Dobry den, po stiahnuti .cbz readeru mi vo vsetkych prehliadacoch nabehne ako uvodna stranka "start my search" a nejde odstranit zo systemu. Skusal som PC skenovat spybotom, ale ten to neodstranil, nepomohlo ani odinstalovanie aplikacie cez control panel.
tu je log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by mno at 2015-01-21 00:10:36
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 15 GB (13%) free of 114 GB
Total RAM: 8086 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:10:40, on 21. 1. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
C:\Users\mno\Bluebirds\BlueBirds.exe
C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\mno\AppData\Roaming\Spotify\spotify.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Razer\Abyssus\razerhid.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Razer\Abyssus\razertra.exe
C:\Program Files (x86)\Razer\Abyssus\razerofa.exe
C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
I:\steam\Steam.exe
I:\steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Miranda IM\miranda32.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
F:\programy\uTorrent\uTorrent.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\XTab\cmdshell.exe
C:\Program Files (x86)\XTab\HPNotify.exe
C:\Windows\SysWOW64\ctfmon.exe
I:\steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\mno.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hppp ... 01QC120BGN
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hppp ... 01QC120BGN
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hppp ... 01QC120BGN
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hppp ... 01QC120BGN
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\XTab\SupTab.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: HelloWorldBHO - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Abyssus] C:\Program Files (x86)\Razer\Abyssus\razerhid.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\mno\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Steam] "I:\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "F:\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [bluebirds] C:\Users\mno\Bluebirds\BlueBirds.exe
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\mno\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [Moveslink2] C:\Users\mno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto\Moveslink2.appref-ms -auto
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3909662914-1013579025-850310016-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'postgres')
O4 - HKUS\S-1-5-21-3909662914-1013579025-850310016-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'postgres')
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files (x86)\Common Files\Autodesk Shared\acstart17.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.es - {042e0cdd-612b-44d1-a4cf-932617334f1b} - C:\Users\mno\Desktop\PartyPoker.es.lnk (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: PartyPoker.es - {042e0cdd-612b-44d1-a4cf-932617334f1b} - C:\Users\mno\Desktop\PartyPoker.es.lnk (file missing) (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IHProtect Service - XTab system - C:\Program Files (x86)\XTab\ProtectService.exe
O23 - Service: ISCT Always Updated Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: postgresql-8.4 - PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - SysTool PasSame LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13468 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe" runservice -N "postgresql-8.4" -D "C:/Program Files (x86)/PostgreSQL/8.4/data" -w
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:/Program Files (x86)/PostgreSQL/8.4/bin/postgres.exe" -D "C:/Program Files (x86)/PostgreSQL/8.4/data"
\??\C:\Windows\system32\conhost.exe "504469125-106116071916476121381637854417922371711-38388545213310127461991686873
"C:/Program Files (x86)/PostgreSQL/8.4/bin/postgres.exe" "--forkboot" "860" "-x3"
"C:/Program Files (x86)/PostgreSQL/8.4/bin/postgres.exe" "--forkboot" "836" "-x4"
"C:/Program Files (x86)/PostgreSQL/8.4/bin/postgres.exe" "--forkavlauncher" "860"
"C:/Program Files (x86)/PostgreSQL/8.4/bin/postgres.exe" "--forkcol" "836"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
taskeng.exe {C1E38C5F-8958-4E7E-98DE-9CEADE856571}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe" /s
"taskhost.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Users\mno\Bluebirds\BlueBirds.exe"
"C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"C:\Users\mno\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Razer\Abyssus\razerhid.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Razer\Abyssus\razertra.exe"
"C:\Program Files (x86)\Razer\Abyssus\razerofa.exe"
"C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="4624.0.1843322112\196651549" /prefetch:673131151
"C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="4624.1.1134373217\443323060" /prefetch:673131151
"C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="4624.2.1736762406\1686978439" /prefetch:673131151
"C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="4624.3.700798021\1265827589" /prefetch:673131151
"I:\steam\Steam.exe" "-silent"
"I:\steam\bin\steamwebhelper.exe" -cefhost -cachedir "I:\steam\config\htmlcache" -cookiepath "I:\steam\config\cookies" -steampid 5728 --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
taskeng.exe {3B8B388D-9C6B-4034-A694-3E47F1C4EDB5}
"C:\Program Files (x86)\Miranda IM\miranda32.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 27c3e629-fcae-4a70-8e09-54c265831ae4 1
\??\C:\Windows\system32\conhost.exe "-30336926375765057-2672011021086103814133229629515324150261732957825-1683078454
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-154185178-7534819151308422554-273955591671837188-8983411186470495371570463415
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"F:\programy\uTorrent\uTorrent.exe" "C:\Users\mno\AppData\Local\Temp\15.01.20-19.01.15 CHI@CLE.mkv.torrent"
ctfmon.exe
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service
"C:\Program Files (x86)\XTab\ProtectService.exe"
"C:\Program Files (x86)\XTab\cmdshell.exe"
HPNotify.exe -run
ctfmon.exe
"I:\steam\bin\steamwebhelper.exe" --type=renderer --disable-accelerated-video-decode --disable-delegated-renderer --disable-gpu-compositing --disable-threaded-compositing --enable-pinch --enable-software-compositing --no-sandbox --enable-direct-write --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-accelerated-compositing --disable-gpu-compositing --channel="2388.0.607725114\1838846980" /prefetch:673131151
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\mno\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000Core.job - C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000UA.job - C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\mno\AppData\Roaming\Mozilla\Firefox\Profiles\vj4dtayr.default
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.mystartsearch.com/?type=hppp ... 01QC120BGN"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.257 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.257 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Users\mno\AppData\Roaming\Mozilla\Firefox\Profiles\vj4dtayr.default\extensions\
fftoolbar2014@etech.com
C:\Users\mno\AppData\Roaming\Mozilla\Firefox\Profiles\vj4dtayr.default\searchplugins\
mystartsearch.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files (x86)\XTab\SupTab.dll [2015-01-16 210096]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-11-07 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-11-07 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-03-22 170264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-03-22 398616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-03-22 439064]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-01-31 12446824]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe []
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-12-13 2824504]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-12-13 2531472]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-04 116648]
"Akamai NetSession Interface"=C:\Users\mno\AppData\Local\Akamai\netsession_win.exe []
"Steam"=I:\steam\steam.exe [2015-01-19 1942720]
"DAEMON Tools Lite"=F:\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]
"bluebirds"=C:\Users\mno\Bluebirds\BlueBirds.exe [2009-04-29 270336]
"Spotify Web Helper"=C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-12-12 1676344]
"Spotify"=C:\Users\mno\AppData\Roaming\Spotify\Spotify.exe [2014-12-12 6737976]
"zASRockInstantBoot"= []
"Moveslink2"=C:\Users\mno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto\Moveslink2.appref-ms -auto []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30877280]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-11-30 284440]
"Abyssus"=C:\Program Files (x86)\Razer\Abyssus\razerhid.exe [2011-03-10 231936]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-26 291608]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"cdisplayex"= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AutoCAD Startup Accelerator.lnk - C:\Program Files (x86)\Common Files\Autodesk Shared\acstart17.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-03-19 434688]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "C:\Windows\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2015-01-21 00:10:36 ----D---- C:\rsit
2015-01-21 00:10:36 ----D---- C:\Program Files\trend micro
2015-01-20 23:39:48 ----D---- C:\Program Files (x86)\globalUpdate
2015-01-20 23:39:10 ----D---- C:\ProgramData\IHProtectUpDate
2015-01-20 23:38:32 ----D---- C:\Program Files (x86)\XTab
2015-01-20 23:38:28 ----D---- C:\ProgramData\WindowsMangerProtect
2015-01-20 23:37:43 ----D---- C:\Users\mno\AppData\Roaming\mystartsearch
2015-01-20 16:06:45 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-01-20 16:05:09 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-01-20 16:05:09 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-01-20 16:05:09 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-01-20 16:05:09 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-01-20 16:05:09 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-01-20 16:05:09 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-01-20 16:05:09 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-01-20 16:05:09 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-01-20 16:05:09 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-01-20 16:05:09 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-01-20 16:05:09 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-01-20 16:05:09 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-01-20 16:05:09 ----A---- C:\Windows\system32\nvopencl.dll
2015-01-20 16:05:09 ----A---- C:\Windows\system32\nvoglv64.dll
2015-01-20 16:05:09 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-01-20 16:05:09 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-01-20 16:05:09 ----A---- C:\Windows\system32\NvIFR64.dll
2015-01-20 16:05:09 ----A---- C:\Windows\system32\nvhdap64.dll
2015-01-20 16:05:09 ----A---- C:\Windows\system32\nvhdagenco64.dll
2015-01-20 16:05:09 ----A---- C:\Windows\system32\NvFBC64.dll
2015-01-20 16:05:09 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-01-20 16:05:09 ----A---- C:\Windows\system32\nvdispgenco6434709.dll
2015-01-20 16:05:09 ----A---- C:\Windows\system32\nvdispco6434709.dll
2015-01-20 16:05:09 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-01-20 16:05:09 ----A---- C:\Windows\system32\nvcuvid.dll
2015-01-20 16:05:09 ----A---- C:\Windows\system32\nvcuda.dll
2015-01-20 16:05:09 ----A---- C:\Windows\system32\nvcompiler.dll
2015-01-20 16:05:09 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-01-20 16:05:09 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2015-01-20 16:03:40 ----D---- C:\Windows\LastGood
2015-01-20 16:03:39 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-01-20 16:03:39 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-01-15 08:39:41 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-15 08:39:41 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-15 08:39:41 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-15 08:39:41 ----A---- C:\Windows\system32\srcore.dll
2015-01-15 08:39:41 ----A---- C:\Windows\system32\srclient.dll
2015-01-15 08:39:41 ----A---- C:\Windows\system32\rstrui.exe
2015-01-15 08:39:41 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-14 22:07:18 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-14 10:55:59 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 10:55:59 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-14 10:55:59 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 10:55:59 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 10:55:59 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 10:55:59 ----A---- C:\Windows\system32\drivers\mrxdav.sys
======List of files/folders modified in the last 1 month======
2015-01-21 00:10:36 ----RD---- C:\Program Files
2015-01-21 00:10:33 ----D---- C:\Users\mno\AppData\Roaming\vlc
2015-01-21 00:10:00 ----D---- C:\Windows\Temp
2015-01-21 00:09:41 ----D---- C:\Users\mno\AppData\Roaming\uTorrent
2015-01-20 23:54:57 ----RD---- C:\Program Files (x86)
2015-01-20 23:53:58 ----D---- C:\Windows\Tasks
