleted
C:\Program Files (x86)\Advanced Disk Recovery\2ac39b98-e3d8-4973-8fda-a2c34e11cefa.dll deleted
C:\PROGRA~2\Texas Holdem Poker 3D Deluxe Edition DeLEGiON deleted
C:\PROGRA~2\ProtectDisc Driver Installer deleted
C:\PROGRA~2\BitLord deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~2\Splashtop deleted
C:\PROGRA~2\2ac39b98-e3d8-4973-8fda-a2c34e11cefa deleted
C:\user.js deleted
C:\PROGRA~3\Splashtop deleted
C:\Users\Gagarin\AppData\Local\cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitLord deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair deleted
C:\Users\Gagarin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord deleted
C:\rei deleted
C:\Users\Gagarin\AppData\LocalLow\boost_interprocess deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\e38c01fb-ffb2-4c7e-b4c7-1f47c844d855@gmail.com deleted
"C:\Windows\Installer\3b8cb7.msi" deleted
"C:\Users\Gagarin\AppData\Local\{2EA12113-029D-4F4A-955E-B58479127F1C}" deleted
"C:\Users\Gagarin\AppData\Local\{FE1E5405-3667-4270-A885-4ACA91EFA8C4}" deleted
"C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\toolbar_ORJ-SPE@apn.ask.com.xpi" deleted
"C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\toolbar_ORJ-SPE@apn.ask.com.xpi" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5" [29.12.2011 22:46]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
- Undetermined - e38c01fb-ffb2-4c7e-b4c7-1f47c844d855@gmail.com
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
0FC325593893749364EC4A733E7D9100 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll - Shockwave Flash
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[16.08.2011 07:20]
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12.12.2011 14:13]
Click to call with Skype - Gagarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
==== Chromium Startpages ======================
C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com/",
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/?clid=6826"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/?clid=6826"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{399a1442-7377-49e7-8d77-6dc9ed5968c1} Zbozi Url="http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826"
{5cf5d387-d87c-4408-9a6b-301b0713d62a} Mapy Url="http://www.mapy.cz/?query={searchTerms} ... earch_6826"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... FB_csCZ460"
{eb97f7df-1773-4916-aae6-5af74da8c69d} Firmy Url="http://www.firmy.cz/phr/{searchTerms}"
==== Reset Google Chrome ======================
C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F405350054677A7A857BC08110 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Splashtop Software Updater deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5350-4500-76A7-A758B70C1801} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2A425F405350054677A7A857BC08110 deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gagarin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Gagarin\AppData\Local\Mozilla\Firefox\Profiles\nahd6ha2.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=1619 folders=126 206855478 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Gagarin\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Gagarin\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on ne 15.02.2015 at 2:45:20,08 ======================
Re: Prosím o kontrolu pomaly net,reklamy a zpomalený ntb
Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
kulisek523
- Návštěvník
- Příspěvky: 37
- Registrován: 08 lis 2014 20:17
Re: Prosím o kontrolu pomaly net,reklamy a zpomalený ntb
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-02-2015
Ran by Gagarin (administrator) on GAGARIN-PC on 15-02-2015 08:44:26
Running from C:\Users\Gagarin\Desktop
Loaded Profiles: Gagarin (Available profiles: Gagarin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Hagel Technologies Ltd) C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
(ASUS) C:\Windows\AsScrPro.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Users\Gagarin\Desktop\quietHDD.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(forum.viry.cz) C:\Users\Gagarin\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-05-17] (Realtek Semiconductor)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [TNOD UP] => C:\Program Files (x86)\TNod User & Password Finder\TNODUP.exe [1892352 2011-09-18] (Tukero[X]Team)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2532864 2013-12-09] (MyHeritage)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\Run: [DU Meter] => C:\Program Files (x86)\DU Meter\DUMeter.exe [2647064 2009-08-07] (Hagel Technologies Ltd)
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\MountPoints2: {4f321ccc-1bff-11e1-8bfd-ac72896946b3} - H:\Setup.exe
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\MountPoints2: {956efc85-4706-11e4-a0f0-ac72896946b3} - F:\Startme.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177624 2015-02-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164752 2015-02-05] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
Startup: C:\Users\Gagarin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\quietHDD – zástupce.lnk
ShortcutTarget: quietHDD – zástupce.lnk -> C:\Users\Gagarin\Desktop\quietHDD.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=6826
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-888680311-3760050322-2472689814-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-888680311-3760050322-2472689814-1000 -> {399a1442-7377-49e7-8d77-6dc9ed5968c1} URL = http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826
SearchScopes: HKU\S-1-5-21-888680311-3760050322-2472689814-1000 -> {5cf5d387-d87c-4408-9a6b-301b0713d62a} URL = http://www.mapy.cz/?query={searchTerms} ... earch_6826
SearchScopes: HKU\S-1-5-21-888680311-3760050322-2472689814-1000 -> {8172f457-818d-46db-941f-2bbe53e156af} URL =
SearchScopes: HKU\S-1-5-21-888680311-3760050322-2472689814-1000 -> {eb97f7df-1773-4916-aae6-5af74da8c69d} URL = http://www.firmy.cz/phr/{searchTerms}
BHO: Google Toolbar Helper -> ##TOOLBAR_DISABLED_##{aa58ed58-01dd-4d91-8333-cf10577473f7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> ##TOOLBAR_DISABLED_##{326e768d-4182-46fd-9c16-1449a49795f4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Funmoods Helper Object -> ##TOOLBAR_DISABLED_##{75ebb0aa-4214-4cb4-90ec-e3e07ecd04f7} -> C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll No File
BHO-x32: Google Toolbar Helper -> ##TOOLBAR_DISABLED_##{aa58ed58-01dd-4d91-8333-cf10577473f7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Vizuální záložky -> ##TOOLBAR_DISABLED_##{c93f72a2-2162-4bba-a07a-f13663c297a6} -> C:\Program Files (x86)\Yandex\YandexBarIE\fastdial.dll ()
BHO-x32: Kwyshell MidpX -> ##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e} -> C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - ##TOOLBAR_DISABLED_##{2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - ##TOOLBAR_DISABLED_##{2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Yandex.Bar - ##TOOLBAR_DISABLED_##{91397d20-1446-11d4-8af4-0040ca1127b6} - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll ()
Toolbar: HKLM-x32 - Funmoods Toolbar - ##TOOLBAR_DISABLED_##{a4c272ec-ed9e-4ace-a6f2-9558c7f29ef3} - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll No File
Toolbar: HKLM-x32 - Kwyshell MidpX - ##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e} - C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - No File
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - No File
FireFox:
========
FF ProfilePath: C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
FF DefaultSearchEngine: Seznam
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-12-29]
Chrome:
=======
CHR Profile: C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Click to call with Skype) - C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-12-07]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-12-30]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-08-16]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
StartMenuInternet: Google Chrome - C:\Users\Gagarin\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 DUMeterSvc; C:\Program Files (x86)\DU Meter\DUMeterSvc.exe [1387544 2009-08-07] (Hagel Technologies Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-01-14] (LogMeIn, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-01-13] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R3 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [241488 2010-09-18] (Trend Micro Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-12-15] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-12-01] (DT Soft Ltd)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-12-15] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-09-18] (Trend Micro Inc.)
