Gmail - začalo chodiť obrovské množstvo spamu

[matthew_tv]

Zdravím, priatelia.

Mám problém. Dnes som si v práci kontroloval maily a prekvapilo ma čosi, čo sa mi ešte nestalo...bolo to obrovské množstvo spamu v schránke. Počet správ bol 13. Niekto si povie, že to nič nie je, no ja som zvyknutý na jednu správu za 3 dni, takže 13 správ za nejakých 4-5 hodín od predchdzajúcej kontroly schránky je pre mňa dosť. Po práci som si mail skontroloval znovu, bolo tam ďalších 31 správ. Povedal som si, že zatiaľ to zmažem, po chvíli ďalšie dva maily, tak som už na nich vytvoril aj filter, aby mi ich to automaticky mazalo, po ďalších 15 minútach ďalší mail...

Nikde nie je ani tlačidlo na unsurbscribe...za posledné dni som sa nikde neregistroval, na žiadne warez fórum ani nikde inde, jedine na eshop hptonery.eu a myslím, že v tom problém určite nebude.
Používam gmail. Má ešte niekto problém so spamom v schránke gmailu, alebo sa problém týka len mňa?
Správy je ťažké odchytiť filtrom, vždy prichádzajú z inej domény, adresy...

O posledných dvoch mailoch (prijatých počas písania tohto príspevku) mi gmail prezradil:

Bryant_&_Stratton_Medical_Coding_Degree* <-mail-@bmjggctu.pacraig.privateeffects.com>
komu: [môj mail]
dátum: 3. marca 2016, 1:29
predmet: *[moje meno] ,Earn_Your_Degree_in_Medical_Reimbursement_&_Coding - 100%_Online*
šifrovanie: Doména privateeffects.com nezašifrovala túto správu Viac informácií


od: [?] Gift Card Rewards [?][?] <ss@9u80da256.m-net.de>
komu: To
dátum: 3. marca 2016, 1:36
predmet: [?][?] You_have_received a $1OO0_Walmart__Survey Notification [?][?]
odoslané z: medicalrecommendation.net
šifrovanie: Doména medicalrecommendation.net nezašifrovala túto správu Viac informácií

[Rudy]

Zdravím!
Počet spamů se dá ovlivnit poze důsledným uváděním emailové adresy ve tvaru, který nemohou spamboti posbírat. Např. někdo(zavináč)někde.cz . Pokud budete na veřejném webu uvádět ve standardním tvaru, buďte si jist, že budete mít tuny spamu a to celkem rychle. S tím nenaděláte nic.

[matthew_tv]

Dobrý večer.

Ako som už písal, spamové maily v takom počte mi začali chodiť zo dňa na deň bez toho, aby som za niekoľko posledných dni až týždňov niekde mailovú adresu uvádzal.

[Rudy]

OK. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

[matthew_tv]

V tomto problém nebude, ale nech sa páči:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Matthew (administrator) on PC-M (06-03-2016 01:51:28)
Running from D:\DOWNLOADS
Loaded Profiles: Matthew (Available Profiles: Matthew & Tinuška)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(LSoft Technologies Inc) C:\Program Files (x86)\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\HDD Health\HDDHealthService.exe
(Monect) C:\Program Files (x86)\MonectHost\MonectServerService.exe
(Microsoft Corporation) C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
() C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(Rocket Division Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Temp\scoped_dir_8036_26610\old_chrome.exe
() C:\Program Files (x86)\Genius\Imperator\IMhid.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\49.0.2623.40\remoting_host.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\49.0.2623.40\remoting_host.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12632168 2011-07-21] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Imperator] => C:\Program Files (x86)\Genius\Imperator\IMhid.exe [281600 2012-03-01] ()
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe [2636800 2010-07-22] ()
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\Run: [Google Update] => C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\Run: [E8BB9E557DF2F5C8EE22B062707DB3D51C84B852._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [746648 2016-02-18] (Google Inc.)
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\Run: [Dropbox Update] => C:\Users\Matthew\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\Run: [GoogleChromeAutoLaunch_1DCACA8C0EC1716DD73D162837173624] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [746648 2016-02-18] (Google Inc.)
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\MountPoints2: {176ff346-4e45-11e4-b987-50e549e32de2} - E:\iLinker.exe
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\MountPoints2: {54324792-6d3c-11e1-8c8f-0009dd501fae} - E:\M2033.part01.exe
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\MountPoints2: {8e7e1e5f-6d26-11e1-a773-0009dd501fae} - F:\Autorun.exe
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175368 2016-02-24] (NVIDIA Corporation)
AppInit_DLLs: , C:\PROGRA~1\NVIDIA => No File
AppInit_DLLs-x32: ,C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [153392 2016-02-24] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\PROGRA~2\NVIDIA => No File
IFEO\teamviewer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
Startup: C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-02-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\Matthew\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6F16BDAB-32D3-471E-A78E-46DD7AA8447D}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130928794088088794&GUID=123E78FE-8EC2-4341-B92E-49F53C16837B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130928794088088794&GUID=123E78FE-8EC2-4341-B92E-49F53C16837B
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1447 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1447 ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=14475938 ... xxz1e0a6vt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=14475938 ... xxz1e0a6vt
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1447 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1447 ... earchTerms}
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1447 ... earchTerms}
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130928794088098795&GUID=123E78FE-8EC2-4341-B92E-49F53C16837B
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=14475938 ... xxz1e0a6vt
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1447 ... earchTerms}
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.qip.ru/ie
URLSearchHook: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> Default = {95289393-33EA-4F8D-B952-483415B9C955}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=139&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {95289393-33EA-4F8D-B952-483415B9C955} URL = hxxp://search.qip.ru/?query={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=139&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> {98527513-9680-4192-A399-C2DCD36BEC34} URL = hxxp://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=5f3303100000000000000009dd501fae&q={searchTerms}&r=631
SearchScopes: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=139&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = hxxp://search.qip.ru/search?query={searchTerms}&from=IE
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: QIPBHO Class -> {95289393-33EA-4F8D-B952-483415B9C955} -> C:\Users\Matthew\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2009-06-17] (qip.ru)
Toolbar: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

FireFox:
========
FF ProfilePath: C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default
FF NewTab: chrome://quick_start/content/index.html
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll [2013-01-30] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-02-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2249447251-1292941661-1166442940-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2249447251-1292941661-1166442940-1000: @talk.google.com/O1DPlugin -> C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2249447251-1292941661-1166442940-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Matthew\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-2249447251-1292941661-1166442940-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Matthew\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF user.js: detected! => C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\user.js [2013-06-04]
FF Plugin ProgramFiles/Appdata: C:\Users\Matthew\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Matthew\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\searchplugins\privitize.xml [2013-06-04]
FF SearchPlugin: C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\searchplugins\spamfreesearch.xml [2013-03-01]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml [2015-11-15]
FF Extension: CinemaP-1.9cV17.07 - C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\extensions\AVJYFVOD75109374@HCDE39471360.com [2015-07-17] [not signed]
FF Extension: WebSite Recommendation - C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\extensions\WebSiteRecommendation@weliketheweb.com [2015-11-15] [not signed]
FF Extension: deskCut - C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\extensions\deskCutv2@gmail.com [2015-11-15] [not signed]
FF Extension: Firefox OS Simulator - C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\Extensions\r2d2b2g@mozilla.org [2013-04-05] [not signed]
FF Extension: BS Player ControlBar B - C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\Extensions\{31264a33-a653-46c4-af49-1232c59a7da5} [2014-09-13] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\extensions\deskCutv2@gmail.com
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.searchnu.com/406","hxxp://blekko.co ... xxz1e0a6vt"
CHR NewTab: Default -> "chrome-extension://dgpdioedihjhncjafcpgbbjdpbbkikmi/speeddial.html"
CHR Session Restore: Default -> is enabled.
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Facebook Desktop) - C:\Users\Matthew\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll => No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Matthew\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => No File
CHR Profile: C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (James White) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2014-07-20]
CHR Extension: (YouTube) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Google Search) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Speed Dial) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi [2014-08-04]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2016-01-03]
CHR Extension: (Kalendár Google) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-22]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-02-18]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-22]
CHR Extension: (Bookmark Manager) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2016-02-02]
CHR Extension: (Google Keep – poznámky a zoznamy) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-03-02]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2015-02-02]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-02-14]
CHR Extension: (Pocket) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2016-02-04]
CHR Extension: (Google Hangouts) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-12-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Gmail) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (YouTube to MP3 Button) - C:\Users\Tinuška\Desktop\flvto [2015-09-25]
CHR Profile: C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5
CHR Extension: (Prezentácie Google) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-13]
CHR Extension: (Dokumenty Google) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-13]
CHR Extension: (Disk Google) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-13]
CHR Extension: (YouTube) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-13]
CHR Extension: (Google Search) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-13]
CHR Extension: (Tabuľky Google) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-13]
CHR Extension: (Youtube MP3 Converter) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\hglljpndoeopcpehilglkbnincooinnb [2015-09-13] [UpdateUrl: hxxp://www.flvto.com/chrome_version.xml] <==== ATTENTION
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-09-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-13]
CHR Extension: (Gmail) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-13]
CHR HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Matthew\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-02-10]
CHR HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Matthew\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2014-01-16]
CHR HKLM-x32\...\Chrome\Extension: [hglljpndoeopcpehilglkbnincooinnb] - C:\Users\Matthew\AppData\Local\Flvto Plugin for Google Chrome\the_extension.crx [2013-08-30]
StartMenuInternet: Google Chrome.Kubo - C:\Users\Kubo\AppData\Local\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome.M6SA37FELGPZBWJYAHJF3RX33E - C:\Users\Kubo\AppData\Local\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome.Rodičia - C:\Users\Rodičia\AppData\Local\Google\Chrome\Application\chrome.exe

