Problem sa pretraživačima

1

Problem sa pretraživačima

offline
  • Student by day. Hacker by night
  • Pridružio: 11 Maj 2014
  • Poruke: 189
  • Gde živiš: 192.168.0.1

Naime, imam problem sa pretraživačima u poslednjih par dana. Počelo je da mi izabucuje avast neki virus, kada otvorim chrome ili mozilu. Jednostavno mi izbaci u donjem desnom uglu da je virus pronađen, skenirao sam 2x ceo komp, i one kratke skenove sam odradio što ima antivirus, ali i dalje ista priča.?

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8616
  • Gde živiš: Novi Beograd

Zdravo, rado cemo pomoci.

Postavi logove antivirusnih programa ako znas kako i mozes, i procitaj uputstvo za postavljanje FRST logova sa ovog linka:

http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

offline
  • Student by day. Hacker by night
  • Pridružio: 11 Maj 2014
  • Poruke: 189
  • Gde živiš: 192.168.0.1

Napisano: 22 Maj 2015 22:00

Pre nego što okačim frst.txt podatke, pisalo je u temi da će i formirati još jedan fajl "Addition.txt" ali nije, izbacilo mi je na kraju kao "Addition.txt" ali sa ovim podacima.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2015 01
Ran by Aca (administrator) on ACA-PC on 22-05-2015 21:56:35
Running from C:\Users\Aca\Downloads
Loaded Profiles: Aca (Available Profiles: Aca)
Platform: Windows 7 Ultimate (X64) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Dynamics NAV\70\Service\Microsoft.Dynamics.Nav.Server.exe
(Sense+) C:\Program Files (x86)\Sense\ee0c153f-4ef0-4da5-8166-0eca361bad35-6.exe
(Cinema PlusV17.05) C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5-6.exe
(Cinema PlusV17.05) C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5-10.exe
(Webar) C:\Program Files (x86)\Ge-Force\aaf348f2-aa07-44df-9237-4f2010637ed5-10.exe
(Webar) C:\Program Files (x86)\Ge-Force\aaf348f2-aa07-44df-9237-4f2010637ed5-1-6.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Cinema PlusV17.05) C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5-1-6.exe
(Sense+) C:\Program Files (x86)\Sense\ee0c153f-4ef0-4da5-8166-0eca361bad35-1-6.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe
() C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Goobzo LTD) C:\Program Files (x86)\ShopperPro\ShopperPro.exe
(Goobzo) C:\Program Files (x86)\ShopperPro\Updater.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [676608 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BCSSync] => D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-776529118-1432443362-4020625924-1000\...\Run: [uTorrent] => C:\Users\Aca\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-07] (BitTorrent Inc.)
HKU\S-1-5-21-776529118-1432443362-4020625924-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5585136 2015-03-31] (Disc Soft Ltd)
HKU\S-1-5-21-776529118-1432443362-4020625924-1000\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-776529118-1432443362-4020625924-1000\...\MountPoints2: {12a919c5-f099-11e4-bae7-448a5b2af474} - F:\AutoRun.exe
HKU\S-1-5-21-776529118-1432443362-4020625924-1000\...\MountPoints2: {12a919d4-f099-11e4-bae7-448a5b2af474} - F:\AutoRun.exe
HKU\S-1-5-21-776529118-1432443362-4020625924-1000\...\MountPoints2: {12a91a0f-f099-11e4-bae7-448a5b2af474} - F:\AutoRun.exe
HKU\S-1-5-21-776529118-1432443362-4020625924-1000\...\MountPoints2: {12a91a23-f099-11e4-bae7-448a5b2af474} - F:\AutoRun.exe
HKU\S-1-5-21-776529118-1432443362-4020625924-1000\...\MountPoints2: {12a91a38-f099-11e4-bae7-448a5b2af474} - F:\AutoRun.exe
HKU\S-1-5-21-776529118-1432443362-4020625924-1000\...\MountPoints2: {12a91a4b-f099-11e4-bae7-448a5b2af474} - F:\AutoRun.exe
HKU\S-1-5-21-776529118-1432443362-4020625924-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-02] (Avast Software s.r.o.)
BootExecute: autocheck autochk * aswBoot.exe /M:139086c2cd /wow /dir:"C:\Program Files\AVAST Software\Avast"
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = websearch.searchtotal.info/?pid=24456&r=201.....S&unqvl=88
HKU\S-1-5-21-776529118-1432443362-4020625924-1000\Software\Microsoft\Internet Explorer\Main,Start Page = websearch.searchtotal.info/?pid=24456&r=201.....S&unqvl=88
HKU\S-1-5-21-776529118-1432443362-4020625924-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = websearch.searchtotal.info/?l=1&q={searchTerms}&pid=24456&r=2015/05/21&hid=8355062077838769251&lg=EN&cc=RS&unqvl=88
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = websearch.searchtotal.info/?l=1&q={searchTerms}&pid=24456&r=2015/05/21&hid=8355062077838769251&lg=EN&cc=RS&unqvl=88
SearchScopes: HKU\S-1-5-21-776529118-1432443362-4020625924-1000 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = websearch.searchtotal.info/?l=1&q={searchTerms}&pid=24456&r=2015/05/21&hid=8355062077838769251&lg=EN&cc=RS&unqvl=88
SearchScopes: HKU\S-1-5-21-776529118-1432443362-4020625924-1000 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = websearch.searchtotal.info/?l=1&q={searchTerms}&pid=24456&r=2015/05/21&hid=8355062077838769251&lg=EN&cc=RS&unqvl=88
BHO: PriceMinus -> {06188F08-EFC8-477A-A741-E0BDC1439F3F} -> C:\Program Files (x86)\PriceMinus\qNe4ex5ohWIgmo.x64.dll [2015-05-21] ()
BHO: bestadblocker -> {5A1CEC30-FF69-45FE-B0A1-C639D62CEC3B} -> C:\Program Files (x86)\bestadblocker\aHbCnJVzEBUimj.x64.dll [2015-05-21] ()
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-02] (Avast Software s.r.o.)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll [2015-05-20] (Goobzo Ltd.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files (x86)\Java\bin\ssv.dll [2015-04-29] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-02] (Avast Software s.r.o.)
BHO-x32: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro.dll [2015-05-20] (Goobzo Ltd.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files (x86)\Java\bin\jp2ssv.dll [2015-04-29] (Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0