2015-01-20 23:53:58 ----D---- C:\Windows\system32\Tasks
2015-01-20 23:53:58 ----D---- C:\Program Files (x86)\Adobe
2015-01-20 23:39:49 ----SHD---- C:\Windows\Installer
2015-01-20 23:39:10 ----HD---- C:\ProgramData
2015-01-20 23:39:10 ----D---- C:\Windows\SysWOW64
2015-01-20 20:40:07 ----D---- C:\Users\mno\AppData\Roaming\Spotify
2015-01-20 16:06:55 ----D---- C:\Windows\inf
2015-01-20 16:06:55 ----D---- C:\ProgramData\NVIDIA
2015-01-20 16:06:44 ----D---- C:\Windows\system32\DriverStore
2015-01-20 16:06:00 ----D---- C:\Windows\system32\drivers
2015-01-20 16:06:00 ----D---- C:\Windows\System32
2015-01-20 16:05:36 ----SHD---- C:\System Volume Information
2015-01-20 16:03:40 ----D---- C:\Windows
2015-01-20 14:24:32 ----D---- C:\Users\mno\AppData\Roaming\Skype
2015-01-20 11:18:22 ----D---- C:\Windows\system32\config
2015-01-20 07:40:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-20 07:36:59 ----A---- C:\Windows\SYSWOW64\log.txt
2015-01-20 07:34:55 ----A---- C:\Windows\system32\WPRO_41_2001woem.tmp
2015-01-20 03:41:29 ----A---- C:\blitzerr.txt
2015-01-20 03:07:30 ----D---- C:\Users\mno\AppData\Roaming\HoldemManager
2015-01-17 15:12:47 ----D---- C:\Holdem Manager 2
2015-01-16 13:17:57 ----D---- C:\Windows\winsxs
2015-01-16 01:29:06 ----D---- C:\Users\mno\AppData\Roaming\TS3Client
2015-01-15 08:39:37 ----D---- C:\Windows\system32\catroot2
2015-01-15 07:08:10 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-15 03:14:00 ----D---- C:\ProgramData\Blizzard Entertainment
2015-01-15 03:03:40 ----D---- C:\Windows\system32\MRT
2015-01-15 03:00:22 ----A---- C:\Windows\system32\MRT.exe
2015-01-14 08:09:10 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-04 14:11:01 ----D---- C:\Windows\Minidump
2014-12-31 12:14:31 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 asahci64;asahci64; C:\Windows\system32\DRIVERS\asahci64.sys [2011-09-21 49760]
R0 AsrRamDisk;AsrRamDisk; C:\Windows\system32\DRIVERS\AsrRamDisk.sys [2012-01-13 31016]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-11-30 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-01-26 16152]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsrAppCharger;AsrAppCharger; C:\Windows\system32\DRIVERS\AsrAppCharger.sys [2011-05-10 17192]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-07 283200]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R3 Abyssus;Razer Abyssus; C:\Windows\system32\drivers\Abyssus.sys [2009-10-30 10880]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-03-04 126952]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-03-04 390632]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-03-19 14745600]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2012-02-09 25536]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2012-02-09 25536]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-01-31 4739304]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-05 331264]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD64.sys [2012-02-09 44992]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-01-26 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-01-26 787736]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2011-05-09 425000]
R3 lvpopf64;Logitech POP Suppression Filter; C:\Windows\system32\DRIVERS\lvpopf64.sys [2007-05-12 1361952]
R3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys [2007-05-12 50208]
R3 LVUVC64;QuickCam Orbit/Sphere MP(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2007-05-12 3612704]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-10-09 195728]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-12-13 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RTCore64;RTCore64; \??\C:\Program Files (x86)\EVGA Precision X\RTCore64.sys [2013-07-18 15176]
R3 VKbms;Virtual HID Minidriver; C:\Windows\system32\DRIVERS\VKbms.sys [2010-10-01 13312]
R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001); C:\Windows\system32\drivers\WPRO_41_2001.sys [2015-01-20 34752]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 GPUZ;GPUZ; \??\C:\Users\mno\AppData\Local\Temp\GPUZ.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2010-11-23 30720]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-12-13 1148560]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
R2 IHProtect Service;IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [2015-01-16 158896]
R2 ISCTAgent;ISCT Always Updated Agent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2012-02-09 133632]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-07 277784]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-12-13 1701520]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-12-13 19823248]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-12-13 935240]
R2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4; C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files (x86)/PostgreSQL/8.4/data -w []
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-12-13 410768]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-07-08 4153184]
R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2015-01-20 464384]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-01-20 68608]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2013-08-26 77944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-03-22 276248]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-05-31 1431888]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-01-20 68608]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-14 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-06-06 543656]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-04 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Start my search v prehliadaci
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Start my search v prehliadaci
Dobry vecer 
Je tento OS legalni? Opravdu neni bezne, ze by si bezny domaci uzivatel kupoval nejvyssi licenci, ktera zacina na 5.000 Kc s funkcemi, ktere nevyuzije, misto obycejne licence Home Premium, ktera stoji polovic 
Je tento OS legalni? Opravdu neni bezne, ze by si bezny domaci uzivatel kupoval nejvyssi licenci, ktera zacina na 5.000 Kc s funkcemi, ktere nevyuzije, misto obycejne licence Home Premium, ktera stoji polovic Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Start my search v prehliadaci
Dobry vecer
Mala by byt, pocitac som dostal uz komplet a bol kupovany cez otcovu firmu, kde ho ich technik montoval a instaloval.
Mala by byt, pocitac som dostal uz komplet a bol kupovany cez otcovu firmu, kde ho ich technik montoval a instaloval.
Re: Start my search v prehliadaci
Odinstalujte Spybot S&D. Doporucuji nahradit MSE antivirem s lepsimi vysledky detekce napr. avastem Free. V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan, pote na Clean
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Start my search v prehliadaci
Tu je log:
# AdwCleaner v4.108 - Report created 21/01/2015 at 00:38:13
# Updated 17/01/2015 by Xplode
# Database : 2015-01-18.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : mno - MNO-PC
# Running from : C:\Users\mno\Desktop\adwcleaner_4.108.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : WindowsMangerProtect
Service Deleted : IHProtect Service
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\IHProtectUpDate
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\XTab
Folder Deleted : C:\Users\mno\AppData\Local\globalUpdate
Folder Deleted : C:\Users\mno\AppData\Roaming\mystartsearch
Folder Deleted : C:\Users\mno\AppData\Roaming\Mozilla\Firefox\Profiles\vj4dtayr.default\Extensions\fftoolbar2014@etech.com
File Deleted : C:\Users\mno\AppData\Roaming\Mozilla\Firefox\Profiles\vj4dtayr.default\user.js
File Deleted : C:\Users\mno\AppData\Roaming\Mozilla\Firefox\Profiles\vj4dtayr.default\searchplugins\mystartsearch.xml
File Deleted : C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
File Deleted : C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fftoolbar2014@etech.com]
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
Key Deleted : HKLM\SOFTWARE\IHProtect
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v35.0 (x86 en-US)
[vj4dtayr.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "mystartsearch");
[vj4dtayr.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.alias", "mystartsearch");
[vj4dtayr.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/web/favicon.ico");
[vj4dtayr.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.name", "mystartsearch");
[vj4dtayr.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=dspp&ts ... earchTerms}");
[vj4dtayr.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "mystartsearch");
[vj4dtayr.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.mystartsearch.com/?type=hppp&ts=142 ... 01QC120BGN");
[vj4dtayr.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "14b09818238ebbf0955f3b151188c8b6");
[vj4dtayr.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[vj4dtayr.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
-\\ Google Chrome v
[C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts ... earchTerms}
[C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts ... earchTerms}
*************************
AdwCleaner[R0].txt - [13561 octets] - [21/01/2015 00:37:24]
AdwCleaner[S0].txt - [11608 octets] - [21/01/2015 00:38:13]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11669 octets] ##########
# AdwCleaner v4.108 - Report created 21/01/2015 at 00:38:13
# Updated 17/01/2015 by Xplode
# Database : 2015-01-18.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : mno - MNO-PC
# Running from : C:\Users\mno\Desktop\adwcleaner_4.108.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : WindowsMangerProtect
Service Deleted : IHProtect Service
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\IHProtectUpDate
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\XTab
Folder Deleted : C:\Users\mno\AppData\Local\globalUpdate
Folder Deleted : C:\Users\mno\AppData\Roaming\mystartsearch
Folder Deleted : C:\Users\mno\AppData\Roaming\Mozilla\Firefox\Profiles\vj4dtayr.default\Extensions\fftoolbar2014@etech.com
File Deleted : C:\Users\mno\AppData\Roaming\Mozilla\Firefox\Profiles\vj4dtayr.default\user.js
File Deleted : C:\Users\mno\AppData\Roaming\Mozilla\Firefox\Profiles\vj4dtayr.default\searchplugins\mystartsearch.xml
File Deleted : C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
File Deleted : C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fftoolbar2014@etech.com]
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
Key Deleted : HKLM\SOFTWARE\IHProtect
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v35.0 (x86 en-US)
[vj4dtayr.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "mystartsearch");
[vj4dtayr.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.alias", "mystartsearch");
[vj4dtayr.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/web/favicon.ico");
[vj4dtayr.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.name", "mystartsearch");
[vj4dtayr.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=dspp&ts ... earchTerms}");
[vj4dtayr.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "mystartsearch");
[vj4dtayr.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.mystartsearch.com/?type=hppp&ts=142 ... 01QC120BGN");
[vj4dtayr.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "14b09818238ebbf0955f3b151188c8b6");
[vj4dtayr.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[vj4dtayr.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
-\\ Google Chrome v
[C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts ... earchTerms}
[C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts ... earchTerms}
*************************
AdwCleaner[R0].txt - [13561 octets] - [21/01/2015 00:37:24]
AdwCleaner[S0].txt - [11608 octets] - [21/01/2015 00:38:13]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11669 octets] ##########
Re: Start my search v prehliadaci
Jeste tam cosik zustalo... Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Start my search v prehliadaci
Daval som len scan nie fix
FRST
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by mno (administrator) on MNO-PC on 21-01-2015 00:47:40
Running from C:\Users\mno\Desktop
Loaded Profiles: mno & postgres (Available profiles: mno & postgres)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
() C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Valve Corporation) I:\steam\Steam.exe
(LG Electronics) C:\Users\mno\Bluebirds\BlueBirds.exe
(Spotify Ltd) C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Spotify Ltd) C:\Users\mno\AppData\Roaming\Spotify\spotify.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Razer\Abyssus\razerhid.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Razer\Abyssus\razertra.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Abyssus\razerofa.exe
() C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Valve Corporation) I:\steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-30] (Intel Corporation)
