offline
- Student by day. Hacker by night
- Pridružio: 11 Maj 2014
- Poruke: 189
- Gde živiš: 192.168.0.1
|
Ok, reci mi za YT.
A evo ti i logo taj sto si rekao
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Aca on Sat 05/23/2015 at 8:57:19.81.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Aca\Downloads\zoek.exe [Scan all users] [Quick Scan] [Auto Clean]
==== System Restore Info ======================
5/23/2015 8:58:20 AM Zoek.exe System Restore Point Created Successfully.
==== Empty Folders Check ======================
C:\PROGRA~2\LinkProc deleted successfully
C:\Users\Aca\AppData\Local\Adobe deleted successfully
C:\Users\Aca\AppData\Local\Unity deleted successfully
C:\Users\Aca\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-776529118-1432443362-4020625924-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdate deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdate deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdatem deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdatem deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPDRIVER_1.42.1.1870 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SPDRIVER_1.42.1.1870 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util Air Globe deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util Air Globe deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util Air Globe deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util Air Globe deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Air Globe deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update Air Globe deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update Air Globe deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update Air Globe deleted successfully
==== FireFox Fix ======================
ProfilePath: C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default
user.js not found
---- Lines aTTSD90021300PYDKGV101145942com70881 removed from prefs.js ----
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.InstallationThankYouPage", true);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.InstallationTime", 1432222581);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.TTSD90021300@PYDKGV101145942.comaTTSD90021300PYDKGV101145942com70881_dbWasSet", true)
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.TTSD90021300@PYDKGV101145942.comaTTSD90021300PYDKGV101145942com70881_dbWasSet_FF25_FI
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.TTSD90021300@PYDKGV101145942.comasyncdb_dbWasSet", true);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.TTSD90021300@PYDKGV101145942.comasyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.TTSD90021300@PYDKGV101145942.comasyncinternaldb_dbWasSet", true);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.TTSD90021300@PYDKGV101145942.comasyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.active", true);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.addressbar", "NA");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.addressbarenhanced", "");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.asyncdb.was_copied", "true");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.asyncinternaldb.was_copied", "true");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.backgroundver", 4);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.certdomaininstaller", "");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.changeprevious", false);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Central Euro
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.cookie.InstallationTime.value", "%221432222581%22");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Central Europ
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22001729%22%2C%22sub_id%22%3A%2
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.description", "Ge-Force");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.domain", "");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.enablesearch", false);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.homepage", "");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.iframe", false);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Cent
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%2267dd118c8d270690
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Central E
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22001729%22%2C%22sub_id%22%
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Cent
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22001729%22%2C%22sub_i
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%2267dd118
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Central
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_appVer.value", "50");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Cen
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Central Eu
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_meta.value", "%7B%22handlebars.js%22%3A%7B%22id%22%3A1002241%2C%
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_nextCheck.expiration", "Fri May 22 2015 21:49:03 GMT+0200 (Centr
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Central E
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002241.expiration", "Thu Aug 20 2015 15:49:02 GMT+0200
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002242.expiration", "Thu Aug 20 2015 15:49:02 GMT+0200
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002243.expiration", "Thu Aug 20 2015 15:49:02 GMT+0200
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002244.expiration", "Thu Aug 20 2015 15:49:02 GMT+0200
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002245.expiration", "Thu Aug 20 2015 15:49:02 GMT+0200
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002246.expiration", "Thu Aug 20 2015 15:49:02 GMT+0200
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002246.value", "%22//Javascript%20Helper%20Functions%5
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002247.expiration", "Thu Aug 20 2015 15:49:02 GMT+0200
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002248.expiration", "Thu Aug 20 2015 15:49:02 GMT+0200
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002249.expiration", "Thu Aug 20 2015 15:49:02 GMT+0200
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002250.expiration", "Thu Aug 20 2015 15:49:02 GMT+0200
