Dobrý den,
automaticky se mi v Chromu otevírají stránky.
Prosím o kontrolu logu.
Děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-05-2015
Ran by Aldair (administrator) on MSI on 26-05-2015 10:30:27
Running from C:\Users\Aldair\Desktop
Loaded Profiles: Aldair (Available Profiles: Aldair)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Innova Co S.a r.l.) C:\Program Files (x86)\4game\3.4.22.118\4game-service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MSIService.exe
(Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(ActMask Co.,Ltd - http://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774040 2014-12-31] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [4465448 2014-08-29] (O&O Software GmbH)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-30] (AVAST Software)
HKLM-x32\...\Run: [VGAOCAP] => C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe [89088 2012-06-06] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\d6a2cbeb-292c-44be-bd05-c9a11e4ff494.exe [183232 2015-05-26] (AVAST Software)
HKU\S-1-5-21-854197151-3482271168-3196824506-1000\...\MountPoints2: {93174084-1002-11e3-bb1c-806e6f6e6963} - F:\Launcher\LAUNCHER.EXE
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-01-30] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-854197151-3482271168-3196824506-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gooe.cz/
SearchScopes: HKU\S-1-5-21-854197151-3482271168-3196824506-1000 -> DefaultScope {0AD56A9D-57FF-401E-846C-D19A1A5B19DE} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-854197151-3482271168-3196824506-1000 -> {0AD56A9D-57FF-401E-846C-D19A1A5B19DE} URL = https://www.google.com/search?q={searchTerms}
BHO: No Name -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-30] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-01-30] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-30] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-30] (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> No File
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-24] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-12-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-09-25] (VideoLAN)
FF Plugin-x32: @4game.com/plugin -> C:\Program Files (x86)\4game\3.4.22.118\npplugin4game.dll [2015-04-16] (Innova Co S.a r.l.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-854197151-3482271168-3196824506-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Aldair\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-854197151-3482271168-3196824506-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2013-04-25] (Sony Network Entertainment International LLC)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-08-28]
Chrome:
=======
CHR Profile: C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-10]
CHR Extension: (Google Docs) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-10]
CHR Extension: (Google Drive) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-10]
CHR Extension: (YouTube) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-10]
CHR Extension: (Google Search) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-10]
CHR Extension: (Bookmark Manager) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]
CHR Extension: (Avast Online Security) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-10]
CHR Extension: (Google Wallet) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-10]
CHR Extension: (Gmail) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-10]
CHR Profile: C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-10]
CHR Extension: (Google Docs) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-10]
CHR Extension: (Google Drive) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-10]
CHR Extension: (YouTube) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-10]
CHR Extension: (Google Search) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-10]
CHR Extension: (Google Sheets) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-10]
CHR Extension: (Avast Online Security) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-10]
CHR Extension: (Google Wallet) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-10]
CHR Extension: (Gmail) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-30]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 4game-service; C:\Program Files (x86)\4game\3.4.22.118\4game-service.exe [1361544 2015-04-16] (Innova Co S.a r.l.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-30] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-30] (Avast Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-08] (NVIDIA Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2585376 2015-03-26] (IObit)
R2 Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) []
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1722320 2014-08-26] (Micro-Star International)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-08] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-08] (NVIDIA Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1660200 2014-08-29] (O&O Software GmbH)
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [121856 2012-10-21] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) []
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) []
S2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-04-22] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270192 2013-04-01] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ALCATELUSB; C:\Windows\System32\Drivers\AlcatelUsb.sys [25088 2014-04-23] (Windows (R) Codename Longhorn DDK provider) []
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [20992 2014-05-27] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2014-05-27] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2014-05-27] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-30] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2015-02-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-30] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2013-09-01] (DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () []
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () []
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () []
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () []
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-07-18] () []
S3 h643331; C:\Windows\System32\drivers\h643331.sys [67432 2012-06-19] (Your Corporation)
S3 hid3331; C:\Windows\SysWOW64\drivers\hid3331.sys [45672 2012-06-19] (Your Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-30] (REALiX(tm))
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [119680 2014-04-23] (TCT International Mobile Ltd) []
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32496 2013-11-30] (Synaptics Incorporated)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-30] (Avast Software)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-26 10:30 - 2015-05-26 10:31 - 00020494 _____ () C:\Users\Aldair\Desktop\FRST.txt
2015-05-26 10:29 - 2015-05-26 10:29 - 02108928 _____ (Farbar) C:\Users\Aldair\Desktop\FRST64.exe
2015-05-26 10:05 - 2015-05-26 10:05 - 00000000 ____D () C:\Users\Aldair\Documents\My Games
2015-05-26 10:01 - 2015-05-26 10:02 - 00000000 ____D () C:\Windows\LastGood
2015-05-26 10:00 - 2015-05-13 08:52 - 00195912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-05-26 10:00 - 2015-05-13 08:52 - 00031552 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-05-26 10:00 - 2015-05-12 08:27 - 42718864 _____ () C:\Windows\system32\nvcompiler.dll
2015-05-26 10:00 - 2015-05-12 08:27 - 37741712 _____ () C:\Windows\SysWOW64\nvcompiler.dll
2015-05-26 10:00 - 2015-05-12 08:27 - 30478992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-05-26 10:00 - 2015-05-12 08:27 - 22945424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-05-26 10:00 - 2015-05-12 08:27 - 16145176 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-05-26 10:00 - 2015-05-12 08:27 - 15858728 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-05-26 10:00 - 2015-05-12 08:27 - 14455296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-05-26 10:00 - 2015-05-12 08:27 - 13263568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-05-26 10:00 - 2015-05-12 08:27 - 11790144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-05-26 10:00 - 2015-05-12 08:27 - 10972304 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-05-26 10:00 - 2015-05-12 08:27 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-05-26 10:00 - 2015-05-12 08:27 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-05-26 10:00 - 2015-05-12 08:27 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll
2015-05-26 10:00 - 2015-05-12 08:27 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll
2015-05-26 10:00 - 2015-05-12 08:27 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-05-26 10:00 - 2015-05-12 08:27 - 01050256 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-05-26 10:00 - 2015-05-12 08:27 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-05-26 10:00 - 2015-05-12 08:27 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-05-26 09:34 - 2015-05-26 09:39 - 00045869 _____ () C:\Windows\WindowsUpdate.log
2015-05-26 06:52 - 2015-05-26 06:53 - 00000197 _____ () C:\Windows\system32\2015-05-26-04-52-32.005-AvastVBoxSVC.exe-4864.log
2015-05-25 09:36 - 2015-05-25 14:16 - 00000000 ____D () C:\Users\Aldair\Desktop\fotky eva fb
2015-05-25 05:59 - 2015-05-25 05:59 - 00000197 _____ () C:\Windows\system32\2015-05-25-03-59-09.030-AvastVBoxSVC.exe-4692.log
2015-05-24 07:29 - 2015-05-24 07:29 - 00000197 _____ () C:\Windows\system32\2015-05-24-05-29-29.016-AvastVBoxSVC.exe-5332.log
2015-05-23 10:25 - 2015-05-23 10:26 - 00000197 _____ () C:\Windows\system32\2015-05-23-08-25-43.030-AvastVBoxSVC.exe-5260.log
2015-05-22 06:27 - 2015-05-22 06:28 - 00000197 _____ () C:\Windows\system32\2015-05-22-04-27-51.025-AvastVBoxSVC.exe-5668.log
2015-05-21 15:12 - 2015-05-21 15:12 - 17488560 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-05-21 06:59 - 2015-05-21 07:00 - 00000197 _____ () C:\Windows\system32\2015-05-21-04-59-54.021-AvastVBoxSVC.exe-3328.log
2015-05-20 08:13 - 2015-05-20 08:14 - 00000197 _____ () C:\Windows\system32\2015-05-20-06-13-47.027-AvastVBoxSVC.exe-2556.log