Opera:
=======
OPR Extension: (YouTube™ Auto HD-LQ) - C:\Users\Matthew\AppData\Roaming\Opera Software\Opera Stable\Extensions\ffhgcaphggeinepalgnajphijbndmmhp [2015-11-03]
OPR Extension: (Direct Currency Converter) - C:\Users\Matthew\AppData\Roaming\Opera Software\Opera Stable\Extensions\jionklhcihkojemcnabgmdahckalngcl [2015-11-03]
OPR Extension: (Opera Bookmarks Share Portal) - C:\Users\Matthew\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-07-17]
OPR Extension: (Adblock Plus) - C:\Users\Matthew\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-11-03]
OPR Extension: (Google™ Keep) - C:\Users\Matthew\AppData\Roaming\Opera Software\Opera Stable\Extensions\pfdafkloejmpdifkkmfimkpbpggfihce [2015-11-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Active@ Disk Monitor; C:\Program Files (x86)\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe [237792 2012-10-23] (LSoft Technologies Inc)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\49.0.2623.40\remoting_host.exe [69016 2016-02-05] (Spoločnosť Google Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
R2 HDDHealth; C:\Program Files (x86)\HDD Health\HDDHealthService.exe [17760 2013-03-08] () [File not signed]
R3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 MonectServerService; C:\Program Files (x86)\MonectHost\MonectServerService.exe [72192 2014-10-29] (Monect) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 MSSQL$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [7520337 2002-12-17] (Microsoft Corporation) [File not signed]
S3 MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
R2 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed]
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S3 SQLAgent$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [311872 2002-12-17] (Microsoft Corporation) [File not signed]
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2143552 2012-04-05] (TuneUp Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ChromeService; C:\Program Files (x86)\chrome\chrome.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [29184 2015-05-12] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2015-05-12] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2015-05-12] (LG Electronics Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GPCIDrv; C:\Program Files (x86)\Gigabyte\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2010-02-04] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-10-01] ()
S3 hugoio64; C:\Windows\system32\drivers\hugoio64.sys [13920 2014-12-01] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2014-09-22] (REALiX(tm))
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2012-04-20] (ITE )
R3 KYEGKB; C:\Windows\System32\drivers\KYEGKB.sys [25600 2011-09-05] ( )
R3 monectdevices; C:\Windows\System32\DRIVERS\monectdevices.sys [15768 2013-12-03] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2010-08-16] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2010-08-16] ()
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
S3 SNP325; C:\Windows\System32\DRIVERS\snp325.sys [10733184 2007-11-22] (Sonix Co. Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2012-03-13] () [File not signed]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2012-03-29] (TuneUp Software)
S3 wceusbsh; C:\Windows\System32\DRIVERS\wceusbsh.sys [119552 2005-03-24] (Microsoft Corporation) [File not signed]
U3 acap4rgy; C:\Windows\System32\Drivers\acap4rgy.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 7ByteIO; \??\C:\Program Files (x86)\Hot CPU Tester Pro 4 LE\SysInfoX64.sys [X]
S3 ALSysIO; \??\C:\Users\Matthew\AppData\Local\Temp\ALSysIO64.sys [X]
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 usbspbus; system32\DRIVERS\lgspbus64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-06 01:50 - 2016-03-06 01:51 - 00000000 ____D C:\FRST
2016-03-03 15:52 - 2016-03-03 20:58 - 00000000 ____D C:\Users\Tinuška\Desktop\tehu
2016-03-02 00:09 - 2016-02-23 21:39 - 00111672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-03-02 00:06 - 2016-02-24 00:58 - 42983992 _____ C:\Windows\system32\nvcompiler.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 37616184 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 31081920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 24914880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 21193032 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 20733832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 17625136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 17218792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 16995384 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 12381632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-03-02 00:06 - 2016-02-24 00:58 - 03143616 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 02722872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 01922496 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436200.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436200.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00950328 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00880576 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00747064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00689600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00502080 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00468960 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00388560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00151184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-02-29 19:31 - 2016-02-29 19:31 - 00000000 ____D C:\Users\Tinuška\AppData\Local\Viber
2016-02-29 19:16 - 2016-02-29 19:16 - 00000000 ____D C:\Users\Tinu�ka\AppData\Local\Adobe
2016-02-29 19:16 - 2016-02-29 19:16 - 00000000 ____D C:\Users\Tinu�ka
2016-02-22 19:18 - 2016-02-22 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-02-22 19:18 - 2016-02-22 19:18 - 00000000 ____D C:\ProgramData\Apple Computer
2016-02-22 19:18 - 2016-02-22 19:18 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-02-20 16:33 - 2016-02-20 16:33 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-17 15:40 - 2016-02-17 15:40 - 00000000 ____D C:\Windows\LastGood
2016-02-17 15:39 - 2016-02-09 09:39 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436191.dll
2016-02-17 15:39 - 2016-02-09 09:39 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436191.dll
2016-02-09 07:56 - 2016-02-08 00:22 - 184525328 ____N C:\Users\Matthew\Desktop\20160126_085059.mp4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-06 01:50 - 2015-06-19 19:20 - 00000926 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000UA.job
2016-03-06 01:49 - 2012-02-10 19:55 - 00000954 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000UA.job
2016-03-06 01:19 - 2012-04-16 16:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-06 01:14 - 2012-02-11 01:18 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-06 00:01 - 2009-07-14 05:45 - 00029376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-06 00:01 - 2009-07-14 05:45 - 00029376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-05 16:02 - 2012-02-10 19:55 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000Core.job
2016-03-05 15:14 - 2012-02-11 01:18 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-05 13:49 - 2015-06-19 19:20 - 00000874 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000Core.job
2016-03-03 23:50 - 2012-02-11 14:40 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-03 23:06 - 2015-09-07 22:41 - 00000000 ____D C:\Users\Tinuška\AppData\Roaming\ViberPC
2016-03-03 17:37 - 2014-07-22 15:06 - 00003840 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1375990013
2016-03-03 17:37 - 2013-08-08 20:26 - 00000000 ____D C:\Program Files (x86)\Opera
2016-03-03 15:35 - 2016-01-16 00:34 - 00000000 ____D C:\Users\Tinuška\Desktop\vsetko z mobilu
2016-03-03 13:39 - 2014-08-09 21:37 - 00000000 ____D C:\Users\Tinuška\AppData\Local\NVIDIA Corporation
2016-03-02 00:09 - 2014-06-05 12:37 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-02 00:09 - 2013-06-13 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-03-02 00:09 - 2013-06-13 11:43 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-02 00:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-29 23:53 - 2013-11-21 01:07 - 00000000 ____D C:\Users\Matthew\AppData\Local\NVIDIA Corporation
2016-02-29 23:53 - 2013-06-13 18:11 - 00000000 ____D C:\Users\Matthew\AppData\Local\NVIDIA
2016-02-29 18:28 - 2015-09-07 22:42 - 00000000 ____D C:\Users\Tinuška\Documents\ViberDownloads
2016-02-24 00:58 - 2015-08-11 00:08 - 14016768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-02-24 00:58 - 2015-06-01 21:55 - 18758400 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-02-24 00:58 - 2015-01-24 00:01 - 16328088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-02-24 00:58 - 2015-01-24 00:01 - 03259872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-02-24 00:58 - 2014-06-05 12:35 - 03684072 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-02-24 00:58 - 2014-06-05 12:35 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-02-24 00:58 - 2014-06-05 12:35 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-02-24 00:58 - 2014-06-05 12:35 - 00034905 _____ C:\Windows\system32\nvinfo.pb
2016-02-23 21:45 - 2016-01-03 11:22 - 00532024 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-02-23 21:45 - 2016-01-03 11:22 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-02-23 21:45 - 2014-06-05 12:37 - 06367168 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-02-23 21:45 - 2014-06-05 12:37 - 02992064 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-02-23 21:45 - 2014-06-05 12:37 - 02563128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-02-23 21:45 - 2014-06-05 12:37 - 01263040 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-02-23 21:45 - 2014-06-05 12:37 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-02-23 21:45 - 2014-06-05 12:37 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-02-23 21:28 - 2014-06-05 12:37 - 06154909 _____ C:\Windows\system32\nvcoproc.bin
2016-02-20 16:33 - 2012-09-04 17:50 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\Dropbox
2016-02-19 21:17 - 2014-08-09 21:41 - 00002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-18 23:25 - 2016-01-29 18:25 - 00000000 ____D C:\Users\Matthew\Desktop\FoFo music
2016-02-18 23:22 - 2013-07-20 17:04 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\AIMP3
2016-02-17 14:22 - 2012-02-11 01:18 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-17 07:40 - 2016-01-03 11:14 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-02-17 07:40 - 2014-06-05 12:14 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-02-17 07:40 - 2014-06-05 12:14 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-02-17 07:40 - 2013-10-28 15:01 - 01903344 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-02-17 07:40 - 2013-10-28 15:01 - 01571624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-02-16 15:17 - 2015-11-09 13:55 - 00002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-14 19:34 - 2009-07-14 06:13 - 00813068 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-13 18:21 - 2015-10-16 22:04 - 00000000 ____D C:\Program Files (x86)\LG Electronics
2016-02-13 16:33 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-13 16:00 - 2012-02-10 19:30 - 13244881 ____H C:\Users\Matthew\AppData\Local\IconCache.db.backup
2016-02-10 01:19 - 2012-04-16 16:14 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-10 01:19 - 2012-04-16 16:14 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-10 01:19 - 2012-02-11 01:13 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-09 09:39 - 2015-08-11 00:08 - 14016576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\SETE65D.tmp
2016-02-09 09:39 - 2015-06-01 21:55 - 18758400 _____ (NVIDIA Corporation) C:\Windows\system32\SETDCEF.tmp
2016-02-09 09:39 - 2015-01-24 00:01 - 16327896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\SETEC4E.tmp
2016-02-09 09:39 - 2015-01-24 00:01 - 03259688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\SETDF65.tmp
2016-02-09 09:39 - 2014-06-05 12:35 - 03684072 _____ (NVIDIA Corporation) C:\Windows\system32\SETCE71.tmp
2016-02-09 09:39 - 2014-06-05 12:35 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\SETD5C8.tmp
2016-02-09 09:39 - 2014-06-05 12:35 - 00153208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\SETE6AD.tmp
2016-02-09 08:24 - 2015-11-09 19:24 - 00000000 ____D C:\ProgramData\LGMOBILEAX
2016-02-09 08:23 - 2016-01-04 21:35 - 00000000 ____D C:\Users\Matthew\AppData\Local\CrashDumps
2016-02-09 08:23 - 2015-11-09 20:45 - 00000000 ____D C:\LGMobileUpgrade

==================== Files in the root of some directories =======

2014-01-01 10:31 - 2014-01-01 10:31 - 0000247 _____ () C:\Program Files (x86)\CrxInstaller.aoi
2013-02-28 23:54 - 2013-02-28 23:54 - 0000132 _____ () C:\Users\Matthew\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2015-05-27 14:09 - 2015-06-09 18:30 - 0000132 _____ () C:\Users\Matthew\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2012-02-10 23:04 - 2012-02-10 23:05 - 0000412 _____ () C:\Users\Matthew\AppData\Roaming\All CPU Meter_Settings.ini
2015-07-05 13:14 - 2015-07-05 13:24 - 0001480 _____ () C:\Users\Matthew\AppData\Local\Adobe Uložit pro web 12.0 Prefs
2012-02-10 19:44 - 2012-04-01 12:21 - 0007628 _____ () C:\Users\Matthew\AppData\Local\Resmon.ResmonCfg
2012-07-28 11:30 - 2012-07-28 13:46 - 0001836 _____ () C:\Users\Matthew\AppData\Local\SRDownloader.err
2012-07-28 11:29 - 2012-07-28 19:40 - 0001016 _____ () C:\Users\Matthew\AppData\Local\SRDownloader.nast
2014-10-13 19:08 - 2014-10-13 19:08 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-11-22 00:32 - 2015-11-22 00:32 - 0148736 _____ (Avanquest Software) C:\ProgramData\hpe665A.dll
2012-03-03 18:58 - 2014-10-01 12:14 - 0019926 _____ () C:\ProgramData\hpzinstall.log
2012-09-15 18:46 - 2012-09-15 18:48 - 0034308 _____ () C:\ProgramData\mazuki.dll

Files to move or delete:
====================
C:\ProgramData\hpe665A.dll
C:\ProgramData\mazuki.dll


Some files in TEMP:
====================
C:\Users\Matthew\AppData\Local\Temp\cpuz165.exe
C:\Users\Matthew\AppData\Local\Temp\drm_dyndata_7380012.dll
C:\Users\Matthew\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5hz0jp.dll
C:\Users\Matthew\AppData\Local\Temp\eauninstall.exe
C:\Users\Matthew\AppData\Local\Temp\ExPromo.exe
C:\Users\Matthew\AppData\Local\Temp\free-screen-capture.exe
C:\Users\Matthew\AppData\Local\Temp\gert0.exe
C:\Users\Matthew\AppData\Local\Temp\guninst.exe
C:\Users\Matthew\AppData\Local\Temp\GUR3487.exe
C:\Users\Matthew\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Matthew\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Matthew\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Matthew\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Matthew\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Matthew\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Matthew\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Matthew\AppData\Local\Temp\KMP_3.7.0.109.exe
C:\Users\Matthew\AppData\Local\Temp\KMP_3.9.0.126.exe
C:\Users\Matthew\AppData\Local\Temp\KMP_3.9.0.127.exe
C:\Users\Matthew\AppData\Local\Temp\LG+Root.zip__10924_i1743538913_il1671234.exe
C:\Users\Matthew\AppData\Local\Temp\LG+Root.zip__10924_i1743545495_il1672632.exe
C:\Users\Matthew\AppData\Local\Temp\Need for Speed Most Wanted_uninst.exe
C:\Users\Matthew\AppData\Local\Temp\NSISCodec.dll
C:\Users\Matthew\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Matthew\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Matthew\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\Matthew\AppData\Local\Temp\nvStInst.exe
C:\Users\Matthew\AppData\Local\Temp\Offercast36_NDV_.exe
C:\Users\Matthew\AppData\Local\Temp\ShellHook.dll
C:\Users\Matthew\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Matthew\AppData\Local\Temp\SRLDetectionLibrary705607066647483964.dll
C:\Users\Matthew\AppData\Local\Temp\uninst1.exe
C:\Users\Matthew\AppData\Local\Temp\uttAFF2.tmp.exe
C:\Users\Matthew\AppData\Local\Temp\vcredist_x86_2008.exe
C:\Users\Matthew\AppData\Local\Temp\vcredist_x86_2010.exe
C:\Users\Matthew\AppData\Local\Temp\_isF632.exe
C:\Users\Tinuška\AppData\Local\Temp\jre-8u65-windows-au.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-02 22:45

==================== End of FRST.txt ============================

[matthew_tv]

A ten druhý log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Matthew (2016-03-06 01:52:14)
Running from D:\DOWNLOADS
Windows 7 Ultimate Service Pack 1 (X64) (2012-02-10 18:30:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2249447251-1292941661-1166442940-500 - Administrator - Disabled)
Guest (S-1-5-21-2249447251-1292941661-1166442940-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2249447251-1292941661-1166442940-1005 - Limited - Enabled)
Matthew (S-1-5-21-2249447251-1292941661-1166442940-1000 - Administrator - Enabled) => C:\Users\Matthew
Tinuška (S-1-5-21-2249447251-1292941661-1166442940-1007 - Administrator - Enabled) => C:\Users\Tinuška