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002250.value", "%22function%20startAskCom%28e%2Ct%2Cr%
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Centr
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.__defualt_browser__.value", "%22ie%22");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb._installer_additional_info.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb._installer_additional_info.value", "%7B%22asw%22%3A%5B2%2C-2134900731%2C53
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Central Europe
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb 01 2030 00:00:00 GMT
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%2
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri Feb 01 2030 00:00:00
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.monetization_plugin_bundledWithHash.value", "null");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri Feb 01 2030 00:00:00
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.monetization_plugin_regBundledWithSoftware.expiration", "Fri Feb 01 2030 0
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.monetization_plugin_regBundledWithSoftware.value", "%7B%7D");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.reporting_user_key_index.expiration", "Mon May 19 2025 15:49:02 GMT+0200 (
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.reporting_user_key_index.value", "867");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.lastDailyReport", "1432302542510");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.lastUpdate", "1432302542399");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.manifesturl", "");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.name", "Ge-Force");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.newtab", "");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.opensearch", "");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.pluginsurl", "http://js.devopenrack.com/plugin/apps/70881/plugins/na/ff/plugins.json"
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.pluginsversion", 43);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.publisher", "Webar");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.searchstatus", 0);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.setnewtab", false);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.thankyou", "");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.updateinterval", 360);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.ver", 50);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.apps", "70881");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.bic", "14d7be25071a48a081a053cafc364cb4");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.cid", 70881);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.firstrun", false);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.hadappinstalled", true);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.installationdate", 1432302539);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.installerAdditionalInfo", "{\"asw\":[2, -2134900731, 536870912, 2304],\"browser_name\":\"ff
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.modetype", "production");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.reportInstall", true);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.statsDailyCounter", 1);
---- FireFox user.js and prefs.js backups ----
prefs_20150523_0917_.backup
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe"
==== Deleting Files \ Folders ======================
C:\PROGRA~2\LinkProc not found
C:\PROGRA~2\bestadblocker deleted
C:\PROGRA~2\Page Refresh deleted
C:\PROGRA~2\PriceMinus deleted
C:\PROGRA~3\lmnlmbmkifpfcegplkadooegcncppadp deleted
C:\windows\SysNative\Tasks\Bidaily Synchronize Task[pr] deleted
C:\Program Files (x86)\AMD AVT\21abca2e-f826-4db3-8ea7-bc5b1e37f464.dll deleted
C:\Program Files (x86)\AMD AVT\a611c9d9-fd97-45be-82c1-d0c0d606dee6.dll deleted
C:\Program Files (x86)\a93cb3dd-86d0-4f0d-a8fa-49e8212a3801\cc060bb3-e78a-4665-94d4-c8dfd773de0d.dll deleted
C:\Program Files (x86)\a93cb3dd-86d0-4f0d-a8fa-49e8212a3801\0944b1df-4a54-4148-adbb-84a600a379c5.dll deleted
C:\Program Files (x86)\a93cb3dd-86d0-4f0d-a8fa-49e8212a3801\6e68336c-984d-43c9-b486-626c9a8637ee.dll deleted
C:\Program Files (x86)\a93cb3dd-86d0-4f0d-a8fa-49e8212a3801\a93cb3dd-86d0-4f0d-a8fa-49e8212a3801.dll deleted
C:\PROGRA~3\{ed5d3532-d489-c11d-ed5d-d3532d48d4cb} deleted
C:\PROGRA~3\2016993445233601173 deleted
C:\PROGRA~2\Pro Evolution Soccer 2015 deleted
C:\PROGRA~2\ShopperPro deleted
C:\PROGRA~2\0944b1df-4a54-4148-adbb-84a600a379c5 deleted
C:\PROGRA~2\a611c9d9-fd97-45be-82c1-d0c0d606dee6 deleted
C:\PROGRA~2\a93cb3dd-86d0-4f0d-a8fa-49e8212a3801 deleted
C:\Program Files\Reimage deleted
C:\Program Files\Common Files\System\SysMenu.dll deleted
C:\Program Files\Common Files\System\SysMenu64.dll deleted
C:\Users\Aca\AppData\Roaming\istartsurf deleted
C:\PROGRA~3\ShopperPro deleted
C:\PROGRA~3\WindowsMangerProtect deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Aca\AppData\Local\globalUpdate deleted
C:\Users\Aca\AppData\Local\CrashRpt deleted
C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-1-6.job deleted
C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-1-7.job deleted
C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-10_user.job deleted
C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-3.job deleted
C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-4.job deleted
C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-5.job deleted
C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-5_user.job deleted
C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-6.job deleted
C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-7.job deleted
C:\Windows\Tasks\aaf348f2-aa07-44df-9237-4f2010637ed5-1-6.job deleted
C:\Windows\Tasks\aaf348f2-aa07-44df-9237-4f2010637ed5-10_user.job deleted
C:\Windows\Tasks\ee0c153f-4ef0-4da5-8166-0eca361bad35-1-6.job deleted
C:\Windows\Tasks\ee0c153f-4ef0-4da5-8166-0eca361bad35-6.job deleted
C:\windows\SysNative\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-1-6 deleted
C:\windows\SysNative\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-1-7 deleted
C:\windows\SysNative\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-10_user deleted
C:\windows\SysNative\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-3 deleted
C:\windows\SysNative\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-4 deleted