2015-05-19 07:45 - 2015-05-19 07:45 - 00000197 _____ () C:\Windows\system32\2015-05-19-05-45-09.018-AvastVBoxSVC.exe-2276.log
2015-05-18 08:27 - 2015-05-18 08:28 - 00000197 _____ () C:\Windows\system32\2015-05-18-06-27-50.061-AvastVBoxSVC.exe-5080.log
2015-05-17 08:27 - 2015-05-17 08:27 - 00000197 _____ () C:\Windows\system32\2015-05-17-06-27-31.087-AvastVBoxSVC.exe-4424.log
2015-05-16 09:45 - 2015-05-16 09:45 - 00000197 _____ () C:\Windows\system32\2015-05-16-07-45-36.068-AvastVBoxSVC.exe-2856.log
2015-05-15 06:19 - 2015-05-15 06:19 - 00000197 _____ () C:\Windows\system32\2015-05-15-04-19-08.019-AvastVBoxSVC.exe-3448.log
2015-05-14 15:49 - 2015-05-14 15:49 - 00000197 _____ () C:\Windows\system32\2015-05-14-13-49-58.064-AvastVBoxSVC.exe-4232.log
2015-05-14 06:53 - 2015-05-14 06:53 - 00000197 _____ () C:\Windows\system32\2015-05-14-04-53-34.038-AvastVBoxSVC.exe-4800.log
2015-05-13 21:03 - 2015-05-13 21:03 - 00000197 _____ () C:\Windows\system32\2015-05-13-19-03-52.048-AvastVBoxSVC.exe-628.log
2015-05-13 06:15 - 2015-05-13 06:15 - 00000197 _____ () C:\Windows\system32\2015-05-13-04-15-23.073-AvastVBoxSVC.exe-4348.log
2015-05-12 21:47 - 2015-05-12 21:47 - 00000197 _____ () C:\Windows\system32\2015-05-12-19-47-18.061-AvastVBoxSVC.exe-4928.log
2015-05-12 07:39 - 2015-05-26 09:08 - 00003440 _____ () C:\Windows\DirectX.log
2015-05-12 07:20 - 2015-05-12 07:20 - 00000197 _____ () C:\Windows\system32\2015-05-12-05-20-35.031-AvastVBoxSVC.exe-4372.log
2015-05-11 21:31 - 2015-05-11 21:31 - 00000197 _____ () C:\Windows\system32\2015-05-11-19-31-05.097-AvastVBoxSVC.exe-4976.log
2015-05-11 11:03 - 2015-05-11 11:03 - 00000197 _____ () C:\Windows\system32\2015-05-11-09-03-01.051-AvastVBoxSVC.exe-4532.log
2015-05-11 10:59 - 2015-05-11 10:59 - 00000382 _____ () C:\Windows\PFRO.log
2015-05-11 07:59 - 2015-05-26 10:02 - 00005723 _____ () C:\Windows\setupact.log
2015-05-11 07:59 - 2015-05-11 07:59 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-11 06:08 - 2015-05-11 06:08 - 00000197 _____ () C:\Windows\system32\2015-05-11-04-08-09.056-AvastVBoxSVC.exe-4932.log
2015-05-11 06:03 - 2015-05-11 06:03 - 00000000 ____D () C:\Windows\pss
2015-05-11 05:59 - 2015-05-11 06:00 - 00000197 _____ () C:\Windows\system32\2015-05-11-03-59-45.091-AvastVBoxSVC.exe-4588.log
2015-05-10 06:51 - 2015-05-10 06:51 - 00000197 _____ () C:\Windows\system32\2015-05-10-04-51-21.088-AvastVBoxSVC.exe-4968.log
2015-05-09 08:48 - 2015-05-09 08:48 - 00000197 _____ () C:\Windows\system32\2015-05-09-06-48-43.099-AvastVBoxSVC.exe-5008.log
2015-05-08 08:19 - 2015-05-08 08:19 - 00000197 _____ () C:\Windows\system32\2015-05-08-06-19-13.096-AvastVBoxSVC.exe-5052.log
2015-05-07 07:05 - 2015-05-07 07:05 - 00000197 _____ () C:\Windows\system32\2015-05-07-05-05-32.033-AvastVBoxSVC.exe-4508.log
2015-05-06 09:02 - 2015-05-06 09:02 - 00000197 _____ () C:\Windows\system32\2015-05-06-07-02-36.078-AvastVBoxSVC.exe-4536.log
2015-05-05 09:27 - 2015-05-05 09:27 - 00000197 _____ () C:\Windows\system32\2015-05-05-07-27-21.025-AvastVBoxSVC.exe-4968.log
2015-05-02 19:49 - 2015-05-02 19:49 - 00000000 _____ () C:\dummy.wav
2015-04-28 08:59 - 2015-04-28 08:59 - 00000000 ____D () C:\Users\Aldair\AppData\Roaming\SimCity
2015-04-28 08:59 - 2015-04-28 08:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-04-28 08:52 - 2015-04-28 08:52 - 00000197 _____ () C:\Windows\system32\2015-04-28-06-52-40.073-AvastVBoxSVC.exe-3632.log
2015-04-27 17:33 - 2015-04-27 17:33 - 00000000 ____D () C:\Users\Aldair\Documents\SimCity
2015-04-27 07:17 - 2015-04-27 07:17 - 00000197 _____ () C:\Windows\system32\2015-04-27-05-17-40.070-AvastVBoxSVC.exe-4492.log
2015-04-26 11:33 - 2015-04-26 11:33 - 00000281 _____ () C:\Windows\EReg072.dat
2015-04-26 11:30 - 1998-01-23 12:22 - 00304128 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2015-04-26 10:16 - 2015-04-26 10:17 - 00000197 _____ () C:\Windows\system32\2015-04-26-08-16-58.049-AvastVBoxSVC.exe-4220.log
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-26 10:30 - 2015-03-09 19:20 - 00000000 ____D () C:\FRST
2015-05-26 10:29 - 2013-08-28 20:28 - 00000000 ____D () C:\Download
2015-05-26 10:24 - 2015-03-10 21:12 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-26 10:12 - 2013-08-28 20:20 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-26 10:02 - 2013-08-28 19:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-26 10:01 - 2013-08-28 19:03 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-05-26 09:41 - 2009-07-14 06:45 - 00032080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-26 09:41 - 2009-07-14 06:45 - 00032080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-26 06:57 - 2015-03-19 18:12 - 00000000 ____D () C:\Users\Aldair\AppData\Roaming\Awesomium
2015-05-26 06:52 - 2014-12-30 19:50 - 00002866 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Aldair)
2015-05-26 06:51 - 2015-03-10 21:12 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-26 06:51 - 2013-11-03 12:23 - 00000000 ____D () C:\ProgramData\ProductData
2015-05-26 06:51 - 2013-08-28 18:34 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-26 06:50 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-25 16:41 - 2011-04-12 10:34 - 00681656 _____ () C:\Windows\system32\perfh005.dat
2015-05-25 16:41 - 2011-04-12 10:34 - 00148458 _____ () C:\Windows\system32\perfc005.dat
2015-05-25 16:41 - 2009-07-14 07:13 - 01622852 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-24 22:38 - 2013-11-11 14:53 - 00000000 ____D () C:\Users\Aldair\AppData\Roaming\TS3Client
2015-05-22 16:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-21 15:12 - 2013-08-28 20:20 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-21 15:12 - 2013-08-28 20:20 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-21 15:12 - 2013-08-28 20:20 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-19 14:08 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-15 06:30 - 2013-08-28 20:24 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-15 06:19 - 2014-12-12 13:11 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 06:19 - 2014-11-13 09:28 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-13 12:08 - 2015-03-18 21:06 - 00001214 _____ () C:\Users\Public\Desktop\Lineage 2 EU.lnk
2015-05-13 08:52 - 2015-01-22 18:18 - 01558848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-05-12 08:27 - 2015-04-18 15:30 - 15048816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-05-12 08:27 - 2014-12-31 07:58 - 17540416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-12 08:27 - 2013-08-28 19:03 - 12849056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-12 08:27 - 2013-08-28 19:03 - 03363224 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-12 08:27 - 2013-08-28 19:03 - 02971776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-05-12 08:27 - 2013-08-28 19:03 - 00031710 _____ () C:\Windows\system32\nvinfo.pb
2015-05-12 05:30 - 2013-08-28 19:04 - 06872392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-12 05:30 - 2013-08-28 19:04 - 03490448 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-12 05:30 - 2013-08-28 19:04 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-12 05:30 - 2013-08-28 19:04 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-12 05:30 - 2013-08-28 19:04 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-12 05:30 - 2013-08-28 19:04 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-11 19:01 - 2014-09-11 20:42 - 04391871 _____ () C:\Windows\system32\nvcoproc.bin
2015-05-11 06:13 - 2013-08-28 20:01 - 00000000 ____D () C:\Users\Aldair\AppData\Roaming\DAEMON Tools Lite
2015-05-11 06:13 - 2013-08-28 20:00 - 00000000 ____D () C:\Users\Aldair\AppData\Roaming\uTorrent
2015-05-08 13:16 - 2013-09-15 20:13 - 00000000 ____D () C:\Users\Aldair\AppData\Roaming\AnvSoft
2015-05-08 02:35 - 2014-09-11 18:59 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-08 02:35 - 2013-11-03 12:34 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-08 02:34 - 2014-09-11 18:59 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-08 02:34 - 2013-11-03 12:34 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-04-27 13:20 - 2013-08-28 20:07 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-04-27 13:19 - 2015-01-02 12:48 - 00002896 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Aldair
2015-04-27 13:17 - 2014-12-30 19:49 - 00003224 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2015-04-27 13:17 - 2014-12-30 19:49 - 00003168 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2015-04-27 13:17 - 2014-12-30 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
2015-04-26 11:44 - 2014-08-17 12:47 - 00000530 _____ () C:\Windows\eReg.dat
2015-04-26 11:33 - 2013-11-11 13:39 - 00000000 ____D () C:\Users\Aldair\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
==================== Files in the root of some directories =======
2013-11-12 08:48 - 2014-12-21 23:26 - 0009216 _____ () C:\Users\Aldair\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-23 18:04 - 2014-04-23 18:04 - 0000094 _____ () C:\Users\Aldair\AppData\Local\fusioncache.dat
2015-01-18 08:50 - 2015-01-18 08:50 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-03-27 10:05 - 2014-03-27 10:05 - 0000096 _____ () C:\ProgramData\CameraRecorder.ini
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-24 17:15
==================== End of log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prohlížeč
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
prohlížeč
dating site with live girls - https://privateladyescorts.com - real adult encounters
Re: prohlížeč
ahoj,
1. odinstaluj vsetko od IOBit
2. pouzi zoek http://forum.viry.cz/viewtopic.php?f=13 ... k#p1398583
1. odinstaluj vsetko od IOBit
2. pouzi zoek http://forum.viry.cz/viewtopic.php?f=13 ... k#p1398583
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: prohlížeč
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Aldair on Łt 26.05.2015 at 13:07:35,54.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Aldair\Desktop\zoek.exe [Scan all users] [Quick Scan] [Auto Clean]
==== System Restore Info ======================
26.5.2015 13:09:04 Zoek.exe System Restore Point Created Successfully.