R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-09-18] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-09-18] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-09-18] (Trend Micro Inc.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] ()
S3 cpuz134; \??\C:\Users\Gagarin\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S1 SABKUTIL; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys [X]
S3 SABProcEnum; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-15 08:44 - 2015-02-15 08:45 - 00021071 _____ () C:\Users\Gagarin\Desktop\FRST.txt
2015-02-15 08:44 - 2015-02-15 08:44 - 00000000 ____D () C:\FRST
2015-02-15 08:40 - 2015-02-15 08:40 - 00112640 _____ (forum.viry.cz) C:\Users\Gagarin\Desktop\FRSTLauncher.exe
2015-02-15 08:39 - 2015-02-15 08:40 - 02134528 _____ (Farbar) C:\Users\Gagarin\Desktop\FRST64.exe
2015-02-15 02:05 - 2015-02-15 00:22 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-15 00:23 - 2015-02-14 19:39 - 00002014 _____ () C:\zoek-results2015-02-14-183915.log
2015-02-15 00:18 - 2015-02-15 00:19 - 01304576 _____ () C:\Users\Gagarin\Desktop\zoek.exe
2015-02-15 00:14 - 2015-02-15 02:43 - 00001116 _____ () C:\Windows\PFRO.log
2015-02-14 19:35 - 2015-02-15 02:45 - 00012219 _____ () C:\zoek-results.log
2015-02-14 19:33 - 2015-02-15 01:14 - 00000000 ____D () C:\zoek_backup
2015-02-14 19:27 - 2015-02-15 08:26 - 00000672 _____ () C:\Windows\setupact.log
2015-02-14 19:27 - 2015-02-14 19:27 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-14 17:39 - 2015-02-14 17:40 - 01222144 _____ () C:\Users\Gagarin\Downloads\RSITx64.exe
2015-02-14 15:47 - 2015-02-14 15:47 - 00000000 ____D () C:\Windows\SysWOW64\NV
2015-02-14 15:47 - 2015-02-14 15:47 - 00000000 ____D () C:\Windows\system32\NV
2015-02-14 15:45 - 2015-02-05 22:01 - 32106640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 24768144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 20466496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 18575880 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 17253848 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 16017040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 13294528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 13208200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 10773704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 10713256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 10284872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-02-14 15:45 - 2015-02-05 22:01 - 03610768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 03247248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434752.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434752.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 00969872 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 00943760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 00929936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 00908104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 00305136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 00031376 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2015-02-13 21:26 - 2015-02-13 23:22 - 621008896 _____ () C:\Users\Gagarin\Downloads\Telefonni--budka-CZ-.avi-lydu.crdownload
2015-02-13 12:51 - 2015-02-13 12:51 - 00000000 ____D () C:\Users\Gagarin\Documents\Empire Earth II
2015-02-13 12:42 - 2015-02-13 12:51 - 00000000 ____D () C:\Users\Gagarin\AppData\Roaming\Sierra
2015-02-13 12:42 - 2015-02-13 12:42 - 00000000 ____D () C:\Users\Gagarin\Documents\Empire Earth II The Art of Supremacy
2015-02-13 12:34 - 2015-02-13 12:34 - 00000736 _____ () C:\Users\Public\Desktop\Empire Earth II - The Art of Supremacy.lnk
2015-02-13 12:34 - 2015-02-13 12:34 - 00000719 _____ () C:\Users\Public\Desktop\Empire Earth II.lnk
2015-02-13 12:34 - 2015-02-13 12:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-02-12 15:20 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 15:20 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 15:20 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 15:20 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 15:42 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 15:42 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 15:42 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 15:42 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 15:42 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 15:42 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 15:42 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 15:42 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 15:42 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 15:42 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 15:42 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 15:42 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 15:42 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 15:42 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 15:42 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 15:42 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 15:42 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 15:42 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 15:42 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 15:42 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 15:42 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 15:42 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 15:41 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 15:41 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 15:41 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 15:41 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 15:41 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 15:41 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 15:41 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 15:41 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 15:41 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 15:41 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 15:41 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 15:41 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 15:41 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 15:41 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 15:41 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 15:41 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 15:41 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 15:41 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 15:41 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 15:41 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 15:41 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 15:41 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 15:41 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 15:41 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 15:41 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 15:41 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 15:41 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 15:41 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 15:41 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 15:41 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 15:41 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 15:41 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 15:41 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 15:41 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 15:41 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 15:41 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 15:41 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 15:41 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 15:41 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 15:41 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 15:41 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 15:41 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 15:41 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 15:41 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 15:41 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 15:41 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 15:41 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 15:41 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 15:41 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 15:41 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 15:41 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 15:41 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 15:39 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 15:39 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 15:39 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 15:39 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 15:39 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 15:39 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 15:39 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 15:39 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 15:39 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 15:39 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 15:39 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 15:39 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 15:39 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 15:39 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 15:39 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 15:39 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 15:39 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 15:39 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 15:39 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 15:39 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 15:38 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 15:38 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 15:38 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 15:38 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 15:38 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 15:38 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-11 15:37 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 15:37 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 15:37 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 15:37 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 15:37 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 15:36 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 15:36 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 15:36 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 15:36 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 15:36 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 15:36 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 15:36 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 15:36 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 15:36 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 15:34 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-09 20:23 - 2015-02-09 20:25 - 00000000 ____D () C:\Program Files (x86)\enterprise 1.1