HKLM-x32\...\Run: [Abyssus] => C:\Program Files (x86)\Razer\Abyssus\razerhid.exe [231936 2011-03-10] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [Google Update] => C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-04] (Google Inc.)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\mno\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [Steam] => I:\steam\steam.exe [1942720 2015-01-19] (Valve Corporation)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [DAEMON Tools Lite] => F:\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [bluebirds] => C:\Users\mno\Bluebirds\BlueBirds.exe [270336 2009-04-29] (LG Electronics)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [Spotify Web Helper] => C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [Spotify] => C:\Users\mno\AppData\Roaming\Spotify\Spotify.exe [6737976 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [zASRockInstantBoot] => [X]
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [Moveslink2] => C:\Users\mno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto\Moveslink2.appref-ms -auto
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: J - J:\setup.exe
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: {58905cc8-c61e-11e1-804d-806e6f6e6963} - E:\BlueBirds.exe
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: {a947fcfe-dfb4-11e1-a026-bc5ff443dede} - J:\setup.exe
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: {ace930c9-ac2d-11e3-a7e5-bc5ff443dede} - L:\iLinker.exe
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: {f64c14f5-c664-11e1-96e9-806e6f6e6963} - E:\ASRSetup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178632 2014-12-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [165760 2014-12-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk
ShortcutTarget: AutoCAD Startup Accelerator.lnk -> C:\Program Files (x86)\Common Files\Autodesk Shared\acstart17.exe (Autodesk, Inc)
ShellIconOverlayIdentifiers-x32: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\SysWOW64\AcSignIcon.dll (Autodesk)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3909662914-1013579025-850310016-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3909662914-1013579025-850310016-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\mno\AppData\Roaming\Mozilla\Firefox\Profiles\vj4dtayr.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin HKU\S-1-5-21-3909662914-1013579025-850310016-1000: @tools.google.com/Google Update;version=3 -> C:\Users\mno\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3909662914-1013579025-850310016-1000: @tools.google.com/Google Update;version=9 -> C:\Users\mno\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Extension: NoScript - C:\Users\mno\AppData\Roaming\Mozilla\Firefox\Profiles\vj4dtayr.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-07-06]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hppp&ts=142 ... 01QC120BGN
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hppp&ts=142 ... 01QC120BGN"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\mno\AppData\Local\Google\Chrome\Application\39.0.2171.99\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\mno\AppData\Local\Google\Chrome\Application\39.0.2171.99\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\mno\AppData\Local\Google\Chrome\Application\39.0.2171.99\gcswf32.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Google Update) - C:\Users\mno\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Profile: C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-04]
CHR Extension: (Hľadať v Google) - C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-04]
CHR Extension: (Peňaženka Google) - C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-04]
CHR StartMenuInternet: Google Chrome - C:\Users\mno\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [77944 2013-08-26] (Autodesk)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 postgresql-8.4; C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files (x86)/PostgreSQL/8.4/data" -w [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 Abyssus; C:\Windows\System32\drivers\Abyssus.sys [10880 2009-10-30] (Razer (Asia-Pacific) Pte Ltd)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-08-07] (DT Soft Ltd)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\EVGA Precision X\RTCore64.sys [15176 2013-07-18] ()
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-01-21] ()
S3 GPUZ; \??\C:\Users\mno\AppData\Local\Temp\GPUZ.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-21 00:47 - 2015-01-21 00:47 - 00017963 _____ () C:\Users\mno\Desktop\FRST.txt
2015-01-21 00:47 - 2015-01-21 00:47 - 00000000 ____D () C:\FRST
2015-01-21 00:46 - 2015-01-21 00:47 - 00112640 _____ (forum.viry.cz) C:\Users\mno\Desktop\FRSTLauncher.exe
2015-01-21 00:45 - 2015-01-21 00:45 - 02126848 _____ (Farbar) C:\Users\mno\Desktop\FRST64.exe
2015-01-21 00:36 - 2015-01-21 00:38 - 00000000 ____D () C:\AdwCleaner
2015-01-21 00:36 - 2015-01-21 00:36 - 02186752 _____ () C:\Users\mno\Desktop\adwcleaner_4.108.exe
2015-01-21 00:33 - 2015-01-21 00:33 - 00000085 _____ () C:\Windows\wininit.ini
2015-01-21 00:10 - 2015-01-21 00:10 - 00000000 ____D () C:\rsit
2015-01-21 00:10 - 2015-01-21 00:10 - 00000000 ____D () C:\Program Files\trend micro
2015-01-21 00:08 - 2015-01-21 00:08 - 01222144 _____ () C:\Users\mno\Downloads\RSITx64.exe
2015-01-20 23:36 - 2015-01-20 23:36 - 06552544 _____ (Progdigy Software S.A.R.L. ) C:\Users\mno\Downloads\CDisplayExWin32v1.10.29.exe
2015-01-20 16:06 - 2014-12-13 01:47 - 00620176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-01-20 16:05 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 24764232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 17264312 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-01-20 16:05 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434709.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434709.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00994384 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00876976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00399688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00391488 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00346944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-01-20 16:05 - 2014-10-09 18:02 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-01-20 16:05 - 2014-10-09 18:02 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-01-20 16:05 - 2014-10-09 08:17 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2015-01-20 16:03 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-01-20 16:03 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-01-15 08:39 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-15 08:39 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-15 08:39 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-15 08:39 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-15 08:39 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-15 08:39 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-15 08:39 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-15 03:13 - 2015-01-15 03:14 - 00000000 ____D () C:\Users\mno\Documents\Heroes of the Storm
2015-01-15 03:06 - 2015-01-15 03:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-01-14 22:07 - 2015-01-14 22:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-14 10:55 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 10:55 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 10:55 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 10:55 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 10:55 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 10:55 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-04 14:11 - 2015-01-04 14:11 - 00780432 _____ () C:\Windows\Minidump\010415-16645-01.dmp
2014-12-27 00:35 - 2014-12-30 16:29 - 00001102 _____ () C:\Users\mno\Desktop\nove.txt
2014-12-25 02:42 - 2014-12-25 02:42 - 00000000 __SHD () C:\Users\mno\AppData\Local\EmieBrowserModeList
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-21 00:45 - 2009-07-14 05:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-21 00:45 - 2009-07-14 05:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-21 00:44 - 2012-10-16 16:34 - 00000000 ____D () C:\Users\mno\AppData\Roaming\Spotify
2015-01-21 00:44 - 2009-07-14 06:13 - 00006462 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-21 00:42 - 2012-07-05 06:51 - 01775114 _____ () C:\Windows\WindowsUpdate.log
2015-01-21 00:39 - 2012-07-12 01:00 - 00000000 ____D () C:\Program Files (x86)\EVGA Precision X
2015-01-21 00:39 - 2012-07-05 23:11 - 00000000 ____D () C:\Users\mno\AppData\Roaming\Skype
2015-01-21 00:38 - 2014-07-10 15:44 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-01-21 00:38 - 2013-06-09 00:38 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-01-21 00:38 - 2012-07-31 02:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-21 00:38 - 2012-07-04 22:44 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2015-01-21 00:38 - 2010-11-21 04:47 - 00439858 _____ () C:\Windows\PFRO.log
2015-01-21 00:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-21 00:38 - 2009-07-14 05:51 - 00173244 _____ () C:\Windows\setupact.log
2015-01-21 00:36 - 2014-01-21 03:34 - 00003014 _____ () C:\Windows\System32\Tasks\EVGAPrecision
2015-01-21 00:35 - 2014-09-15 11:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-01-21 00:35 - 2012-10-16 16:36 - 00000000 ____D () C:\Users\mno\AppData\Local\Spotify
2015-01-21 00:35 - 2012-07-10 17:10 - 00000000 ____D () C:\Users\postgres
2015-01-21 00:33 - 2012-08-16 21:09 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-21 00:10 - 2012-07-06 00:14 - 00000000 ____D () C:\Users\mno\AppData\Roaming\uTorrent
2015-01-21 00:10 - 2012-07-04 09:34 - 00000000 ____D () C:\Users\mno\AppData\Roaming\vlc
2015-01-21 00:09 - 2013-02-05 11:52 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-20 23:56 - 2012-07-06 00:38 - 00001142 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-20 23:56 - 2012-07-05 06:52 - 00001413 _____ () C:\Users\mno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-20 23:53 - 2013-07-11 15:37 - 00000000 ____D () C:\Users\mno\AppData\Local\CrashDumps
2015-01-20 23:53 - 2013-01-01 01:00 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-20 23:53 - 2012-07-04 22:27 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000UA.job
2015-01-20 22:53 - 2012-07-04 22:27 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000Core.job
2015-01-20 16:07 - 2012-07-04 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-01-20 16:06 - 2013-10-27 11:12 - 00000000 ____D () C:\Users\mno\AppData\Local\Battle.net
2015-01-20 03:41 - 2012-07-10 17:13 - 16269497 _____ () C:\blitzerr.txt
2015-01-20 03:07 - 2013-03-28 17:29 - 00000000 ____D () C:\Users\mno\AppData\Roaming\HoldemManager
2015-01-20 01:19 - 2013-05-20 13:20 - 00000000 ____D () C:\Users\mno\Documents\888poker
2015-01-18 13:47 - 2012-07-10 14:54 - 00000000 ____D () C:\Users\mno\AppData\Local\PokerStars
2015-01-17 15:12 - 2013-04-03 23:02 - 00000687 _____ () C:\Users\Public\Desktop\HoldemManager2.lnk
2015-01-17 15:12 - 2013-03-28 17:28 - 00000000 ____D () C:\Holdem Manager 2
2015-01-16 01:29 - 2012-10-07 19:05 - 00000000 ____D () C:\Users\mno\AppData\Roaming\TS3Client
2015-01-15 07:08 - 2012-07-06 00:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-15 03:14 - 2012-07-04 09:38 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-01-15 03:03 - 2013-07-13 12:48 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 03:00 - 2012-07-08 17:04 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 08:09 - 2013-02-05 11:52 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-14 08:09 - 2012-07-07 19:59 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-14 08:09 - 2012-07-07 19:59 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-04 14:11 - 2012-07-11 23:08 - 00000000 ____D () C:\Windows\Minidump
2014-12-31 12:14 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Files in the root of some directories =======
2012-07-10 17:11 - 2012-07-10 17:11 - 0068169 _____ () C:\Program Files (x86)\hminstalllog.txt
2013-05-20 13:53 - 2013-05-20 13:53 - 0005120 _____ () C:\Users\mno\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-08 01:32 - 2012-08-08 01:32 - 0003072 _____ () C:\Users\mno\AppData\Local\file__0.localstorage
2012-07-04 19:41 - 2013-03-08 15:17 - 0007605 _____ () C:\Users\mno\AppData\Local\resmon.resmoncfg
2013-06-09 00:40 - 2013-06-09 00:40 - 0000003 _____ () C:\Users\mno\AppData\Local\user_data.ini
2013-05-31 04:46 - 2013-05-31 04:46 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some content of TEMP:
====================
C:\Users\mno\AppData\Local\Temp\appshat_generic.exe
C:\Users\mno\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\mno\AppData\Local\Temp\nvStInst.exe
C:\Users\mno\AppData\Local\Temp\Quarantine.exe
C:\Users\mno\AppData\Local\Temp\setup.exe
C:\Users\mno\AppData\Local\Temp\smt_mystartsearch.exe
C:\Users\mno\AppData\Local\Temp\sqlite3.dll
C:\Users\mno\AppData\Local\Temp\TMCCSetup_3.69.01.14_1.exe
C:\Users\mno\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\mno\AppData\Local\Temp\ytaiesmt_smtyc_setup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-14 09:13
==================== End Of Log ============================
Addition
dditional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by mno at 2015-01-21 00:48:01
Running from C:\Users\mno\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29544 - BitTorrent Inc.)