==== Empty Folders Check ======================
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Codebox deleted successfully
C:\PROGRA~2\dumps deleted successfully
C:\PROGRA~2\GameforgeLive deleted successfully
C:\PROGRA~2\Huawei deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\MyFree Codec deleted successfully
C:\PROGRA~2\T-Mobile deleted successfully
C:\PROGRA~3\CanonIJPLM deleted successfully
C:\PROGRA~3\ConMet deleted successfully
C:\PROGRA~3\explauncher deleted successfully
C:\PROGRA~3\LangSoft deleted successfully
C:\PROGRA~3\launcher deleted successfully
C:\PROGRA~3\Logs deleted successfully
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully
C:\Users\Aldair\AppData\Roaming\LangSoft deleted successfully
C:\Users\Aldair\AppData\Local\FSP deleted successfully
C:\Users\Aldair\AppData\Local\GHISLER deleted successfully
C:\Users\Aldair\AppData\Local\Samsung deleted successfully
C:\Users\Aldair\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-854197151-3482271168-3196824506-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_USERS\S-1-5-21-854197151-3482271168-3196824506-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-854197151-3482271168-3196824506-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_USERS\S-1-5-21-854197151-3482271168-3196824506-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-854197151-3482271168-3196824506-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} deleted successfully
HKEY_USERS\S-1-5-21-854197151-3482271168-3196824506-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{573BF47C-2566-449D-BA1B-417D5D3FB9FD} deleted successfully
HKEY_USERS\S-1-5-21-854197151-3482271168-3196824506-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} deleted successfully
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\Codebox not found
C:\PROGRA~2\dumps not found
C:\PROGRA~2\GameforgeLive not found
C:\PROGRA~2\Huawei not found
C:\PROGRA~2\MyFree Codec not found
C:\PROGRA~2\T-Mobile not found
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found
C:\Users\Aldair\.android deleted
C:\prefs.js deleted
C:\Users\Aldair\AppData\Roaming\ProductData deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Aldair\AppData\LocalLow\IObit Apps deleted
C:\Users\Aldair\AppData\LocalLow\ADSRemoval deleted
C:\Windows\Wininit.ini deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\SET6AC8.tmp deleted
C:\Windows\Syswow64\SET7789.tmp deleted
C:\Windows\Syswow64\tmp670C.tmp deleted
C:\Windows\Syswow64\tmp672C.tmp deleted
C:\Windows\Syswow64\tmp6912.tmp deleted
"C:\Windows\Syswow64\SET3F02.tmp" deleted
"C:\Windows\Syswow64\SET3F02.tmp" deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\Aldair\AppData\Local\Temp ====
2015-05-26 09:24:43 AFCCEDBBB5A80AFD7B052FA9DFB318F4 73176 ----a-w- C:\Users\Aldair\AppData\Local\Temp\eu-l2_live\frost_32.sys
2015-05-26 09:24:43 A314E00A79B1125E3A4142EAFADB5B1A 81440 ----a-w- C:\Users\Aldair\AppData\Local\Temp\eu-l2_live\frost_64.sys
2015-05-26 09:24:43 A314E00A79B1125E3A4142EAFADB5B1A 81440 ----a-w- C:\Users\Aldair\AppData\Local\Temp\eu-l2_live\frost.sys
2015-05-19 09:19:53 7ACBD0EB835BFC5AF8347DBEC181D772 1068280 ----a-w- C:\Users\Aldair\AppData\Local\Temp\OO Software\OO LiveUpdate\OO Defrag Professional 18\OOLiveUpdateWorker.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-05-26 08:00:28 C779BDC4B6CB126762EC4969EA296278 974480 ----a-w- C:\Windows\SysWOW64\NvFBC.dll
2015-05-26 08:00:28 8E5E617B58D8099B025B602934A6B4EE 982672 ----a-w- C:\Windows\SysWOW64\NvIFR.dll
2015-05-26 08:00:28 8A8F31DFC317C7B87F45F4DC9C9BF36C 2599056 ----a-w- C:\Windows\SysWOW64\nvcuvid.dll
2015-05-26 08:00:28 5DF9FE93E5F0793523313C5333C504D2 13263568 ----a-w- C:\Windows\SysWOW64\nvopencl.dll
2015-05-26 08:00:28 375ED165EEDE91329823943EEB9A8E7F 22945424 ----a-w- C:\Windows\SysWOW64\nvoglv32.dll
2015-05-26 08:00:28 085B725D1664658A46DBB924AD01B0BD 11790144 ----a-w- C:\Windows\SysWOW64\nvcuda.dll
2015-05-26 08:00:27 12A08FE0BA4145DE9AC151F354751B94 37741712 ----a-w- C:\Windows\SysWOW64\nvcompiler.dll
2015-05-21 13:12:26 E73D09686D5E08D6E8FB96E499E91B7F 17488560 ----a-w- C:\Windows\SysWOW64\FlashPlayerInstaller.exe
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-05-26 08:00:28 DC5A39DF7DB1F09AFF263E88F87C1541 16145176 ----a-w- C:\Windows\Sysnative\nvopencl.dll
2015-05-26 08:00:28 D75AD8F3EFE86FB8A4DD09079445F2F5 1059984 ----a-w- C:\Windows\Sysnative\NvIFR64.dll
2015-05-26 08:00:28 88B3C2F5181DE529FA6DBD3A2A91A50C 2932368 ----a-w- C:\Windows\Sysnative\nvcuvid.dll
2015-05-26 08:00:28 83142ADD1B09C7E1EE20B6FF3BEA5F7A 15858728 ----a-w- C:\Windows\Sysnative\nvd3dumx.dll
2015-05-26 08:00:28 6B245EE46FB570B2630C17189103ED57 30478992 ----a-w- C:\Windows\Sysnative\nvoglv64.dll
2015-05-26 08:00:28 65EB7EFFC82FC4AFABAC3679F42D745E 1898312 ----a-w- C:\Windows\Sysnative\nvdispco6435286.dll
2015-05-26 08:00:28 2EBD0C6A8A44DBB3337394D9D98F1D77 14455296 ----a-w- C:\Windows\Sysnative\nvcuda.dll
2015-05-26 08:00:28 21D58C855AE352A9FD01B52E58BCA781 31552 ----a-w- C:\Windows\Sysnative\nvhdap64.dll
2015-05-26 08:00:28 19FA49194B15B44EF93338CB97CDB67B 1557648 ----a-w- C:\Windows\Sysnative\nvdispgenco6435286.dll
2015-05-26 08:00:28 0B2C9FA476E74BD70045C6797A09D6EE 1050256 ----a-w- C:\Windows\Sysnative\NvFBC64.dll
2015-05-26 08:00:27 EBE88D79956D012BAD096DEFBC8FE760 42718864 ----a-w- C:\Windows\Sysnative\nvcompiler.dll
====== C:\Windows\Sysnative\drivers =====
2015-05-26 08:00:28 624C1453F9109D98F7E2612DAD76BBB1 195912 ----a-w- C:\Windows\Sysnative\drivers\nvhda64v.sys
2015-05-26 08:00:28 3E188568A3D51195399A790B51F0A7B8 10972304 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
======= C: =====
2015-05-02 17:49:10 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\dummy.wav
====== C:\Users\Aldair\AppData\Roaming ======
2015-04-28 06:59:38 -------- d-----w- C:\Users\Aldair\AppData\Roaming\SimCity
====== C:\Users\Aldair ======
2015-05-26 08:29:00 47A88176FCB2EA36E0802BCC75FAE27A 2108928 ----a-w- C:\Users\Aldair\Desktop\FRST64.exe
2015-04-28 06:59:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
====== C: exe-files ==
2015-05-26 08:29:00 47A88176FCB2EA36E0802BCC75FAE27A 2108928 ----a-w- C:\Users\Aldair\Desktop\FRST64.exe
2015-05-26 08:00:27 9552B5FB775C9C7973AB33014D7DA2D2 447632 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{643E4BE1-C28F-4911-B0AF-00B2E1E9AA83}\dbInstaller.exe
2015-05-26 08:00:27 9552B5FB775C9C7973AB33014D7DA2D2 447632 ----a-w- C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe
2015-05-26 08:00:27 3A52136405031504BC69778E5F6CE5F6 95308824 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{643E4BE1-C28F-4911-B0AF-00B2E1E9AA83}\NvCplSetupInt.exe
2015-05-26 07:33:57 32ECE52E4C4A5FC2115279D7B13E6270 1884304 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{8BDF0F54-39EC-4A95-8DC1-F26695D710A2}\NVNetworkService.exe
2015-05-26 05:25:09 2D7D54B47ACFAB94671E3C97B2D2E639 1106512 ----a-w- C:\Program Files (x86)\Google\Update\Install\{B734FFF9-C26D-4092-9841-7033C06BE95E}\43.0.2357.81_43.0.2357.65_chrome_updater.exe
2015-05-26 05:25:09 2D7D54B47ACFAB94671E3C97B2D2E639 1106512 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.81\43.0.2357.81_43.0.2357.65_chrome_updater.exe
2015-05-25 14:37:35 DD25320E8D9936BBEB3D5D4AFA813A51 5688568 ----a-w- C:\Users\Aldair\AppData\Local\NVIDIA\NvBackend\Packages\0000771e\DAO.19612307.exe
2015-05-25 11:54:04 B366AA9BFA1BEE4BCBBFE114AD9BD7E8 675256 ----a-w- C:\Users\Aldair\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
2015-05-25 11:54:00 3D13085688C585232DAA01C10F0BA317 172984 ----a-w- C:\Users\Aldair\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
2015-05-22 14:02:24 6F6AFBD93BB17B50D91DA63EA85DF4A3 453056 ----a-w- C:\Users\Aldair\AppData\Local\NVIDIA\NvBackend\Packages\0000770c\CoProc update.19606705.exe
2015-05-22 12:16:27 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Windows\Temp\89C7828C-EA4D-484D-A9B4-2F2733C3795E\DismHost.exe
2015-05-21 13:12:26 E73D09686D5E08D6E8FB96E499E91B7F 17488560 ----a-w- C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-05-21 13:11:11 C3F05ECF011C04A23909CBD67259F195 43030144 ----a-w- C:\Windows\Temp\avast_ash\Skype\skype.exe
2015-05-21 05:25:01 CCAF0DCB4BEF3FCD615E15B46B22F349 6714960 ----a-w- C:\Program Files (x86)\Google\Update\Install\{C84C8954-E007-4735-9616-93743412EC02}\43.0.2357.65_42.0.2311.152_chrome_updater.exe
2015-05-20 06:18:29 E142943F079252AE0ABA47260C4E7196 413840 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\setup.exe
2015-05-20 06:18:29 93E4C51FE870A900E0417F852F781081 196240 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Update.Core\WLMerger.exe
2015-05-20 06:18:28 9047D1D9F1E6FB4244F53965E89C0796 20698768 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\nvstreamsvc.exe
2015-05-20 06:18:28 601B970FC5875C4B54CD19421D000DEC 22997648 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\nvstreamsvc.exe
2015-05-20 06:18:28 08D5498728CACC31A914526B7C3DED92 5983888 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamNetworkService.exe
2015-05-20 06:18:27 FAE46B3931E8FCA37F43F5284E9D61E1 4703888 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\GFExperience.exe
2015-05-20 06:18:27 D5FFA9F81738C81253C0D3C7E03E3AB0 2685072 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Update.Core\NvBackend.exe
2015-05-20 06:18:27 C9D89A33162D10F23148DAD1723A7497 87184 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\LEDVisualizer\NvLedServiceHost.exe
2015-05-20 06:18:27 C76E7ED75A7FFA50FFDF3B07400C5E84 595600 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\7z.exe
2015-05-20 06:18:27 C0B698B7D0E03B2A01D0F781BEE052BB 1152656 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GfExperienceService\GfExperienceService64.exe
2015-05-20 06:18:27 B237375302410B9C4E811B9D0699248F 3936912 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\nvspcaps64.exe
2015-05-20 06:18:27 A2D5614BE5957B21272800B63E070C50 1057424 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\LaunchGFExperience.exe