2015-02-03 22:31 - 2015-02-04 00:38 - 881139610 _____ () C:\Users\Gagarin\Downloads\KÓD-ENIGMY-ČESKÉ-TITULKY-VLOŽENY-VE-FILMU-novinky-novinka.avi
2015-02-01 17:55 - 2015-02-01 17:55 - 00000701 _____ () C:\Users\Gagarin\Desktop\Noc Havrana.lnk
2015-02-01 17:50 - 2015-02-01 17:50 - 00000796 _____ () C:\Users\Gagarin\Desktop\Gothic II - Night of the Raven.lnk
2015-02-01 17:49 - 2015-02-01 17:53 - 92203960 _____ () C:\Users\Gagarin\Downloads\gothic2notr_cestina.zip
2015-02-01 17:48 - 2015-02-01 17:48 - 00000000 ____D () C:\Users\Gagarin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2015-02-01 17:41 - 2015-02-01 17:52 - 00000181 _____ () C:\Windows\level.ini
2015-01-27 15:23 - 2015-01-27 15:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 22:17 - 2015-01-26 22:17 - 00000276 _____ () C:\SSUUpdater.log
2015-01-26 21:56 - 2015-01-26 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splashtop Remote
2015-01-26 21:53 - 2015-01-26 21:55 - 20687000 _____ (Splashtop Inc.) C:\Users\Gagarin\Downloads\Splashtop_Streamer_WIN_v2.6.5.2.EXE
2015-01-25 19:04 - 2015-01-25 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-01-25 19:04 - 2015-01-25 19:04 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-15 08:41 - 2014-09-12 15:13 - 00000000 ____D () C:\Users\Gagarin\Desktop\Nová složka (3)
2015-02-15 08:34 - 2009-07-14 05:45 - 00022656 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-15 08:34 - 2009-07-14 05:45 - 00022656 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-15 08:32 - 2009-07-14 16:18 - 00689238 _____ () C:\Windows\system32\perfh005.dat
2015-02-15 08:32 - 2009-07-14 16:18 - 00150464 _____ () C:\Windows\system32\perfc005.dat
2015-02-15 08:32 - 2009-07-14 06:13 - 01642876 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-15 08:30 - 2013-11-26 13:00 - 01719650 _____ () C:\Windows\WindowsUpdate.log
2015-02-15 08:27 - 2012-11-16 12:54 - 00000437 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-02-15 08:27 - 2012-10-11 14:25 - 00000000 ____D () C:\Users\Gagarin\AppData\Local\LogMeIn Hamachi
2015-02-15 08:26 - 2011-12-01 09:47 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-15 08:25 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-15 04:15 - 2011-12-01 09:47 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-15 01:14 - 2012-11-11 11:13 - 00000000 ____D () C:\Program Files (x86)\Advanced Disk Recovery
2015-02-15 00:14 - 2011-12-01 08:16 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2015-02-14 19:25 - 2014-11-12 15:50 - 00000000 ____D () C:\AdwCleaner
2015-02-14 17:53 - 2012-08-30 09:36 - 02054144 ___SH () C:\Users\Gagarin\Desktop\Thumbs.db
2015-02-14 17:41 - 2011-12-01 08:06 - 00000000 ____D () C:\Program Files\Trend Micro
2015-02-14 15:51 - 2014-12-10 20:30 - 00006883 _____ () C:\Windows\system32\ScanResults.xml
2015-02-14 15:47 - 2012-10-26 19:26 - 00000000 ____D () C:\temp
2015-02-14 15:47 - 2011-12-01 07:44 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-14 15:36 - 2014-12-10 20:22 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2015-02-14 15:16 - 2011-12-07 17:12 - 00000000 ____D () C:\Users\Gagarin\AppData\Roaming\Skype
2015-02-14 12:45 - 2013-09-08 12:41 - 00000000 ____D () C:\Users\Gagarin\Desktop\WOW CATA
2015-02-14 10:59 - 2011-12-25 21:53 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer
2015-02-13 14:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-13 12:51 - 2011-12-15 11:45 - 00000000 ____D () C:\Users\Gagarin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-02-11 21:18 - 2009-07-14 05:45 - 04912768 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 21:15 - 2014-12-11 03:23 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 21:15 - 2014-05-07 21:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 15:59 - 2011-12-01 09:50 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-02-11 15:59 - 2011-12-01 09:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-11 15:59 - 2011-12-01 09:49 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-11 15:59 - 2011-12-01 09:49 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-11 15:58 - 2013-08-10 00:16 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 15:54 - 2011-12-01 09:04 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-10 22:58 - 2012-05-09 22:09 - 00000000 ____D () C:\Users\Gagarin\AppData\Roaming\vlc
2015-02-10 15:14 - 2011-12-01 08:02 - 00001810 _____ () C:\Windows\system32\ServiceFilter.ini
2015-02-05 22:01 - 2015-01-14 19:39 - 02902784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-02-05 22:01 - 2014-01-10 13:51 - 14119744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-02-05 22:01 - 2013-06-05 11:45 - 00877816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-02-05 22:01 - 2013-06-05 11:45 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-02-05 22:01 - 2011-12-01 07:39 - 03299512 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-02-05 22:01 - 2011-12-01 07:39 - 00995248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-02-05 22:01 - 2011-12-01 07:39 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-02-05 22:01 - 2011-12-01 07:39 - 00164752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-02-05 20:10 - 2011-12-01 09:47 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 20:10 - 2011-12-01 09:47 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-05 20:07 - 2011-05-11 03:53 - 06861128 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-02-05 20:07 - 2011-05-11 03:53 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-02-05 20:07 - 2011-05-11 03:53 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-02-05 20:07 - 2011-05-11 03:53 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-02-05 20:07 - 2011-05-11 03:52 - 03517584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-02-05 20:06 - 2011-05-11 03:53 - 01098384 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-02-05 20:06 - 2011-05-11 03:53 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-02-05 20:06 - 2011-05-11 03:53 - 00074896 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-02-05 13:50 - 2011-05-11 03:53 - 04236870 _____ () C:\Windows\system32\nvcoproc.bin
2015-01-29 15:20 - 2014-02-14 20:30 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-29 15:20 - 2012-01-02 20:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-28 14:57 - 2014-02-13 23:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-25 19:04 - 2012-11-15 14:41 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-01-21 20:34 - 2014-12-02 15:12 - 00002026 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-01-21 20:34 - 2014-09-28 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-01-21 20:34 - 2011-12-01 07:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
==================== Files in the root of some directories =======
2012-09-14 12:20 - 2012-09-14 12:20 - 0000132 _____ () C:\Users\Gagarin\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-02-13 21:47 - 2014-02-13 22:28 - 0004608 _____ () C:\Users\Gagarin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-01-26 11:43 - 2012-01-26 11:43 - 0000095 _____ () C:\Users\Gagarin\AppData\Local\fusioncache.dat
2014-02-17 20:24 - 2014-02-17 20:24 - 0007605 _____ () C:\Users\Gagarin\AppData\Local\Resmon.ResmonCfg
2012-01-09 07:55 - 2012-01-09 07:56 - 0000317 _____ () C:\ProgramData\hpzinstall.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-13 14:15
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:136.62 GB) (Free:24.37 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Kulis) (Fixed) (Total:459.35 GB) (Free:63.23 GB) NTFS
Available physical RAM: 1914.06 MB
Total physical RAM: 4006.71 MB
Percentage of memory in use: 52%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 2D870C6A)
Partition 1: (Active) - (Size=136.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=459.4 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Gagarin\Desktop" je 27278 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector
C:\Windows\AsScrPro.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Gagarin (administrator) on GAGARIN-PC on 15-02-2015 08:44:26
Running from C:\Users\Gagarin\Desktop
Loaded Profiles: Gagarin (Available profiles: Gagarin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Hagel Technologies Ltd) C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
(ASUS) C:\Windows\AsScrPro.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Users\Gagarin\Desktop\quietHDD.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(forum.viry.cz) C:\Users\Gagarin\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-05-17] (Realtek Semiconductor)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [TNOD UP] => C:\Program Files (x86)\TNod User & Password Finder\TNODUP.exe [1892352 2011-09-18] (Tukero[X]Team)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2532864 2013-12-09] (MyHeritage)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\Run: [DU Meter] => C:\Program Files (x86)\DU Meter\DUMeter.exe [2647064 2009-08-07] (Hagel Technologies Ltd)
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\MountPoints2: {4f321ccc-1bff-11e1-8bfd-ac72896946b3} - H:\Setup.exe
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\MountPoints2: {956efc85-4706-11e4-a0f0-ac72896946b3} - F:\Startme.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177624 2015-02-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164752 2015-02-05] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
Startup: C:\Users\Gagarin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\quietHDD – zástupce.lnk
ShortcutTarget: quietHDD – zástupce.lnk -> C:\Users\Gagarin\Desktop\quietHDD.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=6826