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.12 - GIGABYTE)
µTorrent (HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
A4tech USB Mouse Quality Testing Program V6.0 (HKLM-x32\...\{361693F2-A153-4359-A4CB-A1B9FF2AA5E6}) (Version: 6.0.0000 - A4TECH)
Active@ Hard Disk Monitor (HKLM-x32\...\{1C42D474-BDBD-4200-829D-28246879365D}) (Version: 3.1.9 - LSoft Technologies Inc)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
AIMP Control Plugin 1.0.12 (HKLM-x32\...\{F171581D-00CD-4E77-8982-B1B68FDCAAFA}_is1) (Version: 1.0.12 - Alexey Ivanov)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1355, 14.07.2014 - AIMP DevTeam)
AirDroid 3.0.0 (HKLM-x32\...\AirDroid) (Version: 3.0.0 - Sand Studio)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_ENTERPRISE_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_ENTERPRISE_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_ENTERPRISE_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
Aktualizácie NVIDIA 2.10.2.40 (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Anti-Vibrate Oscar Editor (HKLM-x32\...\InstallShield_{D8A790CB-CF32-4135-AAAE-6BA5A75C5DBF}) (Version: 10.07.0002 - A4TECH)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Wireless Router Firmware Restoration Utility (HKLM-x32\...\{8CA9C449-C551-4DA2-A423-F0F62E6A04CB}) (Version: 2.0.0.0 - ASUS)
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
Carambis Driver Updater (HKLM-x32\...\Driver Updater) (Version: 2.4.2.9632 - ROSTPAY LTD)
CCleaner (HKLM\...\CCleaner) (Version: 3.17 - Piriform)
Compiled Driver Disk (Android) 1.0 (HKLM\...\{759A91E8-0024-45F3-A8F3-CDC5E13B4425}_is1) (Version: 1.0.3.0 - COMPELSON Labs)
Compiled Driver Disk (MediaTek) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-705480811207}_is1) (Version: 1.0.3.0 - COMPELSON Labs)
Compiled Driver Disk (Samsung) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-705480811206}_is1) (Version: 1.0.3.0 - COMPELSON Labs)
CoreAAC (HKLM-x32\...\CoreAAC) (Version: - )
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated)
CPUID CPU-Z 1.60 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DMIView B8.0717.01 (HKLM-x32\...\{3EE1008C-11A1-4F4F-8DB7-27573924DE78}) (Version: 1.4 - Gigabyte)
Doplnok Microsoft Save as PDF or XPS pre programy balíka 2007 Microsoft Office (HKLM-x32\...\{90120000-00B2-041B-0000-0000000FF1CE}) (Version: 12.0.4518.1039 - Microsoft Corporation)
Dropbox (HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
DTS+AC3 ÇĘĹÍ (HKLM-x32\...\DtsFilter) (Version: - )
Duplicate Cleaner Free 3.2.4 (HKLM-x32\...\Duplicate Cleaner Free) (Version: 3.2.4 - DigitalVolcano Software Ltd) <==== ATTENTION
EAGLE 7.3.0 (HKLM\...\EAGLE 7.3.0) (Version: 7.3.0 - CadSoft Computer GmbH)
Easy Tune 6 B11.0823.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0823.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.104 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.104 - Etron Technology) Hidden
EVEREST Ultimate Edition v4.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 4.50 - Lavalys, Inc.)
F1 2013 (HKLM-x32\...\Steam App 223670) (Version: - Codemasters Birmingham)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.30.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.30.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.0.7.0873 - Gretech Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.74.5237 - Gretech Corporation)
GOM Video Converter (HKLM-x32\...\GOM Video Converter) (Version: 1.1.0.67 - Gretech Corporation)
Google Drive (HKLM-x32\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Spoločnosť Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HDD Health v4.2 (HKLM-x32\...\HDD Health_is1) (Version: - )
HI-TECH C51-lite V9.60PL0 (HKLM-x32\...\HC51 9.60PL0) (Version: 9.60 - HI-TECH Software)
HI-TECH PICC lite V9.60PL0 (HKLM-x32\...\PICC 9.60PL0) (Version: 9.60 - HI-TECH Software)
HP Deskjet 2540 series Basic Device Software (HKLM\...\{6A79CD11-0C1C-4E24-A8C6-46A02F680346}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 2540 series Help (HKLM-x32\...\{4539575D-C09D-4E71-B207-0F2D6BD74DA2}) (Version: 30.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HWiNFO64 Version 4.44 (HKLM\...\HWiNFO64_is1) (Version: 4.44 - Martin Malík - REALiX)
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.0 - Abelssoft)
Chrome Remote Desktop Host (HKLM-x32\...\{EBFF2EA1-3944-4CA2-89FA-8B70C0058DD3}) (Version: 49.0.2623.40 - Google Inc.)
i-Menu 3.8 (HKLM-x32\...\i-Menu_is1) (Version: - AOC)
Imperator Gaming Keyboard (HKLM-x32\...\{12A8DEA6-1DA3-403F-BD28-D61C3908117F}}_is1) (Version: - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
K-Lite Codec Pack 9.8.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.8.0 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.0.4 - LG Electronics)
LG One Click Root (HKLM-x32\...\{5085AFF1-777B-4052-85D1-59140D26DB28}) (Version: 1.3.0.0 - avicohh software)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics)
LG USB WML Modem Driver (HKLM-x32\...\{FBA0CA60-8BF2-4381-B819-74F020E165A9}) (Version: 1.0 - LG Electronics)
LGFlashTool 1.8.6.527 (HKLM-x32\...\LGFlashTool) (Version: 1.8.6.527 - LGE)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR) (HKLM-x32\...\{E09B48B5-E141-427A-AB0C-D3605127224A}) (Version: 8.00.761 - Microsoft Corporation)
Microsoft Virtual PC 2007 (HKLM\...\{8A7CAA24-7B23-410B-A7C3-F994B0944160}) (Version: 6.0.156.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 5.2 (HKLM-x32\...\{12FEC00C-027C-4A34-9AAB-562EDA43DC18}_is1) (Version: - MiniTool Solution Ltd.)
MiniTool Power Data Recovery (HKLM-x32\...\MiniTool Power Data Recovery_is1) (Version: - MiniTool Solution Ltd.)
MonectHost (HKLM-x32\...\Monect) (Version: 4.0.1.2 - monect.com)
Mozilla Firefox 16.0.2 (x86 sk) (HKLM-x32\...\Mozilla Firefox 16.0.2 (x86 sk)) (Version: 16.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 16.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{98EFD8F0-08DE-48DB-B922-A2EBAB711051}) (Version: 7.03.1151 - Nero AG)
NVIDIA 3D Vision radič ovládača 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Grafický ovládač 362.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 362.00 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 362.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 362.00 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Omnius for SE v1.41 (HKLM-x32\...\Omnius for SE) (Version: v1.41 - Omnius Team)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 30.0.1835.88 (HKLM-x32\...\Opera 30.0.1835.88) (Version: 30.0.1835.88 - Opera Software)
Opera Stable 35.0.2066.92 (HKLM-x32\...\Opera 35.0.2066.92) (Version: 35.0.2066.92 - Opera Software)
OSCAR Editor (x32 Version: 10.07.0002 - A4TECH) Hidden
Ovládací panel NVIDIA 362.00 (Version: 362.00 - NVIDIA Corporation) Hidden
Pandora Service (HKLM-x32\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version: - Pandora.TV) <==== ATTENTION
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Potplayer (HKLM-x32\...\PotPlayer) (Version: - Kakao Corp.)
Product Improvement Study for HP Deskjet 2540 series (HKLM\...\{DF34643B-A745-430C-B27B-A48F853C81E4}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.531.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6423 - Realtek Semiconductor Corp.)
ROCCAT Power-Grid version 0.458 (HKLM-x32\...\{953CF6E6-4EC8-4E55-A263-720CEBD591FE}_is1) (Version: 0.458 - ROCCAT GmbH)
SAMSUNG CDMA Modem Driver Set (HKLM-x32\...\SAMSUNG CDMA Modem) (Version: - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12054_19 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.2.12054_19 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.9.0 - SAMSUNG Electronics Co., Ltd.)
Scorpions WinCheater (HKLM-x32\...\Scorpions WinCheater 2.07 (s databází 136)_is1) (Version: - )
Scorpions WinCheater (HKLM-x32\...\Scorpions WinCheater 2.07 (s databází 147)_is1) (Version: - )
Screen+ 1.0 (HKLM-x32\...\Screen+_is1) (Version: - AOC)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Simple XML Editor (HKLM-x32\...\{0BED02A4-4AD6-4375-94EF-0DEE0873C33B}_is1) (Version: - EzTools Software)
SnadBoy's Revelation v2 (HKLM-x32\...\SnadBoy's Revelation v2) (Version: 2.0.1.100 - SnadBoy Software)
Sony Vegas 7.0c (HKLM-x32\...\{0E27A421-0701-43D6-B214-D90C92821A7A}) (Version: 7.0.169 - Sony)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\{A92D0DBB-834A-4CAD-A434-F2232C692516}) (Version: 6.1.4.0 - Husdawg, LLC)
System Requirements Lab (Test) (HKLM-x32\...\{9BFD3F1F-E5FD-4358-988F-FC9A9446286D}) (Version: 6.0.3.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{5BC35960-37F9-4331-BE5F-739E5FC045A5}) (Version: 6.1.6.0 - Husdawg, LLC)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 beta 13 - Ghisler Software GmbH)
TuneUp Utilities 2012 (HKLM-x32\...\TuneUp Utilities 2012) (Version: 12.0.3500.14 - TuneUp Software)
TuneUp Utilities 2012 (x32 Version: 12.0.3500.14 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-US) (x32 Version: 12.0.3500.14 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Manager B10.0728.1 (HKLM-x32\...\{2913C8E7-612B-47DA-B18D-A23E1A1B16E3}) (Version: 1.00.0000 - Gigabyte)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}) (Version: 1.0.24.0 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Movie Maker (HKLM\...\Windows Movie Maker) (Version: 6.0.6002.18005 - Microsoft Corporation)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
WinRAR 5.01 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Xilisoft Video Converter Standard 6 (HKLM-x32\...\Xilisoft Video Converter Standard 6) (Version: 6.8.0.1101 - Xilisoft)
Xpand Rally Xtreme (HKLM-x32\...\Steam App 3050) (Version: - Techland)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Matthew\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Matthew\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Matthew\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {162D353F-9766-44DA-BE63-07AC8BA21AE6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000UA => C:\Users\Matthew\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {264D206E-0D8B-44BD-A4C7-B4A796A0F2CD} - System32\Tasks\CarambisDriverUpdaterUACDisablingTask => C:\Program Files (x86)\Carambis\Driver Updater\dupdater.exe [2015-11-09] (ROSTPAY LTD)
Task: {27EB6F40-06D6-4064-B623-F9A75190FAFC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1002Core => C:\Users\Rodičia\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {2AA07192-932A-4BD5-BFD7-E92BD59D139E} - System32\Tasks\AdobeAAMUpdater-1.0-PC-M-Matthew => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {2E60D119-FFD0-4C5D-967A-6F3199184E6E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000UA => C:\Users\Matthew\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {30B243DF-DD62-43E1-B1D1-5E0474811320} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {3692DE20-74AE-4EC6-A9D7-FE77BD93BFCB} - System32\Tasks\{165DADDC-1F17-40DE-97FA-C620F364166C} => pcalua.exe -a "D:\GAMES\MAFiA II (2010) CZ\Install\pc\mafia2_update_3_trainer_11\mafia2_update_3_trainer_11\rzr-m2u3.exe" -d "D:\GAMES\MAFiA II (2010) CZ\Install\pc\mafia2_update_3_trainer_11\mafia2_update_3_trainer_11"
Task: {36DF6D19-EED0-4B73-BEE2-B6054629AD2E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {3786FF7D-4EE4-49B2-817B-CEB9DE591B6A} - System32\Tasks\{1425132C-48A5-4382-ACEF-31F4818CFF52} => pcalua.exe -a C:\Users\Kubo\Desktop\rzr-m2u3.exe -d C:\Users\Kubo\Desktop
Task: {3B58E499-3BCF-405A-9966-BF2E174DA687} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3C53C4D5-078F-4514-A32A-056907652DD3} - System32\Tasks\InstallShield Software online update program => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe [2005-02-17] (InstallShield Software Corporation)
Task: {40F45824-B5CA-44B5-BC71-44DE8E36E32E} - System32\Tasks\HP AR Program Upload - d63b214c22e2452bace3ce2838327f03cf3f7694a56a4ce39cb78a394efcf44e => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {59BF4490-ED8E-4B15-A4C8-CA226C71634F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {6D2B36BA-2029-4E6C-A250-589D67FE254A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1002UA => C:\Users\Rodičia\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {7AF29494-470C-451E-BE0A-86343368390F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000Core => C:\Users\Matthew\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {94E61014-B420-4028-973A-04B7D703DD2D} - System32\Tasks\HP AR Program Upload - d352be44e5a7463991d1d58e5ea43f3603e7aeb24510408f8733721dc8768a80 => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {964A0A4C-D501-45CF-B268-D93C196E1690} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000Core => C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A7B4138B-18C3-4F1C-8561-E1F0BCDB424A} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {B357D015-2833-44D5-B960-88293B4C007D} - System32\Tasks\Google Updater and Installer => C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {BBB58B5E-44DF-4DDA-B56D-567C84E00F23} - System32\Tasks\Opera scheduled Autoupdate 1375990013 => C:\Program Files (x86)\Opera\launcher.exe [2016-03-01] (Opera Software)
Task: {C5EEE393-2B60-44D2-9142-5E7E38C2A891} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {C6544D6E-35EA-4F12-95D5-38A753264C92} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {C679F90A-A741-4863-B885-841374682A58} - System32\Tasks\EPUpdater => C:\Users\Kubo\AppData\Roaming\BabSolution\Shared\BabMaint.exe <==== ATTENTION
Task: {C93EF8FA-B8AE-47B6-B872-5C6A413B4C29} - System32\Tasks\HP online update program => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {D1E5C40B-88CE-427A-9331-E6ADD6DB04A1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000Core => C:\Users\Matthew\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {E02539A7-44AA-4111-826F-F3D34903BD23} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000UA => C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {E2FD2031-A7D6-4D4B-BEEF-AEDEDD54D1E2} - System32\Tasks\{1BC5AB72-B573-44B6-AA30-79CB3ABE234B} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?page=tsProgressBar
Task: {E303E854-4662-42D1-B705-09B648A44AEE} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe [2008-06-27] ()
Task: {E615072B-4285-4283-9428-0D2656952743} - System32\Tasks\AdobeAAMUpdater-1.0-PC-Matthew => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {E6F03614-DD8C-4B73-872C-20B367C2C93E} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {F7B928D6-066D-43D2-9B86-EAD4484D5094} - System32\Tasks\AdobeAAMUpdater-1.0-PC-Tinuška => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AdobeAAMUpdater-1.0-PC-Matthew.job => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000Core.job => C:\Users\Matthew\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000UA.job => C:\Users\Matthew\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000Core.job => C:\Users\Matthew\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000UA.job => C:\Users\Matthew\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000Core.job => C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000UA.job => C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-05-27 11:43 - 2013-03-08 08:54 - 00017760 _____ () C:\Program Files (x86)\HDD Health\HDDHealthService.exe
2015-11-22 00:32 - 2009-04-30 12:23 - 00090112 _____ () C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2011-08-31 19:13 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-07-22 14:18 - 2010-07-22 14:18 - 02636800 _____ () C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
2014-01-18 21:56 - 2012-03-01 17:44 - 00281600 _____ () C:\Program Files (x86)\Genius\Imperator\IMhid.exe
2016-02-29 23:52 - 2016-02-17 07:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-02-29 23:52 - 2016-02-17 07:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-01-03 11:13 - 2016-02-17 07:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2014-06-05 12:37 - 2016-02-23 21:45 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-27 11:37 - 2012-06-13 09:33 - 02300416 _____ () C:\Program Files (x86)\LSoft Technologies Inc\Active@ Hard Disk Monitor\QtCore4.dll
2015-05-27 11:37 - 2012-01-18 05:39 - 00979456 _____ () C:\Program Files (x86)\LSoft Technologies Inc\Active@ Hard Disk Monitor\QtNetwork4.dll
2013-05-02 14:39 - 2012-10-22 10:21 - 01277952 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avformat-53.dll
2013-05-02 14:39 - 2012-07-09 16:57 - 02090496 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avcodec-53.dll
2013-05-02 14:39 - 2011-12-06 15:19 - 00133632 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avutil-51.dll
2013-05-02 14:39 - 2012-03-23 09:07 - 00224768 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\libupnp.dll
2010-06-01 11:41 - 2010-06-01 11:41 - 00098816 _____ () C:\Program Files (x86)\Anti-Vibrate Oscar Editor\DLL\DLL_MouseDeviceManager.dll
2010-04-03 11:37 - 2010-04-03 11:37 - 00094208 _____ () C:\Program Files (x86)\Anti-Vibrate Oscar Editor\DLL\DLL_ZoomControl.dll
2010-04-03 11:37 - 2010-04-03 11:37 - 00062976 _____ () C:\Program Files (x86)\Anti-Vibrate Oscar Editor\DLL\DLL_ScrollbarControl.dll
2010-04-03 11:37 - 2010-04-03 11:37 - 00069632 _____ () C:\Program Files (x86)\Anti-Vibrate Oscar Editor\DLL\DLL_AnalyzeGesturesInRight.dll
2010-04-03 11:36 - 2010-04-03 11:36 - 00069632 _____ () C:\Program Files (x86)\Anti-Vibrate Oscar Editor\DLL\DLL_AnalyzeGesturesInOne.dll
2010-04-03 11:37 - 2010-04-03 11:37 - 00127488 _____ () C:\Program Files (x86)\Anti-Vibrate Oscar Editor\DLL\DLL_Wheel4D.dll
2010-05-07 23:05 - 2010-05-07 23:05 - 00042496 _____ () C:\Program Files (x86)\Anti-Vibrate Oscar Editor\Data\X7H\Forms\OSD_Text\OSD_Text.dll
2015-04-07 17:47 - 2016-02-17 08:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-05-01 15:15 - 2014-05-01 15:15 - 00463360 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll
2013-03-12 17:10 - 2015-12-15 06:54 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 16:01 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-20 16:01 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 16:01 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-06-05 17:49 - 2016-02-04 22:02 - 02546768 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-30 13:54 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-30 13:54 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-30 13:54 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-30 13:54 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-30 13:54 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-02-11 14:41 - 2016-02-04 22:01 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-22 17:51 - 2015-12-30 02:51 - 00208896 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2012-10-25 16:19 - 2016-01-06 02:52 - 48387872 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-01-20 16:01 - 2015-09-25 00:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2016-02-19 21:17 - 2016-02-18 05:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-19 21:17 - 2016-02-18 05:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll
2016-02-19 21:17 - 2016-02-18 05:15 - 16808600 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF [133]
AlternateDataStreams: C:\ProgramData\TEMP:39413AC3 [121]
AlternateDataStreams: C:\ProgramData\TEMP:8927A071 [402]
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]
AlternateDataStreams: C:\Users\Matthew\Desktop\65360.amr:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Matthew\Desktop\miminko.jpeg:3or4kl4x13tuuug3Byamue2s4b [93]
AlternateDataStreams: C:\Users\Matthew\Desktop\miminko.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Matthew\Desktop\prechodny.jpeg:3or4kl4x13tuuug3Byamue2s4b [93]
AlternateDataStreams: C:\Users\Matthew\Desktop\prechodny.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\mojebanka.cz -> hxxps://*.mojebanka.cz