2015-05-20 06:18:27 8B4CDD6AD795DA62E5FFBB3BFAC32D6F 126608 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\LEDVisualizer\NvLedVisualizer.exe
2015-05-20 06:18:27 6FEA38EA54D6FE0B61D08E93F8F4CAC0 3051152 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\nvspcaps.exe
2015-05-20 06:18:27 5A0A278308A9F42266C59F68D5E2FA68 5261456 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe
2015-05-20 06:18:27 437063300629BED250D5951EAB298DE0 7896720 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamNetworkService.exe
2015-05-20 06:18:27 32ECE52E4C4A5FC2115279D7B13E6270 1884304 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVNetworkService.exe
2015-05-20 06:18:27 32ECE52E4C4A5FC2115279D7B13E6270 1884304 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Network.Service\NVNetworkService.exe
2015-05-20 06:18:27 2985430DAF228D3E48C6BA5A20FF4329 637584 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe
2015-05-20 06:18:27 272CABCCAC57377AA8B8029051FFDD73 519824 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\DXSETUP.exe
2015-05-20 06:18:27 1B2F134B70CD9BB16DEEE3DA52A43C0C 6739088 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe
2015-05-20 06:18:27 164108CA78D3AF5310CB8255157C8105 919184 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GfExperienceService\GfExperienceService32.exe
=== C: other files ==
2015-05-26 11:06:56 35D90D515527A3E56FA3216A7F382A0F 110 ----a-w- C:\Users\Aldair\AppData\Local\Temp\schtasks_42150,5464920139.bat
2015-05-26 09:24:43 AFCCEDBBB5A80AFD7B052FA9DFB318F4 73176 ----a-w- C:\Users\Aldair\AppData\Local\Temp\eu-l2_live\frost_32.sys
2015-05-26 09:24:43 A314E00A79B1125E3A4142EAFADB5B1A 81440 ----a-w- C:\Users\Aldair\AppData\Local\Temp\eu-l2_live\frost_64.sys
2015-05-26 09:24:43 A314E00A79B1125E3A4142EAFADB5B1A 81440 ----a-w- C:\Users\Aldair\AppData\Local\Temp\eu-l2_live\frost.sys
2015-05-26 08:02:44 7E4355930B28C2798D9F09AB9F81151F 195728 ----a-w- C:\Windows\LastGood\system32\DRIVERS\nvhda64v.sys
2015-05-26 08:01:35 7C28BA74B766F3470128107DA764F711 10423952 ----a-w- C:\Windows\LastGood\system32\DRIVERS\nvlddmkm.sys
2015-05-26 08:00:28 7D6348EC738067F8E8D132DAB4789CF0 162624 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{BDA14D80-D5AF-41B6-A7DA-20725B2CA56B}\nvhda32v.sys
2015-05-26 08:00:28 624C1453F9109D98F7E2612DAD76BBB1 195912 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2015-05-26 08:00:28 624C1453F9109D98F7E2612DAD76BBB1 195912 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{BDA14D80-D5AF-41B6-A7DA-20725B2CA56B}\nvhda64v.sys
2015-05-26 08:00:28 3E188568A3D51195399A790B51F0A7B8 10972304 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys
2015-05-26 08:00:28 14E6524D68B4ED54654431773A446927 162624 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{BDA14D80-D5AF-41B6-A7DA-20725B2CA56B}\nvhda64.sys
2015-05-26 08:00:28 0792E412AD42A49BB2C09F704F37F309 127888 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{BDA14D80-D5AF-41B6-A7DA-20725B2CA56B}\nvhda32.sys
2015-05-26 07:34:22 DBFE7B2DF103F74AE51840B3C5F25FE9 38032 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{D9140BF6-EE45-44C3-ADCA-4664D41D45B5}\nvvad64v.sys
2015-05-26 07:34:22 3EEDE5E218F0978D802CE3196E8B9028 32912 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{D9140BF6-EE45-44C3-ADCA-4664D41D45B5}\nvvad32v.sys
2015-05-26 07:34:21 CE9812A9B6695E0FA4ACBDF18AC9076B 16032 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{F898BCA8-49D2-4365-85C1-753208773C86}\NVSWCFilter32.sys
2015-05-26 07:34:21 17D21ADA263B31EEDB7EA344AEA4F2E7 19616 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{F898BCA8-49D2-4365-85C1-753208773C86}\NVSWCFilter64.sys
2015-05-20 06:18:32 DFF17A8330FB7813E3F9A4F75D69F377 15504 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2SystemService64.sys
2015-05-20 06:18:32 DBFE7B2DF103F74AE51840B3C5F25FE9 38032 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NvVAD\nvvad64v.sys
2015-05-20 06:18:32 DA48A4EB3DD38C7BF90CB12DD1672618 19600 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamKms.sys
2015-05-20 06:18:32 CE9812A9B6695E0FA4ACBDF18AC9076B 16032 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShieldWirelessController\NVSWCFilter32.sys
2015-05-20 06:18:32 CB31DA7A5C788DC64E2C3BCCE066825B 14480 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2SystemService32.sys
2015-05-20 06:18:32 A3E321C92C09F995542A0B939DFF836B 18576 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamKms.sys
2015-05-20 06:18:32 3EEDE5E218F0978D802CE3196E8B9028 32912 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NvVAD\nvvad32v.sys
2015-05-20 06:18:32 17D21ADA263B31EEDB7EA344AEA4F2E7 19616 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShieldWirelessController\NVSWCFilter64.sys
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"VGAOCAP"="C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"20150107"="C:\Program Files\AVAST Software\Avast\setup\emupdate\d6a2cbeb-292c-44be-bd05-c9a11e4ff494.exe /check"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"OODefragTray"="C:\Program Files\OO Software\Defrag\oodtray.exe"
"Windows Mobile-based device management"="%WINDIR%\WindowsMobile\wmdcBase.exe "
==== Startup Registry Disabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
"command"="c:\\program files (x86)\\samsung\\kies\\external\\firmwareupdate\\kiespdlr.exe"
"hkey"="HKCU"
"item"=""
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"command"="c:\\program files (x86)\\common files\\adobe\\arm\\1.0\\adobearm.exe"
"hkey"="HKLM"
"item"="Adobe ARM"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"command"="c:\\program files (x86)\\common files\\adobe\\oobe\\pdapp\\uwa\\updaterstartuputility.exe"
"hkey"="HKLM"
"item"="AdobeAAMUpdater-1.0"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5ServiceManager]
"command"="\"c:\\program files (x86)\\common files\\adobe\\cs5servicemanager\\cs5servicemanager.exe\" -launchedbylogin"
"hkey"="HKLM"
"item"="AdobeCS5ServiceManager"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AGupdate]
"command"="c:\\program files (x86)\\appgraffiti\\agupdate.exe"
"hkey"="HKCU"
"item"="AGupdate"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonMyPrinter]
"command"="c:\\program files\\canon\\myprinter\\bjmyprt.exe /logon"
"hkey"="HKLM"
"item"="CanonMyPrinter"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonSolutionMenu]
"command"="c:\\program files (x86)\\canon\\solutionmenu\\cnslmain.exe /logon"
"hkey"="HKLM"
"item"="CanonSolutionMenu"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CCleaner Monitoring"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Cinema ProII AP]
"command"="c:\\program files (x86)\\msi\\cinema proii\\cinemaproii.exe"
"hkey"="HKLM"
"item"="Cinema ProII AP"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Cinema ProII Controler]
"command"="c:\\program files (x86)\\msi\\cinema proii\\cinema proii controler.exe"
"hkey"="HKLM"
"item"="Cinema ProII Controler"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]
"command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun"
"hkey"="HKCU"
"item"="DAEMON Tools Lite"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EaseUS EPM tray]
"command"="c:\\program files (x86)\\easeus\\easeus partition master 9.2.2\\bin\\epmnews.exe"
"hkey"="HKLM"
"item"="EaseUS EPM tray"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update]
"command"="\"c:\\users\\aldair\\appdata\\local\\facebook\\update\\facebookupdate.exe\" /c /nocrashserver"
"hkey"="HKCU"
"item"="Facebook Update"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Free Download Manager]
"command"="\"c:\\program files (x86)\\free download manager\\fdm.exe\" -autorun"
"hkey"="HKCU"
"item"="Free Download Manager"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\fspuip]
"command"="%programfiles%\\fsp\\fspuip.exe"
"hkey"="HKLM"
"item"="fspuip"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleChromeAutoLaunch_C47669F93B121AAA6EB5AE50CDDA5018]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GoogleChromeAutoLaunch_C47669F93B121AAA6EB5AE50CDDA5018"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\" --no-startup-window"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor]
"command"="c:\\program files (x86)\\microsoft office\\office12\\groovemonitor.exe"
"hkey"="HKLM"
"item"="GrooveMonitor"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HP Software Update"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Hp\\HP Software Update\\HPWuSchd2.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IAStorIcon]
"command"="c:\\program files (x86)\\intel\\intel(r) rapid storage technology\\iastoriconlaunch.exe \"c:\\program files (x86)\\intel\\intel(r) rapid storage technology\\iastoricon.exe\" 60"
"hkey"="HKLM"
"item"="IAStorIcon"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IntelWireless]
"command"="\"c:\\program files\\common files\\intel\\wirelesscommon\\ifrmewrk.exe\" /tf intel wireless tray"
"hkey"="HKLM"
"item"="IntelWireless"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPDLR]
"command"="c:\\program files (x86)\\samsung\\kies\\external\\firmwareupdate\\kiespdlr.exe"
"hkey"="HKCU"
"item"="KiesPDLR"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload]
"command"="c:\\program files (x86)\\samsung\\kies\\kies.exe /preload"
"hkey"="HKCU"
"item"="KiesPreload"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent]
"command"="c:\\program files (x86)\\samsung\\kies\\kiestrayagent.exe"
"hkey"="HKLM"
"item"="KiesTrayAgent"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LineageII.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Live Update]
"command"="c:\\program files (x86)\\msi\\live update\\live update.exe /reminder"
"hkey"="HKLM"
"item"="Live Update"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Live Update 5]
"command"="c:\\program files (x86)\\msi\\live update 5\\bootstartliveupdate.exe /reminder"
"hkey"="HKLM"
"item"="Live Update 5"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LockIndicator]
"command"="c:\\program files (x86)\\msi\\lockindicator\\lockindicator.exe"
"hkey"="HKLM"