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-888680311-3760050322-2472689814-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-888680311-3760050322-2472689814-1000 -> {399a1442-7377-49e7-8d77-6dc9ed5968c1} URL = http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826
SearchScopes: HKU\S-1-5-21-888680311-3760050322-2472689814-1000 -> {5cf5d387-d87c-4408-9a6b-301b0713d62a} URL = http://www.mapy.cz/?query={searchTerms} ... earch_6826
SearchScopes: HKU\S-1-5-21-888680311-3760050322-2472689814-1000 -> {8172f457-818d-46db-941f-2bbe53e156af} URL =
SearchScopes: HKU\S-1-5-21-888680311-3760050322-2472689814-1000 -> {eb97f7df-1773-4916-aae6-5af74da8c69d} URL = http://www.firmy.cz/phr/{searchTerms}
BHO: Google Toolbar Helper -> ##TOOLBAR_DISABLED_##{aa58ed58-01dd-4d91-8333-cf10577473f7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> ##TOOLBAR_DISABLED_##{326e768d-4182-46fd-9c16-1449a49795f4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Funmoods Helper Object -> ##TOOLBAR_DISABLED_##{75ebb0aa-4214-4cb4-90ec-e3e07ecd04f7} -> C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll No File
BHO-x32: Google Toolbar Helper -> ##TOOLBAR_DISABLED_##{aa58ed58-01dd-4d91-8333-cf10577473f7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Vizuální záložky -> ##TOOLBAR_DISABLED_##{c93f72a2-2162-4bba-a07a-f13663c297a6} -> C:\Program Files (x86)\Yandex\YandexBarIE\fastdial.dll ()
BHO-x32: Kwyshell MidpX -> ##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e} -> C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - ##TOOLBAR_DISABLED_##{2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - ##TOOLBAR_DISABLED_##{2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Yandex.Bar - ##TOOLBAR_DISABLED_##{91397d20-1446-11d4-8af4-0040ca1127b6} - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll ()
Toolbar: HKLM-x32 - Funmoods Toolbar - ##TOOLBAR_DISABLED_##{a4c272ec-ed9e-4ace-a6f2-9558c7f29ef3} - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll No File
Toolbar: HKLM-x32 - Kwyshell MidpX - ##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e} - C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - No File
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - No File
FireFox:
========
FF ProfilePath: C:\Users\Gagarin\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
FF DefaultSearchEngine: Seznam
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-12-29]
Chrome:
=======
CHR Profile: C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Click to call with Skype) - C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-12-07]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-12-30]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-08-16]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
StartMenuInternet: Google Chrome - C:\Users\Gagarin\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 DUMeterSvc; C:\Program Files (x86)\DU Meter\DUMeterSvc.exe [1387544 2009-08-07] (Hagel Technologies Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-01-14] (LogMeIn, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-01-13] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R3 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [241488 2010-09-18] (Trend Micro Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-12-15] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-12-01] (DT Soft Ltd)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-12-15] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-09-18] (Trend Micro Inc.)
R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-09-18] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-09-18] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-09-18] (Trend Micro Inc.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] ()
S3 cpuz134; \??\C:\Users\Gagarin\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S1 SABKUTIL; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys [X]
S3 SABProcEnum; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-15 08:44 - 2015-02-15 08:45 - 00021071 _____ () C:\Users\Gagarin\Desktop\FRST.txt
2015-02-15 08:44 - 2015-02-15 08:44 - 00000000 ____D () C:\FRST
2015-02-15 08:40 - 2015-02-15 08:40 - 00112640 _____ (forum.viry.cz) C:\Users\Gagarin\Desktop\FRSTLauncher.exe
2015-02-15 08:39 - 2015-02-15 08:40 - 02134528 _____ (Farbar) C:\Users\Gagarin\Desktop\FRST64.exe
2015-02-15 02:05 - 2015-02-15 00:22 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-15 00:23 - 2015-02-14 19:39 - 00002014 _____ () C:\zoek-results2015-02-14-183915.log
2015-02-15 00:18 - 2015-02-15 00:19 - 01304576 _____ () C:\Users\Gagarin\Desktop\zoek.exe
2015-02-15 00:14 - 2015-02-15 02:43 - 00001116 _____ () C:\Windows\PFRO.log
2015-02-14 19:35 - 2015-02-15 02:45 - 00012219 _____ () C:\zoek-results.log
2015-02-14 19:33 - 2015-02-15 01:14 - 00000000 ____D () C:\zoek_backup
2015-02-14 19:27 - 2015-02-15 08:26 - 00000672 _____ () C:\Windows\setupact.log
2015-02-14 19:27 - 2015-02-14 19:27 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-14 17:39 - 2015-02-14 17:40 - 01222144 _____ () C:\Users\Gagarin\Downloads\RSITx64.exe
2015-02-14 15:47 - 2015-02-14 15:47 - 00000000 ____D () C:\Windows\SysWOW64\NV
2015-02-14 15:47 - 2015-02-14 15:47 - 00000000 ____D () C:\Windows\system32\NV
2015-02-14 15:45 - 2015-02-05 22:01 - 32106640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 24768144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 20466496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 18575880 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 17253848 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 16017040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 13294528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 13208200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 10773704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 10713256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 10284872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-02-14 15:45 - 2015-02-05 22:01 - 03610768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 03247248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434752.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434752.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 00969872 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 00943760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 00929936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 00908104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 00305136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-02-14 15:45 - 2015-02-05 22:01 - 00031376 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2015-02-13 21:26 - 2015-02-13 23:22 - 621008896 _____ () C:\Users\Gagarin\Downloads\Telefonni--budka-CZ-.avi-lydu.crdownload
2015-02-13 12:51 - 2015-02-13 12:51 - 00000000 ____D () C:\Users\Gagarin\Documents\Empire Earth II
2015-02-13 12:42 - 2015-02-13 12:51 - 00000000 ____D () C:\Users\Gagarin\AppData\Roaming\Sierra
2015-02-13 12:42 - 2015-02-13 12:42 - 00000000 ____D () C:\Users\Gagarin\Documents\Empire Earth II The Art of Supremacy
2015-02-13 12:34 - 2015-02-13 12:34 - 00000736 _____ () C:\Users\Public\Desktop\Empire Earth II - The Art of Supremacy.lnk
2015-02-13 12:34 - 2015-02-13 12:34 - 00000719 _____ () C:\Users\Public\Desktop\Empire Earth II.lnk
2015-02-13 12:34 - 2015-02-13 12:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-02-12 15:20 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 15:20 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 15:20 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 15:20 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 15:42 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 15:42 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 15:42 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 15:42 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 15:42 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 15:42 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 15:42 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 15:42 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 15:42 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 15:42 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 15:42 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 15:42 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 15:42 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 15:42 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 15:42 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 15:42 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 15:42 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 15:42 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 15:42 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 15:42 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 15:42 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 15:42 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 15:41 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 15:41 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 15:41 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 15:41 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 15:41 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 15:41 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 15:41 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 15:41 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 15:41 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 15:41 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 15:41 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 15:41 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 15:41 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 15:41 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 15:41 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 15:41 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 15:41 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 15:41 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 15:41 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 15:41 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 15:41 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 15:41 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 15:41 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 