FireFox:
========
FF ProfilePath: C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.searchtotal.info/?pid=24456&r=2015/05/21&hid=8355062077838769251&lg=EN&cc=RS&unqvl=88&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: WebSearch
FF SelectedSearchEngine,S: WebSearch
FF Homepage: hxxp://websearch.searchtotal.info/?pid=24456&r=2015/05/21&hid=8355062077838769251&lg=EN&cc=RS&unqvl=88
FF Keyword.URL: hxxp://websearch.searchtotal.info/?pid=24456&r=2015/05/21&hid=8355062077838769251&lg=EN&cc=RS&unqvl=88&l=1&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-29] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-29] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> D:\Program Files (x86)\Java\bin\dtplugin\npDeployJava1.dll [2015-04-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> D:\Program Files (x86)\Java\bin\plugin2\npjp2.dll [2015-04-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-08-01] (Nitro PDF)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-05-21] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-05-21] (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-776529118-1432443362-4020625924-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Aca\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\searchplugins\WebSearch.xml [2015-05-22]
FF Extension: CinemaPlus-3.2cV17.05 - C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\Extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [2015-05-21]
FF Extension: Sense - C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\Extensions\e9d197d59f2f45f382b1aa5c14d82@8706aaed9b904554b5cb7984e9.com [2015-05-21]
FF Extension: bestadblocker - C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\Extensions\gz@FZ9g6sDG.net [2015-05-22]
FF Extension: PricEMinus - C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\Extensions\tksMNLe@Tkh.net [2015-05-22]
FF Extension: Ge-Force - C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\Extensions\TTSD90021300@PYDKGV101145942.com [2015-05-21]
FF Extension: Shopper-Pro - C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2015-05-21]
FF Extension: Youtube playlist converter to MP3 - C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\Extensions\jid0-oxBE8TGrmyDm30WPvO8i9EFHmtQ@jetpack.xpi [2015-04-29]
FF Extension: YouTube Flash Video Player - C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2015-04-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-02]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR StartupUrls: Default -> "hxxp://websearch.searchtotal.info/?pid=24456&r=2015/05/21&hid=8355062077838769251&lg=EN&cc=RS&unqvl=88"
CHR Profile: C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-11]
CHR Extension: (BeFunky Photo Editor) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apfkepiiddolifkgjmfdgpnipgnfejab [2015-04-20]
CHR Extension: (YouTube) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-11]
CHR Extension: (Google Search) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-11]
CHR Extension: (TANX) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\khalolpadgppinfmjajjbdgljhcameji [2015-04-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-11]
CHR Extension: (Google Wallet) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-11]
CHR Extension: (CinemaPlus-3.2cV17.05) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-05-22]
CHR Extension: (Gmail) - C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-11]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-05-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-08-30] (Advanced Micro Devices, Inc.) []
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-02] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-02] (Avast Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1277680 2015-03-31] (Disc Soft Ltd)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-05-21] (globalUpdate) [] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-05-21] (globalUpdate) [] <==== ATTENTION
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S3 Microsoft SharePoint Workspace Audit Service; D:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation)
R2 MicrosoftDynamicsNavServer$DynamicsNAV70; C:\Program Files\Microsoft Dynamics NAV\70\Service\Microsoft.Dynamics.Nav.Server.exe [136960 2012-09-07] (Microsoft Corporation)
S3 MicrosoftDynamicsNavVSS; C:\Program Files\Microsoft Dynamics NAV\70\Service\Microsoft.Dynamics.Nav.Server.VSSWriterService.exe [16168 2012-09-07] (Microsoft Corporation)
S4 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) []
S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) []
S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) []
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) []
R2 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920 2014-08-01] (Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [418312 2014-08-01] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-13] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-02] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-02] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-02] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-02] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-02] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-02] ()
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-12] (Disc Soft Ltd)
R2 SPDRIVER_1.42.1.1870; C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1870\jsdrv.sys [52376 2015-05-20] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-02] (Avast Software)
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-22 21:56 - 2015-05-22 21:57 - 00020959 _____ () C:\Users\Aca\Downloads\FRST.txt
2015-05-22 21:56 - 2015-05-22 21:56 - 02108416 _____ (Farbar) C:\Users\Aca\Downloads\FRST64.exe
2015-05-22 21:56 - 2015-05-22 21:56 - 00000000 ____D () C:\FRST
2015-05-22 16:46 - 2015-05-22 16:46 - 00000000 ____D () C:\Users\Aca\Desktop\_4451-
2015-05-22 16:41 - 2015-05-22 16:41 - 00000836 _____ () C:\Users\Aca\Desktop\Counter-Strike WaRzOnE.lnk
2015-05-22 16:41 - 2015-05-22 16:41 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2015-05-22 15:58 - 2015-05-22 15:58 - 00000000 ____D () C:\Users\Aca\Desktop\New folder
2015-05-21 17:39 - 2015-05-21 19:10 - 00000000 ____D () C:\Program Files (x86)\Page Refresh
2015-05-21 17:39 - 2015-05-21 19:10 - 00000000 ____D () C:\Program Files (x86)\bestadblocker
2015-05-21 17:39 - 2015-05-21 17:48 - 00000000 ____D () C:\Program Files (x86)\LinkProc
2015-05-21 17:38 - 2015-05-22 18:09 - 00000414 _____ () C:\Windows\Tasks\Bidaily Synchronize Task[pr].job
2015-05-21 17:38 - 2015-05-22 17:38 - 00000000 ____D () C:\ProgramData\{ed5d3532-d489-c11d-ed5d-d3532d48d4cb}
2015-05-21 17:38 - 2015-05-21 19:10 - 00000000 ____D () C:\Program Files (x86)\PricEMinus
2015-05-21 17:38 - 2015-05-21 17:39 - 00000000 ____D () C:\ProgramData\2016993445233601173
2015-05-21 17:38 - 2015-05-21 17:38 - 00003322 _____ () C:\Windows\System32\Tasks\Bidaily Synchronize Task[pr]
2015-05-21 17:38 - 2015-05-21 17:38 - 00000000 ____D () C:\ProgramData\lmnlmbmkifpfcegplkadooegcncppadp
2015-05-21 17:37 - 2015-05-22 21:37 - 00003444 _____ () C:\Windows\Tasks\aaf348f2-aa07-44df-9237-4f2010637ed5-1-6.job
2015-05-21 17:37 - 2015-05-21 17:37 - 00006472 _____ () C:\Windows\System32\Tasks\aaf348f2-aa07-44df-9237-4f2010637ed5-1-6
2015-05-21 17:36 - 2015-05-22 21:37 - 00003438 _____ () C:\Windows\Tasks\ee0c153f-4ef0-4da5-8166-0eca361bad35-1-6.job
2015-05-21 17:36 - 2015-05-22 21:36 - 00005826 _____ () C:\Windows\Tasks\ee0c153f-4ef0-4da5-8166-0eca361bad35-6.job
2015-05-21 17:36 - 2015-05-22 21:36 - 00002082 _____ () C:\Windows\Tasks\aaf348f2-aa07-44df-9237-4f2010637ed5-10_user.job
2015-05-21 17:36 - 2015-05-22 17:37 - 00000000 ____D () C:\Program Files (x86)\Sense
2015-05-21 17:36 - 2015-05-21 19:10 - 00000000 ____D () C:\Program Files (x86)\Ge-Force
2015-05-21 17:36 - 2015-05-21 17:37 - 00006466 _____ () C:\Windows\System32\Tasks\ee0c153f-4ef0-4da5-8166-0eca361bad35-1-6
2015-05-21 17:36 - 2015-05-21 17:36 - 00008854 _____ () C:\Windows\System32\Tasks\ee0c153f-4ef0-4da5-8166-0eca361bad35-6
2015-05-21 17:36 - 2015-05-21 17:36 - 00000000 ____D () C:\Program Files (x86)\a93cb3dd-86d0-4f0d-a8fa-49e8212a3801
2015-05-21 17:36 - 2015-05-21 17:36 - 00000000 ____D () C:\Program Files (x86)\0944b1df-4a54-4148-adbb-84a600a379c5
2015-05-21 17:35 - 2015-05-21 17:35 - 00000000 ____D () C:\Users\Aca\AppData\Local\BrowserHelper
2015-05-21 17:34 - 2015-05-21 17:34 - 00004494 _____ () C:\Windows\System32\Tasks\ShopperPro
2015-05-21 17:34 - 2015-05-21 17:34 - 00003560 _____ () C:\Windows\System32\Tasks\ShopperProJSUpd
2015-05-21 17:34 - 2015-05-21 17:34 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2015-05-21 17:34 - 2015-05-21 17:34 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Opera Software
2015-05-21 17:34 - 2015-05-21 17:34 - 00000000 ____D () C:\Users\Aca\AppData\Local\Opera Software
2015-05-21 17:34 - 2015-05-21 17:34 - 00000000 ____D () C:\Users\Aca\AppData\Local\CrashRpt
2015-05-21 17:34 - 2015-05-21 17:34 - 00000000 ____D () C:\ProgramData\ShopperPro
2015-05-21 17:34 - 2015-05-21 17:34 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2015-05-21 17:33 - 2015-05-22 21:33 - 00005514 _____ () C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-6.job
2015-05-21 17:33 - 2015-05-22 21:33 - 00003134 _____ () C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-1-6.job
2015-05-21 17:33 - 2015-05-22 17:33 - 00005178 _____ () C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-7.job
2015-05-21 17:33 - 2015-05-22 17:33 - 00004490 _____ () C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-4.job
2015-05-21 17:33 - 2015-05-22 17:33 - 00003134 _____ () C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-1-7.job
2015-05-21 17:33 - 2015-05-22 17:33 - 00002442 _____ () C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-5_user.job
2015-05-21 17:33 - 2015-05-22 17:33 - 00002442 _____ () C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-5.job
2015-05-21 17:33 - 2015-05-22 17:33 - 00000986 _____ () C:\Windows\Tasks\NKYMjm0xLnQ.job
2015-05-21 17:33 - 2015-05-22 17:33 - 00000984 _____ () C:\Windows\Tasks\JywkMSnAYx.job
2015-05-21 17:33 - 2015-05-21 17:36 - 00003896 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-05-21 17:33 - 2015-05-21 17:36 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-21 17:33 - 2015-05-21 17:33 - 00008542 _____ () C:\Windows\System32\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-6
2015-05-21 17:33 - 2015-05-21 17:33 - 00008208 _____ () C:\Windows\System32\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-7
2015-05-21 17:33 - 2015-05-21 17:33 - 00007520 _____ () C:\Windows\System32\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-4
2015-05-21 17:33 - 2015-05-21 17:33 - 00006164 _____ () C:\Windows\System32\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-1-7
2015-05-21 17:33 - 2015-05-21 17:33 - 00006162 _____ () C:\Windows\System32\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-1-6
2015-05-21 17:33 - 2015-05-21 17:33 - 00005472 _____ () C:\Windows\System32\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-5
2015-05-21 17:33 - 2015-05-21 17:33 - 00004004 _____ () C:\Windows\System32\Tasks\NKYMjm0xLnQ
2015-05-21 17:33 - 2015-05-21 17:33 - 00004002 _____ () C:\Windows\System32\Tasks\JywkMSnAYx
2015-05-21 17:33 - 2015-05-21 17:33 - 00000000 ____D () C:\Program Files (x86)\a611c9d9-fd97-45be-82c1-d0c0d606dee6
2015-05-21 17:32 - 2015-05-22 21:32 - 00002108 _____ () C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-10_user.job
2015-05-21 17:32 - 2015-05-22 17:41 - 00000898 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-05-21 17:32 - 2015-05-22 17:41 - 00000894 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-05-21 17:32 - 2015-05-22 17:32 - 00004154 _____ () C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-3.job
2015-05-21 17:32 - 2015-05-22 13:22 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-05-21 17:32 - 2015-05-21 17:36 - 00003642 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-05-21 17:32 - 2015-05-21 17:33 - 00000000 ____D () C:\Program Files (x86)\CinemaPlus-3.2cV17.05
2015-05-21 17:32 - 2015-05-21 17:32 - 00007184 _____ () C:\Windows\System32\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-3
2015-05-21 17:32 - 2015-05-21 17:32 - 00000000 ____D () C:\Users\Aca\AppData\Local\globalUpdate
2015-05-21 17:32 - 2015-05-21 17:32 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-05-20 20:42 - 2015-05-20 20:52 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-05-20 20:42 - 2015-05-20 20:42 - 00001003 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-05-20 20:42 - 2015-05-20 20:42 - 00000991 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-05-20 20:42 - 2015-05-20 20:42 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\TeamViewer
2015-05-19 18:13 - 2015-05-19 18:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-16 14:55 - 2015-05-16 14:55 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2015-05-10 21:37 - 2015-05-10 21:37 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HLDS
2015-05-10 21:37 - 2015-05-10 21:37 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life
2015-05-09 22:29 - 2015-05-09 22:30 - 00000000 ____D () C:\Users\Aca\Desktop\HTML_Programiranje
2015-05-09 22:28 - 2015-05-10 20:37 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Notepad++
2015-05-09 22:28 - 2015-05-09 22:28 - 00001009 _____ () C:\Users\Aca\Desktop\Notepad++.lnk
2015-05-09 22:28 - 2015-05-09 22:28 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-05-09 22:28 - 2015-05-09 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-05-09 22:28 - 2015-05-09 22:28 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2015-05-08 14:26 - 2015-05-08 14:26 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Unity
2015-05-07 14:58 - 2015-05-19 20:50 - 00000000 ____D () C:\Users\Aca\Downloads\Game.of.Thrones.S03.HDTV.x264
2015-05-06 17:50 - 2015-05-09 08:13 - 00000000 ____D () C:\Users\Aca\AppData\Local\Unity
2015-05-05 14:59 - 2015-05-05 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-05-05 14:58 - 2015-05-05 14:58 - 00000000 ____D () C:\Program Files\HP
2015-05-05 14:58 - 2012-09-18 15:27 - 00501760 _____ () C:\Windows\system32\ZSHP1020.EXE
2015-05-05 14:58 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\system32\ZLhp1020.DLL
2015-05-05 14:57 - 2015-05-05 15:48 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Nitro
2015-05-05 14:57 - 2015-05-05 14:57 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\HP