C:\windows\SysNative\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-5 deleted
C:\windows\SysNative\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-5_user deleted
C:\windows\SysNative\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-6 deleted
C:\windows\SysNative\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-7 deleted
C:\windows\SysNative\Tasks\aaf348f2-aa07-44df-9237-4f2010637ed5-1-6 deleted
C:\windows\SysNative\Tasks\aaf348f2-aa07-44df-9237-4f2010637ed5-10_user deleted
C:\windows\SysNative\Tasks\ee0c153f-4ef0-4da5-8166-0eca361bad35-1-6 deleted
C:\windows\SysNative\Tasks\ee0c153f-4ef0-4da5-8166-0eca361bad35-6 deleted
C:\Users\Public\Documents\ShopperPro deleted
C:\Windows\Reimage.ini deleted
C:\windows\SysNative\tasks\ShopperPro deleted
C:\windows\SysNative\tasks\ShopperProJSUpd deleted
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job deleted
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job deleted
C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineCore deleted
C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineUA deleted
C:\windows\SysNative\drivers\{2eb930fb-5d92-450f-a5ff-14c391caa31b}Gw64.sys deleted
C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\searchplugins\WebSearch.xml deleted
C:\Users\Aca\AppData\Roaming\JywkMSnAYx.exe deleted
C:\Users\Aca\AppData\Roaming\NKYMjm0xLnQ.exe deleted
C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com deleted
C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\e9d197d59f2f45f382b1aa5c14d82@8706aaed9b904554b5cb7984e9.com deleted
C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\gz@FZ9g6sDG.net deleted
C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\tksMNLe@Tkh.net deleted
C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\TTSD90021300@PYDKGV101145942.com deleted
"C:\Users\Aca\AppData\Roaming\JywkMSnAYx" deleted
"C:\Windows\tasks\JywkMSnAYx.job" deleted
"C:\Windows\SysNative\tasks\JywkMSnAYx" deleted
"C:\Users\Aca\AppData\Roaming\NKYMjm0xLnQ" deleted
"C:\Windows\tasks\NKYMjm0xLnQ.job" deleted
"C:\Windows\SysNative\tasks\NKYMjm0xLnQ" deleted
"C:\ProgramData\mntemp" deleted
"C:\PROGRA~2\Air Globe\updateAirGlobe.exe" deleted
"C:\PROGRA~2\Air Globe\bin\2eb930fb5d92450fa5ff14c391caa31b64.dll" deleted
"C:\PROGRA~2\Air Globe\bin\AirGlobe.BrowserAdapter64.exe" deleted
"C:\PROGRA~2\Air Globe\bin\AirGlobe.expext.exe" deleted
"C:\PROGRA~2\Air Globe\bin\AirGlobe.expextdll.dll" deleted
"C:\PROGRA~2\Air Globe\bin\AirGlobe.PurBrowse64.exe" deleted
"C:\PROGRA~2\Air Globe\bin\utilAirGlobe.exe" deleted
"C:\PROGRA~2\globalUpdate" deleted
"C:\PROGRA~2\Air Globe" not deleted
"C:\PROGRA~2\Air Globe\bin" not deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
2015-05-02 10:26:54 2169B4B1EFAA3453A4DA732F1F94C1E1 43112 ----a-w- C:\Windows\avastSS.scr
====== C:\Users\Aca\AppData\Local\Temp ====
2015-05-23 06:50:21 26219D66A93764A3E3E972CCF717FD55 1480784 ----a-w- C:\Users\Aca\AppData\Local\Temp\9413.exe
2015-05-23 06:43:30 8AE1D9232F12B20487A498586A170ADE 295912 ----a-w- C:\Users\Aca\AppData\Local\Temp\ReiSysUpdate.exe
2015-05-23 06:43:08 1CBA0074E31C591E9079C9827400B0C3 13370912 ----a-w- C:\Users\Aca\AppData\Local\Temp\ReimagePackage.exe
2015-05-23 06:42:56 D729E0726F77304B299085AFBA059B5F 768512 ----a-w- C:\Users\Aca\AppData\Local\Temp\814323631730\Setup_product_26943.exe
2015-05-23 06:38:48 26219D66A93764A3E3E972CCF717FD55 1480784 ----a-w- C:\Users\Aca\AppData\Local\Temp\7150.exe
2015-05-21 15:39:30 C51781996821EEA076B66BB2D6381AEF 2767872 ----a-w- C:\Users\Aca\AppData\Local\Temp\8080\temp\MagnumStable.xyz.exe
2015-05-21 15:36:35 B38B1A334F5D0C18F9788450D1AFC9A3 220672 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\npglobalupdateUpdate4.dll
2015-05-21 15:36:35 A9ECA902185F41CF0FDEF207705B8C8C 155648 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\psuser.dll
2015-05-21 15:36:35 8DF6560ADF608ECDCE5CAF299062A135 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\globalupdateOnDemand.exe
2015-05-21 15:36:35 613B73392333921CB5D6455F28BBB77C 155648 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\psmachine.dll
2015-05-21 15:36:35 2419F5578D48A86B42FA40031C6387FB 761856 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\goopdate.dll
2015-05-21 15:36:34 F3E0BCAC0A50EA3B7571407A7DA325C7 32768 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\globalupdateHelper.msi
2015-05-21 15:36:34 6419BCBF0B2569AACF4023942EADFCB8 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\globalupdateBroker.exe
2015-05-21 15:36:34 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\globalupdateCrashHandler.exe
2015-05-21 15:36:34 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\globalupdate.exe
2015-05-21 15:36:28 F3E0BCAC0A50EA3B7571407A7DA325C7 32768 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\globalupdateHelper.msi
2015-05-21 15:36:28 B38B1A334F5D0C18F9788450D1AFC9A3 220672 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\npglobalupdateUpdate4.dll
2015-05-21 15:36:28 A9ECA902185F41CF0FDEF207705B8C8C 155648 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\psuser.dll
2015-05-21 15:36:28 8DF6560ADF608ECDCE5CAF299062A135 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\globalupdateOnDemand.exe
2015-05-21 15:36:28 6419BCBF0B2569AACF4023942EADFCB8 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\globalupdateBroker.exe
2015-05-21 15:36:28 613B73392333921CB5D6455F28BBB77C 155648 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\psmachine.dll
2015-05-21 15:36:28 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\globalupdateCrashHandler.exe
2015-05-21 15:36:28 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\globalupdate.exe
2015-05-21 15:36:28 2419F5578D48A86B42FA40031C6387FB 761856 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\goopdate.dll
2015-05-21 15:36:08 A3D710BE299503835B0631FA8AD355C0 222392 ----a-w- C:\Users\Aca\AppData\Local\Temp\tu17p84.exe
2015-05-21 15:34:32 F0C6EDC8CE0F4AA8EB37B1A5A824E82A 10413819 ----a-w- C:\Users\Aca\AppData\Local\Temp\Install_20553\ins_geforce.exe
2015-05-21 15:34:32 E9E472DFE0C45BAAC1E6AA681B847859 10145901 ----a-w- C:\Users\Aca\AppData\Local\Temp\Install_20553\ins_sense.exe
2015-05-21 15:34:32 B139051E9E25487A0C2F79C721B8C7AE 2728496 ----a-w- C:\Users\Aca\AppData\Local\Temp\Install_20553\ins_shopperpro.exe