15:41 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 15:41 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 15:41 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 15:41 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 15:41 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 15:41 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 15:41 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 15:41 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 15:41 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 15:41 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 15:41 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 15:41 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 15:41 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 15:41 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 15:41 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 15:41 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 15:41 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 15:41 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 15:41 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 15:41 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 15:41 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 15:41 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 15:41 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 15:41 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 15:41 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 15:41 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 15:41 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 15:41 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 15:41 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 15:39 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 15:39 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 15:39 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 15:39 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 15:39 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 15:39 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 15:39 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 15:39 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 15:39 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 15:39 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 15:39 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 15:39 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 15:39 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 15:39 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 15:39 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 15:39 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 15:39 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 15:39 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 15:39 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 15:39 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 15:38 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 15:38 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 15:38 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 15:38 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 15:38 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 15:38 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-11 15:37 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 15:37 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 15:37 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 15:37 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 15:37 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 15:36 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 15:36 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 15:36 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 15:36 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 15:36 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 15:36 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 15:36 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 15:36 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 15:36 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 15:34 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-09 20:23 - 2015-02-09 20:25 - 00000000 ____D () C:\Program Files (x86)\enterprise 1.1
2015-02-03 22:31 - 2015-02-04 00:38 - 881139610 _____ () C:\Users\Gagarin\Downloads\KÓD-ENIGMY-ČESKÉ-TITULKY-VLOŽENY-VE-FILMU-novinky-novinka.avi
2015-02-01 17:55 - 2015-02-01 17:55 - 00000701 _____ () C:\Users\Gagarin\Desktop\Noc Havrana.lnk
2015-02-01 17:50 - 2015-02-01 17:50 - 00000796 _____ () C:\Users\Gagarin\Desktop\Gothic II - Night of the Raven.lnk
2015-02-01 17:49 - 2015-02-01 17:53 - 92203960 _____ () C:\Users\Gagarin\Downloads\gothic2notr_cestina.zip
2015-02-01 17:48 - 2015-02-01 17:48 - 00000000 ____D () C:\Users\Gagarin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2015-02-01 17:41 - 2015-02-01 17:52 - 00000181 _____ () C:\Windows\level.ini
2015-01-27 15:23 - 2015-01-27 15:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 22:17 - 2015-01-26 22:17 - 00000276 _____ () C:\SSUUpdater.log
2015-01-26 21:56 - 2015-01-26 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splashtop Remote
2015-01-26 21:53 - 2015-01-26 21:55 - 20687000 _____ (Splashtop Inc.) C:\Users\Gagarin\Downloads\Splashtop_Streamer_WIN_v2.6.5.2.EXE
2015-01-25 19:04 - 2015-01-25 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-01-25 19:04 - 2015-01-25 19:04 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-15 08:41 - 2014-09-12 15:13 - 00000000 ____D () C:\Users\Gagarin\Desktop\Nová složka (3)
2015-02-15 08:34 - 2009-07-14 05:45 - 00022656 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-15 08:34 - 2009-07-14 05:45 - 00022656 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-15 08:32 - 2009-07-14 16:18 - 00689238 _____ () C:\Windows\system32\perfh005.dat
2015-02-15 08:32 - 2009-07-14 16:18 - 00150464 _____ () C:\Windows\system32\perfc005.dat
2015-02-15 08:32 - 2009-07-14 06:13 - 01642876 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-15 08:30 - 2013-11-26 13:00 - 01719650 _____ () C:\Windows\WindowsUpdate.log
2015-02-15 08:27 - 2012-11-16 12:54 - 00000437 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-02-15 08:27 - 2012-10-11 14:25 - 00000000 ____D () C:\Users\Gagarin\AppData\Local\LogMeIn Hamachi
2015-02-15 08:26 - 2011-12-01 09:47 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-15 08:25 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-15 04:15 - 2011-12-01 09:47 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-15 01:14 - 2012-11-11 11:13 - 00000000 ____D () C:\Program Files (x86)\Advanced Disk Recovery
2015-02-15 00:14 - 2011-12-01 08:16 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2015-02-14 19:25 - 2014-11-12 15:50 - 00000000 ____D () C:\AdwCleaner
2015-02-14 17:53 - 2012-08-30 09:36 - 02054144 ___SH () C:\Users\Gagarin\Desktop\Thumbs.db
2015-02-14 17:41 - 2011-12-01 08:06 - 00000000 ____D () C:\Program Files\Trend Micro
2015-02-14 15:51 - 2014-12-10 20:30 - 00006883 _____ () C:\Windows\system32\ScanResults.xml
2015-02-14 15:47 - 2012-10-26 19:26 - 00000000 ____D () C:\temp
2015-02-14 15:47 - 2011-12-01 07:44 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-14 15:36 - 2014-12-10 20:22 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2015-02-14 15:16 - 2011-12-07 17:12 - 00000000 ____D () C:\Users\Gagarin\AppData\Roaming\Skype
2015-02-14 12:45 - 2013-09-08 12:41 - 00000000 ____D () C:\Users\Gagarin\Desktop\WOW CATA
2015-02-14 10:59 - 2011-12-25 21:53 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer
2015-02-13 14:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-13 12:51 - 2011-12-15 11:45 - 00000000 ____D () C:\Users\Gagarin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-02-11 21:18 - 2009-07-14 05:45 - 04912768 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 21:15 - 2014-12-11 03:23 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 21:15 - 2014-05-07 21:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 15:59 - 2011-12-01 09:50 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-02-11 15:59 - 2011-12-01 09:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-11 15:59 - 2011-12-01 09:49 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-11 15:59 - 2011-12-01 09:49 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-11 15:58 - 2013-08-10 00:16 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 15:54 - 2011-12-01 09:04 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-10 22:58 - 2012-05-09 22:09 - 00000000 ____D () C:\Users\Gagarin\AppData\Roaming\vlc
2015-02-10 15:14 - 2011-12-01 08:02 - 00001810 _____ () C:\Windows\system32\ServiceFilter.ini
2015-02-05 22:01 - 2015-01-14 19:39 - 02902784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-02-05 22:01 - 2014-01-10 13:51 - 14119744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-02-05 22:01 - 2013-06-05 11:45 - 00877816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-02-05 22:01 - 2013-06-05 11:45 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-02-05 22:01 - 2011-12-01 07:39 - 03299512 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-02-05 22:01 - 2011-12-01 07:39 - 00995248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-02-05 22:01 - 2011-12-01 07:39 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-02-05 22:01 - 2011-12-01 07:39 - 00164752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-02-05 20:10 - 2011-12-01 09:47 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 20:10 - 2011-12-01 09:47 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-05 20:07 - 2011-05-11 03:53 - 06861128 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-02-05 20:07 - 2011-05-11 03:53 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-02-05 20:07 - 2011-05-11 03:53 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-02-05 20:07 - 2011-05-11 03:53 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-02-05 20:07 - 2011-05-11 03:52 - 03517584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-02-05 20:06 - 2011-05-11 03:53 - 01098384 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-02-05 20:06 - 2011-05-11 03:53 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-02-05 20:06 - 2011-05-11 03:53 - 00074896 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-02-05 13:50 - 2011-05-11 03:53 - 04236870 _____ () C:\Windows\system32\nvcoproc.bin