2015-05-05 14:57 - 2015-05-05 14:57 - 00000000 ____D () C:\hp_lj1020_Full_Solution
2015-05-05 14:57 - 2012-12-17 15:01 - 00574100 _____ () C:\Windows\system32\hp1022n.img
2015-05-05 14:57 - 2012-12-17 15:01 - 00245248 _____ () C:\Windows\system32\zshp1020s.dll
2015-05-05 14:57 - 2012-12-17 15:01 - 00206768 _____ () C:\Windows\system32\hp1022.img
2015-05-05 14:57 - 2012-12-17 15:01 - 00128820 _____ () C:\Windows\system32\hp1020.img
2015-05-05 14:57 - 2012-12-17 15:01 - 00010632 _____ () C:\Windows\system32\ZSHP1020.CHM
2015-05-05 14:55 - 2015-05-05 14:55 - 00001932 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 9.lnk
2015-05-05 14:55 - 2015-05-05 14:55 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Downloaded Installations
2015-05-05 14:55 - 2015-05-05 14:55 - 00000000 ____D () C:\ProgramData\Nitro
2015-05-05 14:55 - 2015-05-05 14:55 - 00000000 ____D () C:\Program Files\Nitro
2015-05-05 14:55 - 2015-05-05 14:55 - 00000000 ____D () C:\Program Files\Common Files\Nitro
2015-05-05 14:55 - 2015-05-05 14:55 - 00000000 ____D () C:\Program Files (x86)\Nitro
2015-05-05 14:55 - 2014-08-01 14:22 - 00029704 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalmon9.dll
2015-05-05 14:55 - 2014-08-01 14:22 - 00017928 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalui9.dll
2015-05-05 14:52 - 2015-05-05 14:52 - 00000000 ____D () C:\Program Files (x86)\Hp
2015-05-05 14:52 - 2015-05-05 14:52 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-05-05 14:51 - 2015-05-05 14:51 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-05-05 14:51 - 2015-05-05 14:51 - 00000000 ____D () C:\Windows\system32\vbox
2015-05-05 14:48 - 2015-05-05 14:48 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-05-05 14:48 - 2015-05-05 14:48 - 00000000 ____D () C:\Windows\system32\appraiser
2015-05-05 13:15 - 2015-03-23 03:51 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-05-05 13:15 - 2015-03-23 03:51 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-05-05 13:15 - 2015-03-23 03:51 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-05-05 13:15 - 2015-03-23 03:51 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-05-05 13:15 - 2015-03-23 03:51 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-05-05 13:15 - 2015-03-23 03:51 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-05-05 13:15 - 2015-03-23 03:47 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-05-05 13:15 - 2015-01-28 01:23 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-05-05 13:15 - 2014-12-04 04:31 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-05-04 22:07 - 2015-05-04 22:07 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2015-05-04 22:07 - 2015-05-04 22:07 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2015-05-04 18:21 - 2015-05-04 18:21 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Wargaming.net
2015-05-04 13:33 - 2014-09-15 02:44 - 03195392 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-04 13:27 - 2015-05-04 13:27 - 00000000 __RHD () C:\MSOCache
2015-05-03 15:30 - 2015-05-22 21:33 - 00000000 ____D () C:\Users\Aca\AppData\Local\Popcorn-Time
2015-05-02 19:25 - 2015-05-02 19:25 - 00002160 _____ () C:\Users\Aca\Desktop\Popcorn Time.lnk
2015-05-02 19:25 - 2015-05-02 19:25 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-05-02 19:25 - 2015-05-02 19:25 - 00000000 ____D () C:\Users\Aca\AppData\Local\Popcorn Time
2015-05-02 13:08 - 2009-03-31 10:35 - 00562688 _____ (darmiles) C:\Users\Aca\Desktop\Universal MasterCode.exe
2015-05-02 13:03 - 2015-05-02 13:03 - 00064000 _____ (CellSolutions) C:\Users\Aca\Desktop\Huawei Unlocker.exe
2015-05-02 12:50 - 2015-05-02 12:50 - 00000000 ____D () C:\ProgramData\Telenor Internet
2015-05-02 12:41 - 2015-05-02 12:41 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Microsoft Dynamics NAV
2015-05-02 12:41 - 2015-05-02 12:41 - 00000000 ____D () C:\Users\Aca\AppData\Local\IsolatedStorage
2015-05-02 12:39 - 2015-05-02 13:14 - 00000000 ____D () C:\Program Files (x86)\Mobile Partner
2015-05-02 12:27 - 2015-05-21 17:55 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-02 12:27 - 2015-05-04 13:10 - 00000000 ____D () C:\Windows\System32\Tasks\AVAST Software
2015-05-02 12:27 - 2015-05-02 12:27 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\AVAST Software
2015-05-02 12:27 - 2015-05-02 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-02 12:26 - 2015-05-02 12:38 - 00039913 _____ () C:\hwupgradewizard.log
2015-05-02 12:26 - 2015-05-02 12:26 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-02 12:26 - 2015-05-02 12:26 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-02 12:26 - 2015-05-02 12:26 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-02 12:26 - 2015-05-02 12:26 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-02 12:26 - 2015-05-02 12:26 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-02 12:26 - 2015-05-02 12:26 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-02 12:26 - 2015-05-02 12:26 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-02 12:26 - 2015-05-02 12:26 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-02 12:26 - 2015-05-02 12:26 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-02 12:26 - 2015-05-02 12:26 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-02 12:26 - 2010-05-13 12:13 - 32194560 _____ (Huawei Technologies Co., Ltd.) C:\Users\Aca\Desktop\Customized Mobile Partner.exe
2015-05-02 12:24 - 2015-05-02 12:49 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2015-05-02 12:24 - 2015-05-02 12:49 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll
2015-05-02 12:24 - 2015-05-02 12:24 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
2015-05-02 12:24 - 2015-05-02 12:24 - 00000000 ____D () C:\ProgramData\mts mobilni internet
2015-05-02 12:24 - 2015-05-02 12:24 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-02 12:24 - 2015-05-02 12:24 - 00000000 ____D () C:\Program Files\AVAST Software
2015-05-02 12:23 - 2015-05-02 13:13 - 00000000 ____D () C:\ProgramData\DatacardService
2015-05-02 12:22 - 2015-05-02 12:23 - 00553472 _____ (darmiles) C:\Users\Aca\Desktop\Universal_MasterCode - v2.exe
2015-04-29 21:52 - 2015-04-29 21:52 - 00000000 ____D () C:\Windows\Sun
2015-04-29 21:51 - 2015-04-29 21:51 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-29 21:51 - 2015-04-29 21:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-29 21:45 - 2015-04-29 21:45 - 00000000 _____ () C:\Windows\system32\REN821F.tmp
2015-04-29 21:42 - 2015-04-29 21:42 - 00000000 _____ () C:\Windows\system32\REN12F9.tmp
2015-04-29 20:18 - 2015-04-29 20:18 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-29 20:18 - 2015-04-29 20:18 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-29 20:18 - 2015-04-29 20:18 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-04-29 20:18 - 2015-04-29 20:18 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Macromedia
2015-04-29 20:18 - 2015-04-29 20:18 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Adobe
2015-04-29 20:18 - 2015-04-29 20:18 - 00000000 ____D () C:\Users\Aca\AppData\Local\Macromedia
2015-04-29 20:17 - 2015-04-29 20:18 - 00000000 ____D () C:\Users\Aca\AppData\Local\Adobe
2015-04-29 20:17 - 2015-04-29 20:17 - 00000000 ____D () C:\Windows\system32\Macromed
2015-04-29 20:09 - 2015-04-29 20:09 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Ashampoo
2015-04-29 20:09 - 2015-04-29 20:09 - 00000000 ____D () C:\Users\Aca\AppData\Local\ashampoo
2015-04-29 20:09 - 2015-04-29 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2015-04-29 20:09 - 2015-04-29 20:09 - 00000000 ____D () C:\ProgramData\Ashampoo
2015-04-29 20:09 - 2015-04-29 20:09 - 00000000 ____D () C:\Program Files (x86)\Ashampoo
2015-04-29 16:40 - 2015-04-29 16:41 - 00032768 _____ () C:\Users\Aca\AppData\Roaming\fin.zup
2015-04-29 12:50 - 2015-04-29 12:50 - 00000000 ____D () C:\Users\Aca\Documents\Autodata
2015-04-29 12:48 - 2015-04-29 12:48 - 00001427 _____ () C:\Users\Public\Desktop\Autodata 3.38.lnk
2015-04-29 12:47 - 2015-04-29 13:40 - 00000000 ____D () C:\ADCDA2
2015-04-29 12:28 - 2015-04-29 16:37 - 00001172 _____ () C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Dynamics NAV 2013 Administration Shell.lnk
2015-04-29 12:28 - 2015-04-29 12:28 - 00000000 ____D () C:\Program Files\Microsoft Dynamics NAV
2015-04-29 12:26 - 2015-04-29 16:36 - 00002249 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Dynamics NAV Administration.lnk
2015-04-29 12:26 - 2015-04-29 16:36 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Dynamics NAV 2013 Development Environment.lnk
2015-04-29 12:26 - 2015-04-29 16:36 - 00001303 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Dynamics NAV 2013.lnk
2015-04-29 12:24 - 2015-04-29 12:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Dynamics NAV
2015-04-29 12:20 - 2015-04-29 12:20 - 00000000 ____D () C:\Windows\SysWOW64\1033
2015-04-29 12:20 - 2015-04-29 12:20 - 00000000 ____D () C:\Windows\system32\1033
2015-04-29 12:20 - 2015-04-29 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012 Report Builder 3.0
2015-04-29 12:20 - 2015-04-29 12:20 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2015-04-29 12:20 - 2015-04-29 12:20 - 00000000 ____D () C:\Program Files (x86)\Open XML SDK
2015-04-29 12:20 - 2015-04-29 12:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-04-29 12:20 - 2015-04-29 12:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Chart Controls
2015-04-29 12:17 - 2015-05-02 12:41 - 00802216 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-29 12:14 - 2015-04-29 12:15 - 00000000 ____D () C:\Users\Aca\Desktop\Navision 2013
2015-04-28 10:38 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-28 10:38 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-28 10:38 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-28 10:38 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-28 10:38 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-28 10:38 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-28 10:38 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-28 10:38 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-28 10:38 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-27 21:01 - 2015-04-27 21:01 - 00083656 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_sata.sys
2015-04-27 21:01 - 2015-04-27 21:01 - 00043720 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_xata.sys
2015-04-27 21:00 - 2015-04-27 21:00 - 00004099 _____ () C:\ProgramData\mtbjfghn.xbe
2015-04-27 21:00 - 2015-04-27 21:00 - 00002772 _____ () C:\Windows\System32\Tasks\CarambisDriverUpdaterUACDisablingTask
2015-04-27 21:00 - 2015-04-27 21:00 - 00001186 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Driver Updater.lnk
2015-04-27 21:00 - 2015-04-27 21:00 - 00001180 _____ () C:\Users\Public\Desktop\Driver Updater.lnk
2015-04-27 21:00 - 2015-04-27 21:00 - 00000016 _____ () C:\ProgramData\mntemp
2015-04-27 21:00 - 2015-04-27 21:00 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Carambis
2015-04-27 21:00 - 2015-04-27 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carambis
2015-04-27 21:00 - 2015-04-27 21:00 - 00000000 ____D () C:\Program Files (x86)\Carambis
2015-04-27 17:00 - 2015-04-28 11:46 - 00000000 ____D () C:\Users\Aca\Desktop\226V3L driver V1 CCR
2015-04-24 15:35 - 2015-04-24 15:35 - 00002299 _____ () C:\Users\Aca\Desktop\Chrome App Launcher.lnk
2015-04-24 15:35 - 2015-04-24 15:35 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-22 21:56 - 2015-04-11 12:36 - 01390733 _____ () C:\Windows\WindowsUpdate.log
2015-05-22 21:20 - 2015-04-13 20:07 - 00000000 ____D () C:\KMPlayer
2015-05-22 16:46 - 2015-04-11 13:10 - 00000000 ____D () C:\Users\Aca\AppData\Roaming\uTorrent
2015-05-22 14:19 - 2015-04-11 13:08 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-22 13:28 - 2009-07-14 07:13 - 00789470 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-22 13:22 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-22 13:22 - 2009-07-14 06:51 - 00032531 _____ () C:\Windows\setupact.log
2015-05-21 17:47 - 2015-04-18 10:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-21 17:46 - 2009-07-14 06:45 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-21 17:46 - 2009-07-14 06:45 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-21 17:46 - 2009-07-14 01:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2015-05-21 17:46 - 2009-07-14 01:52 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2015-05-21 17:46 - 2009-07-14 01:38 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-05-21 17:46 - 2009-07-14 01:36 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2015-05-21 17:46 - 2009-07-14 01:24 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-05-21 17:35 - 2015-04-11 12:35 - 00001409 _____ () C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-05-21 17:35 - 2015-04-11 12:35 - 00001403 _____ () C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-21 17:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-21 17:33 - 2015-04-11 13:01 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2015-05-21 10:01 - 2015-04-11 13:04 - 00109968 _____ () C:\Users\Aca\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-21 10:00 - 2009-07-14 06:45 - 00412432 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-20 21:02 - 2015-04-11 13:07 - 00000000 ____D () C:\Users\Aca\AppData\Local\Deployment
2015-05-18 14:14 - 2015-04-11 13:08 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-18 14:14 - 2015-04-11 13:08 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-18 14:14 - 2015-04-11 13:08 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-14 20:14 - 2015-04-11 13:08 - 00002143 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-14 14:13 - 2015-04-13 15:46 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-09 08:13 - 2015-04-12 09:27 - 00141132 _____ () C:\Windows\PFRO.log
2015-05-06 07:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-05-05 20:06 - 2015-04-12 09:53 - 00001787 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2015-05-05 14:55 - 2015-04-11 12:57 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-04 22:08 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2015-05-03 14:25 - 2015-04-12 09:58 - 00000902 _____ () C:\Users\Public\Desktop\Pro Evolution Soccer 2015.lnk
2015-04-29 21:42 - 2015-04-18 10:35 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-04-29 20:15 - 2015-04-18 10:44 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-29 20:15 - 2015-04-18 10:44 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-29 17:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