2015-05-21 15:34:32 05C47DA12B0009BD98653F51287F7768 942080 ----a-w- C:\Users\Aca\AppData\Local\Temp\Install_20553\bxsdk32.dll
2015-05-21 15:32:57 F4474EE9CF0F246F068A720A3A9807F3 220672 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\npglobalupdateUpdate4.dll
2015-05-21 15:32:57 F3E0BCAC0A50EA3B7571407A7DA325C7 32768 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\globalupdateHelper.msi
2015-05-21 15:32:57 E4D152690272A4D782B66024DBE95111 761856 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\goopdate.dll
2015-05-21 15:32:57 A9ECA902185F41CF0FDEF207705B8C8C 155648 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\psuser.dll
2015-05-21 15:32:57 8DF6560ADF608ECDCE5CAF299062A135 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\globalupdateOnDemand.exe
2015-05-21 15:32:57 6419BCBF0B2569AACF4023942EADFCB8 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\globalupdateBroker.exe
2015-05-21 15:32:57 613B73392333921CB5D6455F28BBB77C 155648 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\psmachine.dll
2015-05-21 15:32:57 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\globalupdateCrashHandler.exe
2015-05-21 15:32:57 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\globalupdate.exe
2015-05-21 15:30:16 527166843EC470B76BCD3295CCF0DCDD 671328 ----a-w- C:\Users\Aca\AppData\Local\Temp\81432222187\0PlJATVNQ1.exe
2015-05-21 15:30:16 3AD28E4FFB2028E1A22A5CAD10450559 1498477 ----a-w- C:\Users\Aca\AppData\Local\Temp\81432222187\1PlJATVNQ2.exe
2015-05-21 15:30:14 0ED54ED82C590CD4B04896FDAE84FCA8 465160 ----a-w- C:\Users\Aca\AppData\Local\Temp\81432222187\1PlJATVNQ3.exe
2015-05-21 15:29:50 10FFABC748D68C40B68F883058C9B932 50225 ----a-w- C:\Users\Aca\AppData\Local\Temp\81432222187\SUxATVNQ10700.exe
2015-05-21 15:29:46 8F629260F997770F000BCF2B486B2529 779776 ----a-w- C:\Users\Aca\AppData\Local\Temp\oo2.exe
2015-05-13 16:19:44 6899AEFC5E2B0EF5F91E6C035D8CD67F 7853600 ----a-w- C:\Users\Aca\AppData\Local\Temp\TeamViewer\TeamViewer_.exe
====== Java Cache =====
2015-05-19 15:50:11 796C89691FB6514E81150A70952A4FBC 96 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\444c6d80-98b059c3a138ca1f7f5b8f775c492e65418907c67e1b18495e2d34b6e2c7069c-6.0.lap
2015-04-29 19:54:19 5F30A3D059CC5FB54F8CDF1CD75ADBC5 19380 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\3992a34d-4e309a8e
2015-04-29 19:55:20 29FB357A1BA7C14D51CFD75C47C886C0 96 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\4efa752-d993c3c34f18aad88c4ca711686ec1c07412528798273d70aa456eeddf9fd6ce-6.0.lap
2015-04-29 19:54:48 B655967AB8192B49DB5A45CE26E99C7C 19601 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\62035692-766bce34
2015-04-29 19:55:55 8487CFFBE12DE0D4EB8CE5DE8B028E54 96 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\5be93d95-fc8450d81039c7db0bd7884f64b32daf7b3750ac9d0db87ca020e9797f87486c-6.0.lap
2015-04-29 19:56:04 B655967AB8192B49DB5A45CE26E99C7C 19601 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\1ff8c757-2194a85b
2015-05-17 18:17:27 ACE3F568D3BA51DF2906CB1A6B41408B 96 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\6f979019-b86206314f6c9379e8fee7d63614e90b84b46fd79913cdc372aa4ec9eb8a4879-6.0.lap
2015-04-29 19:54:18 E45583950C5C8B0800FCBF93BFBB95D7 96 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\7da87e59-aaa97f849247b14f3423845966abecb5e55c215dfbd41d8218f9cccd69e15b6b-6.0.lap
2015-04-29 19:55:12 550D98C3FED4E15451FD8D5C43E0FD65 17193 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\11334e1b-434d5276
2015-05-09 06:16:09 495A57D7DF5F3C783BB541B71A78AEBC 38 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\2730649c-7ffd7c960c7188b002a808fba2293bf6397b42e216006e3aac4ded434e745b7f-6.0.lap
2015-05-11 10:23:57 65EE81464A674638B01DE797F5ACE024 38 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\447bc543-921736f1357df8abe878d733ee64bb7cb1f7c54be2c41aaf496e99b480aa0075-6.0.lap
2015-05-12 19:24:06 023B0595CFD02BF965F4FDC82AF9DE68 38 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\66ff3c9e-ed31fe3a7a1ddc54896330bc16eb76d5358edfdced8f3b479a76a3eb438fe9d3-6.0.lap
2015-04-29 19:55:55 5F30A3D059CC5FB54F8CDF1CD75ADBC5 19380 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\967ae0-27c12e2c
2015-04-29 19:55:20 C3802409E4D9DBEC82330569A7BA6F2F 19616 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\4f2339a6-682d1379
2015-05-11 10:23:57 65EE81464A674638B01DE797F5ACE024 38 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\28e5382a-c1729b09133d440f2712863944e81b302239b6752746b2ae134b1c64d760838c-6.0.lap
2015-04-29 19:54:22 8CFB9078197A299A5B56A9D16A2AA88D 96 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\570ecd2d-afe1c441b6298ab13afceb3feed86524fba1393fc338c71e7195f5ad892f35d0-6.0.lap
2015-05-21 10:42:11 2AF53B036287965B76C3E45929E9E2D9 96 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\7838106f-4418c739ba3a0c6f5e8cea289d479941b0119b52b2bdb78a759698511d15a903-6.0.lap
2015-05-13 10:50:13 D7F889AD6ED9575E398BC0AC609E55CC 38 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\3948d6f2-67d70851110a825e9f1a923f3a3364656ec800739a13159f234c613b393839b6-6.0.lap
2015-04-29 19:53:38 6329B1025A0040EB3B27A702F641B9F5 38 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\5a52e135-825960373fcaf6194bc1d8d7899b216baf05e2c3f9e9cfd5259f47f2e67f5e43-6.0.lap
2015-05-21 10:42:11 2AF53B036287965B76C3E45929E9E2D9 96 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\4fd40ef6-3e2310308bc654f7ca9df167d54d0e45c0569b492f079fd5fd4f1322e59f8942-6.0.lap
2015-05-16 18:19:37 9BB2DA866E87BDE07F3C4CA077580D58 96 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\4a5ec27d-7900e453d980f9a2d4ea15f24119abd18df031d1ec76836fae55faa8ba96d133-6.0.lap
2015-05-12 19:48:42 B655967AB8192B49DB5A45CE26E99C7C 19601 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\60c66548-7e4edb3c
====== C:\Windows\SysWOW64 =====
2015-05-21 15:32:57 26408BA8E6A688D45A0F5978462B8441 4 ----a-w- C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2015-05-02 10:26:58 B5B4C90E9F52DA8586F1E5461AD90A5D 29168 ----a-w- C:\Windows\Sysnative\drivers\aswHwid.sys
2015-05-02 10:26:58 B1368BE5F6BA529E0886F4DA2361BD2D 442264 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys
2015-05-02 10:26:58 91782404718C6352C26B3242BAC3F0F1 272248 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys
2015-05-02 10:26:58 6E53278ECCFFBC2ACC2A5006745ED4BB 137288 ----a-w- C:\Windows\Sysnative\drivers\aswStm.sys