888poker (HKLM-x32\...\888poker) (Version: - )
ACDSee Photo Manager 2009 (HKLM-x32\...\{300578F9-9EFF-4B93-9AB1-C0E5707EF463}) (Version: 11.0.85 - ACD Systems International)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.1.000 - Asmedia Technology)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.)
ASRock InstantBoot v1.29 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: - )
ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
AutoCAD 2007 - English (HKLM-x32\...\{5783F2D7-5001-0409-0002-0060B0CE6BBA}) (Version: 17.0.54.110 - Autodesk)
Autodesk Content Service (HKLM-x32\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
Autodesk DWF Viewer (HKLM-x32\...\Autodesk DWF Viewer) (Version: 6.5 - Autodesk, Inc.)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Baldur's Gate - Enhanced Edition (HKLM-x32\...\Baldur's Gate - Enhanced Edition_is1) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Borderlands 2 (HKLM-x32\...\Borderlands 2_is1) (Version: - )
Borderlands: The Pre-Sequel (HKLM-x32\...\Qm9yZGVybGFuZHNUaGVQcmVTZXF1ZWw=_is1) (Version: 1 - )
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.5.1 - Broadcom Corporation)
Combined Community Codec Pack 2008-09-21 16:18 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2008.09.21.0 - CCCP Project)
ComicRack v0.9.175 (HKLM\...\ComicRack) (Version: v0.9.175 - cYo Soft)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
Demonbuddy (HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\{45bb2989-e144-465d-9823-220359687d0e}) (Version: 1.0.1445.316 - Bossland GmbH)
Demonbuddy (x32 Version: 1.0.1445.316 - Bossland GmbH) Hidden
Dogecoin (HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Dogecoin) (Version: 1.6.0.0 - Dogecoin) <==== ATTENTION!
EVGA Precision X 4.2.1 (HKLM-x32\...\PrecisionX) (Version: 4.2.1 - EVGA Corporation)
FFsplit version 0.7 (HKLM-x32\...\{82458834-6226-4A34-AE96-6907354F9F36}_is1) (Version: 0.7 - FFsplit Team)
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 5.24.2.WIN.FullTilt.COM - )
Google Chrome (HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Google Chrome) (Version: 39.0.2171.99 - Spoločnosť Google Inc.)
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Holdem Manager (HKLM-x32\...\HoldemManager) (Version: - )
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version: - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{D1B033E8-A077-4B0D-9831-5798E19E861E}) (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
LuckyAcePoker.com (HKLM-x32\...\LuckyAcePoker.com) (Version: - )
Magic The Gathering Online (HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\9f2df17776476c05) (Version: 3.4.80.381 - Wizards of the Coast)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F112F66E-25CA-42DD-983C-6118EB38F606}) (Version: 3.0.89.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Miranda IM 0.10.21 (HKLM-x32\...\Miranda IM) (Version: 0.10.21 - Miranda IM Project)
mIRC (HKLM-x32\...\mIRC) (Version: - )
Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.0.22571 - Grinding Gear Games)
PokerCoach (HKLM-x32\...\PokerCoach_is1) (Version: - Snowie Games Ltd)
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
PokerStrategy.com Equilab (HKLM-x32\...\{86D09F48-CDAB-4B4C-8806-F6C16F17935A}) (Version: 1.2.8.0 - PokerStrategy.com)
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
Quake Live (HKLM-x32\...\Quake Live) (Version: - id Software)
Rayman Origins (HKLM-x32\...\{DE491AB9-1D47-4FED-A8F5-4D4325B2EB4B}) (Version: 1.00 - Ubisoft)
Razer Abyssus (HKLM-x32\...\{CBD6B23A-B54F-476A-9527-C262F469CACF}) (Version: 2.01 - Razer USA Ltd.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6559 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
Spotify (HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.1.1 - Krzysztof Kowalczyk)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.11.1 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.19617 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 - Ghisler Software GmbH)
Tukui Update Utility (HKLM-x32\...\{B5EDE97F-29A3-4A18-B9AE-CBE33DD2ED61}) (Version: 1.0.0 - Tukui)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WildStar (HKLM-x32\...\WildStar) (Version: 0.5.18.6490 - NCSOFT)
William Hill Poker (HKLM-x32\...\William Hill Poker) (Version: - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.56 - Nullsoft, Inc)
Winner Poker (HKLM-x32\...\winnerpoker) (Version: - )
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Ys Origin (HKLM-x32\...\Steam App 207350) (Version: - Falcom)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
15-01-2015 03:00:10 Windows Update
16-01-2015 03:00:11 Windows Update
20-01-2015 07:45:38 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0BCAF8D3-E5DC-4D53-9A81-94DCD4C75A8D} - System32\Tasks\{53F614C1-226C-4A79-94C3-3D231308C95C} => pcalua.exe -a "D:\hry normal\Wildstar\WildStar\Wildstar.exe" -c /uninstall
Task: {296DE5E8-6174-4693-9C1C-F04FC713A772} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000Core => C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-04] (Google Inc.)
Task: {34FEC8EA-4C7F-4EB2-9ED7-9D687C6D5801} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated)
Task: {459A3C42-0621-4A19-8BB5-631A41062C14} - System32\Tasks\{1EBF4631-1D2C-456C-9C70-794762C2BB5D} => pcalua.exe -a D:\PS.com\PokerStarsUninstall.exe -d D:\PS.com
Task: {51902C5D-C353-4CA3-A569-519F2FC9245B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000UA => C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-04] (Google Inc.)
Task: {8D1E0F3A-2484-48A9-9A3C-D913F767374A} - System32\Tasks\{FEF816D3-85F8-4A65-BAF1-93A8C5659181} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -c /M{532F6E8A-AF97-41C3-915F-39F718EC07D1} /l1033
Task: {D7613867-DA00-4A76-98FC-223C1CCC5096} - System32\Tasks\EVGAPrecision => C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2013-07-18] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000Core.job => C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000UA.job => C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-07-31 02:06 - 2014-12-13 09:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-02-02 13:08 - 2011-02-02 13:08 - 00018656 _____ () C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
2012-02-09 15:26 - 2012-02-09 15:26 - 00133632 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 15:26 - 2012-02-09 15:26 - 00048128 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 15:26 - 2012-02-09 15:26 - 00036864 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2013-07-18 01:28 - 2013-07-18 01:28 - 00627016 _____ () C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
2012-07-05 07:18 - 2012-03-19 08:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-04 23:01 - 2011-03-10 21:04 - 00231936 _____ () C:\Program Files (x86)\Razer\Abyssus\razerhid.exe
2012-07-04 23:01 - 2011-03-10 19:24 - 00151552 _____ () C:\Program Files (x86)\Razer\Abyssus\razertra.exe
2013-09-24 20:51 - 2014-12-12 11:13 - 00374840 _____ () C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2012-07-10 17:10 - 2011-01-28 06:15 - 00172032 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\LIBPQ.dll
2012-07-10 17:10 - 2009-02-12 20:01 - 00976384 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\libxml2.dll
2012-07-10 17:10 - 2005-07-20 11:48 - 00059904 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\zlib1.dll
2013-05-15 17:49 - 2013-05-15 17:49 - 00071680 _____ () C:\Program Files (x86)\EVGA Precision X\RTMUI.dll
2013-05-15 17:48 - 2013-05-15 17:48 - 00056832 _____ () C:\Program Files (x86)\EVGA Precision X\RTFC.dll
2013-05-15 17:49 - 2013-05-15 17:49 - 00216064 _____ () C:\Program Files (x86)\EVGA Precision X\RTCore.dll
2013-05-15 17:49 - 2013-05-15 17:49 - 00127488 _____ () C:\Program Files (x86)\EVGA Precision X\RTUI.dll
2013-05-15 17:49 - 2013-05-15 17:49 - 00587776 _____ () C:\Program Files (x86)\EVGA Precision X\RTHAL.dll
2014-08-29 11:25 - 2014-12-01 22:31 - 02396672 _____ () I:\steam\libavcodec-56.dll
2014-08-29 11:25 - 2014-12-01 22:31 - 00442880 _____ () I:\steam\libavutil-54.dll
2014-08-29 11:25 - 2014-12-01 22:31 - 00479744 _____ () I:\steam\libavformat-56.dll
2014-08-29 11:25 - 2014-12-01 22:31 - 00332800 _____ () I:\steam\libavresample-2.dll
2013-03-12 17:10 - 2014-11-11 19:47 - 00774656 _____ () I:\steam\SDL2.dll
2015-01-20 07:35 - 2014-12-02 01:29 - 05002752 _____ () I:\steam\v8.dll
2015-01-20 07:35 - 2014-12-02 01:29 - 01612800 _____ () I:\steam\icui18n.dll
2015-01-20 07:35 - 2014-12-02 01:29 - 01210368 _____ () I:\steam\icuuc.dll
2014-05-22 15:58 - 2015-01-19 19:49 - 02227904 _____ () I:\steam\video.dll
2014-08-29 11:25 - 2014-12-01 22:31 - 00485888 _____ () I:\steam\libswscale-3.dll
2011-07-13 19:56 - 2015-01-19 19:49 - 00696000 _____ () I:\steam\bin\chromehtml.DLL
2012-10-16 16:36 - 2014-12-12 11:13 - 36966968 _____ () C:\Users\mno\AppData\Roaming\Spotify\Data\libcef.dll
2014-07-10 16:02 - 2014-12-12 11:13 - 00867896 _____ () C:\Users\mno\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2013-09-24 20:51 - 2014-12-12 11:13 - 00886840 _____ () C:\Users\mno\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-24 20:51 - 2014-12-12 11:13 - 00108600 _____ () C:\Users\mno\AppData\Roaming\Spotify\Data\libegl.dll
2010-05-28 21:29 - 2015-01-16 00:42 - 34641288 _____ () I:\steam\bin\libcef.dll
2015-01-14 22:07 - 2015-01-14 22:07 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-10-17 03:21 - 2014-10-17 03:21 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\92a1650dbe9fad5f46633b835420e1a8\IsdiInterop.ni.dll
2012-07-05 07:20 - 2011-11-30 04:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-3909662914-1013579025-850310016-500 - Administrator - Disabled)
Guest (S-1-5-21-3909662914-1013579025-850310016-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3909662914-1013579025-850310016-1006 - Limited - Enabled)
mno (S-1-5-21-3909662914-1013579025-850310016-1000 - Administrator - Enabled) => C:\Users\mno
postgres (S-1-5-21-3909662914-1013579025-850310016-1003 - Limited - Enabled) => C:\Users\postgres
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/21/2015 00:44:46 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (01/21/2015 00:44:46 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (01/21/2015 00:40:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/21/2015 00:38:51 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2
Error: (01/21/2015 00:38:19 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2
Error: (01/21/2015 00:36:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/21/2015 00:35:13 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2
Error: (01/20/2015 11:53:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 35.0.0.5486, time stamp: 0x54af7153
Faulting module name: mozalloc.dll, version: 35.0.0.5486, time stamp: 0x54af69d4
Exception code: 0x80000003
Fault offset: 0x00001425
Faulting process id: 0x159c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (01/20/2015 11:39:49 PM) (Source: MsiInstaller) (EventID: 11309) (User: mno-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.