==================== Files in the root of some directories =======

2015-04-29 16:40 - 2015-04-29 16:41 - 0032768 _____ () C:\Users\Aca\AppData\Roaming\fin.zup
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Aca\AppData\Roaming\JywkMSnAYx
2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Aca\AppData\Roaming\JywkMSnAYx.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Aca\AppData\Roaming\NKYMjm0xLnQ
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Aca\AppData\Roaming\NKYMjm0xLnQ.exe
2015-04-27 21:00 - 2015-04-27 21:00 - 0000016 _____ () C:\ProgramData\mntemp
2015-04-27 21:00 - 2015-04-27 21:00 - 0004099 _____ () C:\ProgramData\mtbjfghn.xbe

Some files in TEMP:
====================
C:\Users\Aca\AppData\Local\Temp\devcon64.exe
C:\Users\Aca\AppData\Local\Temp\KMPAddedCode_KMP_adpageopen_Step1.exe
C:\Users\Aca\AppData\Local\Temp\ochelper.exe
C:\Users\Aca\AppData\Local\Temp\Offercast2910_NDV_.exe
C:\Users\Aca\AppData\Local\Temp\oo2.exe
C:\Users\Aca\AppData\Local\Temp\ose00000.exe
C:\Users\Aca\AppData\Local\Temp\tu17p84.exe
C:\Users\Aca\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

Dopuna: 22 Maj 2015 22:05

Izvinjavam se na duplom postu, posle drugog skeniranja sam mi je napravio Adition fajl. Evo ga

mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Pozdrav,

Preporuka da deinstaliras YTDownloader jer je taj program AV/AM programima poznat kao ' PUP.Startup.Goobzo.M';
http://www.herdprotect.com/ytdownloader.exe-f34199.....71d80.aspx

Imas na internetu brdo online sajtova koji ti rade isti posao dok ovaj trosi resurse racunara.





Poceo sam da pisem script za FRST, ali to bi bila ogromna skripta, hajde da si olaksamo posao. Razz






Arrow Prvo iz Control Panel > Programs and Features moras da deinstlairas (pokusaj) sledece programe:

- bestadblocker
- CinemaPlus-3.2cV17.05
- Ge-Force
- globalupdate Helper
- MagnumStable
- Page Refresh
- Popcorn Time
- PriceMinus
- Sense
- Shopper-Pro


Ako nesto od ovoga odbija deinstalaciju, preskoci program i kreni na sledeci;






Arrow Potom ...









Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop.

Raspakuj arhivu u neki folder (uputstvo), a zatim:

zatvori browser i ostale pokrenute programe;
privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ;
dvoklikom pokreni zoek na ikonicu programa ;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:

QuickScan;
Uninstall-List;
ipconfig /flushdns >> %temp%\log.txt;b
bitsadmin /reset /allusers >> %temp%\log.txt;b
EmptyFoldersCheck;Delete
EmptyCLSID;
ResetHosts;
ResetIEProxy;
AutoClean;
Reboot;


Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadrzaj tog loga u poruku.

offline
  • Student by day. Hacker by night
  • Pridružio: 11 Maj 2014
  • Poruke: 189
  • Gde živiš: 192.168.0.1

Druže, taj YTdownloader nema ga u control panelu, videcu da ga nadem ovako kao folder i tako jedino obrišem pošto ga ovamo nema. Sledece programe nece da mi obriše:
CinemaPlus-3.2cV17.05 / Ge-Force / globalupdate Helper (ni njega nema u control panel) / MagnumStable / Sense / Shopper Pro.
Isto mi je jedan od skeniranja obrisao PES 2015 imao sam ga, i sad primetim ikonica drugacije, kad pogledam on obrisan, da li je to program uradio ili virus?

Evo ga izveštaj:


[edit by magna86: uklonjen zoek izvestaj]

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Molim te ne pokreci alate vise puta. Ovaj log mi ne govori ono sto meni treba, postavi mi originalni log:

C:\zoek-results2015-05-23-072820.log

A vezano za YTdownloader, ja ga mogu ciljati ako hoces da ga uklonis:

offline
  • Student by day. Hacker by night
  • Pridružio: 11 Maj 2014
  • Poruke: 189
  • Gde živiš: 192.168.0.1

Ok, reci mi za YT.
A evo ti i logo taj sto si rekao

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Aca on Sat 05/23/2015 at 8:57:19.81.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Aca\Downloads\zoek.exe [Scan all users] [Quick Scan] [Auto Clean]

==== System Restore Info ======================

5/23/2015 8:58:20 AM Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\LinkProc deleted successfully
C:\Users\Aca\AppData\Local\Adobe deleted successfully
C:\Users\Aca\AppData\Local\Unity deleted successfully
C:\Users\Aca\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-776529118-1432443362-4020625924-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdate deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdate deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdatem deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdatem deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPDRIVER_1.42.1.1870 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SPDRIVER_1.42.1.1870 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util Air Globe deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util Air Globe deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util Air Globe deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util Air Globe deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Air Globe deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update Air Globe deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update Air Globe deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update Air Globe deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default

user.js not found
---- Lines aTTSD90021300PYDKGV101145942com70881 removed from prefs.js ----
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.InstallationThankYouPage", true);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.InstallationTime", 1432222581);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.TTSD90021300@PYDKGV101145942.comaTTSD90021300PYDKGV101145942com70881_dbWasSet", true)
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.TTSD90021300@PYDKGV101145942.comaTTSD90021300PYDKGV101145942com70881_dbWasSet_FF25_FI
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.TTSD90021300@PYDKGV101145942.comasyncdb_dbWasSet", true);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.TTSD90021300@PYDKGV101145942.comasyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.TTSD90021300@PYDKGV101145942.comasyncinternaldb_dbWasSet", true);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.TTSD90021300@PYDKGV101145942.comasyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.active", true);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.addressbar", "NA");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.addressbarenhanced", "");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.asyncdb.was_copied", "true");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.asyncinternaldb.was_copied", "true");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.backgroundver", 4);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.certdomaininstaller", "");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.changeprevious", false);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Central Euro
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.cookie.InstallationTime.value", "%221432222581%22");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Central Europ
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22001729%22%2C%22sub_id%22%3A%2
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.description", "Ge-Force");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.domain", "");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.enablesearch", false);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.homepage", "");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.iframe", false);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Cent
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%2267dd118c8d270690
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Central E
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22001729%22%2C%22sub_id%22%
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Cent
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22001729%22%2C%22sub_i
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%2267dd118
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Central
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_appVer.value", "50");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Cen
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Central Eu
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_meta.value", "%7B%22handlebars.js%22%3A%7B%22id%22%3A1002241%2C%
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_nextCheck.expiration", "Fri May 22 2015 21:49:03 GMT+0200 (Centr
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Central E
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002241.expiration", "Thu Aug 20 2015 15:49:02 GMT+0200
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002242.expiration", "Thu Aug 20 2015 15:49:02 GMT+0200
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002243.expiration", "Thu Aug 20 2015 15:49:02 GMT+0200
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002244.expiration", "Thu Aug 20 2015 15:49:02 GMT+0200
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002245.expiration", "Thu Aug 20 2015 15:49:02 GMT+0200
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002246.expiration", "Thu Aug 20 2015 15:49:02 GMT+0200
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002246.value", "%22//Javascript%20Helper%20Functions%5
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002247.expiration", "Thu Aug 20 2015 15:49:02 GMT+0200
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002248.expiration", "Thu Aug 20 2015 15:49:02 GMT+0200
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002249.expiration", "Thu Aug 20 2015 15:49:02 GMT+0200
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002250.expiration", "Thu Aug 20 2015 15:49:02 GMT+0200
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002250.value", "%22function%20startAskCom%28e%2Ct%2Cr%
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Centr
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.__defualt_browser__.value", "%22ie%22");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb._installer_additional_info.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb._installer_additional_info.value", "%7B%22asw%22%3A%5B2%2C-2134900731%2C53
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Central Europe
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb 01 2030 00:00:00 GMT
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%2
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri Feb 01 2030 00:00:00
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.monetization_plugin_bundledWithHash.value", "null");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri Feb 01 2030 00:00:00
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.monetization_plugin_regBundledWithSoftware.expiration", "Fri Feb 01 2030 0
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.monetization_plugin_regBundledWithSoftware.value", "%7B%7D");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.reporting_user_key_index.expiration", "Mon May 19 2025 15:49:02 GMT+0200 (
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.reporting_user_key_index.value", "867");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.lastDailyReport", "1432302542510");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.lastUpdate", "1432302542399");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.manifesturl", "");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.name", "Ge-Force");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.newtab", "");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.opensearch", "");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.pluginsurl", "http://js.devopenrack.com/plugin/apps/70881/plugins/na/ff/plugins.json"
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.pluginsversion", 43);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.publisher", "Webar");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.searchstatus", 0);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.setnewtab", false);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.thankyou", "");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.updateinterval", 360);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.ver", 50);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.apps", "70881");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.bic", "14d7be25071a48a081a053cafc364cb4");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.cid", 70881);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.firstrun", false);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.hadappinstalled", true);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.installationdate", 1432302539);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.installerAdditionalInfo", "{\"asw\":[2, -2134900731, 536870912, 2304],\"browser_name\":\"ff
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.modetype", "production");
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.reportInstall", true);
user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.statsDailyCounter", 1);
---- FireFox user.js and prefs.js backups ----

prefs_20150523_0917_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe"