2015-05-02 10:26:58 6D37D8DB30D086739507C5F6E542656A 93528 ----a-w- C:\Windows\Sysnative\drivers\aswRdr2.sys
2015-05-02 10:26:58 3B4AC2DBFC86F7247C1FF1FAF2860530 1047320 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys
2015-05-02 10:26:58 300CB8E510855189CAD0B72FFB5590CB 89944 ----a-w- C:\Windows\Sysnative\drivers\aswMonFlt.sys
2015-05-02 10:26:58 07E32DFCA422A2920482D762D01957EC 65736 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys
2015-05-02 10:24:35 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
2015-05-02 10:24:27 0E9AD2D3784A0996A5131512939C09C0 1490656 ----a-w- C:\Windows\Sysnative\drivers\WdfCoInstaller01007.dll
2015-04-27 19:01:21 A2844D704DB69FC92F5FA8AE9E3316A4 43720 ----a-w- C:\Windows\Sysnative\drivers\amd_xata.sys
2015-04-27 19:01:21 2834CC82613CEA492261885D1CAA25A0 83656 ----a-w- C:\Windows\Sysnative\drivers\amd_sata.sys
====== C:\Windows\Tasks ======
2015-05-21 15:38:16 AA42C8D3BCB8C012E20E78BFB7BE9D89 414 ----a-w- C:\Windows\Tasks\Bidaily Synchronize Task[pr].job
2015-05-02 10:27:15 D97CB9E920C127A2CEA7B1238F28AB42 4182 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update
2015-04-27 19:00:06 1F00D0F78E8A0FA9115DDEE33467512E 2772 ----a-w- C:\Windows\Sysnative\Tasks\CarambisDriverUpdaterUACDisablingTask
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-05-05 12:58:01 -------- d-----w- C:\Program Files\HP
2015-05-05 12:55:22 -------- d-----w- C:\Program Files\Nitro
2015-05-05 12:55:22 -------- d-----w- C:\Program Files\Common Files\Nitro
2015-04-29 10:28:16 -------- d-----w- C:\Program Files\Microsoft Dynamics NAV
2015-04-29 10:20:36 -------- d-----w- C:\Program Files\Microsoft
2015-04-29 10:20:27 -------- d-----w- C:\Program Files\Microsoft SQL Server
======= C:\PROGRA~2 =====
2015-05-23 06:40:21 -------- d-----w- C:\PROGRA~2\Air Globe
2015-05-21 15:36:27 -------- d-----w- C:\PROGRA~2\Sense
2015-05-21 15:36:27 -------- d-----w- C:\PROGRA~2\Ge-Force
2015-05-21 15:33:42 -------- d-----w- C:\PROGRA~2\Opera
2015-05-21 15:32:54 -------- d-----w- C:\PROGRA~2\CinemaPlus-3.2cV17.05
2015-05-21 15:29:41 -------- d-----w- C:\PROGRA~2\RemoveWAT
2015-05-20 18:42:14 -------- d-----w- C:\PROGRA~2\TeamViewer
2015-05-16 12:55:18 -------- d-----w- C:\PROGRA~2\SystemRequirementsLab
2015-05-09 20:28:05 -------- d-----w- C:\PROGRA~2\Notepad++
2015-05-05 12:55:23 -------- d-----w- C:\PROGRA~2\Nitro
2015-05-05 12:55:23 -------- d-----w- C:\PROGRA~2\COMMON~1\Nitro
2015-05-05 12:52:23 -------- d-----w- C:\PROGRA~2\Hp
2015-05-05 12:52:23 -------- d-----w- C:\PROGRA~2\Hewlett-Packard
2015-05-04 20:10:07 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER
2015-05-02 10:39:23 -------- d-----w- C:\PROGRA~2\Mobile Partner
2015-04-29 19:51:48 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
2015-04-29 18:09:40 -------- d-----w- C:\PROGRA~2\Ashampoo
2015-04-29 10:24:53 -------- d-----w- C:\PROGRA~2\Microsoft Dynamics NAV
2015-04-29 10:20:35 -------- d-----w- C:\PROGRA~2\Open XML SDK
2015-04-29 10:20:27 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server
2015-04-29 10:20:08 -------- d-----w- C:\PROGRA~2\Microsoft Chart Controls
2015-04-29 10:16:21 -------- d-----w- C:\PROGRA~2\COMMON~1\Microsoft Dynamics NAV
2015-04-27 19:00:07 -------- d-----w- C:\PROGRA~2\Carambis
======= C: =====
====== C:\Users\Aca\AppData\Roaming ======
2015-05-22 14:41:51 -------- d-----w- C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2015-05-21 15:35:13 -------- d-----w- C:\Users\Aca\AppData\Local\BrowserHelper
2015-05-21 15:34:27 -------- d-----w- C:\Users\Aca\AppData\Roaming\Opera Software
2015-05-21 15:34:27 -------- d-----w- C:\Users\Aca\AppData\Local\Opera Software
2015-05-20 18:42:19 -------- d-----w- C:\Users\Aca\AppData\Roaming\TeamViewer
2015-05-10 19:37:06 -------- d-----w- C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HLDS
2015-05-10 19:37:06 -------- d-----w- C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life
2015-05-09 20:28:07 -------- d-----w- C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-05-09 20:28:05 -------- d-----w- C:\Users\Aca\AppData\Roaming\Notepad++
2015-05-08 12:26:24 -------- d-----w- C:\Users\Aca\AppData\Roaming\Unity
2015-05-06 15:50:13 -------- d-----w- C:\Users\Aca\AppData\Locallow\Unity
2015-05-05 12:57:44 -------- d-----w- C:\Users\Aca\AppData\Roaming\HP
2015-05-05 12:57:33 -------- d-----w- C:\Users\Aca\AppData\Roaming\Nitro
2015-05-05 12:55:18 -------- d-----w- C:\Users\Aca\AppData\Roaming\Downloaded Installations
2015-05-04 20:07:27 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help
2015-05-04 20:07:27 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help
2015-05-04 16:21:48 -------- d-----w- C:\Users\Aca\AppData\Roaming\Wargaming.net
2015-05-02 10:41:10 -------- d-----w- C:\Users\Aca\AppData\Roaming\Microsoft Dynamics NAV
2015-05-02 10:41:09 -------- d-----w- C:\Users\Aca\AppData\Local\IsolatedStorage
2015-04-29 18:18:16 -------- d-----w- C:\Users\Aca\AppData\Roaming\Adobe
2015-04-29 18:09:58 -------- d-----w- C:\Users\Aca\AppData\Roaming\Ashampoo
2015-04-29 18:09:51 -------- d-----w- C:\Users\Aca\AppData\Local\ashampoo
2015-04-29 14:40:18 B3E63F93F10AD521AF5944096475580E 32768 ----a-w- C:\Users\Aca\AppData\Roaming\fin.zup
2015-04-28 12:00:03 -------- d-----w- C:\Users\Aca\AppData\Local\ElevatedDiagnostics
2015-04-27 19:00:19 -------- d-----w- C:\Users\Aca\AppData\Roaming\Carambis
2015-04-24 13:35:48 -------- d-----w- C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
====== C:\Users\Aca ======
2015-05-23 06:41:57 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Favorites
2015-05-23 06:41:57 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Favorites
2015-05-09 20:28:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-05-05 12:59:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-05-05 12:55:22 -------- d-----w- C:\ProgramData\Nitro
2015-05-02 10:50:40 -------- d-----w- C:\ProgramData\Telenor Internet
2015-05-02 10:24:46 -------- d-----w- C:\ProgramData\mts mobilni internet
2015-05-02 10:23:46 -------- d-----w- C:\ProgramData\DatacardService
2015-04-29 19:51:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-29 18:09:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2015-04-29 18:09:41 -------- d-----w- C:\ProgramData\Ashampoo
2015-04-29 10:20:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012 Report Builder 3.0
2015-04-27 19:00:30 921ABCB0FC1B50AAD66DAF14BD60F192 4099 ----a-w- C:\ProgramData\mtbjfghn.xbe