2015-01-29 15:20 - 2014-02-14 20:30 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-29 15:20 - 2012-01-02 20:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-28 14:57 - 2014-02-13 23:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-25 19:04 - 2012-11-15 14:41 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-01-21 20:34 - 2014-12-02 15:12 - 00002026 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-01-21 20:34 - 2014-09-28 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-01-21 20:34 - 2011-12-01 07:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
==================== Files in the root of some directories =======
2012-09-14 12:20 - 2012-09-14 12:20 - 0000132 _____ () C:\Users\Gagarin\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-02-13 21:47 - 2014-02-13 22:28 - 0004608 _____ () C:\Users\Gagarin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-01-26 11:43 - 2012-01-26 11:43 - 0000095 _____ () C:\Users\Gagarin\AppData\Local\fusioncache.dat
2014-02-17 20:24 - 2014-02-17 20:24 - 0007605 _____ () C:\Users\Gagarin\AppData\Local\Resmon.ResmonCfg
2012-01-09 07:55 - 2012-01-09 07:56 - 0000317 _____ () C:\ProgramData\hpzinstall.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-13 14:15
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:136.62 GB) (Free:24.37 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Kulis) (Fixed) (Total:459.35 GB) (Free:63.23 GB) NTFS
Available physical RAM: 1914.06 MB
Total physical RAM: 4006.71 MB
Percentage of memory in use: 52%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 2D870C6A)
Partition 1: (Active) - (Size=136.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=459.4 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Gagarin\Desktop" je 27278 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector
C:\Windows\AsScrPro.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
-
kulisek523
- Návštěvník
- Příspěvky: 37
- Registrován: 08 lis 2014 20:17
Re: Prosím o kontrolu pomaly net,reklamy a zpomalený ntb
Tady ten addition
- Přílohy
-
- Addition.rar
- (10.96 KiB) Staženo 48 x
Re: Prosím o kontrolu pomaly net,reklamy a zpomalený ntb
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [TNOD UP] => C:\Program Files (x86)\TNod User & Password Finder\TNODUP.exe [1892352 2011-09-18] (Tukero[X]Team) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2532864 2013-12-09] (MyHeritage) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.) HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd) HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony) HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\MountPoints2: {4f321ccc-1bff-11e1-8bfd-ac72896946b3} - H:\Setup.exe HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\MountPoints2: {956efc85-4706-11e4-a0f0-ac72896946b3} - F:\Startme.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk Startup: C:\Users\Gagarin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\quietHDD – zástupce.lnk HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=6826 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-888680311-3760050322-2472689814-1000 -> {8172f457-818d-46db-941f-2bbe53e156af} URL = BHO-x32: DivX Plus Web Player HTML5 <video> -> ##TOOLBAR_DISABLED_##{326e768d-4182-46fd-9c16-1449a49795f4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) BHO-x32: Funmoods Helper Object -> ##TOOLBAR_DISABLED_##{75ebb0aa-4214-4cb4-90ec-e3e07ecd04f7} -> C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll No File BHO-x32: Google Toolbar Helper -> ##TOOLBAR_DISABLED_##{aa58ed58-01dd-4d91-8333-cf10577473f7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Vizuální záložky -> ##TOOLBAR_DISABLED_##{c93f72a2-2162-4bba-a07a-f13663c297a6} -> C:\Program Files (x86)\Yandex\YandexBarIE\fastdial.dll () BHO-x32: Kwyshell MidpX -> ##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e} -> C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp) Toolbar: HKLM-x32 - Yandex.Bar - ##TOOLBAR_DISABLED_##{91397d20-1446-11d4-8af4-0040ca1127b6} - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll () Toolbar: HKLM-x32 - Funmoods Toolbar - ##TOOLBAR_DISABLED_##{a4c272ec-ed9e-4ace-a6f2-9558c7f29ef3} - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll No File Toolbar: HKLM-x32 - Kwyshell MidpX - ##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e} - C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - No File Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - No File CHR Extension: (Click to call with Skype) - C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-12-07] CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-12-30] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-08-16] CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12] S3 cpuz134; \??\C:\Users\Gagarin\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] S1 SABKUTIL; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys [X] S3 SABProcEnum; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys [X] C:\Program Files (x86)\TNod User & Password Finder 2015-02-15 08:44 - 2015-02-15 08:45 - 00021071 _____ () C:\Users\Gagarin\Desktop\FRST.txt 2015-02-15 02:05 - 2015-02-15 00:22 - 00024064 _____ () C:\Windows\zoek-delete.exe 2015-02-15 00:23 - 2015-02-14 19:39 - 00002014 _____ () C:\zoek-results2015-02-14-183915.log 2015-02-15 00:18 - 2015-02-15 00:19 - 01304576 _____ () C:\Users\Gagarin\Desktop\zoek.exe 2015-02-15 00:14 - 2015-02-15 02:43 - 00001116 _____ () C:\Windows\PFRO.log 2015-02-14 19:35 - 2015-02-15 02:45 - 00012219 _____ () C:\zoek-results.log 2015-02-14 19:33 - 2015-02-15 01:14 - 00000000 ____D () C:\zoek_backup 2015-02-14 19:27 - 2015-02-15 08:26 - 00000672 _____ () C:\Windows\setupact.log 2015-02-14 19:27 - 2015-02-14 19:27 - 00000000 _____ () C:\Windows\setuperr.log 2015-02-14 17:39 - 2015-02-14 17:40 - 01222144 _____ () C:\Users\Gagarin\Downloads\RSITx64.exe 2015-02-15 08:40 - 2015-02-15 08:40 - 00112640 _____ (forum.viry.cz) C:\Users\Gagarin\Desktop\FRSTLauncher.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Hosts: EmptyTemp: Reboot: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
kulisek523
- Návštěvník
- Příspěvky: 37
- Registrován: 08 lis 2014 20:17
Re: Prosím o kontrolu pomaly net,reklamy a zpomalený ntb
Tady přikladam fixlog
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-02-2015
Ran by Gagarin at 2015-02-15 09:45:01 Run:1
Running from C:\Users\Gagarin\Desktop
Loaded Profiles: Gagarin (Available profiles: Gagarin)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [TNOD UP] => C:\Program Files (x86)\TNod User & Password Finder\TNODUP.exe [1892352 2011-09-18] (Tukero[X]Team)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2532864 2013-12-09] (MyHeritage)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\MountPoints2: {4f321ccc-1bff-11e1-8bfd-ac72896946b3} - H:\Setup.exe
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\MountPoints2: {956efc85-4706-11e4-a0f0-ac72896946b3} - F:\Startme.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
Startup: C:\Users\Gagarin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\quietHDD – zástupce.lnk
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=6826
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-888680311-3760050322-2472689814-1000 -> {8172f457-818d-46db-941f-2bbe53e156af} URL =
BHO-x32: DivX Plus Web Player HTML5 <video> -> ##TOOLBAR_DISABLED_##{326e768d-4182-46fd-9c16-1449a49795f4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Funmoods Helper Object -> ##TOOLBAR_DISABLED_##{75ebb0aa-4214-4cb4-90ec-e3e07ecd04f7} -> C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll No File
BHO-x32: Google Toolbar Helper -> ##TOOLBAR_DISABLED_##{aa58ed58-01dd-4d91-8333-cf10577473f7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Vizuální záložky -> ##TOOLBAR_DISABLED_##{c93f72a2-2162-4bba-a07a-f13663c297a6} -> C:\Program Files (x86)\Yandex\YandexBarIE\fastdial.dll ()
BHO-x32: Kwyshell MidpX -> ##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e} -> C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
Toolbar: HKLM-x32 - Yandex.Bar - ##TOOLBAR_DISABLED_##{91397d20-1446-11d4-8af4-0040ca1127b6} - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll ()
Toolbar: HKLM-x32 - Funmoods Toolbar - ##TOOLBAR_DISABLED_##{a4c272ec-ed9e-4ace-a6f2-9558c7f29ef3} - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll No File
Toolbar: HKLM-x32 - Kwyshell MidpX - ##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e} - C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - No File
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - No File
CHR Extension: (Click to call with Skype) - C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-12-07]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-12-30]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-08-16]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
S3 cpuz134; \??\C:\Users\Gagarin\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S1 SABKUTIL; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys [X]
S3 SABProcEnum; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys [X]
C:\Program Files (x86)\TNod User & Password Finder
2015-02-15 08:44 - 2015-02-15 08:45 - 00021071 _____ () C:\Users\Gagarin\Desktop\FRST.txt
2015-02-15 02:05 - 2015-02-15 00:22 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-15 00:23 - 2015-02-14 19:39 - 00002014 _____ () C:\zoek-results2015-02-14-183915.log
2015-02-15 00:18 - 2015-02-15 00:19 - 01304576 _____ () C:\Users\Gagarin\Desktop\zoek.exe
2015-02-15 00:14 - 2015-02-15 02:43 - 00001116 _____ () C:\Windows\PFRO.log
2015-02-14 19:35 - 2015-02-15 02:45 - 00012219 _____ () C:\zoek-results.log
2015-02-14 19:33 - 2015-02-15 01:14 - 00000000 ____D () C:\zoek_backup
2015-02-14 19:27 - 2015-02-15 08:26 - 00000672 _____ () C:\Windows\setupact.log
2015-02-14 19:27 - 2015-02-14 19:27 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-14 17:39 - 2015-02-14 17:40 - 01222144 _____ () C:\Users\Gagarin\Downloads\RSITx64.exe
2015-02-15 08:40 - 2015-02-15 08:40 - 00112640 _____ (forum.viry.cz) C:\Users\Gagarin\Desktop\FRSTLauncher.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\TNOD UP => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Family Tree Builder Update => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui => value deleted successfully.