==== Deleting Files \ Folders ======================

C:\PROGRA~2\LinkProc not found
C:\PROGRA~2\bestadblocker deleted
C:\PROGRA~2\Page Refresh deleted
C:\PROGRA~2\PriceMinus deleted
C:\PROGRA~3\lmnlmbmkifpfcegplkadooegcncppadp deleted
C:\windows\SysNative\Tasks\Bidaily Synchronize Task[pr] deleted
C:\Program Files (x86)\AMD AVT\21abca2e-f826-4db3-8ea7-bc5b1e37f464.dll deleted
C:\Program Files (x86)\AMD AVT\a611c9d9-fd97-45be-82c1-d0c0d606dee6.dll deleted
C:\Program Files (x86)\a93cb3dd-86d0-4f0d-a8fa-49e8212a3801\cc060bb3-e78a-4665-94d4-c8dfd773de0d.dll deleted
C:\Program Files (x86)\a93cb3dd-86d0-4f0d-a8fa-49e8212a3801\0944b1df-4a54-4148-adbb-84a600a379c5.dll deleted
C:\Program Files (x86)\a93cb3dd-86d0-4f0d-a8fa-49e8212a3801\6e68336c-984d-43c9-b486-626c9a8637ee.dll deleted
C:\Program Files (x86)\a93cb3dd-86d0-4f0d-a8fa-49e8212a3801\a93cb3dd-86d0-4f0d-a8fa-49e8212a3801.dll deleted
C:\PROGRA~3\{ed5d3532-d489-c11d-ed5d-d3532d48d4cb} deleted
C:\PROGRA~3\2016993445233601173 deleted
C:\PROGRA~2\Pro Evolution Soccer 2015 deleted
C:\PROGRA~2\ShopperPro deleted
C:\PROGRA~2\0944b1df-4a54-4148-adbb-84a600a379c5 deleted
C:\PROGRA~2\a611c9d9-fd97-45be-82c1-d0c0d606dee6 deleted
C:\PROGRA~2\a93cb3dd-86d0-4f0d-a8fa-49e8212a3801 deleted
C:\Program Files\Reimage deleted
C:\Program Files\Common Files\System\SysMenu.dll deleted
C:\Program Files\Common Files\System\SysMenu64.dll deleted
C:\Users\Aca\AppData\Roaming\istartsurf deleted
C:\PROGRA~3\ShopperPro deleted
C:\PROGRA~3\WindowsMangerProtect deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Aca\AppData\Local\globalUpdate deleted
C:\Users\Aca\AppData\Local\CrashRpt deleted
C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-1-6.job deleted
C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-1-7.job deleted
C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-10_user.job deleted
C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-3.job deleted
C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-4.job deleted
C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-5.job deleted
C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-5_user.job deleted
C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-6.job deleted
C:\Windows\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-7.job deleted
C:\Windows\Tasks\aaf348f2-aa07-44df-9237-4f2010637ed5-1-6.job deleted
C:\Windows\Tasks\aaf348f2-aa07-44df-9237-4f2010637ed5-10_user.job deleted
C:\Windows\Tasks\ee0c153f-4ef0-4da5-8166-0eca361bad35-1-6.job deleted
C:\Windows\Tasks\ee0c153f-4ef0-4da5-8166-0eca361bad35-6.job deleted
C:\windows\SysNative\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-1-6 deleted
C:\windows\SysNative\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-1-7 deleted
C:\windows\SysNative\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-10_user deleted
C:\windows\SysNative\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-3 deleted
C:\windows\SysNative\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-4 deleted
C:\windows\SysNative\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-5 deleted
C:\windows\SysNative\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-5_user deleted
C:\windows\SysNative\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-6 deleted
C:\windows\SysNative\Tasks\93b9f6ba-5d50-405f-8bd0-af021fba85c5-7 deleted
C:\windows\SysNative\Tasks\aaf348f2-aa07-44df-9237-4f2010637ed5-1-6 deleted
C:\windows\SysNative\Tasks\aaf348f2-aa07-44df-9237-4f2010637ed5-10_user deleted
C:\windows\SysNative\Tasks\ee0c153f-4ef0-4da5-8166-0eca361bad35-1-6 deleted
C:\windows\SysNative\Tasks\ee0c153f-4ef0-4da5-8166-0eca361bad35-6 deleted
C:\Users\Public\Documents\ShopperPro deleted
C:\Windows\Reimage.ini deleted
C:\windows\SysNative\tasks\ShopperPro deleted
C:\windows\SysNative\tasks\ShopperProJSUpd deleted
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job deleted
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job deleted
C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineCore deleted
C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineUA deleted
C:\windows\SysNative\drivers\{2eb930fb-5d92-450f-a5ff-14c391caa31b}Gw64.sys deleted
C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\searchplugins\WebSearch.xml deleted
C:\Users\Aca\AppData\Roaming\JywkMSnAYx.exe deleted
C:\Users\Aca\AppData\Roaming\NKYMjm0xLnQ.exe deleted
C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com deleted
C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\e9d197d59f2f45f382b1aa5c14d82@8706aaed9b904554b5cb7984e9.com deleted
C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\gz@FZ9g6sDG.net deleted
C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\tksMNLe@Tkh.net deleted
C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\TTSD90021300@PYDKGV101145942.com deleted
"C:\Users\Aca\AppData\Roaming\JywkMSnAYx" deleted
"C:\Windows\tasks\JywkMSnAYx.job" deleted
"C:\Windows\SysNative\tasks\JywkMSnAYx" deleted
"C:\Users\Aca\AppData\Roaming\NKYMjm0xLnQ" deleted
"C:\Windows\tasks\NKYMjm0xLnQ.job" deleted
"C:\Windows\SysNative\tasks\NKYMjm0xLnQ" deleted
"C:\ProgramData\mntemp" deleted
"C:\PROGRA~2\Air Globe\updateAirGlobe.exe" deleted
"C:\PROGRA~2\Air Globe\bin\2eb930fb5d92450fa5ff14c391caa31b64.dll" deleted
"C:\PROGRA~2\Air Globe\bin\AirGlobe.BrowserAdapter64.exe" deleted
"C:\PROGRA~2\Air Globe\bin\AirGlobe.expext.exe" deleted
"C:\PROGRA~2\Air Globe\bin\AirGlobe.expextdll.dll" deleted
"C:\PROGRA~2\Air Globe\bin\AirGlobe.PurBrowse64.exe" deleted
"C:\PROGRA~2\Air Globe\bin\utilAirGlobe.exe" deleted
"C:\PROGRA~2\globalUpdate" deleted
"C:\PROGRA~2\Air Globe" not deleted
"C:\PROGRA~2\Air Globe\bin" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-05-02 10:26:54 2169B4B1EFAA3453A4DA732F1F94C1E1 43112 ----a-w- C:\Windows\avastSS.scr
====== C:\Users\Aca\AppData\Local\Temp ====
2015-05-23 06:50:21 26219D66A93764A3E3E972CCF717FD55 1480784 ----a-w- C:\Users\Aca\AppData\Local\Temp\9413.exe
2015-05-23 06:43:30 8AE1D9232F12B20487A498586A170ADE 295912 ----a-w- C:\Users\Aca\AppData\Local\Temp\ReiSysUpdate.exe
2015-05-23 06:43:08 1CBA0074E31C591E9079C9827400B0C3 13370912 ----a-w- C:\Users\Aca\AppData\Local\Temp\ReimagePackage.exe
2015-05-23 06:42:56 D729E0726F77304B299085AFBA059B5F 768512 ----a-w- C:\Users\Aca\AppData\Local\Temp\814323631730\Setup_product_26943.exe
2015-05-23 06:38:48 26219D66A93764A3E3E972CCF717FD55 1480784 ----a-w- C:\Users\Aca\AppData\Local\Temp\7150.exe
2015-05-21 15:39:30 C51781996821EEA076B66BB2D6381AEF 2767872 ----a-w- C:\Users\Aca\AppData\Local\Temp\8080\temp\MagnumStable.xyz.exe
2015-05-21 15:36:35 B38B1A334F5D0C18F9788450D1AFC9A3 220672 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\npglobalupdateUpdate4.dll
2015-05-21 15:36:35 A9ECA902185F41CF0FDEF207705B8C8C 155648 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\psuser.dll
2015-05-21 15:36:35 8DF6560ADF608ECDCE5CAF299062A135 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\globalupdateOnDemand.exe
2015-05-21 15:36:35 613B73392333921CB5D6455F28BBB77C 155648 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\psmachine.dll
2015-05-21 15:36:35 2419F5578D48A86B42FA40031C6387FB 761856 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\goopdate.dll
2015-05-21 15:36:34 F3E0BCAC0A50EA3B7571407A7DA325C7 32768 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\globalupdateHelper.msi
2015-05-21 15:36:34 6419BCBF0B2569AACF4023942EADFCB8 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\globalupdateBroker.exe
2015-05-21 15:36:34 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\globalupdateCrashHandler.exe
2015-05-21 15:36:34 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\globalupdate.exe
2015-05-21 15:36:28 F3E0BCAC0A50EA3B7571407A7DA325C7 32768 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\globalupdateHelper.msi
2015-05-21 15:36:28 B38B1A334F5D0C18F9788450D1AFC9A3 220672 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\npglobalupdateUpdate4.dll
2015-05-21 15:36:28 A9ECA902185F41CF0FDEF207705B8C8C 155648 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\psuser.dll
2015-05-21 15:36:28 8DF6560ADF608ECDCE5CAF299062A135 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\globalupdateOnDemand.exe
2015-05-21 15:36:28 6419BCBF0B2569AACF4023942EADFCB8 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\globalupdateBroker.exe
2015-05-21 15:36:28 613B73392333921CB5D6455F28BBB77C 155648 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\psmachine.dll
2015-05-21 15:36:28 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\globalupdateCrashHandler.exe
2015-05-21 15:36:28 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\globalupdate.exe
2015-05-21 15:36:28 2419F5578D48A86B42FA40031C6387FB 761856 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\goopdate.dll
2015-05-21 15:36:08 A3D710BE299503835B0631FA8AD355C0 222392 ----a-w- C:\Users\Aca\AppData\Local\Temp\tu17p84.exe
2015-05-21 15:34:32 F0C6EDC8CE0F4AA8EB37B1A5A824E82A 10413819 ----a-w- C:\Users\Aca\AppData\Local\Temp\Install_20553\ins_geforce.exe
2015-05-21 15:34:32 E9E472DFE0C45BAAC1E6AA681B847859 10145901 ----a-w- C:\Users\Aca\AppData\Local\Temp\Install_20553\ins_sense.exe
2015-05-21 15:34:32 B139051E9E25487A0C2F79C721B8C7AE 2728496 ----a-w- C:\Users\Aca\AppData\Local\Temp\Install_20553\ins_shopperpro.exe
2015-05-21 15:34:32 05C47DA12B0009BD98653F51287F7768 942080 ----a-w- C:\Users\Aca\AppData\Local\Temp\Install_20553\bxsdk32.dll
2015-05-21 15:32:57 F4474EE9CF0F246F068A720A3A9807F3 220672 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\npglobalupdateUpdate4.dll
2015-05-21 15:32:57 F3E0BCAC0A50EA3B7571407A7DA325C7 32768 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\globalupdateHelper.msi
2015-05-21 15:32:57 E4D152690272A4D782B66024DBE95111 761856 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\goopdate.dll
2015-05-21 15:32:57 A9ECA902185F41CF0FDEF207705B8C8C 155648 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\psuser.dll
2015-05-21 15:32:57 8DF6560ADF608ECDCE5CAF299062A135 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\globalupdateOnDemand.exe
2015-05-21 15:32:57 6419BCBF0B2569AACF4023942EADFCB8 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\globalupdateBroker.exe
2015-05-21 15:32:57 613B73392333921CB5D6455F28BBB77C 155648 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\psmachine.dll
2015-05-21 15:32:57 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\globalupdateCrashHandler.exe
2015-05-21 15:32:57 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\globalupdate.exe
2015-05-21 15:30:16 527166843EC470B76BCD3295CCF0DCDD 671328 ----a-w- C:\Users\Aca\AppData\Local\Temp\81432222187\0PlJATVNQ1.exe
2015-05-21 15:30:16 3AD28E4FFB2028E1A22A5CAD10450559 1498477 ----a-w- C:\Users\Aca\AppData\Local\Temp\81432222187\1PlJATVNQ2.exe
2015-05-21 15:30:14 0ED54ED82C590CD4B04896FDAE84FCA8 465160 ----a-w- C:\Users\Aca\AppData\Local\Temp\81432222187\1PlJATVNQ3.exe
2015-05-21 15:29:50 10FFABC748D68C40B68F883058C9B932 50225 ----a-w- C:\Users\Aca\AppData\Local\Temp\81432222187\SUxATVNQ10700.exe
2015-05-21 15:29:46 8F629260F997770F000BCF2B486B2529 779776 ----a-w- C:\Users\Aca\AppData\Local\Temp\oo2.exe