"item"="LockIndicator"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Logitech Vid]
"command"="\"c:\\program files (x86)\\logitech\\vid hd\\vid.exe\" -bootmode"
"hkey"="HKCU"
"item"="Logitech Vid"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LWS]
"command"="c:\\program files (x86)\\logitech\\lws\\webcam software\\lws.exe -hide"
"hkey"="HKLM"
"item"="LWS"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MGSysCtrl]
"command"="C:\\Program Files (x86)\\System Control Manager\\MGSysCtrl.exe"
"hkey"="HKLM"
"item"="MGSysCtrl"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msi LED Manager]
"command"="c:\\program files (x86)\\msi\\msi led manager\\slm.exe"
"hkey"="HKLM"
"item"="msi LED Manager"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NUSB3MON]
"command"="c:\\program files (x86)\\renesas electronics\\usb 3.0 host controller driver\\application\\nusb3mon.exe"
"hkey"="HKLM"
"item"="NUSB3MON"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvBackend]
"command"="c:\\program files (x86)\\nvidia corporation\\update core\\nvbackend.exe"
"hkey"="HKLM"
"item"="NvBackend"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Nvtmru]
"command"="c:\\program files (x86)\\nvidia corporation\\nvidia update core\\nvtmru.exe"
"hkey"="HKLM"
"item"="Nvtmru"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OODefragTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="OODefragTray"
"hkey"="HKLM"
"command"="C:\\Program Files\\OO Software\\Defrag\\oodtray.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OpwareSE4]
"command"="c:\\program files (x86)\\scansoft\\omnipagese4\\opwarese4.exe"
"hkey"="HKLM"
"item"="OpwareSE4"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PrintDisp]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PrintDisp"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\PrintDisp.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL]
"command"="c:\\program files\\realtek\\audio\\hda\\ravcpl64.exe -s"
"hkey"="HKLM"
"item"="RTHDVCPL"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings]
"command"="c:\\program files (x86)\\common files\\spigot\\search settings\\searchsettings.exe"
"hkey"="HKLM"
"item"="SearchSettings"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ShadowPlay]
"command"="c:\\windows\\system32\\rundll32.exe c:\\windows\\system32\\nvspcap64.dll,shadowplayonsystemstart"
"hkey"="HKLM"
"item"="ShadowPlay"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SlipStream]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SSBkgdUpdate]
"command"="\"c:\\program files (x86)\\common files\\scansoft shared\\ssbkgdupdate\\ssbkgdupdate.exe\" -embedding -boot"
"hkey"="HKLM"
"item"="SSBkgdUpdate"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam]
"command"="\"c:\\program files (x86)\\steam\\steam.exe\" -silent"
"hkey"="HKCU"
"item"="Steam"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Super Charger]
"command"="c:\\program files (x86)\\msi\\super charger\\super charger.exe"
"hkey"="HKLM"
"item"="Super Charger"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Super-Charger]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard]
"command"="c:\\program files (x86)\\common files\\adobe\\switchboard\\switchboard.exe"
"hkey"="HKLM"
"item"="SwitchBoard"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\T-Mobile CManager]
"command"="\"c:\\program files (x86)\\t-mobile\\t-mobile internet manager\\manager.exe\" -autorun"
"hkey"="HKCU"
"item"="T-Mobile CManager"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\THX Audio Control Panel]
"command"="\"c:\\program files (x86)\\creative\\thx trustudio pro\\thxaudiocp\\thxaudio.exe\" /r"
"hkey"="HKLM"
"item"="THX Audio Control Panel"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\THXCfg64]
"command"="c:\\windows\\system32\\rundll32.exe c:\\windows\\system32\\thxcfg64.dll,rundllentry thxcfg64"
"hkey"="HKLM"
"item"="THXCfg64"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdReg]
"command"="c:\\windows\\updreg.exe"
"hkey"="HKLM"
"item"="UpdReg"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VGAOCAP]
"command"="c:\\program files (x86)\\msi\\msi vga overclock tool\\vgaocap.exe"
"hkey"="HKLM"
"item"="VGAOCAP"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WD Drive Unlocker]
"command"="c:\\program files (x86)\\western digital\\wd security\\wddriveautounlock.exe"
"hkey"="HKLM"
"item"="WD Drive Unlocker"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\O&O Defrag Tray.lnk"
"backup"="C:\\Windows\\pss\\O&O Defrag Tray.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\Windows\\Installer\\{50C961A1-889F-4A4E-9587-2772A45B6AAD}\\app_icon.ico "
"item"="O&O Defrag Tray"
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]
C:\Windows\tasks\RtlNetworkGenieVistaStart.job --a------ C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe [05.01.2012 13:35]
==== Other Scheduled Tasks ======================
"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\Driver Booster SkipUAC (Aldair)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-854197151-3482271168-3196824506-1000Core" [C:\Users\Aldair\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-854197151-3482271168-3196824506-1000UA" [C:\Users\Aldair\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\Game_Booster_AutoUpdate" [C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 2540 series" ["C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe"]
"C:\Windows\SysNative\tasks\RtlNetworkGenieVistaStart" [C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe]
"C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Aldair" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe]
"C:\Windows\SysNative\tasks\{0C894F02-DB23-4B5A-B89D-A5836A317F5D}" [D:\Lineage II\system\l2.exe]
"C:\Windows\SysNative\tasks\{2642EC22-C920-47B2-B2EA-32831A0F2864}" [D:\Lineage II\system\l2.exe]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [10.02.2015 10:45]
==== Fake Chromium Profiles Check ======================
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Aldair\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Aldair\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\ASPNET\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\ASPNET\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\ASPNET\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Guest\AppData\Local\Comodo\Dragon deleted
==== Chromium Look ======================
Google Chrome Version: 43.0.2357.81
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[30.01.2015 11:00]
Google Slides - Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Bookmark Manager - Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Avast Online Security - Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Slides - Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Avast Online Security - Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chromium Startpages ======================
C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Preferences
ge_is_newtabpage":"147FE0BAA90033E49211D15DB331C5042BBA39CEF203CD9B743AE96A809D1E5E","pinned_tabs":"A5ADC6E6D8936A21082D9F1C9B3DE1697CDD60D4E759DA9E430FEDC4848AB26B","prefs":{"preference_reset_time":"DE616EF77F015429960AD43D8130A186C7C44F0F1DDDA4243522300894B81FF0"},"profile":{"reset_prompt_memento":"2B234BBA1664FB2167FC5D1BE71FF36B178E16A38693D8A1BD6E45E555F92264"},"safebrowsing":{"incidents_sent":"65FE3F42C0743CC28576C13C575BEB0D4C4A9728C549CCD83FA49C9236283F28"},"search_provider_overrides":"3D3F133B14CA7B67C2852206208E71B199766F07BBA3E014F528F1C08ADFDC1E","session":{"restore_on_startup":"BAEB556B7BD618E5F98F93E9496EE07E9F8BD095BCE567EE25E9F81CFED7C3D4","startup_urls":"4BACA0A123CEEC7F604DEE13B22F89944CED082B610FDDADE3393F1FC4DDDF17"},"software_reporter":{"prompt_reason":"25AEA272DD275EBA976C2C9FA766B198961306912FB239CB683113AF7E57BDDE","prompt_seed":"CE365360D719BD9A02CC293DA0DF9270E50F0506E34068C71135AE7CA2189BDE","prompt_version":"678FA64B9D36E47C2A411D78E0F6BD375E3C0BC4E91117B730B91C0C3147AD8E"},"sync":{"remaining_rollback_tries":"ACE545FE9676C90C43C3576A33268364C0AC835DEDC15C2A7ACE718C4A021852"}},"super_mac":"3E21ECE9829690DE7CD5DDC1BB2141870FA7864ABEB699611536030432BE3713"},"session":{"restore_on_startup":5,"startup_urls":["http://www.seznam.cz/","http://www.msn. ... &bmod=ASUT"]},"sync":{"remaining_rollback_tries":0}}
C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences
"startup_urls": [ "http://google.cz/" ]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.gooe.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.gooe.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0AD56A9D-57FF-401E-846C-D19A1A5B19DE}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{0AD56A9D-57FF-401E-846C-D19A1A5B19DE} Google Url="https://www.google.com/search?q={searchTerms}"
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGupdate deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LineageII.exe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live Update 5 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrintDisp deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SlipStream deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Super-Charger deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile CManager deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Aldair\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Aldair\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=32 folders=18 128852937 bytes)
==== Empty Temp Folders ======================
C:\Users\Aldair\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Aldair\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Windows\Syswow64\SET3F02.tmpsearch" not found
"C:\Windows\Syswow64\SET3F02.tmpsearch" not found
==== EOF on Łt 26.05.2015 at 13:40:23,17 ======================
Tool run by Aldair on Łt 26.05.2015 at 13:07:35,54.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Aldair\Desktop\zoek.exe [Scan all users] [Quick Scan] [Auto Clean]
==== System Restore Info ======================
26.5.2015 13:09:04 Zoek.exe System Restore Point Created Successfully.