2015-04-27 19:00:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carambis
====== C: exe-files ==
2015-05-23 07:21:10 D8CC116722F12ED45BA35CFB9DBE5BFC 126192 ----a-w- C:\Program Files (x86)\Air Globe\bin\AirGlobe.BrowserAdapter64.exe
2015-05-23 07:21:10 9FF702247FD67D2045503A88DF7C826D 108272 ----a-w- C:\Program Files (x86)\Air Globe\bin\AirGlobe.BrowserAdapter.exe
2015-05-23 06:50:24 9E1B112043743130DA7595268AE1ECA7 777240 ----a-w- C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3PA9AOFC\Reimage[1].exe
2015-05-23 06:50:21 26219D66A93764A3E3E972CCF717FD55 1480784 ----a-w- C:\Users\Aca\AppData\Local\Temp\9413.exe
2015-05-23 06:43:46 E7C49F8D3A6F959323A998A2B2EF4286 16507936 ----a-w- C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\60A6FCJN\ProtectorPackage2007x64d[1].exe
2015-05-23 06:43:31 8AE1D9232F12B20487A498586A170ADE 295912 ----a-w- C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HM0MRNXP\ReiSysUpdate[1].exe
2015-05-23 06:43:30 8AE1D9232F12B20487A498586A170ADE 295912 ----a-w- C:\Users\Aca\AppData\Local\Temp\ReiSysUpdate.exe
2015-05-23 06:43:08 1CBA0074E31C591E9079C9827400B0C3 13370912 ----a-w- C:\Users\Aca\AppData\Local\Temp\ReimagePackage.exe
2015-05-23 06:43:08 1CBA0074E31C591E9079C9827400B0C3 13370912 ----a-w- C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\60A6FCJN\ReimagePackage1814x64a[1].exe
2015-05-23 06:43:04 D729E0726F77304B299085AFBA059B5F 768512 ----a-w- C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EOUGAQGS\ReimageRepair[1].exe
2015-05-23 06:42:56 D729E0726F77304B299085AFBA059B5F 768512 ----a-w- C:\Users\Aca\AppData\Local\Temp\814323631730\Setup_product_26943.exe
2015-05-23 06:41:52 33618ED2ADA9139A0158D2ADA7D552B7 101616 ----a-w- C:\Program Files (x86)\Air Globe\bin\AirGlobe.expext.exe
2015-05-23 06:38:48 26219D66A93764A3E3E972CCF717FD55 1480784 ----a-w- C:\Users\Aca\AppData\Local\Temp\7150.exe
2015-05-23 06:35:22 CCAF0DCB4BEF3FCD615E15B46B22F349 6714960 ----a-w- C:\Program Files (x86)\Google\Update\Install\{92926614-97F5-4E34-A686-5E1259FC26FB}\43.0.2357.65_42.0.2311.152_chrome_updater.exe
2015-05-23 06:35:21 CCAF0DCB4BEF3FCD615E15B46B22F349 6714960 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.65\43.0.2357.65_42.0.2311.152_chrome_updater.exe
2015-05-22 19:56:00 BF9DA49C0E1D900A54AB15BB8EAF9BCA 2108416 ----a-w- C:\Users\Aca\Desktop\FRST\FRST64.exe
2015-05-21 15:46:05 05E9265E2228799B68DC0F58A94E1AB8 249656 ----a-w- C:\Windows\System32\Wat\WatUX.exe
2015-05-21 15:46:04 3CEC96DE223E49EAAE3651FCF8FAEA6C 1255736 ----a-w- C:\Windows\System32\Wat\WatAdminSvc.exe
2015-05-21 15:39:30 C51781996821EEA076B66BB2D6381AEF 2767872 ----a-w- C:\Users\Aca\AppData\Local\Temp\8080\temp\MagnumStable.xyz.exe
2015-05-21 15:37:05 496F1F50743D73F4DF1BED1E657CF50E 1384960 ----a-w- C:\Program Files (x86)\Ge-Force\aaf348f2-aa07-44df-9237-4f2010637ed5-1-6.exe
2015-05-21 15:37:02 D47E6BE0121686C148D51C640F2CF509 1435136 ----a-w- C:\Program Files (x86)\Sense\ee0c153f-4ef0-4da5-8166-0eca361bad35-1-6.exe
2015-05-21 15:36:43 7C9ED76976A1DC59D400E749A4CDEF8B 1905664 ----a-w- C:\Program Files (x86)\Ge-Force\aaf348f2-aa07-44df-9237-4f2010637ed5-64.exe
2015-05-21 15:36:39 049D611173144AB4667846D27807CD8A 2088448 ----a-w- C:\Program Files (x86)\Sense\ee0c153f-4ef0-4da5-8166-0eca361bad35-64.exe
2015-05-21 15:36:39 03F4E4149EBF3DEE4778276D5B9FA176 1385984 ----a-w- C:\Program Files (x86)\Sense\ee0c153f-4ef0-4da5-8166-0eca361bad35-6.exe
2015-05-21 15:36:35 8DF6560ADF608ECDCE5CAF299062A135 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\globalupdateOnDemand.exe
2015-05-21 15:36:34 6419BCBF0B2569AACF4023942EADFCB8 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\globalupdateBroker.exe
2015-05-21 15:36:34 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\globalupdateCrashHandler.exe
2015-05-21 15:36:34 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\globalupdate.exe
2015-05-21 15:36:30 084548808E8914945857790D70BC2899 1294848 ----a-w- C:\Program Files (x86)\Ge-Force\aaf348f2-aa07-44df-9237-4f2010637ed5-10.exe
2015-05-21 15:36:28 93537FAEDCE7E5743C412BA1DCB528B9 100864 ----a-w- C:\Program Files (x86)\Ge-Force\Uninstall.exe
2015-05-21 15:36:28 8DF6560ADF608ECDCE5CAF299062A135 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\globalupdateOnDemand.exe
2015-05-21 15:36:28 6419BCBF0B2569AACF4023942EADFCB8 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\globalupdateBroker.exe
2015-05-21 15:36:28 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\globalupdateCrashHandler.exe
2015-05-21 15:36:28 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\globalupdate.exe
2015-05-21 15:36:27 35B8380D49901D16681138C02F172B28 1923719 ----a-w- C:\Program Files (x86)\Sense\utils.exe
2015-05-21 15:36:08 A3D710BE299503835B0631FA8AD355C0 222392 ----a-w- C:\Users\Aca\AppData\Local\Temp\tu17p84.exe
2015-05-21 15:34:32 F0C6EDC8CE0F4AA8EB37B1A5A824E82A 10413819 ----a-w- C:\Users\Aca\AppData\Local\Temp\Install_20553\ins_geforce.exe
2015-05-21 15:34:32 E9E472DFE0C45BAAC1E6AA681B847859 10145901 ----a-w- C:\Users\Aca\AppData\Local\Temp\Install_20553\ins_sense.exe
2015-05-21 15:34:32 B139051E9E25487A0C2F79C721B8C7AE 2728496 ----a-w- C:\Users\Aca\AppData\Local\Temp\Install_20553\ins_shopperpro.exe
2015-05-21 15:33:36 330B8E3E0A8C5EC1849DCAA04E0DAB42 1173584 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5-5.exe
2015-05-21 15:33:28 85D644E3D5FEBA5C1C45170A73F827CA 1357392 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5-1-6.exe
2015-05-21 15:33:28 281E6164501DA329BD1CD9B86A104B8D 1111632 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5-1-7.exe
2015-05-21 15:33:18 EBE7A1610B71F4BA6655D7804ED2B30C 1464400 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5-4.exe
2015-05-21 15:33:10 281E6164501DA329BD1CD9B86A104B8D 1111632 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5-7.exe
2015-05-21 15:33:10 23896584DE871714EE286A7385E349DF 1433680 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5-6.exe
2015-05-21 15:33:10 1259BC2C6228B3197A6A5CB4FF6762F0 1908304 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5-64.exe
2015-05-21 15:32:59 8AC2D948D8878C3124FD03CCF238D7A5 1301584 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5-3.exe
2015-05-21 15:32:57 8DF6560ADF608ECDCE5CAF299062A135 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\globalupdateOnDemand.exe