2015-05-13 16:19:44 6899AEFC5E2B0EF5F91E6C035D8CD67F 7853600 ----a-w- C:\Users\Aca\AppData\Local\Temp\TeamViewer\TeamViewer_.exe
====== Java Cache =====
2015-05-19 15:50:11 796C89691FB6514E81150A70952A4FBC 96 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\444c6d80-98b059c3a138ca1f7f5b8f775c492e65418907c67e1b18495e2d34b6e2c7069c-6.0.lap
2015-04-29 19:54:19 5F30A3D059CC5FB54F8CDF1CD75ADBC5 19380 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\3992a34d-4e309a8e
2015-04-29 19:55:20 29FB357A1BA7C14D51CFD75C47C886C0 96 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\4efa752-d993c3c34f18aad88c4ca711686ec1c07412528798273d70aa456eeddf9fd6ce-6.0.lap
2015-04-29 19:54:48 B655967AB8192B49DB5A45CE26E99C7C 19601 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\62035692-766bce34
2015-04-29 19:55:55 8487CFFBE12DE0D4EB8CE5DE8B028E54 96 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\5be93d95-fc8450d81039c7db0bd7884f64b32daf7b3750ac9d0db87ca020e9797f87486c-6.0.lap
2015-04-29 19:56:04 B655967AB8192B49DB5A45CE26E99C7C 19601 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\1ff8c757-2194a85b
2015-05-17 18:17:27 ACE3F568D3BA51DF2906CB1A6B41408B 96 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\6f979019-b86206314f6c9379e8fee7d63614e90b84b46fd79913cdc372aa4ec9eb8a4879-6.0.lap
2015-04-29 19:54:18 E45583950C5C8B0800FCBF93BFBB95D7 96 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\7da87e59-aaa97f849247b14f3423845966abecb5e55c215dfbd41d8218f9cccd69e15b6b-6.0.lap
2015-04-29 19:55:12 550D98C3FED4E15451FD8D5C43E0FD65 17193 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\11334e1b-434d5276
2015-05-09 06:16:09 495A57D7DF5F3C783BB541B71A78AEBC 38 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\2730649c-7ffd7c960c7188b002a808fba2293bf6397b42e216006e3aac4ded434e745b7f-6.0.lap
2015-05-11 10:23:57 65EE81464A674638B01DE797F5ACE024 38 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\447bc543-921736f1357df8abe878d733ee64bb7cb1f7c54be2c41aaf496e99b480aa0075-6.0.lap
2015-05-12 19:24:06 023B0595CFD02BF965F4FDC82AF9DE68 38 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\66ff3c9e-ed31fe3a7a1ddc54896330bc16eb76d5358edfdced8f3b479a76a3eb438fe9d3-6.0.lap
2015-04-29 19:55:55 5F30A3D059CC5FB54F8CDF1CD75ADBC5 19380 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\967ae0-27c12e2c
2015-04-29 19:55:20 C3802409E4D9DBEC82330569A7BA6F2F 19616 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\4f2339a6-682d1379
2015-05-11 10:23:57 65EE81464A674638B01DE797F5ACE024 38 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\28e5382a-c1729b09133d440f2712863944e81b302239b6752746b2ae134b1c64d760838c-6.0.lap
2015-04-29 19:54:22 8CFB9078197A299A5B56A9D16A2AA88D 96 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\570ecd2d-afe1c441b6298ab13afceb3feed86524fba1393fc338c71e7195f5ad892f35d0-6.0.lap
2015-05-21 10:42:11 2AF53B036287965B76C3E45929E9E2D9 96 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\7838106f-4418c739ba3a0c6f5e8cea289d479941b0119b52b2bdb78a759698511d15a903-6.0.lap
2015-05-13 10:50:13 D7F889AD6ED9575E398BC0AC609E55CC 38 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\3948d6f2-67d70851110a825e9f1a923f3a3364656ec800739a13159f234c613b393839b6-6.0.lap
2015-04-29 19:53:38 6329B1025A0040EB3B27A702F641B9F5 38 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\5a52e135-825960373fcaf6194bc1d8d7899b216baf05e2c3f9e9cfd5259f47f2e67f5e43-6.0.lap
2015-05-21 10:42:11 2AF53B036287965B76C3E45929E9E2D9 96 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\4fd40ef6-3e2310308bc654f7ca9df167d54d0e45c0569b492f079fd5fd4f1322e59f8942-6.0.lap
2015-05-16 18:19:37 9BB2DA866E87BDE07F3C4CA077580D58 96 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\4a5ec27d-7900e453d980f9a2d4ea15f24119abd18df031d1ec76836fae55faa8ba96d133-6.0.lap
2015-05-12 19:48:42 B655967AB8192B49DB5A45CE26E99C7C 19601 ----a-w- C:\Users\Aca\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\60c66548-7e4edb3c
====== C:\Windows\SysWOW64 =====
2015-05-21 15:32:57 26408BA8E6A688D45A0F5978462B8441 4 ----a-w- C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2015-05-02 10:26:58 B5B4C90E9F52DA8586F1E5461AD90A5D 29168 ----a-w- C:\Windows\Sysnative\drivers\aswHwid.sys
2015-05-02 10:26:58 B1368BE5F6BA529E0886F4DA2361BD2D 442264 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys
2015-05-02 10:26:58 91782404718C6352C26B3242BAC3F0F1 272248 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys
2015-05-02 10:26:58 6E53278ECCFFBC2ACC2A5006745ED4BB 137288 ----a-w- C:\Windows\Sysnative\drivers\aswStm.sys
2015-05-02 10:26:58 6D37D8DB30D086739507C5F6E542656A 93528 ----a-w- C:\Windows\Sysnative\drivers\aswRdr2.sys
2015-05-02 10:26:58 3B4AC2DBFC86F7247C1FF1FAF2860530 1047320 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys
2015-05-02 10:26:58 300CB8E510855189CAD0B72FFB5590CB 89944 ----a-w- C:\Windows\Sysnative\drivers\aswMonFlt.sys
2015-05-02 10:26:58 07E32DFCA422A2920482D762D01957EC 65736 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys
2015-05-02 10:24:35 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
2015-05-02 10:24:27 0E9AD2D3784A0996A5131512939C09C0 1490656 ----a-w- C:\Windows\Sysnative\drivers\WdfCoInstaller01007.dll
2015-04-27 19:01:21 A2844D704DB69FC92F5FA8AE9E3316A4 43720 ----a-w- C:\Windows\Sysnative\drivers\amd_xata.sys
2015-04-27 19:01:21 2834CC82613CEA492261885D1CAA25A0 83656 ----a-w- C:\Windows\Sysnative\drivers\amd_sata.sys
====== C:\Windows\Tasks ======
2015-05-21 15:38:16 AA42C8D3BCB8C012E20E78BFB7BE9D89 414 ----a-w- C:\Windows\Tasks\Bidaily Synchronize Task[pr].job
2015-05-02 10:27:15 D97CB9E920C127A2CEA7B1238F28AB42 4182 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update
2015-04-27 19:00:06 1F00D0F78E8A0FA9115DDEE33467512E 2772 ----a-w- C:\Windows\Sysnative\Tasks\CarambisDriverUpdaterUACDisablingTask
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-05-05 12:58:01 -------- d-----w- C:\Program Files\HP
2015-05-05 12:55:22 -------- d-----w- C:\Program Files\Nitro
2015-05-05 12:55:22 -------- d-----w- C:\Program Files\Common Files\Nitro
2015-04-29 10:28:16 -------- d-----w- C:\Program Files\Microsoft Dynamics NAV
2015-04-29 10:20:36 -------- d-----w- C:\Program Files\Microsoft
2015-04-29 10:20:27 -------- d-----w- C:\Program Files\Microsoft SQL Server
======= C:\PROGRA~2 =====
2015-05-23 06:40:21 -------- d-----w- C:\PROGRA~2\Air Globe
2015-05-21 15:36:27 -------- d-----w- C:\PROGRA~2\Sense
2015-05-21 15:36:27 -------- d-----w- C:\PROGRA~2\Ge-Force
2015-05-21 15:33:42 -------- d-----w- C:\PROGRA~2\Opera
2015-05-21 15:32:54 -------- d-----w- C:\PROGRA~2\CinemaPlus-3.2cV17.05
2015-05-21 15:29:41 -------- d-----w- C:\PROGRA~2\RemoveWAT
2015-05-20 18:42:14 -------- d-----w- C:\PROGRA~2\TeamViewer
2015-05-16 12:55:18 -------- d-----w- C:\PROGRA~2\SystemRequirementsLab
2015-05-09 20:28:05 -------- d-----w- C:\PROGRA~2\Notepad++
2015-05-05 12:55:23 -------- d-----w- C:\PROGRA~2\Nitro
2015-05-05 12:55:23 -------- d-----w- C:\PROGRA~2\COMMON~1\Nitro
2015-05-05 12:52:23 -------- d-----w- C:\PROGRA~2\Hp
2015-05-05 12:52:23 -------- d-----w- C:\PROGRA~2\Hewlett-Packard
2015-05-04 20:10:07 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER
2015-05-02 10:39:23 -------- d-----w- C:\PROGRA~2\Mobile Partner
2015-04-29 19:51:48 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
2015-04-29 18:09:40 -------- d-----w- C:\PROGRA~2\Ashampoo
2015-04-29 10:24:53 -------- d-----w- C:\PROGRA~2\Microsoft Dynamics NAV
2015-04-29 10:20:35 -------- d-----w- C:\PROGRA~2\Open XML SDK
2015-04-29 10:20:27 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server
2015-04-29 10:20:08 -------- d-----w- C:\PROGRA~2\Microsoft Chart Controls
2015-04-29 10:16:21 -------- d-----w- C:\PROGRA~2\COMMON~1\Microsoft Dynamics NAV
2015-04-27 19:00:07 -------- d-----w- C:\PROGRA~2\Carambis
======= C: =====
====== C:\Users\Aca\AppData\Roaming ======
2015-05-22 14:41:51 -------- d-----w- C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2015-05-21 15:35:13 -------- d-----w- C:\Users\Aca\AppData\Local\BrowserHelper
2015-05-21 15:34:27 -------- d-----w- C:\Users\Aca\AppData\Roaming\Opera Software
2015-05-21 15:34:27 -------- d-----w- C:\Users\Aca\AppData\Local\Opera Software
2015-05-20 18:42:19 -------- d-----w- C:\Users\Aca\AppData\Roaming\TeamViewer
2015-05-10 19:37:06 -------- d-----w- C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HLDS
2015-05-10 19:37:06 -------- d-----w- C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life
2015-05-09 20:28:07 -------- d-----w- C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-05-09 20:28:05 -------- d-----w- C:\Users\Aca\AppData\Roaming\Notepad++
2015-05-08 12:26:24 -------- d-----w- C:\Users\Aca\AppData\Roaming\Unity
2015-05-06 15:50:13 -------- d-----w- C:\Users\Aca\AppData\Locallow\Unity
2015-05-05 12:57:44 -------- d-----w- C:\Users\Aca\AppData\Roaming\HP
2015-05-05 12:57:33 -------- d-----w- C:\Users\Aca\AppData\Roaming\Nitro
2015-05-05 12:55:18 -------- d-----w- C:\Users\Aca\AppData\Roaming\Downloaded Installations
2015-05-04 20:07:27 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help
2015-05-04 20:07:27 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help
2015-05-04 16:21:48 -------- d-----w- C:\Users\Aca\AppData\Roaming\Wargaming.net
2015-05-02 10:41:10 -------- d-----w- C:\Users\Aca\AppData\Roaming\Microsoft Dynamics NAV
2015-05-02 10:41:09 -------- d-----w- C:\Users\Aca\AppData\Local\IsolatedStorage
2015-04-29 18:18:16 -------- d-----w- C:\Users\Aca\AppData\Roaming\Adobe
2015-04-29 18:09:58 -------- d-----w- C:\Users\Aca\AppData\Roaming\Ashampoo
2015-04-29 18:09:51 -------- d-----w- C:\Users\Aca\AppData\Local\ashampoo
2015-04-29 14:40:18 B3E63F93F10AD521AF5944096475580E 32768 ----a-w- C:\Users\Aca\AppData\Roaming\fin.zup
2015-04-28 12:00:03 -------- d-----w- C:\Users\Aca\AppData\Local\ElevatedDiagnostics
2015-04-27 19:00:19 -------- d-----w- C:\Users\Aca\AppData\Roaming\Carambis
2015-04-24 13:35:48 -------- d-----w- C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
====== C:\Users\Aca ======
2015-05-23 06:41:57 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Favorites
2015-05-23 06:41:57 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Favorites
2015-05-09 20:28:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-05-05 12:59:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-05-05 12:55:22 -------- d-----w- C:\ProgramData\Nitro
2015-05-02 10:50:40 -------- d-----w- C:\ProgramData\Telenor Internet
2015-05-02 10:24:46 -------- d-----w- C:\ProgramData\mts mobilni internet
2015-05-02 10:23:46 -------- d-----w- C:\ProgramData\DatacardService
2015-04-29 19:51:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-29 18:09:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2015-04-29 18:09:41 -------- d-----w- C:\ProgramData\Ashampoo
2015-04-29 10:20:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012 Report Builder 3.0
2015-04-27 19:00:30 921ABCB0FC1B50AAD66DAF14BD60F192 4099 ----a-w- C:\ProgramData\mtbjfghn.xbe
2015-04-27 19:00:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carambis