==== Empty Folders Check ======================
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Codebox deleted successfully
C:\PROGRA~2\dumps deleted successfully
C:\PROGRA~2\GameforgeLive deleted successfully
C:\PROGRA~2\Huawei deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\MyFree Codec deleted successfully
C:\PROGRA~2\T-Mobile deleted successfully
C:\PROGRA~3\CanonIJPLM deleted successfully
C:\PROGRA~3\ConMet deleted successfully
C:\PROGRA~3\explauncher deleted successfully
C:\PROGRA~3\LangSoft deleted successfully
C:\PROGRA~3\launcher deleted successfully
C:\PROGRA~3\Logs deleted successfully
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully
C:\Users\Aldair\AppData\Roaming\LangSoft deleted successfully
C:\Users\Aldair\AppData\Local\FSP deleted successfully
C:\Users\Aldair\AppData\Local\GHISLER deleted successfully
C:\Users\Aldair\AppData\Local\Samsung deleted successfully
C:\Users\Aldair\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-854197151-3482271168-3196824506-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_USERS\S-1-5-21-854197151-3482271168-3196824506-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-854197151-3482271168-3196824506-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_USERS\S-1-5-21-854197151-3482271168-3196824506-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-854197151-3482271168-3196824506-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} deleted successfully
HKEY_USERS\S-1-5-21-854197151-3482271168-3196824506-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{573BF47C-2566-449D-BA1B-417D5D3FB9FD} deleted successfully
HKEY_USERS\S-1-5-21-854197151-3482271168-3196824506-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} deleted successfully
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\Codebox not found
C:\PROGRA~2\dumps not found
C:\PROGRA~2\GameforgeLive not found
C:\PROGRA~2\Huawei not found
C:\PROGRA~2\MyFree Codec not found
C:\PROGRA~2\T-Mobile not found
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found
C:\Users\Aldair\.android deleted
C:\prefs.js deleted
C:\Users\Aldair\AppData\Roaming\ProductData deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Aldair\AppData\LocalLow\IObit Apps deleted
C:\Users\Aldair\AppData\LocalLow\ADSRemoval deleted
C:\Windows\Wininit.ini deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\SET6AC8.tmp deleted
C:\Windows\Syswow64\SET7789.tmp deleted
C:\Windows\Syswow64\tmp670C.tmp deleted
C:\Windows\Syswow64\tmp672C.tmp deleted
C:\Windows\Syswow64\tmp6912.tmp deleted
"C:\Windows\Syswow64\SET3F02.tmp" deleted
"C:\Windows\Syswow64\SET3F02.tmp" deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\Aldair\AppData\Local\Temp ====
2015-05-26 09:24:43 AFCCEDBBB5A80AFD7B052FA9DFB318F4 73176 ----a-w- C:\Users\Aldair\AppData\Local\Temp\eu-l2_live\frost_32.sys
2015-05-26 09:24:43 A314E00A79B1125E3A4142EAFADB5B1A 81440 ----a-w- C:\Users\Aldair\AppData\Local\Temp\eu-l2_live\frost_64.sys
2015-05-26 09:24:43 A314E00A79B1125E3A4142EAFADB5B1A 81440 ----a-w- C:\Users\Aldair\AppData\Local\Temp\eu-l2_live\frost.sys
2015-05-19 09:19:53 7ACBD0EB835BFC5AF8347DBEC181D772 1068280 ----a-w- C:\Users\Aldair\AppData\Local\Temp\OO Software\OO LiveUpdate\OO Defrag Professional 18\OOLiveUpdateWorker.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-05-26 08:00:28 C779BDC4B6CB126762EC4969EA296278 974480 ----a-w- C:\Windows\SysWOW64\NvFBC.dll
2015-05-26 08:00:28 8E5E617B58D8099B025B602934A6B4EE 982672 ----a-w- C:\Windows\SysWOW64\NvIFR.dll
2015-05-26 08:00:28 8A8F31DFC317C7B87F45F4DC9C9BF36C 2599056 ----a-w- C:\Windows\SysWOW64\nvcuvid.dll
2015-05-26 08:00:28 5DF9FE93E5F0793523313C5333C504D2 13263568 ----a-w- C:\Windows\SysWOW64\nvopencl.dll
2015-05-26 08:00:28 375ED165EEDE91329823943EEB9A8E7F 22945424 ----a-w- C:\Windows\SysWOW64\nvoglv32.dll
2015-05-26 08:00:28 085B725D1664658A46DBB924AD01B0BD 11790144 ----a-w- C:\Windows\SysWOW64\nvcuda.dll
2015-05-26 08:00:27 12A08FE0BA4145DE9AC151F354751B94 37741712 ----a-w- C:\Windows\SysWOW64\nvcompiler.dll
2015-05-21 13:12:26 E73D09686D5E08D6E8FB96E499E91B7F 17488560 ----a-w- C:\Windows\SysWOW64\FlashPlayerInstaller.exe
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-05-26 08:00:28 DC5A39DF7DB1F09AFF263E88F87C1541 16145176 ----a-w- C:\Windows\Sysnative\nvopencl.dll
2015-05-26 08:00:28 D75AD8F3EFE86FB8A4DD09079445F2F5 1059984 ----a-w- C:\Windows\Sysnative\NvIFR64.dll
2015-05-26 08:00:28 88B3C2F5181DE529FA6DBD3A2A91A50C 2932368 ----a-w- C:\Windows\Sysnative\nvcuvid.dll
2015-05-26 08:00:28 83142ADD1B09C7E1EE20B6FF3BEA5F7A 15858728 ----a-w- C:\Windows\Sysnative\nvd3dumx.dll
2015-05-26 08:00:28 6B245EE46FB570B2630C17189103ED57 30478992 ----a-w- C:\Windows\Sysnative\nvoglv64.dll
2015-05-26 08:00:28 65EB7EFFC82FC4AFABAC3679F42D745E 1898312 ----a-w- C:\Windows\Sysnative\nvdispco6435286.dll
2015-05-26 08:00:28 2EBD0C6A8A44DBB3337394D9D98F1D77 14455296 ----a-w- C:\Windows\Sysnative\nvcuda.dll
2015-05-26 08:00:28 21D58C855AE352A9FD01B52E58BCA781 31552 ----a-w- C:\Windows\Sysnative\nvhdap64.dll
2015-05-26 08:00:28 19FA49194B15B44EF93338CB97CDB67B 1557648 ----a-w- C:\Windows\Sysnative\nvdispgenco6435286.dll
2015-05-26 08:00:28 0B2C9FA476E74BD70045C6797A09D6EE 1050256 ----a-w- C:\Windows\Sysnative\NvFBC64.dll
2015-05-26 08:00:27 EBE88D79956D012BAD096DEFBC8FE760 42718864 ----a-w- C:\Windows\Sysnative\nvcompiler.dll
====== C:\Windows\Sysnative\drivers =====
2015-05-26 08:00:28 624C1453F9109D98F7E2612DAD76BBB1 195912 ----a-w- C:\Windows\Sysnative\drivers\nvhda64v.sys
2015-05-26 08:00:28 3E188568A3D51195399A790B51F0A7B8 10972304 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
======= C: =====
2015-05-02 17:49:10 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\dummy.wav
====== C:\Users\Aldair\AppData\Roaming ======
2015-04-28 06:59:38 -------- d-----w- C:\Users\Aldair\AppData\Roaming\SimCity
====== C:\Users\Aldair ======
2015-05-26 08:29:00 47A88176FCB2EA36E0802BCC75FAE27A 2108928 ----a-w- C:\Users\Aldair\Desktop\FRST64.exe
2015-04-28 06:59:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
====== C: exe-files ==
2015-05-26 08:29:00 47A88176FCB2EA36E0802BCC75FAE27A 2108928 ----a-w- C:\Users\Aldair\Desktop\FRST64.exe
2015-05-26 08:00:27 9552B5FB775C9C7973AB33014D7DA2D2 447632 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{643E4BE1-C28F-4911-B0AF-00B2E1E9AA83}\dbInstaller.exe
2015-05-26 08:00:27 9552B5FB775C9C7973AB33014D7DA2D2 447632 ----a-w- C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe
2015-05-26 08:00:27 3A52136405031504BC69778E5F6CE5F6 95308824 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{643E4BE1-C28F-4911-B0AF-00B2E1E9AA83}\NvCplSetupInt.exe
2015-05-26 07:33:57 32ECE52E4C4A5FC2115279D7B13E6270 1884304 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{8BDF0F54-39EC-4A95-8DC1-F26695D710A2}\NVNetworkService.exe
2015-05-26 05:25:09 2D7D54B47ACFAB94671E3C97B2D2E639 1106512 ----a-w- C:\Program Files (x86)\Google\Update\Install\{B734FFF9-C26D-4092-9841-7033C06BE95E}\43.0.2357.81_43.0.2357.65_chrome_updater.exe
2015-05-26 05:25:09 2D7D54B47ACFAB94671E3C97B2D2E639 1106512 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.81\43.0.2357.81_43.0.2357.65_chrome_updater.exe
2015-05-25 14:37:35 DD25320E8D9936BBEB3D5D4AFA813A51 5688568 ----a-w- C:\Users\Aldair\AppData\Local\NVIDIA\NvBackend\Packages\0000771e\DAO.19612307.exe
2015-05-25 11:54:04 B366AA9BFA1BEE4BCBBFE114AD9BD7E8 675256 ----a-w- C:\Users\Aldair\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
2015-05-25 11:54:00 3D13085688C585232DAA01C10F0BA317 172984 ----a-w- C:\Users\Aldair\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
2015-05-22 14:02:24 6F6AFBD93BB17B50D91DA63EA85DF4A3 453056 ----a-w- C:\Users\Aldair\AppData\Local\NVIDIA\NvBackend\Packages\0000770c\CoProc update.19606705.exe
2015-05-22 12:16:27 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Windows\Temp\89C7828C-EA4D-484D-A9B4-2F2733C3795E\DismHost.exe
2015-05-21 13:12:26 E73D09686D5E08D6E8FB96E499E91B7F 17488560 ----a-w- C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-05-21 13:11:11 C3F05ECF011C04A23909CBD67259F195 43030144 ----a-w- C:\Windows\Temp\avast_ash\Skype\skype.exe
2015-05-21 05:25:01 CCAF0DCB4BEF3FCD615E15B46B22F349 6714960 ----a-w- C:\Program Files (x86)\Google\Update\Install\{C84C8954-E007-4735-9616-93743412EC02}\43.0.2357.65_42.0.2311.152_chrome_updater.exe
2015-05-20 06:18:29 E142943F079252AE0ABA47260C4E7196 413840 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\setup.exe
2015-05-20 06:18:29 93E4C51FE870A900E0417F852F781081 196240 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Update.Core\WLMerger.exe
2015-05-20 06:18:28 9047D1D9F1E6FB4244F53965E89C0796 20698768 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\nvstreamsvc.exe
2015-05-20 06:18:28 601B970FC5875C4B54CD19421D000DEC 22997648 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\nvstreamsvc.exe
2015-05-20 06:18:28 08D5498728CACC31A914526B7C3DED92 5983888 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamNetworkService.exe
2015-05-20 06:18:27 FAE46B3931E8FCA37F43F5284E9D61E1 4703888 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\GFExperience.exe
2015-05-20 06:18:27 D5FFA9F81738C81253C0D3C7E03E3AB0 2685072 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Update.Core\NvBackend.exe
2015-05-20 06:18:27 C9D89A33162D10F23148DAD1723A7497 87184 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\LEDVisualizer\NvLedServiceHost.exe
2015-05-20 06:18:27 C76E7ED75A7FFA50FFDF3B07400C5E84 595600 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\7z.exe
2015-05-20 06:18:27 C0B698B7D0E03B2A01D0F781BEE052BB 1152656 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GfExperienceService\GfExperienceService64.exe
2015-05-20 06:18:27 B237375302410B9C4E811B9D0699248F 3936912 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\nvspcaps64.exe
2015-05-20 06:18:27 A2D5614BE5957B21272800B63E070C50 1057424 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\LaunchGFExperience.exe
2015-05-20 06:18:27 8B4CDD6AD795DA62E5FFBB3BFAC32D6F 126608 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\LEDVisualizer\NvLedVisualizer.exe