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Sony PC Companion => value deleted successfully.
"HKU\S-1-5-21-888680311-3760050322-2472689814-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f321ccc-1bff-11e1-8bfd-ac72896946b3}" => Key deleted successfully.
HKCR\CLSID\{4f321ccc-1bff-11e1-8bfd-ac72896946b3} => Key not found.
"HKU\S-1-5-21-888680311-3760050322-2472689814-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{956efc85-4706-11e4-a0f0-ac72896946b3}" => Key deleted successfully.
HKCR\CLSID\{956efc85-4706-11e4-a0f0-ac72896946b3} => Key not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk => Moved successfully.
C:\Users\Gagarin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\quietHDD – zástupce.lnk => Moved successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-888680311-3760050322-2472689814-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}" => Key deleted successfully.
HKCR\CLSID\{8172f457-818d-46db-941f-2bbe53e156af} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\##TOOLBAR_DISABLED_##{326e768d-4182-46fd-9c16-1449a49795f4}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\##TOOLBAR_DISABLED_##{326e768d-4182-46fd-9c16-1449a49795f4}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\##TOOLBAR_DISABLED_##{75ebb0aa-4214-4cb4-90ec-e3e07ecd04f7}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\##TOOLBAR_DISABLED_##{75ebb0aa-4214-4cb4-90ec-e3e07ecd04f7}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\##TOOLBAR_DISABLED_##{aa58ed58-01dd-4d91-8333-cf10577473f7}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\##TOOLBAR_DISABLED_##{aa58ed58-01dd-4d91-8333-cf10577473f7}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\##TOOLBAR_DISABLED_##{c93f72a2-2162-4bba-a07a-f13663c297a6}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\##TOOLBAR_DISABLED_##{c93f72a2-2162-4bba-a07a-f13663c297a6}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\Toolbar: HKLM-x32 - Yandex.Bar - ##TOOLBAR_DISABLED_##{91397d20-1446-11d4-8af4-0040ca1127b6} - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll () => Value not found.
HKCR\Wow6432Node\CLSID\Toolbar: HKLM-x32 - Yandex.Bar - ##TOOLBAR_DISABLED_##{91397d20-1446-11d4-8af4-0040ca1127b6} - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll () => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\Toolbar: HKLM-x32 - Funmoods Toolbar - ##TOOLBAR_DISABLED_##{a4c272ec-ed9e-4ace-a6f2-9558c7f29ef3} - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll No File => Value not found.
HKCR\Wow6432Node\CLSID\Toolbar: HKLM-x32 - Funmoods Toolbar - ##TOOLBAR_DISABLED_##{a4c272ec-ed9e-4ace-a6f2-9558c7f29ef3} - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll No File => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\Toolbar: HKLM-x32 - Kwyshell MidpX - ##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e} - C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp) => Value not found.
HKCR\Wow6432Node\CLSID\Toolbar: HKLM-x32 - Kwyshell MidpX - ##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e} - C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp) => Key not found.
"HKCR\Wow6432Node\PROTOCOLS\Handler\skype-ie-addon-data" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
"HKCR\Wow6432Node\PROTOCOLS\Handler\skype4com" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\tmbp" => Key deleted successfully.
HKCR\CLSID\{1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} => Key not found.
"HKCR\PROTOCOLS\Handler\tmpx" => Key deleted successfully.
HKCR\CLSID\{0E526CB5-7446-41D1-A403-19BFE95E8C23} => Key not found.
C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Moved successfully.
C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nneajnkjbffgblleaoojgaacokifdkhm" => Key deleted successfully.
C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx => Moved successfully.
cpuz134 => Service deleted successfully.
SABKUTIL => Service deleted successfully.
SABProcEnum => Service deleted successfully.
C:\Program Files (x86)\TNod User & Password Finder => Moved successfully.
C:\Users\Gagarin\Desktop\FRST.txt => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results2015-02-14-183915.log => Moved successfully.
C:\Users\Gagarin\Desktop\zoek.exe => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Users\Gagarin\Downloads\RSITx64.exe => Moved successfully.
C:\Users\Gagarin\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 390.8 MB temporary data.
The system needed a reboot.