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-01-02 19:08 - 00001354 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 secure.tune-up.com
255.255.255.255 easyanticheat.se # misleading site
255.255.255.255 www.easyanticheat.se # misleading site
255.255.255.255 easyanticheat.com # misleading site
255.255.255.255 www.easyanticheat.com # misleading site
255.255.255.255 easyanticheat.info # misleading site
255.255.255.255 www.easyanticheat.info # misleading site
255.255.255.255 easyanticheat.org # misleading site
255.255.255.255 www.easyanticheat.org # misleading site
127.0.0.1 www.superfish.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GIGABYTE OC_GURU.lnk => C:\Windows\pss\GIGABYTE OC_GURU.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: RocketDock => "C:\Program Files (x86)\RocketDock\RocketDock.exe"
MSCONFIG\startupreg: snp325 => C:\Windows\vsnp325.exe
MSCONFIG\startupreg: Syncplicity => C:\Program Files\Syncplicity\Syncplicity.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\Matthew\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{09F3548D-4754-40EC-8866-8E0E87CBF4F3}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{B4DFD6B0-E283-4A52-B8BF-3CFEFA1A62B6}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{5A33281E-F8F5-41E3-A614-BC62583D45D2}] => (Allow) LPort=26675
FirewallRules: [{031E2AEE-2ED9-4F2E-BAB7-357B7B871250}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{223D5FF5-8E52-4092-8E01-F01E15AC117D}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{EA58EBA6-5ACA-4DE6-B8DB-C0B3CFF1CDDB}] => (Allow) LPort=26675
FirewallRules: [TCP Query User{E597465B-AA4B-4CED-A1FB-9BF821D10FFD}C:\program files (x86)\need for speed the run\need for speed the run.exe] => (Allow) C:\program files (x86)\need for speed the run\need for speed the run.exe
FirewallRules: [UDP Query User{E2C5CD8E-C2E1-4595-ABCD-CCAA164D7398}C:\program files (x86)\need for speed the run\need for speed the run.exe] => (Allow) C:\program files (x86)\need for speed the run\need for speed the run.exe
FirewallRules: [{8713ADEE-6971-495E-A7DE-E232CFBBEF5C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{3B63AB7E-D4F2-4B20-BBBC-4B1416D59F8F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{7ED1E6CA-3CDA-4D31-8BD4-CB43B5138F60}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{E4D6843E-D566-4ACA-835F-17F82AA3ED47}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{3AD4E4D6-98B2-4933-8F90-4EE6A47E13B5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{7C3AD2E2-EEDB-42A6-876E-92EC1637533B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{2D78B48A-9698-456C-82C4-7D9F6A912728}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{6CA1C87F-8641-43A5-9681-620D88DD3316}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{60B519D2-D931-4E2B-B119-4686ABAE2B1C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{1C985EC8-5CDA-461A-BA7B-308A4B0FCD46}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{272628FC-90FE-4CCC-BD0A-51E6A3D8CAE8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{7D131CEB-2F74-449C-B651-C38DA3060CB9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{82537D54-60A8-4C5A-8500-7200A1C5D9DA}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{64A3DB04-954F-4D43-BBE0-201AAF21624F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{4C9E1CBE-65FA-4493-80C8-BDCA243B1337}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{A99BCB56-A4E5-4307-A1B0-F45CECB42BD0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{0AF19AB6-6131-4B36-B0AC-9BC1A04E1563}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{89A78B1D-32FC-47F2-BE0A-077D0BFFE142}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{16049A49-2A4D-43CE-BFDC-95E691BAE7E6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{5439C76F-5D0E-4C4D-AF64-47F7626FE4EE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{84573B44-07CE-40DA-B7FC-3AE79443FD49}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{0055F7D4-A491-4FBC-AE72-493FEDB83E07}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{52F9ABAD-93B7-442B-8B69-AC5AAB193DDB}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{E254486B-581F-4406-B8EF-CA4DCD5D69C9}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [ScanManagement-RCWS-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe
FirewallRules: [ScanManagement-WSD-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe
FirewallRules: [{BCC4121B-2FA0-4188-B475-EEB6BD4A12E2}] => (Allow) C:\Users\Matthew\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{6814099A-AE67-4904-83BD-E83EBAF9BB64}] => (Allow) C:\Users\Matthew\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{C85F1F9D-B54F-400E-9C8D-179B5AC81836}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{684DA0A4-09AE-4FB4-A826-6FEA816497EA}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{73EF15BC-97CC-4F8A-AC9F-D201895E5B0C}C:\program files (x86)\left 4 dead 2\left4dead2.exe] => (Allow) C:\program files (x86)\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{D6146488-8B9E-4F18-B3F6-8A8D04AF3001}C:\program files (x86)\left 4 dead 2\left4dead2.exe] => (Allow) C:\program files (x86)\left 4 dead 2\left4dead2.exe
FirewallRules: [TCP Query User{5EF50DFA-DD70-4757-B286-DCFB7B5EEFDC}C:\program files (x86)\steam\steamapps\matthew_tv\condition zero deleted scenes\hl.exe] => (Allow) C:\program files (x86)\steam\steamapps\matthew_tv\condition zero deleted scenes\hl.exe
FirewallRules: [UDP Query User{C4239B5B-5F1B-4FBA-9E09-0AFBEE7513CD}C:\program files (x86)\steam\steamapps\matthew_tv\condition zero deleted scenes\hl.exe] => (Allow) C:\program files (x86)\steam\steamapps\matthew_tv\condition zero deleted scenes\hl.exe
FirewallRules: [TCP Query User{5A0B09DE-EE6E-498B-9FFA-7F9CCD1FE3AA}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe
FirewallRules: [UDP Query User{E753D683-F071-4881-A9EF-261D4E91E4EA}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe
FirewallRules: [TCP Query User{28CCEC62-4192-4BBD-A2B5-F1F4DB616EA8}C:\program files (x86)\gigabyte\updmanager\runupd.exe] => (Allow) C:\program files (x86)\gigabyte\updmanager\runupd.exe
FirewallRules: [UDP Query User{2477316E-63A7-45B6-B7D7-4C19C2950A54}C:\program files (x86)\gigabyte\updmanager\runupd.exe] => (Allow) C:\program files (x86)\gigabyte\updmanager\runupd.exe
FirewallRules: [TCP Query User{02AE821D-BCBC-4273-B122-33E23608B35E}C:\program files (x86)\gigabyte\updmanager\gbtupd.exe] => (Block) C:\program files (x86)\gigabyte\updmanager\gbtupd.exe
FirewallRules: [UDP Query User{24FB2FB3-270B-49E2-817F-1E6A67042001}C:\program files (x86)\gigabyte\updmanager\gbtupd.exe] => (Block) C:\program files (x86)\gigabyte\updmanager\gbtupd.exe
FirewallRules: [TCP Query User{D0B0B277-42E7-43C4-AF6A-4EBF3C6572CA}C:\program files (x86)\gigabyte\@bios\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gbtupd.exe
FirewallRules: [UDP Query User{B9BEAB2E-FAFD-4400-B3C1-F0DCD8F721F8}C:\program files (x86)\gigabyte\@bios\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gbtupd.exe
FirewallRules: [{454914C6-E282-4525-89E7-7F35E177FA7C}] => (Allow) C:\Users\Matthew\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{15351552-B54F-4342-B68D-A268AEF2C297}] => (Allow) C:\Users\Matthew\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{C5C843E8-2333-4CCF-B41A-6A6F3F1346AF}C:\users\matthew\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\matthew\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{6F613625-A0D9-43B9-89F0-919A6FB9C586}C:\users\matthew\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\matthew\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{3A1690B1-8D75-4C0F-B109-CACD0026A604}C:\program files (x86)\nero\nero 7\nero showtime\showtime.exe] => (Allow) C:\program files (x86)\nero\nero 7\nero showtime\showtime.exe
FirewallRules: [UDP Query User{3E7D8559-9D53-4D34-B19C-85DC3910FA64}C:\program files (x86)\nero\nero 7\nero showtime\showtime.exe] => (Allow) C:\program files (x86)\nero\nero 7\nero showtime\showtime.exe
FirewallRules: [TCP Query User{A50A0FCD-C2D0-4271-8BA8-E15F97718F61}C:\program files (x86)\ea games\need for speed most wanted\nfs13.exe] => (Allow) C:\program files (x86)\ea games\need for speed most wanted\nfs13.exe
FirewallRules: [UDP Query User{5FA0D229-6D24-41A7-AA11-855FF33FC4F9}C:\program files (x86)\ea games\need for speed most wanted\nfs13.exe] => (Allow) C:\program files (x86)\ea games\need for speed most wanted\nfs13.exe
FirewallRules: [{6538A390-C85E-45E1-AC74-A815DD83F5D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\feshark\counter-strike\hl.exe
FirewallRules: [{C1C391C8-9DF3-4EA3-9874-40AFE64FB9DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\feshark\counter-strike\hl.exe
FirewallRules: [TCP Query User{8B74DDA6-8508-452B-851E-013895C64B68}C:\program files (x86)\steam\steamapps\matthew_tv\counter-strike\hl.exe] => (Allow) C:\program files (x86)\steam\steamapps\matthew_tv\counter-strike\hl.exe
FirewallRules: [UDP Query User{02635B3D-B99B-4233-82EE-9CEA06DA989D}C:\program files (x86)\steam\steamapps\matthew_tv\counter-strike\hl.exe] => (Allow) C:\program files (x86)\steam\steamapps\matthew_tv\counter-strike\hl.exe
FirewallRules: [TCP Query User{2C11B26C-EB3A-4399-B419-070FA5B9F014}C:\program files (x86)\aimp3\aimp3.exe] => (Allow) C:\program files (x86)\aimp3\aimp3.exe
FirewallRules: [UDP Query User{7F0DFC7D-B057-4EFB-B8FD-844B3C3D998E}C:\program files (x86)\aimp3\aimp3.exe] => (Allow) C:\program files (x86)\aimp3\aimp3.exe
FirewallRules: [{99912B5A-45B5-4219-B388-1BFC21665FB1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\matthew_tv\counter-strike\hl.exe
FirewallRules: [{1E966D27-983F-4598-B7BA-B8BECE93E536}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\matthew_tv\counter-strike\hl.exe
FirewallRules: [TCP Query User{0031433B-C974-4069-A7D4-5CE6C24AFD26}C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [UDP Query User{DA57CA06-6B6C-4A1E-A558-8D3569713AB6}C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [TCP Query User{AFE66389-E54A-419A-B939-861CA9256E7D}C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [UDP Query User{33B54F66-9E14-41D7-B479-6816AF9CDCD8}C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [{5CA5C4D0-1710-4E27-9160-F7D1835DCD0C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{930C3D9A-7CB3-4A75-96F6-0C951D2ADB91}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7C003682-4BDD-442B-A3E7-5426F72589C9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{090448EF-EB5F-4AD6-843B-391DD62C37A3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{B2CE48C4-91C0-487E-B62A-D2C5DD33651D}D:\programy\games\counter-strike 1.6\hl.exe] => (Block) D:\programy\games\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{C0BA1840-75EF-4C55-A7F0-F3A112738432}D:\programy\games\counter-strike 1.6\hl.exe] => (Block) D:\programy\games\counter-strike 1.6\hl.exe
FirewallRules: [{928D227E-8E6C-45CD-808D-837A999EDB1B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{ACFF3BAF-0578-4D5A-A21C-AEACA3E951F3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AB6F22AB-E166-4E48-9410-27F88364E6A9}] => (Allow) C:\Users\Matthew\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B9EE3453-F4EA-4F4A-89F1-4EF44CF3028D}] => (Allow) C:\Users\Matthew\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FCB4F7DD-864A-4507-9027-6BCDFF4F54C6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BE9940A0-E76D-4B75-BD39-6103E1C55E2C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{96B94246-0C5D-4A17-824F-E0C525CA10F3}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Capture\Apowersoft Free Screen Capture.exe
FirewallRules: [{6E597A1C-2B91-4950-8580-6827EC5DE6F8}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Capture\Apowersoft Free Screen Capture.exe
FirewallRules: [{A7400E4C-9466-484A-BFC3-F56D5288A375}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\f12013\F1_2013.exe
FirewallRules: [{BB535571-529E-4E90-A9AD-A04180B00C46}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\f12013\F1_2013.exe
FirewallRules: [TCP Query User{D4A97F51-C82D-498E-8FEC-EE966C81C5A7}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [UDP Query User{7467A682-FF95-45CE-9679-B1CF1B7A3292}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{F44DE1AC-5093-44C2-8530-02D7772EF3FF}] => (Allow) C:\Program Files (x86)\MonectHost\MonectHost.exe
FirewallRules: [{ED59903F-E11F-4396-A88F-E632654291E9}] => (Allow) C:\Program Files (x86)\MonectHost\MonectMediaCenter.exe
FirewallRules: [{CF9F567E-5D43-42DF-B5EE-E9A9D341D8FC}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{0416F265-851B-4652-8B9E-05016E686EE3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Xpand Rally Xtreme\XRX.exe
FirewallRules: [{D78877E0-B7D9-429F-B8D2-A3D1AADD334D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Xpand Rally Xtreme\XRX.exe
FirewallRules: [{D949B651-4845-41BA-9B82-90289F9750F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Xpand Rally Xtreme\ChromEd.exe
FirewallRules: [{0D6B15EB-AA45-4E5F-997D-1E94D89F8E02}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Xpand Rally Xtreme\ChromEd.exe
FirewallRules: [{EB3A10A6-BCBE-45D1-BF13-5B6ED317FBAF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{19C169CE-D0EA-4EBE-A33E-929B0031757B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F57F3BB4-74EA-40DA-8A92-8BD48A01A2EF}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
FirewallRules: [{EFDAA3A7-906C-4ACE-A7EF-08564BC44007}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
FirewallRules: [{DAACDAC8-B917-4C38-8819-7AA77C78DC7A}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{4AE77D6A-4566-409C-A6FF-69F25F8AD308}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{4AA8A5A3-3522-4F0A-BC03-1F72A2D20284}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Firmware Restoration\Rescue.exe
FirewallRules: [{66771D8A-C99D-4CDE-A6C2-5419B48C03DF}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Firmware Restoration\Rescue.exe
FirewallRules: [{4AC02610-FD82-4E3A-B6AE-E1C1C48494C9}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [{87150B5F-9BFB-46A7-87AF-69E4843D995E}] => (Allow) LPort=5357
FirewallRules: [{6092EFB4-8A75-4137-B96F-F4F0E1B6C5E0}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{7ECFAF2D-958D-4612-A221-CAB966C8A345}C:\program files (x86)\aimp3\aimp3.exe] => (Allow) C:\program files (x86)\aimp3\aimp3.exe
FirewallRules: [UDP Query User{CE78EC6A-C9E8-45B6-BA32-10B89030425B}C:\program files (x86)\aimp3\aimp3.exe] => (Allow) C:\program files (x86)\aimp3\aimp3.exe
FirewallRules: [TCP Query User{9651000A-47AE-4C75-9682-FBAC9C24A73E}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [UDP Query User{1AD58135-5217-47F9-A46D-BE040C5AA771}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{C2ECCB0A-ADB3-4DFD-9E28-805052324DDE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{31D0FA00-C642-4E07-BA7E-B57FAD042817}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{526DE46A-0E48-48E8-A359-E9C99C627555}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{A9FC82FC-41AE-4AD0-9DBF-BD982F0342BA}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [{9B77DCDB-E680-4EE5-A721-C62478CF9502}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1CF4646B-96A3-44EA-A9AF-083BB9A530A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{FCB06DF3-24D3-4B56-83F2-0DD467EC871C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{1DD8C3C9-BADA-44AC-B96A-1D763441DFB5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{26681DCF-23BF-4F6A-B711-E74C1175EFDB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{98638871-BF77-4B52-BE2D-34FA34F66216}] => (Allow) C:\Users\Tinuška\AppData\Local\Temp\7zS3F5B\HPDiagnosticCoreUI.exe
FirewallRules: [{E7938836-072B-472C-8BA7-55920EDC0352}] => (Allow) C:\Users\Tinuška\AppData\Local\Temp\7zS3F5B\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{B6ADFEE0-BA58-4781-A1DF-EA531A109AD0}C:\program files (x86)\lg electronics\lg pc suite\smartsharera.exe] => (Allow) C:\program files (x86)\lg electronics\lg pc suite\smartsharera.exe
FirewallRules: [UDP Query User{4E6D16B5-DCE4-44D8-90A5-8E2B35337B1A}C:\program files (x86)\lg electronics\lg pc suite\smartsharera.exe] => (Allow) C:\program files (x86)\lg electronics\lg pc suite\smartsharera.exe
FirewallRules: [{5EABC7DB-0F97-4040-B0DC-9940A377C868}] => (Allow) C:\Users\Matthew\AppData\Local\Temp\7zS7407\HPDiagnosticCoreUI.exe
FirewallRules: [{4C34BB60-3F58-4A8F-9444-C9257308EA00}] => (Allow) C:\Users\Matthew\AppData\Local\Temp\7zS7407\HPDiagnosticCoreUI.exe
FirewallRules: [{6385BF5C-D56B-4581-B41D-8E09229AE431}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
FirewallRules: [{7AC0D880-74E2-44C4-8991-E6023B8CC07F}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
FirewallRules: [{1988DD87-D030-40B1-8369-7D0273608357}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{3CFD1C74-BF5B-4BE2-B22C-00FA2CC55608}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{271D9C74-A4DB-4D32-9BC0-AA3A9E30CE8D}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\49.0.2623.40\remoting_host.exe
FirewallRules: [{456B7E72-019D-4DB5-8C87-81E9AF7876B0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