2015-05-20 06:18:27 6FEA38EA54D6FE0B61D08E93F8F4CAC0 3051152 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\nvspcaps.exe
2015-05-20 06:18:27 5A0A278308A9F42266C59F68D5E2FA68 5261456 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe
2015-05-20 06:18:27 437063300629BED250D5951EAB298DE0 7896720 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamNetworkService.exe
2015-05-20 06:18:27 32ECE52E4C4A5FC2115279D7B13E6270 1884304 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVNetworkService.exe
2015-05-20 06:18:27 32ECE52E4C4A5FC2115279D7B13E6270 1884304 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Network.Service\NVNetworkService.exe
2015-05-20 06:18:27 2985430DAF228D3E48C6BA5A20FF4329 637584 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe
2015-05-20 06:18:27 272CABCCAC57377AA8B8029051FFDD73 519824 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\DXSETUP.exe
2015-05-20 06:18:27 1B2F134B70CD9BB16DEEE3DA52A43C0C 6739088 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe
2015-05-20 06:18:27 164108CA78D3AF5310CB8255157C8105 919184 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GfExperienceService\GfExperienceService32.exe
=== C: other files ==
2015-05-26 11:06:56 35D90D515527A3E56FA3216A7F382A0F 110 ----a-w- C:\Users\Aldair\AppData\Local\Temp\schtasks_42150,5464920139.bat
2015-05-26 09:24:43 AFCCEDBBB5A80AFD7B052FA9DFB318F4 73176 ----a-w- C:\Users\Aldair\AppData\Local\Temp\eu-l2_live\frost_32.sys
2015-05-26 09:24:43 A314E00A79B1125E3A4142EAFADB5B1A 81440 ----a-w- C:\Users\Aldair\AppData\Local\Temp\eu-l2_live\frost_64.sys
2015-05-26 09:24:43 A314E00A79B1125E3A4142EAFADB5B1A 81440 ----a-w- C:\Users\Aldair\AppData\Local\Temp\eu-l2_live\frost.sys
2015-05-26 08:02:44 7E4355930B28C2798D9F09AB9F81151F 195728 ----a-w- C:\Windows\LastGood\system32\DRIVERS\nvhda64v.sys
2015-05-26 08:01:35 7C28BA74B766F3470128107DA764F711 10423952 ----a-w- C:\Windows\LastGood\system32\DRIVERS\nvlddmkm.sys
2015-05-26 08:00:28 7D6348EC738067F8E8D132DAB4789CF0 162624 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{BDA14D80-D5AF-41B6-A7DA-20725B2CA56B}\nvhda32v.sys
2015-05-26 08:00:28 624C1453F9109D98F7E2612DAD76BBB1 195912 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2015-05-26 08:00:28 624C1453F9109D98F7E2612DAD76BBB1 195912 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{BDA14D80-D5AF-41B6-A7DA-20725B2CA56B}\nvhda64v.sys
2015-05-26 08:00:28 3E188568A3D51195399A790B51F0A7B8 10972304 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys
2015-05-26 08:00:28 14E6524D68B4ED54654431773A446927 162624 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{BDA14D80-D5AF-41B6-A7DA-20725B2CA56B}\nvhda64.sys
2015-05-26 08:00:28 0792E412AD42A49BB2C09F704F37F309 127888 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{BDA14D80-D5AF-41B6-A7DA-20725B2CA56B}\nvhda32.sys
2015-05-26 07:34:22 DBFE7B2DF103F74AE51840B3C5F25FE9 38032 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{D9140BF6-EE45-44C3-ADCA-4664D41D45B5}\nvvad64v.sys
2015-05-26 07:34:22 3EEDE5E218F0978D802CE3196E8B9028 32912 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{D9140BF6-EE45-44C3-ADCA-4664D41D45B5}\nvvad32v.sys
2015-05-26 07:34:21 CE9812A9B6695E0FA4ACBDF18AC9076B 16032 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{F898BCA8-49D2-4365-85C1-753208773C86}\NVSWCFilter32.sys
2015-05-26 07:34:21 17D21ADA263B31EEDB7EA344AEA4F2E7 19616 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{F898BCA8-49D2-4365-85C1-753208773C86}\NVSWCFilter64.sys
2015-05-20 06:18:32 DFF17A8330FB7813E3F9A4F75D69F377 15504 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2SystemService64.sys
2015-05-20 06:18:32 DBFE7B2DF103F74AE51840B3C5F25FE9 38032 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NvVAD\nvvad64v.sys
2015-05-20 06:18:32 DA48A4EB3DD38C7BF90CB12DD1672618 19600 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamKms.sys
2015-05-20 06:18:32 CE9812A9B6695E0FA4ACBDF18AC9076B 16032 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShieldWirelessController\NVSWCFilter32.sys
2015-05-20 06:18:32 CB31DA7A5C788DC64E2C3BCCE066825B 14480 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2SystemService32.sys
2015-05-20 06:18:32 A3E321C92C09F995542A0B939DFF836B 18576 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamKms.sys
2015-05-20 06:18:32 3EEDE5E218F0978D802CE3196E8B9028 32912 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NvVAD\nvvad32v.sys
2015-05-20 06:18:32 17D21ADA263B31EEDB7EA344AEA4F2E7 19616 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShieldWirelessController\NVSWCFilter64.sys
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"VGAOCAP"="C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"20150107"="C:\Program Files\AVAST Software\Avast\setup\emupdate\d6a2cbeb-292c-44be-bd05-c9a11e4ff494.exe /check"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"OODefragTray"="C:\Program Files\OO Software\Defrag\oodtray.exe"
"Windows Mobile-based device management"="%WINDIR%\WindowsMobile\wmdcBase.exe "
==== Startup Registry Disabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
"command"="c:\\program files (x86)\\samsung\\kies\\external\\firmwareupdate\\kiespdlr.exe"
"hkey"="HKCU"
"item"=""
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"command"="c:\\program files (x86)\\common files\\adobe\\arm\\1.0\\adobearm.exe"
"hkey"="HKLM"
"item"="Adobe ARM"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"command"="c:\\program files (x86)\\common files\\adobe\\oobe\\pdapp\\uwa\\updaterstartuputility.exe"
"hkey"="HKLM"
"item"="AdobeAAMUpdater-1.0"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5ServiceManager]
"command"="\"c:\\program files (x86)\\common files\\adobe\\cs5servicemanager\\cs5servicemanager.exe\" -launchedbylogin"
"hkey"="HKLM"
"item"="AdobeCS5ServiceManager"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AGupdate]
"command"="c:\\program files (x86)\\appgraffiti\\agupdate.exe"
"hkey"="HKCU"
"item"="AGupdate"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonMyPrinter]
"command"="c:\\program files\\canon\\myprinter\\bjmyprt.exe /logon"
"hkey"="HKLM"
"item"="CanonMyPrinter"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonSolutionMenu]
"command"="c:\\program files (x86)\\canon\\solutionmenu\\cnslmain.exe /logon"
"hkey"="HKLM"
"item"="CanonSolutionMenu"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CCleaner Monitoring"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Cinema ProII AP]
"command"="c:\\program files (x86)\\msi\\cinema proii\\cinemaproii.exe"
"hkey"="HKLM"
"item"="Cinema ProII AP"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Cinema ProII Controler]
"command"="c:\\program files (x86)\\msi\\cinema proii\\cinema proii controler.exe"
"hkey"="HKLM"
"item"="Cinema ProII Controler"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]
"command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun"
"hkey"="HKCU"
"item"="DAEMON Tools Lite"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EaseUS EPM tray]
"command"="c:\\program files (x86)\\easeus\\easeus partition master 9.2.2\\bin\\epmnews.exe"
"hkey"="HKLM"
"item"="EaseUS EPM tray"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update]
"command"="\"c:\\users\\aldair\\appdata\\local\\facebook\\update\\facebookupdate.exe\" /c /nocrashserver"
"hkey"="HKCU"
"item"="Facebook Update"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Free Download Manager]
"command"="\"c:\\program files (x86)\\free download manager\\fdm.exe\" -autorun"
"hkey"="HKCU"
"item"="Free Download Manager"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\fspuip]
"command"="%programfiles%\\fsp\\fspuip.exe"
"hkey"="HKLM"
"item"="fspuip"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleChromeAutoLaunch_C47669F93B121AAA6EB5AE50CDDA5018]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GoogleChromeAutoLaunch_C47669F93B121AAA6EB5AE50CDDA5018"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\" --no-startup-window"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor]
"command"="c:\\program files (x86)\\microsoft office\\office12\\groovemonitor.exe"
"hkey"="HKLM"
"item"="GrooveMonitor"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HP Software Update"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Hp\\HP Software Update\\HPWuSchd2.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IAStorIcon]
"command"="c:\\program files (x86)\\intel\\intel(r) rapid storage technology\\iastoriconlaunch.exe \"c:\\program files (x86)\\intel\\intel(r) rapid storage technology\\iastoricon.exe\" 60"
"hkey"="HKLM"
"item"="IAStorIcon"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IntelWireless]
"command"="\"c:\\program files\\common files\\intel\\wirelesscommon\\ifrmewrk.exe\" /tf intel wireless tray"
"hkey"="HKLM"
"item"="IntelWireless"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPDLR]
"command"="c:\\program files (x86)\\samsung\\kies\\external\\firmwareupdate\\kiespdlr.exe"
"hkey"="HKCU"
"item"="KiesPDLR"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload]
"command"="c:\\program files (x86)\\samsung\\kies\\kies.exe /preload"
"hkey"="HKCU"
"item"="KiesPreload"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent]
"command"="c:\\program files (x86)\\samsung\\kies\\kiestrayagent.exe"
"hkey"="HKLM"
"item"="KiesTrayAgent"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LineageII.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Live Update]
"command"="c:\\program files (x86)\\msi\\live update\\live update.exe /reminder"
"hkey"="HKLM"
"item"="Live Update"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Live Update 5]
"command"="c:\\program files (x86)\\msi\\live update 5\\bootstartliveupdate.exe /reminder"
"hkey"="HKLM"
"item"="Live Update 5"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LockIndicator]
"command"="c:\\program files (x86)\\msi\\lockindicator\\lockindicator.exe"
"hkey"="HKLM"
"item"="LockIndicator"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Logitech Vid]