Error: (01/20/2015 11:37:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 35.0.0.5486, time stamp: 0x54af7153
Faulting module name: mozalloc.dll, version: 35.0.0.5486, time stamp: 0x54af69d4
Exception code: 0x80000003
Fault offset: 0x00001425
Faulting process id: 0x64c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
System errors:
=============
Error: (01/21/2015 00:38:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (01/21/2015 00:38:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (01/21/2015 00:38:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (01/21/2015 00:38:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).
Error: (01/21/2015 00:38:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (01/21/2015 00:38:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The postgresql-8.4 - PostgreSQL Server 8.4 service terminated unexpectedly. It has done this 1 time(s).
Error: (01/21/2015 00:38:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Streamer Service service terminated unexpectedly. It has done this 1 time(s).
Error: (01/21/2015 00:38:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Network Service service terminated unexpectedly. It has done this 1 time(s).
Error: (01/21/2015 00:38:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The ISCT Always Updated Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
Error: (01/21/2015 00:38:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA GeForce Experience Service service terminated unexpectedly. It has done this 1 time(s).
Microsoft Office Sessions:
=========================
Error: (08/21/2013 03:22:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2294 seconds with 1380 seconds of active time. This session ended with a crash.
Error: (09/16/2012 09:08:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 172 seconds with 120 seconds of active time. This session ended with a crash.
Error: (09/16/2012 09:05:13 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1821 seconds with 1380 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 29%
Total physical RAM: 8086 MB
Available physical RAM: 5739.89 MB
Total Pagefile: 16170.19 MB
Available Pagefile: 13465.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.79 GB) (Free:14.93 GB) NTFS
Drive d: (Disk) (Fixed) (Total:935.18 GB) (Free:386.68 GB) NTFS
Drive f: (Disk) (Fixed) (Total:927.73 GB) (Free:908.49 GB) NTFS
Drive g: () (Fixed) (Total:48.83 GB) (Free:17.69 GB) NTFS
Drive h: () (Fixed) (Total:292.97 GB) (Free:269.67 GB) NTFS
Drive i: () (Fixed) (Total:356.83 GB) (Free:181.03 GB) NTFS
Drive j: ( Borderlands: The Pre-Sequel) (CDROM) (Total:5 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 8EB906B8)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 8EB906C0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=935.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=927.7 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 698.6 GB) (Disk ID: 10BE10BD)
Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=649.8 GB) - (Type=OF Extended)
==================== End Of Log ============================
FRST
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by mno (administrator) on MNO-PC on 21-01-2015 00:47:40
Running from C:\Users\mno\Desktop
Loaded Profiles: mno & postgres (Available profiles: mno & postgres)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
() C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Valve Corporation) I:\steam\Steam.exe
(LG Electronics) C:\Users\mno\Bluebirds\BlueBirds.exe
(Spotify Ltd) C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Spotify Ltd) C:\Users\mno\AppData\Roaming\Spotify\spotify.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Razer\Abyssus\razerhid.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Razer\Abyssus\razertra.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Abyssus\razerofa.exe
() C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Valve Corporation) I:\steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-30] (Intel Corporation)
HKLM-x32\...\Run: [Abyssus] => C:\Program Files (x86)\Razer\Abyssus\razerhid.exe [231936 2011-03-10] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [Google Update] => C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-04] (Google Inc.)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\mno\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [Steam] => I:\steam\steam.exe [1942720 2015-01-19] (Valve Corporation)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [DAEMON Tools Lite] => F:\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [bluebirds] => C:\Users\mno\Bluebirds\BlueBirds.exe [270336 2009-04-29] (LG Electronics)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [Spotify Web Helper] => C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [Spotify] => C:\Users\mno\AppData\Roaming\Spotify\Spotify.exe [6737976 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [zASRockInstantBoot] => [X]
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [Moveslink2] => C:\Users\mno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto\Moveslink2.appref-ms -auto
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: J - J:\setup.exe
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: {58905cc8-c61e-11e1-804d-806e6f6e6963} - E:\BlueBirds.exe
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: {a947fcfe-dfb4-11e1-a026-bc5ff443dede} - J:\setup.exe
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: {ace930c9-ac2d-11e3-a7e5-bc5ff443dede} - L:\iLinker.exe
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: {f64c14f5-c664-11e1-96e9-806e6f6e6963} - E:\ASRSetup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178632 2014-12-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [165760 2014-12-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk
ShortcutTarget: AutoCAD Startup Accelerator.lnk -> C:\Program Files (x86)\Common Files\Autodesk Shared\acstart17.exe (Autodesk, Inc)
ShellIconOverlayIdentifiers-x32: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\SysWOW64\AcSignIcon.dll (Autodesk)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3909662914-1013579025-850310016-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3909662914-1013579025-850310016-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\mno\AppData\Roaming\Mozilla\Firefox\Profiles\vj4dtayr.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin HKU\S-1-5-21-3909662914-1013579025-850310016-1000: @tools.google.com/Google Update;version=3 -> C:\Users\mno\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3909662914-1013579025-850310016-1000: @tools.google.com/Google Update;version=9 -> C:\Users\mno\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Extension: NoScript - C:\Users\mno\AppData\Roaming\Mozilla\Firefox\Profiles\vj4dtayr.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-07-06]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hppp&ts=142 ... 01QC120BGN
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hppp&ts=142 ... 01QC120BGN"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\mno\AppData\Local\Google\Chrome\Application\39.0.2171.99\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\mno\AppData\Local\Google\Chrome\Application\39.0.2171.99\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\mno\AppData\Local\Google\Chrome\Application\39.0.2171.99\gcswf32.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Google Update) - C:\Users\mno\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Profile: C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-04]
CHR Extension: (Hľadať v Google) - C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-04]
CHR Extension: (Peňaženka Google) - C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\mno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-04]
CHR StartMenuInternet: Google Chrome - C:\Users\mno\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [77944 2013-08-26] (Autodesk)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 postgresql-8.4; C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files (x86)/PostgreSQL/8.4/data" -w [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 Abyssus; C:\Windows\System32\drivers\Abyssus.sys [10880 2009-10-30] (Razer (Asia-Pacific) Pte Ltd)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-08-07] (DT Soft Ltd)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\EVGA Precision X\RTCore64.sys [15176 2013-07-18] ()
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-01-21] ()
S3 GPUZ; \??\C:\Users\mno\AppData\Local\Temp\GPUZ.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-21 00:47 - 2015-01-21 00:47 - 00017963 _____ () C:\Users\mno\Desktop\FRST.txt
2015-01-21 00:47 - 2015-01-21 00:47 - 00000000 ____D () C:\FRST
2015-01-21 00:46 - 2015-01-21 00:47 - 00112640 _____ (forum.viry.cz) C:\Users\mno\Desktop\FRSTLauncher.exe
2015-01-21 00:45 - 2015-01-21 00:45 - 02126848 _____ (Farbar) C:\Users\mno\Desktop\FRST64.exe
2015-01-21 00:36 - 2015-01-21 00:38 - 00000000 ____D () C:\AdwCleaner
2015-01-21 00:36 - 2015-01-21 00:36 - 02186752 _____ () C:\Users\mno\Desktop\adwcleaner_4.108.exe
2015-01-21 00:33 - 2015-01-21 00:33 - 00000085 _____ () C:\Windows\wininit.ini
2015-01-21 00:10 - 2015-01-21 00:10 - 00000000 ____D () C:\rsit
2015-01-21 00:10 - 2015-01-21 00:10 - 00000000 ____D () C:\Program Files\trend micro
2015-01-21 00:08 - 2015-01-21 00:08 - 01222144 _____ () C:\Users\mno\Downloads\RSITx64.exe
2015-01-20 23:36 - 2015-01-20 23:36 - 06552544 _____ (Progdigy Software S.A.R.L. ) C:\Users\mno\Downloads\CDisplayExWin32v1.10.29.exe
2015-01-20 16:06 - 2014-12-13 01:47 - 00620176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-01-20 16:05 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 24764232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 17264312 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-01-20 16:05 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434709.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434709.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00994384 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00876976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00399688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00391488 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00346944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-01-20 16:05 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-01-20 16:05 - 2014-10-09 18:02 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-01-20 16:05 - 2014-10-09 18:02 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-01-20 16:05 - 2014-10-09 08:17 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2015-01-20 16:03 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-01-20 16:03 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-01-15 08:39 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-15 08:39 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-15 08:39 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-15 08:39 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-15 08:39 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-15 08:39 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-15 08:39 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-15 03:13 - 2015-01-15 03:14 - 00000000 ____D () C:\Users\mno\Documents\Heroes of the Storm