====== C: exe-files ==
2015-05-23 07:21:10 D8CC116722F12ED45BA35CFB9DBE5BFC 126192 ----a-w- C:\Program Files (x86)\Air Globe\bin\AirGlobe.BrowserAdapter64.exe
2015-05-23 07:21:10 9FF702247FD67D2045503A88DF7C826D 108272 ----a-w- C:\Program Files (x86)\Air Globe\bin\AirGlobe.BrowserAdapter.exe
2015-05-23 06:50:24 9E1B112043743130DA7595268AE1ECA7 777240 ----a-w- C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3PA9AOFC\Reimage[1].exe
2015-05-23 06:50:21 26219D66A93764A3E3E972CCF717FD55 1480784 ----a-w- C:\Users\Aca\AppData\Local\Temp\9413.exe
2015-05-23 06:43:46 E7C49F8D3A6F959323A998A2B2EF4286 16507936 ----a-w- C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\60A6FCJN\ProtectorPackage2007x64d[1].exe
2015-05-23 06:43:31 8AE1D9232F12B20487A498586A170ADE 295912 ----a-w- C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HM0MRNXP\ReiSysUpdate[1].exe
2015-05-23 06:43:30 8AE1D9232F12B20487A498586A170ADE 295912 ----a-w- C:\Users\Aca\AppData\Local\Temp\ReiSysUpdate.exe
2015-05-23 06:43:08 1CBA0074E31C591E9079C9827400B0C3 13370912 ----a-w- C:\Users\Aca\AppData\Local\Temp\ReimagePackage.exe
2015-05-23 06:43:08 1CBA0074E31C591E9079C9827400B0C3 13370912 ----a-w- C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\60A6FCJN\ReimagePackage1814x64a[1].exe
2015-05-23 06:43:04 D729E0726F77304B299085AFBA059B5F 768512 ----a-w- C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EOUGAQGS\ReimageRepair[1].exe
2015-05-23 06:42:56 D729E0726F77304B299085AFBA059B5F 768512 ----a-w- C:\Users\Aca\AppData\Local\Temp\814323631730\Setup_product_26943.exe
2015-05-23 06:41:52 33618ED2ADA9139A0158D2ADA7D552B7 101616 ----a-w- C:\Program Files (x86)\Air Globe\bin\AirGlobe.expext.exe
2015-05-23 06:38:48 26219D66A93764A3E3E972CCF717FD55 1480784 ----a-w- C:\Users\Aca\AppData\Local\Temp\7150.exe
2015-05-23 06:35:22 CCAF0DCB4BEF3FCD615E15B46B22F349 6714960 ----a-w- C:\Program Files (x86)\Google\Update\Install\{92926614-97F5-4E34-A686-5E1259FC26FB}\43.0.2357.65_42.0.2311.152_chrome_updater.exe
2015-05-23 06:35:21 CCAF0DCB4BEF3FCD615E15B46B22F349 6714960 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.65\43.0.2357.65_42.0.2311.152_chrome_updater.exe
2015-05-22 19:56:00 BF9DA49C0E1D900A54AB15BB8EAF9BCA 2108416 ----a-w- C:\Users\Aca\Desktop\FRST\FRST64.exe
2015-05-21 15:46:05 05E9265E2228799B68DC0F58A94E1AB8 249656 ----a-w- C:\Windows\System32\Wat\WatUX.exe
2015-05-21 15:46:04 3CEC96DE223E49EAAE3651FCF8FAEA6C 1255736 ----a-w- C:\Windows\System32\Wat\WatAdminSvc.exe
2015-05-21 15:39:30 C51781996821EEA076B66BB2D6381AEF 2767872 ----a-w- C:\Users\Aca\AppData\Local\Temp\8080\temp\MagnumStable.xyz.exe
2015-05-21 15:37:05 496F1F50743D73F4DF1BED1E657CF50E 1384960 ----a-w- C:\Program Files (x86)\Ge-Force\aaf348f2-aa07-44df-9237-4f2010637ed5-1-6.exe
2015-05-21 15:37:02 D47E6BE0121686C148D51C640F2CF509 1435136 ----a-w- C:\Program Files (x86)\Sense\ee0c153f-4ef0-4da5-8166-0eca361bad35-1-6.exe
2015-05-21 15:36:43 7C9ED76976A1DC59D400E749A4CDEF8B 1905664 ----a-w- C:\Program Files (x86)\Ge-Force\aaf348f2-aa07-44df-9237-4f2010637ed5-64.exe
2015-05-21 15:36:39 049D611173144AB4667846D27807CD8A 2088448 ----a-w- C:\Program Files (x86)\Sense\ee0c153f-4ef0-4da5-8166-0eca361bad35-64.exe
2015-05-21 15:36:39 03F4E4149EBF3DEE4778276D5B9FA176 1385984 ----a-w- C:\Program Files (x86)\Sense\ee0c153f-4ef0-4da5-8166-0eca361bad35-6.exe
2015-05-21 15:36:35 8DF6560ADF608ECDCE5CAF299062A135 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\globalupdateOnDemand.exe
2015-05-21 15:36:34 6419BCBF0B2569AACF4023942EADFCB8 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\globalupdateBroker.exe
2015-05-21 15:36:34 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\globalupdateCrashHandler.exe
2015-05-21 15:36:34 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.167613\globalupdate.exe
2015-05-21 15:36:30 084548808E8914945857790D70BC2899 1294848 ----a-w- C:\Program Files (x86)\Ge-Force\aaf348f2-aa07-44df-9237-4f2010637ed5-10.exe
2015-05-21 15:36:28 93537FAEDCE7E5743C412BA1DCB528B9 100864 ----a-w- C:\Program Files (x86)\Ge-Force\Uninstall.exe
2015-05-21 15:36:28 8DF6560ADF608ECDCE5CAF299062A135 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\globalupdateOnDemand.exe
2015-05-21 15:36:28 6419BCBF0B2569AACF4023942EADFCB8 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\globalupdateBroker.exe
2015-05-21 15:36:28 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\globalupdateCrashHandler.exe
2015-05-21 15:36:28 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.401263\globalupdate.exe
2015-05-21 15:36:27 35B8380D49901D16681138C02F172B28 1923719 ----a-w- C:\Program Files (x86)\Sense\utils.exe
2015-05-21 15:36:08 A3D710BE299503835B0631FA8AD355C0 222392 ----a-w- C:\Users\Aca\AppData\Local\Temp\tu17p84.exe
2015-05-21 15:34:32 F0C6EDC8CE0F4AA8EB37B1A5A824E82A 10413819 ----a-w- C:\Users\Aca\AppData\Local\Temp\Install_20553\ins_geforce.exe
2015-05-21 15:34:32 E9E472DFE0C45BAAC1E6AA681B847859 10145901 ----a-w- C:\Users\Aca\AppData\Local\Temp\Install_20553\ins_sense.exe
2015-05-21 15:34:32 B139051E9E25487A0C2F79C721B8C7AE 2728496 ----a-w- C:\Users\Aca\AppData\Local\Temp\Install_20553\ins_shopperpro.exe
2015-05-21 15:33:36 330B8E3E0A8C5EC1849DCAA04E0DAB42 1173584 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5-5.exe
2015-05-21 15:33:28 85D644E3D5FEBA5C1C45170A73F827CA 1357392 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5-1-6.exe
2015-05-21 15:33:28 281E6164501DA329BD1CD9B86A104B8D 1111632 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5-1-7.exe
2015-05-21 15:33:18 EBE7A1610B71F4BA6655D7804ED2B30C 1464400 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5-4.exe
2015-05-21 15:33:10 281E6164501DA329BD1CD9B86A104B8D 1111632 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5-7.exe
2015-05-21 15:33:10 23896584DE871714EE286A7385E349DF 1433680 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5-6.exe
2015-05-21 15:33:10 1259BC2C6228B3197A6A5CB4FF6762F0 1908304 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5-64.exe
2015-05-21 15:32:59 8AC2D948D8878C3124FD03CCF238D7A5 1301584 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5-3.exe
2015-05-21 15:32:57 8DF6560ADF608ECDCE5CAF299062A135 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\globalupdateOnDemand.exe
2015-05-21 15:32:57 6419BCBF0B2569AACF4023942EADFCB8 46080 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\globalupdateBroker.exe
2015-05-21 15:32:57 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\globalupdateCrashHandler.exe
2015-05-21 15:32:57 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Aca\AppData\Local\Temp\comh.22099\globalupdate.exe
2015-05-21 15:32:55 26219D66A93764A3E3E972CCF717FD55 1480784 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5-10.exe
2015-05-21 15:32:54 D9A3853FEFB0779ED9EFA843AFAB000D 1995734 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\utils.exe
2015-05-21 15:32:54 56D0A6A4D194B6A9EBCDC97F78B09461 120400 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\Uninstall.exe
2015-05-21 15:32:54 26219D66A93764A3E3E972CCF717FD55 1480784 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\UninstallBrw.exe
2015-05-21 15:30:16 527166843EC470B76BCD3295CCF0DCDD 671328 ----a-w- C:\Users\Aca\AppData\Local\Temp\81432222187\0PlJATVNQ1.exe
2015-05-21 15:30:16 3AD28E4FFB2028E1A22A5CAD10450559 1498477 ----a-w- C:\Users\Aca\AppData\Local\Temp\81432222187\1PlJATVNQ2.exe
2015-05-21 15:30:14 0ED54ED82C590CD4B04896FDAE84FCA8 465160 ----a-w- C:\Users\Aca\AppData\Local\Temp\81432222187\1PlJATVNQ3.exe
2015-05-21 15:29:50 10FFABC748D68C40B68F883058C9B932 50225 ----a-w- C:\Users\Aca\AppData\Local\Temp\81432222187\SUxATVNQ10700.exe
2015-05-21 15:29:46 8F629260F997770F000BCF2B486B2529 779776 ----a-w- C:\Users\Aca\AppData\Local\Temp\oo2.exe
2015-05-21 15:29:41 FC2990100B6C615016FDFBEB073757CE 106496 ----a-w- C:\Program Files (x86)\RemoveWAT\uninstall.exe
2015-05-20 18:42:15 FAB60D86E32C93DE04AE817C831AD415 5296400 ----a-w- C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
2015-05-20 18:42:15 EAA4DA799742740087871D62A77E0677 469656 ----a-w- C:\Program Files (x86)\TeamViewer\uninstall.exe
2015-05-20 18:42:15 D4EA2CEF5FC0C87E21E71709C4A73E53 263952 ----a-w- C:\Program Files (x86)\TeamViewer\tv_x64.exe
2015-05-20 18:42:15 CEB90659C8C8DE208D6841176EEE3FA3 5491984 ----a-w- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
2015-05-20 18:42:15 7606D7F432CE1C64AE661365E4D4D560 229136 ----a-w- C:\Program Files (x86)\TeamViewer\tv_w32.exe
2015-05-20 18:42:14 BC7E35B27516FE9C186BB7E711802AE8 17902864 ----a-w- C:\Program Files (x86)\TeamViewer\TeamViewer.exe
2015-05-18 12:14:15 F6EEE6848E933962E12E7B3F25C73C88 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateBroker.exe
2015-05-18 12:14:15 C990A8EAD57DA59FA8156CC02D3B7DA5 931408 ----a-w- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateSetup.exe
2015-05-18 12:14:15 6732C4A894855042FD3618406B6BBD48 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe
2015-05-18 12:14:15 0894890F30B5F6510DF953BC50B5504F 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateWebPlugin.exe
2015-05-18 12:14:11 BB3045B399D898061B926B447C446E05 127816 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateComRegisterShell64.exe
2015-05-18 12:14:11 8715A0D10CFFC8DEE923957F07DAA042 244040 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
2015-05-18 12:14:11 6509A96DAE25340772B51AC020CB1094 304968 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
2015-05-18 12:14:10 0C03FB91E17987EED93F60007B08DAA0 144200 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdate.exe
2015-05-18 12:14:09 C990A8EAD57DA59FA8156CC02D3B7DA5 931408 ----a-w- C:\Program Files (x86)\Google\Update\Install\{88844F7B-3E4C-4994-B427-EAA34F17A152}\GoogleUpdateSetup.exe
2015-05-18 12:14:09 C990A8EAD57DA59FA8156CC02D3B7DA5 931408 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.27.5\GoogleUpdateSetup.exe
2015-05-16 12:52:59 187F79EB31837833882646AE02DB9AC1 711326 ----a-w- C:\Program Files (x86)\RemoveWAT\RemoveWAT.exe
=== C: other files ==
2015-05-23 07:21:01 4C64E19B96EF62405F7376ECBD5B9A01 94287 ----a-w- C:\Program Files (x86)\Air Globe\bin\AirGlobe.expext.zip
2015-05-23 06:40:27 478E0E01EC88B5B408306B997B42DC15 6478 ----a-w- C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\{2eb930fb-5d92-450f-a5ff-14c391caa31b}.xpi
2015-05-21 15:36:52 FBD69D7B2288118B6A1C2AA84D6ECD92 400401 ----a-w- C:\Program Files (x86)\Ge-Force\aaf348f2-aa07-44df-9237-4f2010637ed5.xpi
2015-05-21 15:36:51 47C108A84E6949C75C29477997C776AD 395315 ----a-w- C:\Program Files (x86)\Sense\ee0c153f-4ef0-4da5-8166-0eca361bad35.xpi
2015-05-21 15:33:18 A85061F0B6921C3C9B4637CFA576F567 445574 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\93b9f6ba-5d50-405f-8bd0-af021fba85c5.xpi
2015-05-21 15:32:59 23B9243FFD105F972AA2ED63C515527B 401767 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV17.05\33f8a271-5246-403e-a57f-0d5fdd6a0524.crx