22-02-2016 20:42:12 Windows Update
26-02-2016 15:14:27 Windows Update
01-03-2016 22:32:05 Windows Update
05-03-2016 14:11:17 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/02/2016 12:36:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (03/02/2016 12:36:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (03/02/2016 12:09:11 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (03/02/2016 12:09:11 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (03/02/2016 12:08:51 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (03/02/2016 12:08:49 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (03/01/2016 12:58:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (02/28/2016 05:14:32 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (02/28/2016 05:13:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (02/28/2016 12:50:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.


System errors:
=============
Error: (02/27/2016 02:42:04 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR3.

Error: (02/27/2016 02:42:03 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video13Graphics Exception: ESR 0x405840=0x82040248

Error: (02/27/2016 02:42:03 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video13Graphics Exception: Shader Program Header 18 Error

Error: (02/27/2016 02:42:03 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video13Graphics Exception: Shader Program Header 9 Error

Error: (02/27/2016 02:42:03 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video13Graphics Exception: Shader Program Header 6 Error

Error: (02/27/2016 02:42:03 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video13Graphics Exception: Shader Program Header 3 Error

Error: (02/27/2016 02:42:03 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video13Graphics Exception: ESR 0x405840=0x82040248

Error: (02/27/2016 02:42:03 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video13Graphics Exception: Shader Program Header 18 Error

Error: (02/27/2016 02:42:03 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video13Graphics Exception: Shader Program Header 9 Error

Error: (02/27/2016 02:42:03 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video13Graphics Exception: Shader Program Header 6 Error


CodeIntegrity:
===================================
Date: 2012-07-21 23:47:53.346
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wceusbsh.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-07-21 23:47:53.318
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wceusbsh.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-07-21 22:35:21.810
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wceusbsh.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-07-21 22:35:21.781
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wceusbsh.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-07-21 22:10:17.110
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wceusbsh.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-07-21 22:10:17.074
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wceusbsh.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-07-21 21:19:11.071
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wceusbsh.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-07-21 21:19:11.024
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wceusbsh.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-07-21 21:15:55.617
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wceusbsh.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-07-21 21:15:55.580
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wceusbsh.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 59%
Total physical RAM: 8109.12 MB
Available physical RAM: 3258.98 MB
Total Virtual: 16216.42 MB
Available Virtual: 10510.93 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:250.65 GB) (Free:44.41 GB) NTFS
Drive d: (Dáta) (Fixed) (Total:1612.16 GB) (Free:1041.3 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 7C219202)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=250.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1612.2 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================

[Rudy]

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[matthew_tv]

Zmazalo mi to z Chrome-u speed dial...skvelé, to je užitočná utilitka )

# AdwCleaner v5.037 - Logfile created 06/03/2016 at 14:25:03
# Updated 28/02/2016 by Xplode
# Database : 2016-02-28.2 [Local]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : Matthew - PC-M
# Running from : D:\DOWNLOADS\adwcleaner_5.037.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : PanService