2015-01-15 03:06 - 2015-01-15 03:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-01-14 22:07 - 2015-01-14 22:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-14 10:55 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 10:55 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 10:55 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 10:55 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 10:55 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 10:55 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-04 14:11 - 2015-01-04 14:11 - 00780432 _____ () C:\Windows\Minidump\010415-16645-01.dmp
2014-12-27 00:35 - 2014-12-30 16:29 - 00001102 _____ () C:\Users\mno\Desktop\nove.txt
2014-12-25 02:42 - 2014-12-25 02:42 - 00000000 __SHD () C:\Users\mno\AppData\Local\EmieBrowserModeList
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-21 00:45 - 2009-07-14 05:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-21 00:45 - 2009-07-14 05:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-21 00:44 - 2012-10-16 16:34 - 00000000 ____D () C:\Users\mno\AppData\Roaming\Spotify
2015-01-21 00:44 - 2009-07-14 06:13 - 00006462 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-21 00:42 - 2012-07-05 06:51 - 01775114 _____ () C:\Windows\WindowsUpdate.log
2015-01-21 00:39 - 2012-07-12 01:00 - 00000000 ____D () C:\Program Files (x86)\EVGA Precision X
2015-01-21 00:39 - 2012-07-05 23:11 - 00000000 ____D () C:\Users\mno\AppData\Roaming\Skype
2015-01-21 00:38 - 2014-07-10 15:44 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-01-21 00:38 - 2013-06-09 00:38 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-01-21 00:38 - 2012-07-31 02:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-21 00:38 - 2012-07-04 22:44 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2015-01-21 00:38 - 2010-11-21 04:47 - 00439858 _____ () C:\Windows\PFRO.log
2015-01-21 00:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-21 00:38 - 2009-07-14 05:51 - 00173244 _____ () C:\Windows\setupact.log
2015-01-21 00:36 - 2014-01-21 03:34 - 00003014 _____ () C:\Windows\System32\Tasks\EVGAPrecision
2015-01-21 00:35 - 2014-09-15 11:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-01-21 00:35 - 2012-10-16 16:36 - 00000000 ____D () C:\Users\mno\AppData\Local\Spotify
2015-01-21 00:35 - 2012-07-10 17:10 - 00000000 ____D () C:\Users\postgres
2015-01-21 00:33 - 2012-08-16 21:09 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-21 00:10 - 2012-07-06 00:14 - 00000000 ____D () C:\Users\mno\AppData\Roaming\uTorrent
2015-01-21 00:10 - 2012-07-04 09:34 - 00000000 ____D () C:\Users\mno\AppData\Roaming\vlc
2015-01-21 00:09 - 2013-02-05 11:52 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-20 23:56 - 2012-07-06 00:38 - 00001142 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-20 23:56 - 2012-07-05 06:52 - 00001413 _____ () C:\Users\mno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-20 23:53 - 2013-07-11 15:37 - 00000000 ____D () C:\Users\mno\AppData\Local\CrashDumps
2015-01-20 23:53 - 2013-01-01 01:00 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-20 23:53 - 2012-07-04 22:27 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000UA.job
2015-01-20 22:53 - 2012-07-04 22:27 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000Core.job
2015-01-20 16:07 - 2012-07-04 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-01-20 16:06 - 2013-10-27 11:12 - 00000000 ____D () C:\Users\mno\AppData\Local\Battle.net
2015-01-20 03:41 - 2012-07-10 17:13 - 16269497 _____ () C:\blitzerr.txt
2015-01-20 03:07 - 2013-03-28 17:29 - 00000000 ____D () C:\Users\mno\AppData\Roaming\HoldemManager
2015-01-20 01:19 - 2013-05-20 13:20 - 00000000 ____D () C:\Users\mno\Documents\888poker
2015-01-18 13:47 - 2012-07-10 14:54 - 00000000 ____D () C:\Users\mno\AppData\Local\PokerStars
2015-01-17 15:12 - 2013-04-03 23:02 - 00000687 _____ () C:\Users\Public\Desktop\HoldemManager2.lnk
2015-01-17 15:12 - 2013-03-28 17:28 - 00000000 ____D () C:\Holdem Manager 2
2015-01-16 01:29 - 2012-10-07 19:05 - 00000000 ____D () C:\Users\mno\AppData\Roaming\TS3Client
2015-01-15 07:08 - 2012-07-06 00:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-15 03:14 - 2012-07-04 09:38 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-01-15 03:03 - 2013-07-13 12:48 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 03:00 - 2012-07-08 17:04 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 08:09 - 2013-02-05 11:52 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-14 08:09 - 2012-07-07 19:59 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-14 08:09 - 2012-07-07 19:59 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-04 14:11 - 2012-07-11 23:08 - 00000000 ____D () C:\Windows\Minidump
2014-12-31 12:14 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Files in the root of some directories =======
2012-07-10 17:11 - 2012-07-10 17:11 - 0068169 _____ () C:\Program Files (x86)\hminstalllog.txt
2013-05-20 13:53 - 2013-05-20 13:53 - 0005120 _____ () C:\Users\mno\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-08 01:32 - 2012-08-08 01:32 - 0003072 _____ () C:\Users\mno\AppData\Local\file__0.localstorage
2012-07-04 19:41 - 2013-03-08 15:17 - 0007605 _____ () C:\Users\mno\AppData\Local\resmon.resmoncfg
2013-06-09 00:40 - 2013-06-09 00:40 - 0000003 _____ () C:\Users\mno\AppData\Local\user_data.ini
2013-05-31 04:46 - 2013-05-31 04:46 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some content of TEMP:
====================
C:\Users\mno\AppData\Local\Temp\appshat_generic.exe
C:\Users\mno\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\mno\AppData\Local\Temp\nvStInst.exe
C:\Users\mno\AppData\Local\Temp\Quarantine.exe
C:\Users\mno\AppData\Local\Temp\setup.exe
C:\Users\mno\AppData\Local\Temp\smt_mystartsearch.exe
C:\Users\mno\AppData\Local\Temp\sqlite3.dll
C:\Users\mno\AppData\Local\Temp\TMCCSetup_3.69.01.14_1.exe
C:\Users\mno\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\mno\AppData\Local\Temp\ytaiesmt_smtyc_setup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-14 09:13
==================== End Of Log ============================
Addition
dditional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by mno at 2015-01-21 00:48:01
Running from C:\Users\mno\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29544 - BitTorrent Inc.)
888poker (HKLM-x32\...\888poker) (Version: - )
ACDSee Photo Manager 2009 (HKLM-x32\...\{300578F9-9EFF-4B93-9AB1-C0E5707EF463}) (Version: 11.0.85 - ACD Systems International)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.1.000 - Asmedia Technology)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.)
ASRock InstantBoot v1.29 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: - )
ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
AutoCAD 2007 - English (HKLM-x32\...\{5783F2D7-5001-0409-0002-0060B0CE6BBA}) (Version: 17.0.54.110 - Autodesk)
Autodesk Content Service (HKLM-x32\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
Autodesk DWF Viewer (HKLM-x32\...\Autodesk DWF Viewer) (Version: 6.5 - Autodesk, Inc.)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Baldur's Gate - Enhanced Edition (HKLM-x32\...\Baldur's Gate - Enhanced Edition_is1) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Borderlands 2 (HKLM-x32\...\Borderlands 2_is1) (Version: - )
Borderlands: The Pre-Sequel (HKLM-x32\...\Qm9yZGVybGFuZHNUaGVQcmVTZXF1ZWw=_is1) (Version: 1 - )
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.5.1 - Broadcom Corporation)
Combined Community Codec Pack 2008-09-21 16:18 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2008.09.21.0 - CCCP Project)
ComicRack v0.9.175 (HKLM\...\ComicRack) (Version: v0.9.175 - cYo Soft)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
Demonbuddy (HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\{45bb2989-e144-465d-9823-220359687d0e}) (Version: 1.0.1445.316 - Bossland GmbH)
Demonbuddy (x32 Version: 1.0.1445.316 - Bossland GmbH) Hidden
Dogecoin (HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Dogecoin) (Version: 1.6.0.0 - Dogecoin) <==== ATTENTION!
EVGA Precision X 4.2.1 (HKLM-x32\...\PrecisionX) (Version: 4.2.1 - EVGA Corporation)
FFsplit version 0.7 (HKLM-x32\...\{82458834-6226-4A34-AE96-6907354F9F36}_is1) (Version: 0.7 - FFsplit Team)
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 5.24.2.WIN.FullTilt.COM - )
Google Chrome (HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Google Chrome) (Version: 39.0.2171.99 - Spoločnosť Google Inc.)
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Holdem Manager (HKLM-x32\...\HoldemManager) (Version: - )
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version: - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{D1B033E8-A077-4B0D-9831-5798E19E861E}) (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
LuckyAcePoker.com (HKLM-x32\...\LuckyAcePoker.com) (Version: - )
Magic The Gathering Online (HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\9f2df17776476c05) (Version: 3.4.80.381 - Wizards of the Coast)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F112F66E-25CA-42DD-983C-6118EB38F606}) (Version: 3.0.89.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Miranda IM 0.10.21 (HKLM-x32\...\Miranda IM) (Version: 0.10.21 - Miranda IM Project)
mIRC (HKLM-x32\...\mIRC) (Version: - )
Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.0.22571 - Grinding Gear Games)
PokerCoach (HKLM-x32\...\PokerCoach_is1) (Version: - Snowie Games Ltd)
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
PokerStrategy.com Equilab (HKLM-x32\...\{86D09F48-CDAB-4B4C-8806-F6C16F17935A}) (Version: 1.2.8.0 - PokerStrategy.com)
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
Quake Live (HKLM-x32\...\Quake Live) (Version: - id Software)
Rayman Origins (HKLM-x32\...\{DE491AB9-1D47-4FED-A8F5-4D4325B2EB4B}) (Version: 1.00 - Ubisoft)
Razer Abyssus (HKLM-x32\...\{CBD6B23A-B54F-476A-9527-C262F469CACF}) (Version: 2.01 - Razer USA Ltd.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6559 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
Spotify (HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.1.1 - Krzysztof Kowalczyk)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.11.1 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.19617 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 - Ghisler Software GmbH)
Tukui Update Utility (HKLM-x32\...\{B5EDE97F-29A3-4A18-B9AE-CBE33DD2ED61}) (Version: 1.0.0 - Tukui)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WildStar (HKLM-x32\...\WildStar) (Version: 0.5.18.6490 - NCSOFT)
William Hill Poker (HKLM-x32\...\William Hill Poker) (Version: - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.56 - Nullsoft, Inc)
Winner Poker (HKLM-x32\...\winnerpoker) (Version: - )
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Ys Origin (HKLM-x32\...\Steam App 207350) (Version: - Falcom)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
15-01-2015 03:00:10 Windows Update
16-01-2015 03:00:11 Windows Update
20-01-2015 07:45:38 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0BCAF8D3-E5DC-4D53-9A81-94DCD4C75A8D} - System32\Tasks\{53F614C1-226C-4A79-94C3-3D231308C95C} => pcalua.exe -a "D:\hry normal\Wildstar\WildStar\Wildstar.exe" -c /uninstall
Task: {296DE5E8-6174-4693-9C1C-F04FC713A772} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000Core => C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-04] (Google Inc.)
Task: {34FEC8EA-4C7F-4EB2-9ED7-9D687C6D5801} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated)
Task: {459A3C42-0621-4A19-8BB5-631A41062C14} - System32\Tasks\{1EBF4631-1D2C-456C-9C70-794762C2BB5D} => pcalua.exe -a D:\PS.com\PokerStarsUninstall.exe -d D:\PS.com
Task: {51902C5D-C353-4CA3-A569-519F2FC9245B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000UA => C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-04] (Google Inc.)