"command"="\"c:\\program files (x86)\\logitech\\vid hd\\vid.exe\" -bootmode"
"hkey"="HKCU"
"item"="Logitech Vid"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LWS]
"command"="c:\\program files (x86)\\logitech\\lws\\webcam software\\lws.exe -hide"
"hkey"="HKLM"
"item"="LWS"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MGSysCtrl]
"command"="C:\\Program Files (x86)\\System Control Manager\\MGSysCtrl.exe"
"hkey"="HKLM"
"item"="MGSysCtrl"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msi LED Manager]
"command"="c:\\program files (x86)\\msi\\msi led manager\\slm.exe"
"hkey"="HKLM"
"item"="msi LED Manager"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NUSB3MON]
"command"="c:\\program files (x86)\\renesas electronics\\usb 3.0 host controller driver\\application\\nusb3mon.exe"
"hkey"="HKLM"
"item"="NUSB3MON"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvBackend]
"command"="c:\\program files (x86)\\nvidia corporation\\update core\\nvbackend.exe"
"hkey"="HKLM"
"item"="NvBackend"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Nvtmru]
"command"="c:\\program files (x86)\\nvidia corporation\\nvidia update core\\nvtmru.exe"
"hkey"="HKLM"
"item"="Nvtmru"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OODefragTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="OODefragTray"
"hkey"="HKLM"
"command"="C:\\Program Files\\OO Software\\Defrag\\oodtray.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OpwareSE4]
"command"="c:\\program files (x86)\\scansoft\\omnipagese4\\opwarese4.exe"
"hkey"="HKLM"
"item"="OpwareSE4"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PrintDisp]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PrintDisp"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\PrintDisp.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL]
"command"="c:\\program files\\realtek\\audio\\hda\\ravcpl64.exe -s"
"hkey"="HKLM"
"item"="RTHDVCPL"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings]
"command"="c:\\program files (x86)\\common files\\spigot\\search settings\\searchsettings.exe"
"hkey"="HKLM"
"item"="SearchSettings"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ShadowPlay]
"command"="c:\\windows\\system32\\rundll32.exe c:\\windows\\system32\\nvspcap64.dll,shadowplayonsystemstart"
"hkey"="HKLM"
"item"="ShadowPlay"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SlipStream]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SSBkgdUpdate]
"command"="\"c:\\program files (x86)\\common files\\scansoft shared\\ssbkgdupdate\\ssbkgdupdate.exe\" -embedding -boot"
"hkey"="HKLM"
"item"="SSBkgdUpdate"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam]
"command"="\"c:\\program files (x86)\\steam\\steam.exe\" -silent"
"hkey"="HKCU"
"item"="Steam"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Super Charger]
"command"="c:\\program files (x86)\\msi\\super charger\\super charger.exe"
"hkey"="HKLM"
"item"="Super Charger"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Super-Charger]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard]
"command"="c:\\program files (x86)\\common files\\adobe\\switchboard\\switchboard.exe"
"hkey"="HKLM"
"item"="SwitchBoard"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\T-Mobile CManager]
"command"="\"c:\\program files (x86)\\t-mobile\\t-mobile internet manager\\manager.exe\" -autorun"
"hkey"="HKCU"
"item"="T-Mobile CManager"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\THX Audio Control Panel]
"command"="\"c:\\program files (x86)\\creative\\thx trustudio pro\\thxaudiocp\\thxaudio.exe\" /r"
"hkey"="HKLM"
"item"="THX Audio Control Panel"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\THXCfg64]
"command"="c:\\windows\\system32\\rundll32.exe c:\\windows\\system32\\thxcfg64.dll,rundllentry thxcfg64"
"hkey"="HKLM"
"item"="THXCfg64"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdReg]
"command"="c:\\windows\\updreg.exe"
"hkey"="HKLM"
"item"="UpdReg"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VGAOCAP]
"command"="c:\\program files (x86)\\msi\\msi vga overclock tool\\vgaocap.exe"
"hkey"="HKLM"
"item"="VGAOCAP"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WD Drive Unlocker]
"command"="c:\\program files (x86)\\western digital\\wd security\\wddriveautounlock.exe"
"hkey"="HKLM"
"item"="WD Drive Unlocker"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\O&O Defrag Tray.lnk"
"backup"="C:\\Windows\\pss\\O&O Defrag Tray.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\Windows\\Installer\\{50C961A1-889F-4A4E-9587-2772A45B6AAD}\\app_icon.ico "
"item"="O&O Defrag Tray"
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]
C:\Windows\tasks\RtlNetworkGenieVistaStart.job --a------ C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe [05.01.2012 13:35]
==== Other Scheduled Tasks ======================
"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\Driver Booster SkipUAC (Aldair)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-854197151-3482271168-3196824506-1000Core" [C:\Users\Aldair\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-854197151-3482271168-3196824506-1000UA" [C:\Users\Aldair\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\Game_Booster_AutoUpdate" [C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 2540 series" ["C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe"]
"C:\Windows\SysNative\tasks\RtlNetworkGenieVistaStart" [C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe]
"C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Aldair" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe]
"C:\Windows\SysNative\tasks\{0C894F02-DB23-4B5A-B89D-A5836A317F5D}" [D:\Lineage II\system\l2.exe]
"C:\Windows\SysNative\tasks\{2642EC22-C920-47B2-B2EA-32831A0F2864}" [D:\Lineage II\system\l2.exe]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [10.02.2015 10:45]
==== Fake Chromium Profiles Check ======================
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Aldair\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Aldair\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\ASPNET\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\ASPNET\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\ASPNET\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Guest\AppData\Local\Comodo\Dragon deleted
==== Chromium Look ======================
Google Chrome Version: 43.0.2357.81
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[30.01.2015 11:00]
Google Slides - Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Bookmark Manager - Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Avast Online Security - Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Slides - Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Avast Online Security - Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chromium Startpages ======================
C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Preferences
ge_is_newtabpage":"147FE0BAA90033E49211D15DB331C5042BBA39CEF203CD9B743AE96A809D1E5E","pinned_tabs":"A5ADC6E6D8936A21082D9F1C9B3DE1697CDD60D4E759DA9E430FEDC4848AB26B","prefs":{"preference_reset_time":"DE616EF77F015429960AD43D8130A186C7C44F0F1DDDA4243522300894B81FF0"},"profile":{"reset_prompt_memento":"2B234BBA1664FB2167FC5D1BE71FF36B178E16A38693D8A1BD6E45E555F92264"},"safebrowsing":{"incidents_sent":"65FE3F42C0743CC28576C13C575BEB0D4C4A9728C549CCD83FA49C9236283F28"},"search_provider_overrides":"3D3F133B14CA7B67C2852206208E71B199766F07BBA3E014F528F1C08ADFDC1E","session":{"restore_on_startup":"BAEB556B7BD618E5F98F93E9496EE07E9F8BD095BCE567EE25E9F81CFED7C3D4","startup_urls":"4BACA0A123CEEC7F604DEE13B22F89944CED082B610FDDADE3393F1FC4DDDF17"},"software_reporter":{"prompt_reason":"25AEA272DD275EBA976C2C9FA766B198961306912FB239CB683113AF7E57BDDE","prompt_seed":"CE365360D719BD9A02CC293DA0DF9270E50F0506E34068C71135AE7CA2189BDE","prompt_version":"678FA64B9D36E47C2A411D78E0F6BD375E3C0BC4E91117B730B91C0C3147AD8E"},"sync":{"remaining_rollback_tries":"ACE545FE9676C90C43C3576A33268364C0AC835DEDC15C2A7ACE718C4A021852"}},"super_mac":"3E21ECE9829690DE7CD5DDC1BB2141870FA7864ABEB699611536030432BE3713"},"session":{"restore_on_startup":5,"startup_urls":["http://www.seznam.cz/","http://www.msn. ... &bmod=ASUT"]},"sync":{"remaining_rollback_tries":0}}
C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences
"startup_urls": [ "http://google.cz/" ]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.gooe.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.gooe.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0AD56A9D-57FF-401E-846C-D19A1A5B19DE}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{0AD56A9D-57FF-401E-846C-D19A1A5B19DE} Google Url="https://www.google.com/search?q={searchTerms}"
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGupdate deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LineageII.exe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live Update 5 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrintDisp deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SlipStream deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Super-Charger deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile CManager deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Aldair\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Aldair\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=32 folders=18 128852937 bytes)
==== Empty Temp Folders ======================
C:\Users\Aldair\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Aldair\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Windows\Syswow64\SET3F02.tmpsearch" not found
"C:\Windows\Syswow64\SET3F02.tmpsearch" not found
==== EOF on Łt 26.05.2015 at 13:40:23,17 ======================
dating site with live girls - https://privateladyescorts.com - real adult encounters
Re: prohlížeč
su este problemy 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: prohlížeč
ne,děkuji za pomoc
dating site with live girls - https://privateladyescorts.com - real adult encounters
Re: prohlížeč
super - nemas zac 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?