2015-05-21 15:32:57 6419BCBF0B2569AACF4023942EADFCB8 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\globalupdateBroker.exe
2015-05-21 15:32:57 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\globalupdateCrashHandler.exe
2015-05-21 15:32:57 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\globalupdate.exe
2015-05-21 15:32:55 26219D66A93764A3E3E972CCF717FD55 1480784 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5-10.exe
2015-05-21 15:32:54 D9A3853FEFB0779ED9EFA843AFAB000D 1995734 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\utils.exe
2015-05-21 15:32:54 56D0A6A4D194B6A9EBCDC97F78B09461 120400 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\Uninstall.exe
2015-05-21 15:32:54 26219D66A93764A3E3E972CCF717FD55 1480784 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\UninstallBrw.exe
2015-05-21 15:30:16 527166843EC470B76BCD3295CCF0DCDD 671328 ----a-w- C:\Users\Aca\AppData\Local\Temp\81432222187\0PlJATVNQ1.exe
2015-05-21 15:30:16 3AD28E4FFB2028E1A22A5CAD10450559 1498477 ----a-w- C:\Users\Aca\AppData\Local\Temp\81432222187\1PlJATVNQ2.exe
2015-05-21 15:30:14 0ED54ED82C590CD4B04896FDAE84FCA8 465160 ----a-w- C:\Users\Aca\AppData\Local\Temp\81432222187\1PlJATVNQ3.exe
2015-05-21 15:29:50 10FFABC748D68C40B68F883058C9B932 50225 ----a-w- C:\Users\Aca\AppData\Local\Temp\81432222187\SUxATVNQ10700.exe
2015-05-21 15:29:46 8F629260F997770F000BCF2B486B2529 779776 ----a-w- C:\Users\Aca\AppData\Local\Temp\oo2.exe
2015-05-21 15:29:41 FC2990100B6C615016FDFBEB073757CE 106496 ----a-w- C:\Program Files (x86)\RemoveWAT\uninstall.exe
2015-05-20 18:42:15 FAB60D86E32C93DE04AE817C831AD415 5296400 ----a-w- C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
2015-05-20 18:42:15 EAA4DA799742740087871D62A77E0677 469656 ----a-w- C:\Program Files (x86)\TeamViewer\uninstall.exe
2015-05-20 18:42:15 D4EA2CEF5FC0C87E21E71709C4A73E53 263952 ----a-w- C:\Program Files (x86)\TeamViewer\tv_x64.exe
2015-05-20 18:42:15 CEB90659C8C8DE208D6841176EEE3FA3 5491984 ----a-w- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
2015-05-20 18:42:15 7606D7F432CE1C64AE661365E4D4D560 229136 ----a-w- C:\Program Files (x86)\TeamViewer\tv_w32.exe
2015-05-20 18:42:14 BC7E35B27516FE9C186BB7E711802AE8 17902864 ----a-w- C:\Program Files (x86)\TeamViewer\TeamViewer.exe
2015-05-18 12:14:15 F6EEE6848E933962E12E7B3F25C73C88 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateBroker.exe
2015-05-18 12:14:15 C990A8EAD57DA59FA8156CC02D3B7DA5 931408 ----a-w- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateSetup.exe
2015-05-18 12:14:15 6732C4A894855042FD3618406B6BBD48 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe
2015-05-18 12:14:15 0894890F30B5F6510DF953BC50B5504F 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateWebPlugin.exe
2015-05-18 12:14:11 BB3045B399D898061B926B447C446E05 127816 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateComRegisterShell64.exe
2015-05-18 12:14:11 8715A0D10CFFC8DEE923957F07DAA042 244040 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
2015-05-18 12:14:11 6509A96DAE25340772B51AC020CB1094 304968 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
2015-05-18 12:14:10 0C03FB91E17987EED93F60007B08DAA0 144200 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdate.exe
2015-05-18 12:14:09 C990A8EAD57DA59FA8156CC02D3B7DA5 931408 ----a-w- C:\Program Files (x86)\Google\Update\Install\{88844F7B-3E4C-4994-B427-EAA34F17A152}\GoogleUpdateSetup.exe
2015-05-18 12:14:09 C990A8EAD57DA59FA8156CC02D3B7DA5 931408 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.27.5\GoogleUpdateSetup.exe
2015-05-16 12:52:59 187F79EB31837833882646AE02DB9AC1 711326 ----a-w- C:\Program Files (x86)\RemoveWAT\RemoveWAT.exe
=== C: other files ==
2015-05-23 07:21:01 4C64E19B96EF62405F7376ECBD5B9A01 94287 ----a-w- C:\Program Files (x86)\Air Globe\bin\AirGlobe.expext.zip
2015-05-23 06:40:27 478E0E01EC88B5B408306B997B42DC15 6478 ----a-w- C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\{2eb930fb-5d92-450f-a5ff-14c391caa31b}.xpi
2015-05-21 15:36:52 FBD69D7B2288118B6A1C2AA84D6ECD92 400401 ----a-w- C:\Program Files (x86)\Ge-Force\aaf348f2-aa07-44df-9237-4f2010637ed5.xpi
2015-05-21 15:36:51 47C108A84E6949C75C29477997C776AD 395315 ----a-w- C:\Program Files (x86)\Sense\ee0c153f-4ef0-4da5-8166-0eca361bad35.xpi
2015-05-21 15:33:18 A85061F0B6921C3C9B4637CFA576F567 445574 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5.xpi
2015-05-21 15:32:59 23B9243FFD105F972AA2ED63C515527B 401767 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\33f8a271-5246-403e-a57f-0d5fdd6a0524.crx
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-776529118-1432443362-4020625924-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\Aca\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"
"YTDownloader"="C:\Program Files (x86)\YTDownloader\YTDownloader.exe /boot"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"BCSSync"="D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"YTDownloader"="C:\Program Files (x86)\YTDownloader\YTDownloader.exe /boot"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\Aca\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"
"YTDownloader"="C:\Program Files (x86)\YTDownloader\YTDownloader.exe /boot"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Bidaily Synchronize Task[pr].job --a------ C:\programdata\ed5d3532-d489-c11d-ed5d-d3532d48d4cb\removewat 2.2.8 windows 7 working activator download.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/11/2015 01:08 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/11/2015 01:08 PM]
==== Other Scheduled Tasks ======================
"C:\Windows\SysNative\tasks\CarambisDriverUpdaterUACDisablingTask" [C:\Program Files (x86)\Carambis\Driver Updater\dupdater.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"searchffv2@gmail.com"="C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com" [05/23/2015 08:42 AM]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default
- QuickSearch - %ProfilePath%\extensions\searchffv2@gmail.com
- Shopper-Pro - %ProfilePath%\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
- Youtube playlist converter to MP3 - %ProfilePath%\extensions\jid0-oxBE8TGrmyDm30WPvO8i9EFHmtQ@jetpack.xpi
- Air Globe 1.0.1 - %ProfilePath%\extensions\{2eb930fb-5d92-450f-a5ff-14c391caa31b}.xpi
- YouTube Flash Video Player - %ProfilePath%\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default
9AE02005247DA91AB1743F5208DBEF76 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll - Shockwave Flash