Task: {8D1E0F3A-2484-48A9-9A3C-D913F767374A} - System32\Tasks\{FEF816D3-85F8-4A65-BAF1-93A8C5659181} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -c /M{532F6E8A-AF97-41C3-915F-39F718EC07D1} /l1033
Task: {D7613867-DA00-4A76-98FC-223C1CCC5096} - System32\Tasks\EVGAPrecision => C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2013-07-18] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000Core.job => C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000UA.job => C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-07-31 02:06 - 2014-12-13 09:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-02-02 13:08 - 2011-02-02 13:08 - 00018656 _____ () C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
2012-02-09 15:26 - 2012-02-09 15:26 - 00133632 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 15:26 - 2012-02-09 15:26 - 00048128 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 15:26 - 2012-02-09 15:26 - 00036864 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2013-07-18 01:28 - 2013-07-18 01:28 - 00627016 _____ () C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
2012-07-05 07:18 - 2012-03-19 08:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-04 23:01 - 2011-03-10 21:04 - 00231936 _____ () C:\Program Files (x86)\Razer\Abyssus\razerhid.exe
2012-07-04 23:01 - 2011-03-10 19:24 - 00151552 _____ () C:\Program Files (x86)\Razer\Abyssus\razertra.exe
2013-09-24 20:51 - 2014-12-12 11:13 - 00374840 _____ () C:\Users\mno\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2012-07-10 17:10 - 2011-01-28 06:15 - 00172032 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\LIBPQ.dll
2012-07-10 17:10 - 2009-02-12 20:01 - 00976384 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\libxml2.dll
2012-07-10 17:10 - 2005-07-20 11:48 - 00059904 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\zlib1.dll
2013-05-15 17:49 - 2013-05-15 17:49 - 00071680 _____ () C:\Program Files (x86)\EVGA Precision X\RTMUI.dll
2013-05-15 17:48 - 2013-05-15 17:48 - 00056832 _____ () C:\Program Files (x86)\EVGA Precision X\RTFC.dll
2013-05-15 17:49 - 2013-05-15 17:49 - 00216064 _____ () C:\Program Files (x86)\EVGA Precision X\RTCore.dll
2013-05-15 17:49 - 2013-05-15 17:49 - 00127488 _____ () C:\Program Files (x86)\EVGA Precision X\RTUI.dll
2013-05-15 17:49 - 2013-05-15 17:49 - 00587776 _____ () C:\Program Files (x86)\EVGA Precision X\RTHAL.dll
2014-08-29 11:25 - 2014-12-01 22:31 - 02396672 _____ () I:\steam\libavcodec-56.dll
2014-08-29 11:25 - 2014-12-01 22:31 - 00442880 _____ () I:\steam\libavutil-54.dll
2014-08-29 11:25 - 2014-12-01 22:31 - 00479744 _____ () I:\steam\libavformat-56.dll
2014-08-29 11:25 - 2014-12-01 22:31 - 00332800 _____ () I:\steam\libavresample-2.dll
2013-03-12 17:10 - 2014-11-11 19:47 - 00774656 _____ () I:\steam\SDL2.dll
2015-01-20 07:35 - 2014-12-02 01:29 - 05002752 _____ () I:\steam\v8.dll
2015-01-20 07:35 - 2014-12-02 01:29 - 01612800 _____ () I:\steam\icui18n.dll
2015-01-20 07:35 - 2014-12-02 01:29 - 01210368 _____ () I:\steam\icuuc.dll
2014-05-22 15:58 - 2015-01-19 19:49 - 02227904 _____ () I:\steam\video.dll
2014-08-29 11:25 - 2014-12-01 22:31 - 00485888 _____ () I:\steam\libswscale-3.dll
2011-07-13 19:56 - 2015-01-19 19:49 - 00696000 _____ () I:\steam\bin\chromehtml.DLL
2012-10-16 16:36 - 2014-12-12 11:13 - 36966968 _____ () C:\Users\mno\AppData\Roaming\Spotify\Data\libcef.dll
2014-07-10 16:02 - 2014-12-12 11:13 - 00867896 _____ () C:\Users\mno\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2013-09-24 20:51 - 2014-12-12 11:13 - 00886840 _____ () C:\Users\mno\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-24 20:51 - 2014-12-12 11:13 - 00108600 _____ () C:\Users\mno\AppData\Roaming\Spotify\Data\libegl.dll
2010-05-28 21:29 - 2015-01-16 00:42 - 34641288 _____ () I:\steam\bin\libcef.dll
2015-01-14 22:07 - 2015-01-14 22:07 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-10-17 03:21 - 2014-10-17 03:21 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\92a1650dbe9fad5f46633b835420e1a8\IsdiInterop.ni.dll
2012-07-05 07:20 - 2011-11-30 04:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-3909662914-1013579025-850310016-500 - Administrator - Disabled)
Guest (S-1-5-21-3909662914-1013579025-850310016-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3909662914-1013579025-850310016-1006 - Limited - Enabled)
mno (S-1-5-21-3909662914-1013579025-850310016-1000 - Administrator - Enabled) => C:\Users\mno
postgres (S-1-5-21-3909662914-1013579025-850310016-1003 - Limited - Enabled) => C:\Users\postgres
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/21/2015 00:44:46 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (01/21/2015 00:44:46 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (01/21/2015 00:40:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/21/2015 00:38:51 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2
Error: (01/21/2015 00:38:19 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2
Error: (01/21/2015 00:36:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/21/2015 00:35:13 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2
Error: (01/20/2015 11:53:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 35.0.0.5486, time stamp: 0x54af7153
Faulting module name: mozalloc.dll, version: 35.0.0.5486, time stamp: 0x54af69d4
Exception code: 0x80000003
Fault offset: 0x00001425
Faulting process id: 0x159c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (01/20/2015 11:39:49 PM) (Source: MsiInstaller) (EventID: 11309) (User: mno-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.
Error: (01/20/2015 11:37:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 35.0.0.5486, time stamp: 0x54af7153
Faulting module name: mozalloc.dll, version: 35.0.0.5486, time stamp: 0x54af69d4
Exception code: 0x80000003
Fault offset: 0x00001425
Faulting process id: 0x64c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
System errors:
=============
Error: (01/21/2015 00:38:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (01/21/2015 00:38:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (01/21/2015 00:38:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (01/21/2015 00:38:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).
Error: (01/21/2015 00:38:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (01/21/2015 00:38:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The postgresql-8.4 - PostgreSQL Server 8.4 service terminated unexpectedly. It has done this 1 time(s).
Error: (01/21/2015 00:38:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Streamer Service service terminated unexpectedly. It has done this 1 time(s).
Error: (01/21/2015 00:38:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Network Service service terminated unexpectedly. It has done this 1 time(s).
Error: (01/21/2015 00:38:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The ISCT Always Updated Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
Error: (01/21/2015 00:38:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA GeForce Experience Service service terminated unexpectedly. It has done this 1 time(s).
Microsoft Office Sessions:
=========================
Error: (08/21/2013 03:22:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2294 seconds with 1380 seconds of active time. This session ended with a crash.
Error: (09/16/2012 09:08:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 172 seconds with 120 seconds of active time. This session ended with a crash.
Error: (09/16/2012 09:05:13 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1821 seconds with 1380 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 29%
Total physical RAM: 8086 MB
Available physical RAM: 5739.89 MB
Total Pagefile: 16170.19 MB
Available Pagefile: 13465.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.79 GB) (Free:14.93 GB) NTFS
Drive d: (Disk) (Fixed) (Total:935.18 GB) (Free:386.68 GB) NTFS
Drive f: (Disk) (Fixed) (Total:927.73 GB) (Free:908.49 GB) NTFS
Drive g: () (Fixed) (Total:48.83 GB) (Free:17.69 GB) NTFS
Drive h: () (Fixed) (Total:292.97 GB) (Free:269.67 GB) NTFS
Drive i: () (Fixed) (Total:356.83 GB) (Free:181.03 GB) NTFS
Drive j: ( Borderlands: The Pre-Sequel) (CDROM) (Total:5 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 8EB906B8)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 8EB906C0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=935.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=927.7 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 698.6 GB) (Disk ID: 10BE10BD)
Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=649.8 GB) - (Type=OF Extended)
==================== End Of Log ============================
Re: Start my search v prehliadaci
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [Google Update] => C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-04] (Google Inc.) HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\mno\AppData\Local\Akamai\netsession_win.exe" HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [DAEMON Tools Lite] => F:\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd) HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [zASRockInstantBoot] => [X] HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: J - J:\setup.exe HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: {58905cc8-c61e-11e1-804d-806e6f6e6963} - E:\BlueBirds.exe HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: {a947fcfe-dfb4-11e1-a026-bc5ff443dede} - J:\setup.exe HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: {ace930c9-ac2d-11e3-a7e5-bc5ff443dede} - L:\iLinker.exe HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: {f64c14f5-c664-11e1-96e9-806e6f6e6963} - E:\ASRSetup.exe BootExecute: autocheck autochk * sdnclean64.exe CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CHR HKU\S-1-5-21-3909662914-1013579025-850310016-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION C:\Users\mno\AppData\Local\Akamai SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3909662914-1013579025-850310016-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hppp ... 01QC120BGN CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hppp&ts=1421793507&from=smt&uid=INTELXSSDSC2CT120A3XXXXXXXXXXXXXXXXXXX_CVMP216101QC120BGN" CHR Plugin: (Native Client) - C:\Users\mno\AppData\Local\Google\Chrome\Application\39.0.2171.99\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Shockwave Flash) - C:\Users\mno\AppData\Local\Google\Chrome\Application\39.0.2171.99\gcswf32.dll No File CHR Plugin: (Google Update) - C:\Users\mno\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File S3 GPUZ; \??\C:\Users\mno\AppData\Local\Temp\GPUZ.sys [X] S3 massfilter; system32\drivers\massfilter.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X] S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X] S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X] 2015-01-21 00:47 - 2015-01-21 00:47 - 00017963 _____ () C:\Users\mno\Desktop\FRST.txt 2015-01-21 00:46 - 2015-01-21 00:47 - 00112640 _____ (forum.viry.cz) C:\Users\mno\Desktop\FRSTLauncher.exe 2015-01-21 00:36 - 2015-01-21 00:38 - 00000000 ____D () C:\AdwCleaner 2015-01-21 00:36 - 2015-01-21 00:36 - 02186752 _____ () C:\Users\mno\Desktop\adwcleaner_4.108.exe 2015-01-21 00:10 - 2015-01-21 00:10 - 00000000 ____D () C:\rsit 2015-01-21 00:10 - 2015-01-21 00:10 - 00000000 ____D () C:\Program Files\trend micro 2015-01-21 00:08 - 2015-01-21 00:08 - 01222144 _____ () C:\Users\mno\Downloads\RSITx64.exe 2015-01-21 00:35 - 2014-09-15 11:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2015-01-21 00:33 - 2012-08-16 21:09 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000Core.job => C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000UA.job => C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Start my search v prehliadaci
tu je log
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2015
Ran by mno at 2015-01-21 01:01:49 Run:1
Running from C:\Users\mno\Desktop
Loaded Profiles: mno & postgres (Available profiles: mno & postgres)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [Google Update] => C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-04] (Google Inc.)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\mno\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [DAEMON Tools Lite] => F:\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [zASRockInstantBoot] => [X]
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: J - J:\setup.exe
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: {58905cc8-c61e-11e1-804d-806e6f6e6963} - E:\BlueBirds.exe
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: {a947fcfe-dfb4-11e1-a026-bc5ff443dede} - J:\setup.exe
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: {ace930c9-ac2d-11e3-a7e5-bc5ff443dede} - L:\iLinker.exe
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: {f64c14f5-c664-11e1-96e9-806e6f6e6963} - E:\ASRSetup.exe
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3909662914-1013579025-850310016-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\mno\AppData\Local\Akamai
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3909662914-1013579025-850310016-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hppp ... 01QC120BGN
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hppp&ts=142 ... 01QC120BGN"
CHR Plugin: (Native Client) - C:\Users\mno\AppData\Local\Google\Chrome\Application\39.0.2171.99\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\mno\AppData\Local\Google\Chrome\Application\39.0.2171.99\gcswf32.dll No File
CHR Plugin: (Google Update) - C:\Users\mno\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
S3 GPUZ; \??\C:\Users\mno\AppData\Local\Temp\GPUZ.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
2015-01-21 00:47 - 2015-01-21 00:47 - 00017963 _____ () C:\Users\mno\Desktop\FRST.txt
2015-01-21 00:46 - 2015-01-21 00:47 - 00112640 _____ (forum.viry.cz) C:\Users\mno\Desktop\FRSTLauncher.exe
2015-01-21 00:36 - 2015-01-21 00:38 - 00000000 ____D () C:\AdwCleaner
2015-01-21 00:36 - 2015-01-21 00:36 - 02186752 _____ () C:\Users\mno\Desktop\adwcleaner_4.108.exe
2015-01-21 00:10 - 2015-01-21 00:10 - 00000000 ____D () C:\rsit
2015-01-21 00:10 - 2015-01-21 00:10 - 00000000 ____D () C:\Program Files\trend micro
2015-01-21 00:08 - 2015-01-21 00:08 - 01222144 _____ () C:\Users\mno\Downloads\RSITx64.exe
2015-01-21 00:35 - 2014-09-15 11:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-01-21 00:33 - 2012-08-16 21:09 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000Core.job => C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000UA.job => C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Nvtmru => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value deleted successfully.