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\Coupons
[-] Folder Deleted : C:\Program Files (x86)\Crossbrowse
[-] Folder Deleted : C:\Program Files (x86)\Genius
[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\Program Files (x86)\PANDORA.TV
[-] Folder Deleted : C:\Program Files (x86)\SimilarSites
[-] Folder Deleted : C:\Program Files (x86)\CinemaP-1.9cV17.07
[!] Folder Not Deleted : C:\Program Files (x86)\Crossbrowse
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\Tbccint
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genius
[-] Folder Deleted : C:\Users\Matthew\AppData\Local\apn
[-] Folder Deleted : C:\Users\Matthew\AppData\Local\Crossbrowse
[-] Folder Deleted : C:\Users\Matthew\AppData\Local\Ilivid Player
[!] Folder Not Deleted : C:\Users\Matthew\AppData\Local\Crossbrowse
[-] Folder Deleted : C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi
[-] Folder Deleted : C:\Users\Matthew\AppData\Local\Temp\APN-Stub
[-] Folder Deleted : C:\Users\Matthew\AppData\Local\Temp\blekko
[-] Folder Deleted : C:\Users\Matthew\AppData\Local\Temp\BS_Player_ControlBar_B
[-] Folder Deleted : C:\Users\Matthew\AppData\LocalLow\blekko
[-] Folder Deleted : C:\Users\Matthew\AppData\LocalLow\Industriya
[-] Folder Deleted : C:\Users\Matthew\AppData\LocalLow\Tbccint
[-] Folder Deleted : C:\Users\Matthew\AppData\Roaming\DownLite
[-] Folder Deleted : C:\Users\Matthew\AppData\Roaming\SimilarSites
[-] Folder Deleted : C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\extensions\deskCutv2@gmail.com
[-] Folder Deleted : C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\extensions\WebSiteRecommendation@weliketheweb.com
[-] Folder Deleted : C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\extensions\AVJYFVOD75109374@HCDE39471360.com
[-] Folder Deleted : C:\Users\Matthew\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
[!] Folder Not Deleted : C:\Users\Matthew\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
[!] Folder Not Deleted : C:\Users\Matthew\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
[!] Folder Not Deleted : C:\Users\Matthew\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
[-] Folder Deleted : C:\Users\Tinuška\AppData\Local\Crossbrowse
[-] Folder Deleted : C:\Users\Tinuška\AppData\Local\globalUpdate
[!] Folder Not Deleted : C:\Users\Tinuška\AppData\Local\Crossbrowse
[-] Folder Deleted : C:\Users\Tinuška\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
[!] Folder Not Deleted : C:\Users\Tinuška\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
[!] Folder Not Deleted : C:\Users\Tinuška\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
[!] Folder Not Deleted : C:\Users\Tinuška\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
[-] Folder Deleted : C:\Users\Tinuška\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
[!] Folder Not Deleted : C:\Users\Tinuška\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
[!] Folder Not Deleted : C:\Users\Tinuška\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
[!] Folder Not Deleted : C:\Users\Tinuška\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi

***** [ Files ] *****

[-] File Deleted : C:\END
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\istartsurf.xml
[-] File Deleted : C:\ProgramData\hpe665A.dll
[-] File Deleted : C:\ProgramData\mazuki.dll
[-] File Deleted : C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dgpdioedihjhncjafcpgbbjdpbbkikmi_0.localstorage
[-] File Deleted : C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dgpdioedihjhncjafcpgbbjdpbbkikmi_0.localstorage-journal
[-] File Deleted : C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_blekko.com_0.localstorage
[-] File Deleted : C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_blekko.com_0.localstorage-journal
[-] File Deleted : C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] File Deleted : C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
[-] File Deleted : C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
[-] File Deleted : C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
[-] File Deleted : C:\Users\Matthew\AppData\Local\Temp\task.vbs
[-] File Deleted : C:\Users\Matthew\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
[-] File Deleted : C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\invalidprefs.js
[-] File Deleted : C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\searchplugins\spamfreesearch.xml

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : EPUpdater

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3329621
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [deskCutv2@gmail.com]
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1005247F-A178-490A-8DC3-6BAF09EA427B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95289393-33EA-4F8D-B952-483415B9C955}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95289393-33EA-4F8D-B952-483415B9C955}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKCU\Software\AskPartnerNetwork
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Cr_Installer
[-] Key Deleted : HKCU\Software\DataMngr
[-] Key Deleted : HKCU\Software\DownLite
[!] Key Not Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKCU\Software\OB
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Tbccint
[-] Key Deleted : HKLM\SOFTWARE\Driver-Soft
[-] Key Deleted : HKLM\SOFTWARE\Freeze.com
[-] Key Deleted : HKLM\SOFTWARE\ihpmserver
[-] Key Deleted : HKLM\SOFTWARE\istartsurfSoftware
[-] Key Deleted : HKLM\SOFTWARE\PIP
[-] Key Deleted : HKLM\SOFTWARE\RayDld
[-] Key Deleted : HKLM\SOFTWARE\W3I
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{98527513-9680-4192-A399-C2DCD36BEC34}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\blekko.com

***** [ Web browsers ] *****

[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.FF19Solved", "true");
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.UserID", "UN94795737216900319");
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.fullUserID", "UN94795737216900319.IN.20140913112151");
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.installDate", "13/09/2014 11:21:54");
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.installSessionId", "dbd788f5-9f9e-47ae-bc9c-f4a7f27e9d82");
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.installSp", "false");
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.installerVersion", "1.8.1.4");
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.searchRevert", "false");
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.searchUninstallUserMode", "4");
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.searchUserMode", "4");
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.toolbarInstallDate", "13-09-2014 11:21:51");
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.versionFromInstaller", "10.33.0.17");
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.xpeMode", "1");
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("extensions.privitize.tlbrSrchUrl", "hxxp://searchou.com/?id=5f3303100000000000000009dd501fae&affilt=5&q=");
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("extensions.quick_start.enable_search1", false);
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("extensions.spamfreesearch.hmpgUrl", "hxxp://blekko.com/ws/?source=5f97ddbe&tbp=homepage&u=5f3303100000000000000009dd501fae");
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("extensions.spamfreesearch.keyWordUrl", "hxxp://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=5f3303100000000000000009dd501fae&q=");
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("extensions.spamfreesearch.prtnrId", "blekko");
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("extensions.spamfreesearch.srchPrvdr", "blekko");
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("extensions.spamfreesearch.tlbrSrchUrl", "hxxp://blekko.com/ws/?source=5f97ddbe&tbp=main&u=5f3303100000000000000009dd501fae&q=");
[-] [C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\prefs.js] [Preference] Deleted : user_pref("smartbar.machineId", "GUJLUC6BTXACJRGI6PCXG7WVYHPO+EUWW8ETARHUQQRKLRJHKNI6HGGIYLUQU9JF7RUF/F0NGWWFBREXFQXQSA");
[-] [C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : blekko
[-] [C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : steam.en.softonic.com
[-] [C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : kmplayer.en.softonic.com
[-] [C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : searchya.com
[-] [C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : eribo.cz
[-] [C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : lg-pc-suite.en.softonic.com
[-] [C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : istartsurf
[-] [C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.searchnu.com/406
[-] [C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://blekko.com/ws/?source=5f97ddbe&tbp=homepage&u=5f3303100000000000000009dd501fae
[-] [C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.istartsurf.com/?type=hp&ts=14475938 ... xxz1e0a6vt
[-] [C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dgpdioedihjhncjafcpgbbjdpbbkikmi
[-] [C:\Users\Tinuška\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : lkadffjmnaiokkdncgdlecdegajoiemi
[-] [C:\Users\Tinuška\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : lkadffjmnaiokkdncgdlecdegajoiemi
[-] [C:\Users\Tinuška\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : lkadffjmnaiokkdncgdlecdegajoiemi
[-] [C:\Users\Tinuška\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : lkadffjmnaiokkdncgdlecdegajoiemi

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [359 bytes] - [06/03/2016 14:24:10]
C:\AdwCleaner\AdwCleaner[C2].txt - [16482 bytes] - [06/03/2016 14:25:03]
C:\AdwCleaner\AdwCleaner[S1].txt - [16199 bytes] - [06/03/2016 14:12:22]
C:\AdwCleaner\AdwCleaner[S2].txt - [17167 bytes] - [06/03/2016 14:24:21]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [16704 bytes] ##########

[Rudy]

Dejte nový log FRST.

[matthew_tv]

Snažil som sa dostať všetky weby do speed dial späť (windows restore), neúspešne, tak snáď to na log vplyv nebude mať...

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Matthew (administrator) on PC-M (06-03-2016 18:34:53)
Running from D:\DOWNLOADS
Loaded Profiles: Matthew (Available Profiles: Matthew & Tinuška)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(LSoft Technologies Inc) C:\Program Files (x86)\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\49.0.2623.40\remoting_host.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\HDD Health\HDDHealthService.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\49.0.2623.40\remoting_host.exe
(Monect) C:\Program Files (x86)\MonectHost\MonectServerService.exe
(Microsoft Corporation) C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(Rocket Division Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Matthew\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\Genius\Imperator\IMhid.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12632168 2011-07-21] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Imperator] => C:\Program Files (x86)\Genius\Imperator\IMhid.exe [281600 2012-03-01] ()
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe [2636800 2010-07-22] ()
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\Run: [Google Update] => C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\Run: [E8BB9E557DF2F5C8EE22B062707DB3D51C84B852._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [746648 2016-02-18] (Google Inc.)
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\Run: [Dropbox Update] => C:\Users\Matthew\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\Run: [GoogleChromeAutoLaunch_1DCACA8C0EC1716DD73D162837173624] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [746648 2016-02-18] (Google Inc.)
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\MountPoints2: {176ff346-4e45-11e4-b987-50e549e32de2} - E:\iLinker.exe
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\MountPoints2: {54324792-6d3c-11e1-8c8f-0009dd501fae} - E:\M2033.part01.exe
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\MountPoints2: {8e7e1e5f-6d26-11e1-a773-0009dd501fae} - F:\Autorun.exe
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175368 2016-02-24] (NVIDIA Corporation)
AppInit_DLLs: , C:\PROGRA~1\NVIDIA => No File
AppInit_DLLs-x32: ,C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [153392 2016-02-24] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\PROGRA~2\NVIDIA => No File
IFEO\teamviewer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
Startup: C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-02-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\Matthew\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6F16BDAB-32D3-471E-A78E-46DD7AA8447D}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130928794088088794&GUID=123E78FE-8EC2-4341-B92E-49F53C16837B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130928794088088794&GUID=123E78FE-8EC2-4341-B92E-49F53C16837B
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1447 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1447 ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=14475938 ... xxz1e0a6vt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=14475938 ... xxz1e0a6vt
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1447 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1447 ... earchTerms}
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1447 ... earchTerms}
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130928794088098795&GUID=123E78FE-8EC2-4341-B92E-49F53C16837B
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=14475938 ... xxz1e0a6vt
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1447 ... earchTerms}
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.qip.ru/ie
URLSearchHook: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> Default = {95289393-33EA-4F8D-B952-483415B9C955}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=139&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {95289393-33EA-4F8D-B952-483415B9C955} URL = hxxp://search.qip.ru/?query={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=139&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> {98527513-9680-4192-A399-C2DCD36BEC34} URL = hxxp://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=5f3303100000000000000009dd501fae&q={searchTerms}&r=631
SearchScopes: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=139&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = hxxp://search.qip.ru/search?query={searchTerms}&from=IE
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: QIPBHO Class -> {95289393-33EA-4F8D-B952-483415B9C955} -> C:\Users\Matthew\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2009-06-17] (qip.ru)
Toolbar: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

FireFox:
========
FF ProfilePath: C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default
FF NewTab: chrome://quick_start/content/index.html
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll [2013-01-30] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-02-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2249447251-1292941661-1166442940-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2249447251-1292941661-1166442940-1000: @talk.google.com/O1DPlugin -> C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2249447251-1292941661-1166442940-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Matthew\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-2249447251-1292941661-1166442940-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Matthew\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF user.js: detected! => C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\user.js [2013-06-04]
FF Plugin ProgramFiles/Appdata: C:\Users\Matthew\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Matthew\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\searchplugins\privitize.xml [2013-06-04]
FF Extension: No Name - C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\extensions\AVJYFVOD75109374@HCDE39471360.com [not found]
FF Extension: No Name - C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\extensions\WebSiteRecommendation@weliketheweb.com [2016-03-06] [not signed]
FF Extension: No Name - C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\extensions\deskCutv2@gmail.com [2016-03-06] [not signed]
FF Extension: Firefox OS Simulator - C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\Extensions\r2d2b2g@mozilla.org [2013-04-05] [not signed]
FF Extension: BS Player ControlBar B - C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\Extensions\{31264a33-a653-46c4-af49-1232c59a7da5} [2014-09-13] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\xkkmv9ry.default\extensions\deskCutv2@gmail.com
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.searchnu.com/406","hxxp://blekko.co ... xxz1e0a6vt"
CHR Session Restore: Default -> is enabled.
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Facebook Desktop) - C:\Users\Matthew\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll => No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Matthew\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => No File
CHR Profile: C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (James White) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2014-07-20]
CHR Extension: (YouTube) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Google Search) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2016-01-03]
CHR Extension: (Kalendár Google) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-22]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-02-18]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-22]
CHR Extension: (Bookmark Manager) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2016-02-02]
CHR Extension: (Google Keep – poznámky a zoznamy) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-03-02]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2015-02-02]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-02-14]
CHR Extension: (Pocket) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2016-02-04]
CHR Extension: (Google Hangouts) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-12-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Gmail) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (YouTube to MP3 Button) - C:\Users\Tinuška\Desktop\flvto [2015-09-25]
CHR Profile: C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5
CHR Extension: (Prezentácie Google) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-13]
CHR Extension: (Dokumenty Google) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-13]
CHR Extension: (Disk Google) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-13]
CHR Extension: (YouTube) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-13]
CHR Extension: (Google Search) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-13]
CHR Extension: (Tabuľky Google) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-13]
CHR Extension: (Youtube MP3 Converter) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\hglljpndoeopcpehilglkbnincooinnb [2015-09-13] [UpdateUrl: hxxp://www.flvto.com/chrome_version.xml] <==== ATTENTION
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-09-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-13]
CHR Extension: (Gmail) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-13]
CHR HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Matthew\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-02-10]
CHR HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Matthew\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2014-01-16]
CHR HKLM-x32\...\Chrome\Extension: [hglljpndoeopcpehilglkbnincooinnb] - C:\Users\Matthew\AppData\Local\Flvto Plugin for Google Chrome\the_extension.crx [2013-08-30]
StartMenuInternet: Google Chrome.Kubo - C:\Users\Kubo\AppData\Local\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome.M6SA37FELGPZBWJYAHJF3RX33E - C:\Users\Kubo\AppData\Local\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome.Rodičia - C:\Users\Rodičia\AppData\Local\Google\Chrome\Application\chrome.exe