==== End of Fixlog 09:45:46 ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-02-2015
Ran by Gagarin at 2015-02-15 09:45:01 Run:1
Running from C:\Users\Gagarin\Desktop
Loaded Profiles: Gagarin (Available profiles: Gagarin)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [TNOD UP] => C:\Program Files (x86)\TNod User & Password Finder\TNODUP.exe [1892352 2011-09-18] (Tukero[X]Team)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2532864 2013-12-09] (MyHeritage)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\MountPoints2: {4f321ccc-1bff-11e1-8bfd-ac72896946b3} - H:\Setup.exe
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\...\MountPoints2: {956efc85-4706-11e4-a0f0-ac72896946b3} - F:\Startme.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
Startup: C:\Users\Gagarin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\quietHDD – zástupce.lnk
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=6826
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-888680311-3760050322-2472689814-1000 -> {8172f457-818d-46db-941f-2bbe53e156af} URL =
BHO-x32: DivX Plus Web Player HTML5 <video> -> ##TOOLBAR_DISABLED_##{326e768d-4182-46fd-9c16-1449a49795f4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Funmoods Helper Object -> ##TOOLBAR_DISABLED_##{75ebb0aa-4214-4cb4-90ec-e3e07ecd04f7} -> C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll No File
BHO-x32: Google Toolbar Helper -> ##TOOLBAR_DISABLED_##{aa58ed58-01dd-4d91-8333-cf10577473f7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Vizuální záložky -> ##TOOLBAR_DISABLED_##{c93f72a2-2162-4bba-a07a-f13663c297a6} -> C:\Program Files (x86)\Yandex\YandexBarIE\fastdial.dll ()
BHO-x32: Kwyshell MidpX -> ##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e} -> C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
Toolbar: HKLM-x32 - Yandex.Bar - ##TOOLBAR_DISABLED_##{91397d20-1446-11d4-8af4-0040ca1127b6} - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll ()
Toolbar: HKLM-x32 - Funmoods Toolbar - ##TOOLBAR_DISABLED_##{a4c272ec-ed9e-4ace-a6f2-9558c7f29ef3} - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll No File
Toolbar: HKLM-x32 - Kwyshell MidpX - ##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e} - C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - No File
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - No File
CHR Extension: (Click to call with Skype) - C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-12-07]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-12-30]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-08-16]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
S3 cpuz134; \??\C:\Users\Gagarin\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S1 SABKUTIL; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys [X]
S3 SABProcEnum; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys [X]
C:\Program Files (x86)\TNod User & Password Finder
2015-02-15 08:44 - 2015-02-15 08:45 - 00021071 _____ () C:\Users\Gagarin\Desktop\FRST.txt
2015-02-15 02:05 - 2015-02-15 00:22 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-15 00:23 - 2015-02-14 19:39 - 00002014 _____ () C:\zoek-results2015-02-14-183915.log
2015-02-15 00:18 - 2015-02-15 00:19 - 01304576 _____ () C:\Users\Gagarin\Desktop\zoek.exe
2015-02-15 00:14 - 2015-02-15 02:43 - 00001116 _____ () C:\Windows\PFRO.log
2015-02-14 19:35 - 2015-02-15 02:45 - 00012219 _____ () C:\zoek-results.log
2015-02-14 19:33 - 2015-02-15 01:14 - 00000000 ____D () C:\zoek_backup
2015-02-14 19:27 - 2015-02-15 08:26 - 00000672 _____ () C:\Windows\setupact.log
2015-02-14 19:27 - 2015-02-14 19:27 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-14 17:39 - 2015-02-14 17:40 - 01222144 _____ () C:\Users\Gagarin\Downloads\RSITx64.exe
2015-02-15 08:40 - 2015-02-15 08:40 - 00112640 _____ (forum.viry.cz) C:\Users\Gagarin\Desktop\FRSTLauncher.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\TNOD UP => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Family Tree Builder Update => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui => value deleted successfully.
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Sony PC Companion => value deleted successfully.
"HKU\S-1-5-21-888680311-3760050322-2472689814-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f321ccc-1bff-11e1-8bfd-ac72896946b3}" => Key deleted successfully.
HKCR\CLSID\{4f321ccc-1bff-11e1-8bfd-ac72896946b3} => Key not found.
"HKU\S-1-5-21-888680311-3760050322-2472689814-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{956efc85-4706-11e4-a0f0-ac72896946b3}" => Key deleted successfully.
HKCR\CLSID\{956efc85-4706-11e4-a0f0-ac72896946b3} => Key not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk => Moved successfully.
C:\Users\Gagarin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\quietHDD – zástupce.lnk => Moved successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\S-1-5-21-888680311-3760050322-2472689814-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-888680311-3760050322-2472689814-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}" => Key deleted successfully.
HKCR\CLSID\{8172f457-818d-46db-941f-2bbe53e156af} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\##TOOLBAR_DISABLED_##{326e768d-4182-46fd-9c16-1449a49795f4}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\##TOOLBAR_DISABLED_##{326e768d-4182-46fd-9c16-1449a49795f4}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\##TOOLBAR_DISABLED_##{75ebb0aa-4214-4cb4-90ec-e3e07ecd04f7}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\##TOOLBAR_DISABLED_##{75ebb0aa-4214-4cb4-90ec-e3e07ecd04f7}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\##TOOLBAR_DISABLED_##{aa58ed58-01dd-4d91-8333-cf10577473f7}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\##TOOLBAR_DISABLED_##{aa58ed58-01dd-4d91-8333-cf10577473f7}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\##TOOLBAR_DISABLED_##{c93f72a2-2162-4bba-a07a-f13663c297a6}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\##TOOLBAR_DISABLED_##{c93f72a2-2162-4bba-a07a-f13663c297a6}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\Toolbar: HKLM-x32 - Yandex.Bar - ##TOOLBAR_DISABLED_##{91397d20-1446-11d4-8af4-0040ca1127b6} - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll () => Value not found.
HKCR\Wow6432Node\CLSID\Toolbar: HKLM-x32 - Yandex.Bar - ##TOOLBAR_DISABLED_##{91397d20-1446-11d4-8af4-0040ca1127b6} - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll () => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\Toolbar: HKLM-x32 - Funmoods Toolbar - ##TOOLBAR_DISABLED_##{a4c272ec-ed9e-4ace-a6f2-9558c7f29ef3} - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll No File => Value not found.
HKCR\Wow6432Node\CLSID\Toolbar: HKLM-x32 - Funmoods Toolbar - ##TOOLBAR_DISABLED_##{a4c272ec-ed9e-4ace-a6f2-9558c7f29ef3} - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll No File => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\Toolbar: HKLM-x32 - Kwyshell MidpX - ##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e} - C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp) => Value not found.
HKCR\Wow6432Node\CLSID\Toolbar: HKLM-x32 - Kwyshell MidpX - ##TOOLBAR_DISABLED_##{ebe9e2b5-b526-48bc-ad46-687263edcb0e} - C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp) => Key not found.
"HKCR\Wow6432Node\PROTOCOLS\Handler\skype-ie-addon-data" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
"HKCR\Wow6432Node\PROTOCOLS\Handler\skype4com" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\tmbp" => Key deleted successfully.
HKCR\CLSID\{1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} => Key not found.
"HKCR\PROTOCOLS\Handler\tmpx" => Key deleted successfully.
HKCR\CLSID\{0E526CB5-7446-41D1-A403-19BFE95E8C23} => Key not found.
C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Moved successfully.
C:\Users\Gagarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nneajnkjbffgblleaoojgaacokifdkhm" => Key deleted successfully.
C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx => Moved successfully.
cpuz134 => Service deleted successfully.
SABKUTIL => Service deleted successfully.
SABProcEnum => Service deleted successfully.
C:\Program Files (x86)\TNod User & Password Finder => Moved successfully.
C:\Users\Gagarin\Desktop\FRST.txt => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results2015-02-14-183915.log => Moved successfully.
C:\Users\Gagarin\Desktop\zoek.exe => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Users\Gagarin\Downloads\RSITx64.exe => Moved successfully.
C:\Users\Gagarin\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 390.8 MB temporary data.
The system needed a reboot.
==== End of Fixlog 09:45:46 ====
Re: Prosím o kontrolu pomaly net,reklamy a zpomalený ntb
Jak se chova ntb???
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
kulisek523
- Návštěvník
- Příspěvky: 37
- Registrován: 08 lis 2014 20:17
Re: Prosím o kontrolu pomaly net,reklamy a zpomalený ntb
Zdravím, ntb se chová ohodně lépe, prohlížeč šlape jak hodinky a celkově system taky...žádné vyskakovací okna ani reklamy zatím žadne zasekávání , diky moc za pomoc 
Re: Prosím o kontrolu pomaly net,reklamy a zpomalený ntb
Tak jeste uklidime 
DelFix https://toolslib.net/downloads/finish/2/
Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
DelFix https://toolslib.net/downloads/finish/2/
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remote disinfection tools
- Kliknete na Run
Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standardPanel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?