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\Software\Microsoft\Windows\CurrentVersion\Run\\zASRockInstantBoot => value deleted successfully.
"HKU\S-1-5-21-3909662914-1013579025-850310016-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J" => Key deleted successfully.
"HKU\S-1-5-21-3909662914-1013579025-850310016-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{58905cc8-c61e-11e1-804d-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{58905cc8-c61e-11e1-804d-806e6f6e6963} => Key not found.
"HKU\S-1-5-21-3909662914-1013579025-850310016-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a947fcfe-dfb4-11e1-a026-bc5ff443dede}" => Key deleted successfully.
HKCR\CLSID\{a947fcfe-dfb4-11e1-a026-bc5ff443dede} => Key not found.
"HKU\S-1-5-21-3909662914-1013579025-850310016-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ace930c9-ac2d-11e3-a7e5-bc5ff443dede}" => Key deleted successfully.
HKCR\CLSID\{ace930c9-ac2d-11e3-a7e5-bc5ff443dede} => Key not found.
"HKU\S-1-5-21-3909662914-1013579025-850310016-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f64c14f5-c664-11e1-96e9-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{f64c14f5-c664-11e1-96e9-806e6f6e6963} => Key not found.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-3909662914-1013579025-850310016-1000\SOFTWARE\Policies\Google" => Key deleted successfully.
"C:\Users\mno\AppData\Local\Akamai" => File/Directory not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-3909662914-1013579025-850310016-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
C:\Users\mno\AppData\Local\Google\Chrome\Application\39.0.2171.99\ppGoogleNaClPluginChrome.dll not found.
C:\Users\mno\AppData\Local\Google\Chrome\Application\39.0.2171.99\gcswf32.dll not found.
C:\Users\mno\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
GPUZ => Service deleted successfully.
massfilter => Service deleted successfully.
VGPU => Service deleted successfully.
ZTEusbmdm6k => Service deleted successfully.
ZTEusbnmea => Service deleted successfully.
ZTEusbser6k => Service deleted successfully.
C:\Users\mno\Desktop\FRST.txt => Moved successfully.
C:\Users\mno\Desktop\FRSTLauncher.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\mno\Desktop\adwcleaner_4.108.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\mno\Downloads\RSITx64.exe => Moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy 2 => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
"HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => Key deleted successfully.
"HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => Key deleted successfully.
"HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => Key deleted successfully.
"HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => Key deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000UA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.4 GB temporary data.
The system needed a reboot.
==== End of Fixlog 01:02:11 ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2015
Ran by mno at 2015-01-21 01:01:49 Run:1
Running from C:\Users\mno\Desktop
Loaded Profiles: mno & postgres (Available profiles: mno & postgres)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [Google Update] => C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-04] (Google Inc.)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\mno\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [DAEMON Tools Lite] => F:\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\Run: [zASRockInstantBoot] => [X]
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: J - J:\setup.exe
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: {58905cc8-c61e-11e1-804d-806e6f6e6963} - E:\BlueBirds.exe
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: {a947fcfe-dfb4-11e1-a026-bc5ff443dede} - J:\setup.exe
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: {ace930c9-ac2d-11e3-a7e5-bc5ff443dede} - L:\iLinker.exe
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\...\MountPoints2: {f64c14f5-c664-11e1-96e9-806e6f6e6963} - E:\ASRSetup.exe
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3909662914-1013579025-850310016-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\mno\AppData\Local\Akamai
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3909662914-1013579025-850310016-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hppp ... 01QC120BGN
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hppp&ts=142 ... 01QC120BGN"
CHR Plugin: (Native Client) - C:\Users\mno\AppData\Local\Google\Chrome\Application\39.0.2171.99\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\mno\AppData\Local\Google\Chrome\Application\39.0.2171.99\gcswf32.dll No File
CHR Plugin: (Google Update) - C:\Users\mno\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
S3 GPUZ; \??\C:\Users\mno\AppData\Local\Temp\GPUZ.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
2015-01-21 00:47 - 2015-01-21 00:47 - 00017963 _____ () C:\Users\mno\Desktop\FRST.txt
2015-01-21 00:46 - 2015-01-21 00:47 - 00112640 _____ (forum.viry.cz) C:\Users\mno\Desktop\FRSTLauncher.exe
2015-01-21 00:36 - 2015-01-21 00:38 - 00000000 ____D () C:\AdwCleaner
2015-01-21 00:36 - 2015-01-21 00:36 - 02186752 _____ () C:\Users\mno\Desktop\adwcleaner_4.108.exe
2015-01-21 00:10 - 2015-01-21 00:10 - 00000000 ____D () C:\rsit
2015-01-21 00:10 - 2015-01-21 00:10 - 00000000 ____D () C:\Program Files\trend micro
2015-01-21 00:08 - 2015-01-21 00:08 - 01222144 _____ () C:\Users\mno\Downloads\RSITx64.exe
2015-01-21 00:35 - 2014-09-15 11:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-01-21 00:33 - 2012-08-16 21:09 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\mno\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000Core.job => C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000UA.job => C:\Users\mno\AppData\Local\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Nvtmru => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value deleted successfully.
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-3909662914-1013579025-850310016-1000\Software\Microsoft\Windows\CurrentVersion\Run\\zASRockInstantBoot => value deleted successfully.
"HKU\S-1-5-21-3909662914-1013579025-850310016-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J" => Key deleted successfully.
"HKU\S-1-5-21-3909662914-1013579025-850310016-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{58905cc8-c61e-11e1-804d-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{58905cc8-c61e-11e1-804d-806e6f6e6963} => Key not found.
"HKU\S-1-5-21-3909662914-1013579025-850310016-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a947fcfe-dfb4-11e1-a026-bc5ff443dede}" => Key deleted successfully.
HKCR\CLSID\{a947fcfe-dfb4-11e1-a026-bc5ff443dede} => Key not found.
"HKU\S-1-5-21-3909662914-1013579025-850310016-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ace930c9-ac2d-11e3-a7e5-bc5ff443dede}" => Key deleted successfully.
HKCR\CLSID\{ace930c9-ac2d-11e3-a7e5-bc5ff443dede} => Key not found.
"HKU\S-1-5-21-3909662914-1013579025-850310016-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f64c14f5-c664-11e1-96e9-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{f64c14f5-c664-11e1-96e9-806e6f6e6963} => Key not found.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-3909662914-1013579025-850310016-1000\SOFTWARE\Policies\Google" => Key deleted successfully.
"C:\Users\mno\AppData\Local\Akamai" => File/Directory not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-3909662914-1013579025-850310016-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
C:\Users\mno\AppData\Local\Google\Chrome\Application\39.0.2171.99\ppGoogleNaClPluginChrome.dll not found.
C:\Users\mno\AppData\Local\Google\Chrome\Application\39.0.2171.99\gcswf32.dll not found.
C:\Users\mno\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
GPUZ => Service deleted successfully.
massfilter => Service deleted successfully.
VGPU => Service deleted successfully.
ZTEusbmdm6k => Service deleted successfully.
ZTEusbnmea => Service deleted successfully.
ZTEusbser6k => Service deleted successfully.
C:\Users\mno\Desktop\FRST.txt => Moved successfully.
C:\Users\mno\Desktop\FRSTLauncher.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\mno\Desktop\adwcleaner_4.108.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\mno\Downloads\RSITx64.exe => Moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy 2 => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
"HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => Key deleted successfully.
"HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => Key deleted successfully.
"HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => Key deleted successfully.
"HKU\S-1-5-21-3909662914-1013579025-850310016-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => Key deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3909662914-1013579025-850310016-1000UA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.4 GB temporary data.
The system needed a reboot.
==== End of Fixlog 01:02:11 ====
Re: Start my search v prehliadaci
Takze jeste uklidime.
- Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
- Oznacte jen moznost "Remove disinfection tools"
- kliknete na Run
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Start my search v prehliadaci
Dakujem, velmi pekne za pomoc s problemom.
Re: Start my search v prehliadaci
Nemate zac, rad jsem pomohl 
Mejte se krasne a treba zase nekdy
Mejte se krasne a treba zase nekdy
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?