Opera:
=======
OPR Extension: (YouTube™ Auto HD-LQ) - C:\Users\Matthew\AppData\Roaming\Opera Software\Opera Stable\Extensions\ffhgcaphggeinepalgnajphijbndmmhp [2015-11-03]
OPR Extension: (Direct Currency Converter) - C:\Users\Matthew\AppData\Roaming\Opera Software\Opera Stable\Extensions\jionklhcihkojemcnabgmdahckalngcl [2015-11-03]
OPR Extension: (Adblock Plus) - C:\Users\Matthew\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-11-03]
OPR Extension: (Google™ Keep) - C:\Users\Matthew\AppData\Roaming\Opera Software\Opera Stable\Extensions\pfdafkloejmpdifkkmfimkpbpggfihce [2015-11-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Active@ Disk Monitor; C:\Program Files (x86)\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe [237792 2012-10-23] (LSoft Technologies Inc)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\49.0.2623.40\remoting_host.exe [69016 2016-02-05] (Spoločnosť Google Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
R2 HDDHealth; C:\Program Files (x86)\HDD Health\HDDHealthService.exe [17760 2013-03-08] () [File not signed]
R3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 MonectServerService; C:\Program Files (x86)\MonectHost\MonectServerService.exe [72192 2014-10-29] (Monect) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R2 MSSQL$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [7520337 2002-12-17] (Microsoft Corporation) [File not signed]
S3 MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
R2 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed]
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S3 SQLAgent$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [311872 2002-12-17] (Microsoft Corporation) [File not signed]
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2143552 2012-04-05] (TuneUp Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ChromeService; C:\Program Files (x86)\chrome\chrome.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [29184 2015-05-12] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2015-05-12] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2015-05-12] (LG Electronics Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GPCIDrv; C:\Program Files (x86)\Gigabyte\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2010-02-04] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-10-01] ()
S3 hugoio64; C:\Windows\system32\drivers\hugoio64.sys [13920 2014-12-01] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2014-09-22] (REALiX(tm))
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2012-04-20] (ITE )
R3 KYEGKB; C:\Windows\System32\drivers\KYEGKB.sys [25600 2011-09-05] ( )
R3 monectdevices; C:\Windows\System32\DRIVERS\monectdevices.sys [15768 2013-12-03] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2010-08-16] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2010-08-16] ()
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
S3 SNP325; C:\Windows\System32\DRIVERS\snp325.sys [10733184 2007-11-22] (Sonix Co. Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2012-03-13] () [File not signed]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2012-03-29] (TuneUp Software)
S3 wceusbsh; C:\Windows\System32\DRIVERS\wceusbsh.sys [119552 2005-03-24] (Microsoft Corporation) [File not signed]
U3 ae5684uo; C:\Windows\System32\Drivers\ae5684uo.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 7ByteIO; \??\C:\Program Files (x86)\Hot CPU Tester Pro 4 LE\SysInfoX64.sys [X]
S3 ALSysIO; \??\C:\Users\Matthew\AppData\Local\Temp\ALSysIO64.sys [X]
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 usbspbus; system32\DRIVERS\lgspbus64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-06 16:53 - 2016-02-19 20:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-06 16:53 - 2016-02-19 19:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-06 16:53 - 2016-02-19 15:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-06 16:53 - 2016-02-11 15:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-06 16:53 - 2016-02-05 15:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-06 16:53 - 2016-02-05 15:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-06 16:53 - 2016-02-05 15:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-06 15:00 - 2016-03-06 15:00 - 00000000 ____D C:\Users\Matthew\Desktop\2.5.7_0
2016-03-06 14:50 - 2013-11-12 16:06 - 00001620 _____ C:\Users\Matthew\Desktop\speeddial.js.vir
2016-03-06 14:49 - 2013-11-12 16:06 - 00008442 _____ C:\Users\Matthew\Desktop\speeddial.html.vir
2016-03-06 14:12 - 2016-03-06 14:25 - 00000000 ____D C:\AdwCleaner
2016-03-06 01:50 - 2016-03-06 18:34 - 00000000 ____D C:\FRST
2016-03-03 15:52 - 2016-03-03 20:58 - 00000000 ____D C:\Users\Tinuška\Desktop\tehu
2016-03-02 00:09 - 2016-02-23 21:39 - 00111672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-03-02 00:06 - 2016-02-24 00:58 - 42983992 _____ C:\Windows\system32\nvcompiler.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 37616184 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 31081920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 24914880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 21193032 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 20733832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 17625136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 17218792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 16995384 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 12381632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-03-02 00:06 - 2016-02-24 00:58 - 03143616 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 02722872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 01922496 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436200.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436200.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00950328 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00880576 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00747064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00689600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00502080 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00468960 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00388560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00151184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-03-02 00:06 - 2016-02-24 00:58 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-02-29 19:31 - 2016-02-29 19:31 - 00000000 ____D C:\Users\Tinuška\AppData\Local\Viber
2016-02-29 19:16 - 2016-02-29 19:16 - 00000000 ____D C:\Users\Tinu�ka\AppData\Local\Adobe
2016-02-29 19:16 - 2016-02-29 19:16 - 00000000 ____D C:\Users\Tinu�ka
2016-02-22 19:18 - 2016-02-22 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-02-22 19:18 - 2016-02-22 19:18 - 00000000 ____D C:\ProgramData\Apple Computer
2016-02-22 19:18 - 2016-02-22 19:18 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-02-20 16:33 - 2016-02-20 16:33 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-17 15:39 - 2016-02-09 09:39 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436191.dll
2016-02-17 15:39 - 2016-02-09 09:39 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436191.dll
2016-02-09 07:56 - 2016-02-08 00:22 - 184525328 ____N C:\Users\Matthew\Desktop\20160126_085059.mp4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-06 18:19 - 2012-04-16 16:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-06 18:14 - 2012-02-11 01:18 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-06 17:50 - 2015-06-19 19:20 - 00000926 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000UA.job
2016-03-06 17:49 - 2012-02-10 19:55 - 00000954 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000UA.job
2016-03-06 17:13 - 2013-07-21 12:06 - 00000000 ____D C:\Windows\system32\MRT
2016-03-06 17:13 - 2012-02-11 02:56 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-06 17:05 - 2013-01-12 14:27 - 00002154 _____ C:\Windows\epplauncher.mif
2016-03-06 17:05 - 2013-01-12 14:26 - 00002133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-03-06 17:05 - 2013-01-12 14:26 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-03-06 17:05 - 2013-01-12 14:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-03-06 17:03 - 2015-01-04 10:43 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-06 17:03 - 2014-06-05 14:22 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-03-06 16:57 - 2009-07-14 05:45 - 00029376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-06 16:57 - 2009-07-14 05:45 - 00029376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-06 15:49 - 2012-02-10 19:55 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000Core.job
2016-03-06 15:35 - 2012-02-11 14:40 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-06 15:14 - 2012-02-11 01:18 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-06 15:08 - 2012-09-04 17:50 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\Dropbox
2016-03-06 15:07 - 2012-02-10 19:30 - 00000000 ____D C:\Users\Matthew
2016-03-06 15:05 - 2014-06-05 12:37 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-06 15:05 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-06 15:04 - 2014-09-13 10:21 - 00000000 ____D C:\ProgramData\Tbccint
2016-03-06 15:04 - 2014-08-09 21:37 - 00000000 ____D C:\Users\Tinuška
2016-03-06 15:04 - 2014-01-18 21:59 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\KYE Imperator
2016-03-06 15:04 - 2014-01-18 21:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genius
2016-03-06 15:04 - 2014-01-18 21:56 - 00000000 ____D C:\Program Files (x86)\Genius
2016-03-06 15:04 - 2013-05-02 14:39 - 00000000 ____D C:\Program Files (x86)\PANDORA.TV
2016-03-06 15:04 - 2012-10-02 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
2016-03-06 15:04 - 2012-10-02 16:53 - 00000000 ____D C:\Program Files (x86)\Coupons
2016-03-06 15:04 - 2012-02-10 22:18 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\GHISLER
2016-03-06 15:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-03-06 15:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-06 14:24 - 2016-01-04 21:35 - 00000000 ____D C:\Users\Matthew\AppData\Local\CrashDumps
2016-03-05 13:49 - 2015-06-19 19:20 - 00000874 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000Core.job
2016-03-03 23:06 - 2015-09-07 22:41 - 00000000 ____D C:\Users\Tinuška\AppData\Roaming\ViberPC
2016-03-03 17:37 - 2014-07-22 15:06 - 00003840 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1375990013
2016-03-03 17:37 - 2013-08-08 20:26 - 00000000 ____D C:\Program Files (x86)\Opera
2016-03-03 15:35 - 2016-01-16 00:34 - 00000000 ____D C:\Users\Tinuška\Desktop\vsetko z mobilu
2016-03-03 13:39 - 2014-08-09 21:37 - 00000000 ____D C:\Users\Tinuška\AppData\Local\NVIDIA Corporation
2016-03-02 00:09 - 2013-06-13 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-03-02 00:09 - 2013-06-13 11:43 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-02-29 23:53 - 2013-11-21 01:07 - 00000000 ____D C:\Users\Matthew\AppData\Local\NVIDIA Corporation
2016-02-29 23:53 - 2013-06-13 18:11 - 00000000 ____D C:\Users\Matthew\AppData\Local\NVIDIA
2016-02-29 18:28 - 2015-09-07 22:42 - 00000000 ____D C:\Users\Tinuška\Documents\ViberDownloads
2016-02-24 00:58 - 2015-08-11 00:08 - 14016768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-02-24 00:58 - 2015-06-01 21:55 - 18758400 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-02-24 00:58 - 2015-01-24 00:01 - 16328088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-02-24 00:58 - 2015-01-24 00:01 - 03259872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-02-24 00:58 - 2014-06-05 12:35 - 03684072 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-02-24 00:58 - 2014-06-05 12:35 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-02-24 00:58 - 2014-06-05 12:35 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-02-24 00:58 - 2014-06-05 12:35 - 00034905 _____ C:\Windows\system32\nvinfo.pb
2016-02-23 21:45 - 2016-01-03 11:22 - 00532024 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-02-23 21:45 - 2016-01-03 11:22 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-02-23 21:45 - 2014-06-05 12:37 - 06367168 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-02-23 21:45 - 2014-06-05 12:37 - 02992064 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-02-23 21:45 - 2014-06-05 12:37 - 02563128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-02-23 21:45 - 2014-06-05 12:37 - 01263040 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-02-23 21:45 - 2014-06-05 12:37 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-02-23 21:45 - 2014-06-05 12:37 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-02-23 21:28 - 2014-06-05 12:37 - 06154909 _____ C:\Windows\system32\nvcoproc.bin
2016-02-19 21:17 - 2014-08-09 21:41 - 00002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-18 23:25 - 2016-01-29 18:25 - 00000000 ____D C:\Users\Matthew\Desktop\FoFo music
2016-02-18 23:22 - 2013-07-20 17:04 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\AIMP3
2016-02-17 14:22 - 2012-02-11 01:18 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-17 07:40 - 2016-01-03 11:14 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-02-17 07:40 - 2014-06-05 12:14 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-02-17 07:40 - 2014-06-05 12:14 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-02-17 07:40 - 2013-10-28 15:01 - 01903344 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-02-17 07:40 - 2013-10-28 15:01 - 01571624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-02-16 15:17 - 2015-11-09 13:55 - 00002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-14 19:34 - 2009-07-14 06:13 - 00813068 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-13 18:21 - 2015-10-16 22:04 - 00000000 ____D C:\Program Files (x86)\LG Electronics
2016-02-13 16:00 - 2012-02-10 19:30 - 13244881 ____H C:\Users\Matthew\AppData\Local\IconCache.db.backup
2016-02-10 01:19 - 2012-04-16 16:14 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-10 01:19 - 2012-04-16 16:14 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-10 01:19 - 2012-02-11 01:13 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-09 09:39 - 2015-08-11 00:08 - 14016576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\SETE65D.tmp
2016-02-09 09:39 - 2015-06-01 21:55 - 18758400 _____ (NVIDIA Corporation) C:\Windows\system32\SETDCEF.tmp
2016-02-09 09:39 - 2015-01-24 00:01 - 16327896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\SETEC4E.tmp
2016-02-09 09:39 - 2015-01-24 00:01 - 03259688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\SETDF65.tmp
2016-02-09 09:39 - 2014-06-05 12:35 - 03684072 _____ (NVIDIA Corporation) C:\Windows\system32\SETCE71.tmp
2016-02-09 09:39 - 2014-06-05 12:35 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\SETD5C8.tmp
2016-02-09 09:39 - 2014-06-05 12:35 - 00153208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\SETE6AD.tmp
2016-02-09 08:24 - 2015-11-09 19:24 - 00000000 ____D C:\ProgramData\LGMOBILEAX
2016-02-09 08:23 - 2015-11-09 20:45 - 00000000 ____D C:\LGMobileUpgrade