FBF151BDF3156D1FEFD5E992D89D65CC - C:\Users\Aca\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
==== Deleted Firefox Extensions ======================
C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} deleted
==== Chromium Look ======================
Google Chrome Version: 43.0.2357.65
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[05/02/2015 12:26 PM]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[05/02/2015 12:26 PM]
Google Drive - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
BeFunky Photo Editor - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apfkepiiddolifkgjmfdgpnipgnfejab
YouTube - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
TANX - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\khalolpadgppinfmjajjbdgljhcameji
Chrome Hotword Shared Module - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Google Wallet - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
CinemaPlus-3.2cV17.05 - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp
Gmail - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chromium Startpages ======================
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Preferences
E30D","homepage_is_newtabpage":"F575A8C066C96A515D790487355BDCB99DF69C33579FFD530321EBE11B9FA80E","pinned_tabs":"71889793483034BCBB84185CE0C514D302BE5FBEA02094B0E69292D568F78D0A","prefs":{"preference_reset_time":"5792A297BA8546168B42CC7675675C195C3DC7185C045419247466A64DA75F53"},"profile":{"reset_prompt_memento":"FF179974F8C28D7665A02082401928C14483973E2132186CCDD36A847BF9F117"},"safebrowsing":{"incidents_sent":"67EA6A72A9D334F01C5D900507A9C704A3462B05830623A7FD986552DD6A3694"},"search_provider_overrides":"91EB1A10FA29E4D48DD9B38CCB278619AD384768BAD3E11F105974BA33CEB90E","session":{"restore_on_startup":"9AC265B95CB3095F6534B78096597DB3FCF77BEFF838A9B6C7F10DE8B9C8B844","startup_urls":"F59712628BBD928C0954E6D9942F60C2BB96F02D8E24FCB2AF97065ABC8580DE"},"software_reporter":{"prompt_reason":"23DAB705FE94D2F4BE5C20B9768862A3C104BE828D5A8DD15FD776335279EE95","prompt_seed":"91FA3B7E38420D544E83A4C6FA9B14AD10FD0B38BECD458CFC7B0F626B3D3370","prompt_version":"8FCB241360B0DD87FB628414D34FA7580A63B5E7DA07A0A29AD2FCF1A85BE249"},"sync":{"remaining_rollback_tries":"15D8B0CD86CDFCE08CD4040123435B5858010B364D030E93B2D1B39BC57A5FBD"}},"super_mac":"A6D8F45FE74EE727C61C69CCF0896D1269C2B205593ED2EFA16501C1867BECFE"},"session":{"startup_urls":["http://www.istartsurf.com/?type=hp&ts=1432363346&z=b7892fedd9d471119e38a1bg6z2cco7c0qecac9cfb&from=obw&uid=TOSHIBAXDT01ACA050_X3O6ENGGSXXX3O6ENGGSX"]},"software_reporter":{"prompt_reason":0,"prompt_version":"3.20.1"}}
==== Chromium Fix ======================
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage-journal deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage-journal deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage-journal deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.istartsurf.com_0.localstorage deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.istartsurf.com_0.localstorage-journal deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage-journal deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0 deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.istartsurf.com/web/?type=ds&ts=1432363346&z=b7892fedd9d471119e38a1bg6z2cco7c0qecac9cfb&from=obw&uid=TOSHIBAXDT01ACA050_X3O6ENGGSXXX3O6ENGGSX&q={searchTerms}"
"Search Page"="http://www.istartsurf.com/web/?type=ds&ts=1432363346&z=b7892fedd9d471119e38a1bg6z2cco7c0qecac9cfb&from=obw&uid=TOSHIBAXDT01ACA050_X3O6ENGGSXXX3O6ENGGSX&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.istartsurf.com/web/?type=ds&ts=1432363346&z=b7892fedd9d471119e38a1bg6z2cco7c0qecac9cfb&from=obw&uid=TOSHIBAXDT01ACA050_X3O6ENGGSXXX3O6ENGGSX&q={searchTerms}"
"Search Page"="http://www.istartsurf.com/web/?type=ds&ts=1432363346&z=b7892fedd9d471119e38a1bg6z2cco7c0qecac9cfb&from=obw&uid=TOSHIBAXDT01ACA050_X3O6ENGGSXXX3O6ENGGSX&q={searchTerms}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-776529118-1432443362-4020625924-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4c54ce3d-6b7d-4f21-9e69-200632a98540} deleted successfully
HKEY_USERS\S-1-5-21-776529118-1432443362-4020625924-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4c54ce3d-6b7d-4f21-9e69-200632a98540} deleted successfully
HKEY_USERS\S-1-5-21-776529118-1432443362-4020625924-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully
HKEY_USERS\S-1-5-21-776529118-1432443362-4020625924-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4c54ce3d-6b7d-4f21-9e69-200632a98540} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4c54ce3d-6b7d-4f21-9e69-200632a98540} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{06B99631-BFA2-3B7A-F58B-D067C2BA59B7} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Driver Updater deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Sense deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Ge-Force deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\CinemaPlus-3.2cV17.05 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{68ef6205} deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Aca\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3PA9AOFC will be deleted at reboot
C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EOUGAQGS will be deleted at reboot
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7HIJ1459 will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 will be deleted at reboot
C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\Aca\AppData\Local\Mozilla\Firefox\Profiles\r3q09esf.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Aca\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=843 folders=122 8832155630 bytes)
==== Empty Temp Folders ======================
C:\Users\Aca\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Aca\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\PROGRA~2\Air Globe" not found
"C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp" deleted
"C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3PA9AOFC" not found
"C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EOUGAQGS" not found
"C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7HIJ1459" deleted
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5" not found
==== EOF on Sat 05/23/2015 at 9:28:20.12 ======================
|