==================== Files in the root of some directories =======

2014-01-01 10:31 - 2014-01-01 10:31 - 0000247 _____ () C:\Program Files (x86)\CrxInstaller.aoi
2013-02-28 23:54 - 2013-02-28 23:54 - 0000132 _____ () C:\Users\Matthew\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2015-05-27 14:09 - 2015-06-09 18:30 - 0000132 _____ () C:\Users\Matthew\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2012-02-10 23:04 - 2012-02-10 23:05 - 0000412 _____ () C:\Users\Matthew\AppData\Roaming\All CPU Meter_Settings.ini
2015-07-05 13:14 - 2015-07-05 13:24 - 0001480 _____ () C:\Users\Matthew\AppData\Local\Adobe Uložit pro web 12.0 Prefs
2012-02-10 19:44 - 2012-04-01 12:21 - 0007628 _____ () C:\Users\Matthew\AppData\Local\Resmon.ResmonCfg
2012-07-28 11:30 - 2012-07-28 13:46 - 0001836 _____ () C:\Users\Matthew\AppData\Local\SRDownloader.err
2012-07-28 11:29 - 2012-07-28 19:40 - 0001016 _____ () C:\Users\Matthew\AppData\Local\SRDownloader.nast
2014-10-13 19:08 - 2014-10-13 19:08 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-11-22 00:32 - 2015-11-22 00:32 - 0148736 _____ (Avanquest Software) C:\ProgramData\hpe665A.dll
2012-03-03 18:58 - 2014-10-01 12:14 - 0019926 _____ () C:\ProgramData\hpzinstall.log
2012-09-15 18:46 - 2012-09-15 18:48 - 0034308 _____ () C:\ProgramData\mazuki.dll

Files to move or delete:
====================
C:\ProgramData\hpe665A.dll
C:\ProgramData\mazuki.dll


Some files in TEMP:
====================
C:\Users\Matthew\AppData\Local\Temp\cpuz165.exe
C:\Users\Matthew\AppData\Local\Temp\drm_dyndata_7380012.dll
C:\Users\Matthew\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5hz0jp.dll
C:\Users\Matthew\AppData\Local\Temp\eauninstall.exe
C:\Users\Matthew\AppData\Local\Temp\ExPromo.exe
C:\Users\Matthew\AppData\Local\Temp\free-screen-capture.exe
C:\Users\Matthew\AppData\Local\Temp\gert0.exe
C:\Users\Matthew\AppData\Local\Temp\guninst.exe
C:\Users\Matthew\AppData\Local\Temp\GUR3487.exe
C:\Users\Matthew\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Matthew\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Matthew\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Matthew\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Matthew\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Matthew\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Matthew\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Matthew\AppData\Local\Temp\KMP_3.7.0.109.exe
C:\Users\Matthew\AppData\Local\Temp\KMP_3.9.0.126.exe
C:\Users\Matthew\AppData\Local\Temp\KMP_3.9.0.127.exe
C:\Users\Matthew\AppData\Local\Temp\LG+Root.zip__10924_i1743538913_il1671234.exe
C:\Users\Matthew\AppData\Local\Temp\LG+Root.zip__10924_i1743545495_il1672632.exe
C:\Users\Matthew\AppData\Local\Temp\Need for Speed Most Wanted_uninst.exe
C:\Users\Matthew\AppData\Local\Temp\NSISCodec.dll
C:\Users\Matthew\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Matthew\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Matthew\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\Matthew\AppData\Local\Temp\nvStInst.exe
C:\Users\Matthew\AppData\Local\Temp\Offercast36_NDV_.exe
C:\Users\Matthew\AppData\Local\Temp\ShellHook.dll
C:\Users\Matthew\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Matthew\AppData\Local\Temp\SRLDetectionLibrary705607066647483964.dll
C:\Users\Matthew\AppData\Local\Temp\uninst1.exe
C:\Users\Matthew\AppData\Local\Temp\uttAFF2.tmp.exe
C:\Users\Matthew\AppData\Local\Temp\vcredist_x86_2008.exe
C:\Users\Matthew\AppData\Local\Temp\vcredist_x86_2010.exe
C:\Users\Matthew\AppData\Local\Temp\_isF632.exe
C:\Users\Tinuška\AppData\Local\Temp\jre-8u65-windows-au.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-02 22:45

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\MountPoints2: {176ff346-4e45-11e4-b987-50e549e32de2} - E:\iLinker.exe
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\MountPoints2: {54324792-6d3c-11e1-8c8f-0009dd501fae} - E:\M2033.part01.exe
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\MountPoints2: {8e7e1e5f-6d26-11e1-a773-0009dd501fae} - F:\Autorun.exe
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
AppInit_DLLs: , C:\PROGRA~1\NVIDIA => No File
AppInit_DLLs-x32: , C:\PROGRA~2\NVIDIA => No File
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds& ... 1e0a6vt&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds& ... 1e0a6vt&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1 ... xxz1e0a6vt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1 ... xxz1e0a6vt
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds& ... 1e0a6vt&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds& ... 1e0a6vt&q={searchTerms}
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds& ... 1e0a6vt&q={searchTerms}
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1 ... xxz1e0a6vt
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds& ... 1e0a6vt&q={searchTerms}
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.qip.ru/ie
URLSearchHook: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> Default = {95289393-33EA-4F8D-B952-483415B9C955}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {95289393-33EA-4F8D-B952-483415B9C955} URL = hxxp://search.qip.ru/?query={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> {98527513-9680-4192-A399-C2DCD36BEC34} URL = hxxp://blekko.com/ws/?source=5f97ddbe&t ... d501fae&q={searchTerms}&r=631
SearchScopes: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = hxxp://search.qip.ru/search?query={searchTerms}&from=IE
BHO-x32: QIPBHO Class -> {95289393-33EA-4F8D-B952-483415B9C955} -> C:\Users\Matthew\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2009-06-17] (qip.ru)
Toolbar: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR StartupUrls: Default -> "hxxp://www.searchnu.com/406","hxxp://blekko.co ... xxz1e0a6vt"
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Facebook Desktop) - C:\Users\Matthew\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll => No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Matthew\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => No File
CHR Extension: (Youtube MP3 Converter) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\hglljpndoeopcpehilglkbnincooinnb [2015-09-13] [UpdateUrl: hxxp://www.flvto.com/chrome_version.xml] <==== ATTENTION
CHR HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
U3 ae5684uo; C:\Windows\System32\Drivers\ae5684uo.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\SysWOW64\SETE65D.tmp
C:\Windows\system32\SETDCEF.tmp
C:\Windows\SysWOW64\SETEC4E.tmp
C:\Windows\SysWOW64\SETDF65.tmp
C:\Windows\system32\SETCE71.tmp
C:\Windows\system32\SETD5C8.tmp
C:\Windows\SysWOW64\SETE6AD.tmp
C:\ProgramData\hpe665A.dll
C:\ProgramData\mazuki.dll
C:\Users\Matthew\AppData\Local\Temp
End

Uložte do D:\DOWNLOADS jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[matthew_tv]

Hotovo:

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Matthew (2016-03-06 19:43:56) Run:1
Running from D:\DOWNLOADS
Loaded Profiles: Matthew (Available Profiles: Matthew & Tinuška)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\MountPoints2: {176ff346-4e45-11e4-b987-50e549e32de2} - E:\iLinker.exe
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\MountPoints2: {54324792-6d3c-11e1-8c8f-0009dd501fae} - E:\M2033.part01.exe
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\...\MountPoints2: {8e7e1e5f-6d26-11e1-a773-0009dd501fae} - F:\Autorun.exe
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
AppInit_DLLs: , C:\PROGRA~1\NVIDIA => No File
AppInit_DLLs-x32: , C:\PROGRA~2\NVIDIA => No File
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds& ... 1e0a6vt&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds& ... 1e0a6vt&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1 ... xxz1e0a6vt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1 ... xxz1e0a6vt
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds& ... 1e0a6vt&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds& ... 1e0a6vt&q={searchTerms}
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds& ... 1e0a6vt&q={searchTerms}
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1 ... xxz1e0a6vt
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds& ... 1e0a6vt&q={searchTerms}
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.qip.ru/ie
URLSearchHook: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> Default = {95289393-33EA-4F8D-B952-483415B9C955}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {95289393-33EA-4F8D-B952-483415B9C955} URL = hxxp://search.qip.ru/?query={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> {98527513-9680-4192-A399-C2DCD36BEC34} URL = hxxp://blekko.com/ws/?source=5f97ddbe&t ... d501fae&q={searchTerms}&r=631
SearchScopes: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = hxxp://search.qip.ru/search?query={searchTerms}&from=IE
BHO-x32: QIPBHO Class -> {95289393-33EA-4F8D-B952-483415B9C955} -> C:\Users\Matthew\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2009-06-17] (qip.ru)
Toolbar: HKU\S-1-5-21-2249447251-1292941661-1166442940-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR StartupUrls: Default -> "hxxp://www.searchnu.com/406","hxxp://blekko.co ... xxz1e0a6vt"
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Facebook Desktop) - C:\Users\Matthew\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll => No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Matthew\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => No File
CHR Extension: (Youtube MP3 Converter) - C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\hglljpndoeopcpehilglkbnincooinnb [2015-09-13] [UpdateUrl: hxxp://www.flvto.com/chrome_version.xml] <==== ATTENTION
CHR HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
U3 ae5684uo; C:\Windows\System32\Drivers\ae5684uo.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\SysWOW64\SETE65D.tmp
C:\Windows\system32\SETDCEF.tmp
C:\Windows\SysWOW64\SETEC4E.tmp
C:\Windows\SysWOW64\SETDF65.tmp
C:\Windows\system32\SETCE71.tmp
C:\Windows\system32\SETD5C8.tmp
C:\Windows\SysWOW64\SETE6AD.tmp
C:\ProgramData\hpe665A.dll
C:\ProgramData\mazuki.dll
C:\Users\Matthew\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully
"HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{176ff346-4e45-11e4-b987-50e549e32de2}" => key removed successfully
HKCR\CLSID\{176ff346-4e45-11e4-b987-50e549e32de2} => key not found.
"HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{54324792-6d3c-11e1-8c8f-0009dd501fae}" => key removed successfully
HKCR\CLSID\{54324792-6d3c-11e1-8c8f-0009dd501fae} => key not found.
"HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e7e1e5f-6d26-11e1-a773-0009dd501fae}" => key removed successfully
HKCR\CLSID\{8e7e1e5f-6d26-11e1-a773-0009dd501fae} => key not found.
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully
", C:\PROGRA~1\NVIDIA" => Value data removed successfully.
", C:\PROGRA~2\NVIDIA" => Value data removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" => key removed successfully
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" => key removed successfully
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => key not found.
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{98527513-9680-4192-A399-C2DCD36BEC34}" => key removed successfully
HKCR\CLSID\{98527513-9680-4192-A399-C2DCD36BEC34} => key not found.
"HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" => key removed successfully
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => key not found.
"HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}" => key removed successfully
HKCR\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}" => key removed successfully
HKCR\Wow6432Node\CLSID\{95289393-33EA-4F8D-B952-483415B9C955} => key not found.
HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
Chrome StartupUrls => removed successfully
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\gcswf32.dll => not found.
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll => not found.
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => not found.
C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll => moved successfully
C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => not found.
C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll => moved successfully
C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll => not found.
C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll => not found.
C:\Users\Matthew\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll => not found.
C:\Users\Matthew\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => not found.
C:\Windows\system32\Adobe\Director\np32dsw.dll => not found.
C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\hglljpndoeopcpehilglkbnincooinnb <==== ATTENTION => not found
"HKU\S-1-5-21-2249447251-1292941661-1166442940-1000\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => key removed successfully
ae5684uo => service removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2249447251-1292941661-1166442940-1000UA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\SysWOW64\SETE65D.tmp => moved successfully
C:\Windows\system32\SETDCEF.tmp => moved successfully
C:\Windows\SysWOW64\SETEC4E.tmp => moved successfully
C:\Windows\SysWOW64\SETDF65.tmp => moved successfully
C:\Windows\system32\SETCE71.tmp => moved successfully
C:\Windows\system32\SETD5C8.tmp => moved successfully
C:\Windows\SysWOW64\SETE6AD.tmp => moved successfully
C:\ProgramData\hpe665A.dll => moved successfully
C:\ProgramData\mazuki.dll => moved successfully

"C:\Users\Matthew\AppData\Local\Temp" folder move:

Could not move "C:\Users\Matthew\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-03-06 19:53:15)

C:\Users\Matthew\AppData\Local\Temp => moved successfully

==== End of Fixlog 19:53:15 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[matthew_tv]

Nuž, vo windowse som nejaký zmeny spozoroval, pri prihlasovaní ma uvítalo okno, ako keď si vytvorím nový windows účet...
V čom myslíte, že bol problém? Prečo mi to odstránilo speed dial?

[Rudy]

Bylo tam celkem dost AdWarů a nějaké ty zbytečnosti. Proč to odstranilo SpeedDial nevím, vědomě jsem jej nemazal (díky za upozornění). Patrně některý AdWare způsoval ten problém, i když to není obvyklé.