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-776529118-1432443362-4020625924-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\Aca\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"
"YTDownloader"="C:\Program Files (x86)\YTDownloader\YTDownloader.exe /boot"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"BCSSync"="D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"YTDownloader"="C:\Program Files (x86)\YTDownloader\YTDownloader.exe /boot"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\Aca\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"
"YTDownloader"="C:\Program Files (x86)\YTDownloader\YTDownloader.exe /boot"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Bidaily Synchronize Task[pr].job --a------ C:\programdata\ed5d3532-d489-c11d-ed5d-d3532d48d4cb\removewat 2.2.8 windows 7 working activator download.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/11/2015 01:08 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/11/2015 01:08 PM]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CarambisDriverUpdaterUACDisablingTask" [C:\Program Files (x86)\Carambis\Driver Updater\dupdater.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"searchffv2@gmail.com"="C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com" [05/23/2015 08:42 AM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default
- QuickSearch - %ProfilePath%\extensions\searchffv2@gmail.com
- Shopper-Pro - %ProfilePath%\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
- Youtube playlist converter to MP3 - %ProfilePath%\extensions\jid0-oxBE8TGrmyDm30WPvO8i9EFHmtQ@jetpack.xpi
- Air Globe 1.0.1 - %ProfilePath%\extensions\{2eb930fb-5d92-450f-a5ff-14c391caa31b}.xpi
- YouTube Flash Video Player - %ProfilePath%\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default
9AE02005247DA91AB1743F5208DBEF76 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll - Shockwave Flash
FBF151BDF3156D1FEFD5E992D89D65CC - C:\Users\Aca\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player


==== Deleted Firefox Extensions ======================

C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} deleted

==== Chromium Look ======================

Google Chrome Version: 43.0.2357.65

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[05/02/2015 12:26 PM]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[05/02/2015 12:26 PM]

Google Drive - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
BeFunky Photo Editor - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apfkepiiddolifkgjmfdgpnipgnfejab
YouTube - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
TANX - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\khalolpadgppinfmjajjbdgljhcameji
Chrome Hotword Shared Module - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Google Wallet - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
CinemaPlus-3.2cV17.05 - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp
Gmail - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Preferences
E30D","homepage_is_newtabpage":"F575A8C066C96A515D790487355BDCB99DF69C33579FFD530321EBE11B9FA80E","pinned_tabs":"71889793483034BCBB84185CE0C514D302BE5FBEA02094B0E69292D568F78D0A","prefs":{"preference_reset_time":"5792A297BA8546168B42CC7675675C195C3DC7185C045419247466A64DA75F53"},"profile":{"reset_prompt_memento":"FF179974F8C28D7665A02082401928C14483973E2132186CCDD36A847BF9F117"},"safebrowsing":{"incidents_sent":"67EA6A72A9D334F01C5D900507A9C704A3462B05830623A7FD986552DD6A3694"},"search_provider_overrides":"91EB1A10FA29E4D48DD9B38CCB278619AD384768BAD3E11F105974BA33CEB90E","session":{"restore_on_startup":"9AC265B95CB3095F6534B78096597DB3FCF77BEFF838A9B6C7F10DE8B9C8B844","startup_urls":"F59712628BBD928C0954E6D9942F60C2BB96F02D8E24FCB2AF97065ABC8580DE"},"software_reporter":{"prompt_reason":"23DAB705FE94D2F4BE5C20B9768862A3C104BE828D5A8DD15FD776335279EE95","prompt_seed":"91FA3B7E38420D544E83A4C6FA9B14AD10FD0B38BECD458CFC7B0F626B3D3370","prompt_version":"8FCB241360B0DD87FB628414D34FA7580A63B5E7DA07A0A29AD2FCF1A85BE249"},"sync":{"remaining_rollback_tries":"15D8B0CD86CDFCE08CD4040123435B5858010B364D030E93B2D1B39BC57A5FBD"}},"super_mac":"A6D8F45FE74EE727C61C69CCF0896D1269C2B205593ED2EFA16501C1867BECFE"},"session":{"startup_urls":["http://www.istartsurf.com/?type=hp&ts=1432363346&z=b7892fedd9d471119e38a1bg6z2cco7c0qecac9cfb&from=obw&uid=TOSHIBAXDT01ACA050_X3O6ENGGSXXX3O6ENGGSX"]},"software_reporter":{"prompt_reason":0,"prompt_version":"3.20.1"}}


==== Chromium Fix ======================

C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage-journal deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage-journal deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage-journal deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.istartsurf.com_0.localstorage deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.istartsurf.com_0.localstorage-journal deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage-journal deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0 deleted successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.istartsurf.com/web/?type=ds&ts=1432363346&z=b7892fedd9d471119e38a1bg6z2cco7c0qecac9cfb&from=obw&uid=TOSHIBAXDT01ACA050_X3O6ENGGSXXX3O6ENGGSX&q={searchTerms}"
"Search Page"="http://www.istartsurf.com/web/?type=ds&ts=1432363346&z=b7892fedd9d471119e38a1bg6z2cco7c0qecac9cfb&from=obw&uid=TOSHIBAXDT01ACA050_X3O6ENGGSXXX3O6ENGGSX&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.istartsurf.com/web/?type=ds&ts=1432363346&z=b7892fedd9d471119e38a1bg6z2cco7c0qecac9cfb&from=obw&uid=TOSHIBAXDT01ACA050_X3O6ENGGSXXX3O6ENGGSX&q={searchTerms}"
"Search Page"="http://www.istartsurf.com/web/?type=ds&ts=1432363346&z=b7892fedd9d471119e38a1bg6z2cco7c0qecac9cfb&from=obw&uid=TOSHIBAXDT01ACA050_X3O6ENGGSXXX3O6ENGGSX&q={searchTerms}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-776529118-1432443362-4020625924-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4c54ce3d-6b7d-4f21-9e69-200632a98540} deleted successfully
HKEY_USERS\S-1-5-21-776529118-1432443362-4020625924-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4c54ce3d-6b7d-4f21-9e69-200632a98540} deleted successfully
HKEY_USERS\S-1-5-21-776529118-1432443362-4020625924-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully
HKEY_USERS\S-1-5-21-776529118-1432443362-4020625924-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4c54ce3d-6b7d-4f21-9e69-200632a98540} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4c54ce3d-6b7d-4f21-9e69-200632a98540} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{06B99631-BFA2-3B7A-F58B-D067C2BA59B7} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Driver Updater deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Sense deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Ge-Force deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\CinemaPlus-3.2cV17.05 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{68ef6205} deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Aca\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3PA9AOFC will be deleted at reboot
C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EOUGAQGS will be deleted at reboot
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7HIJ1459 will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 will be deleted at reboot
C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Aca\AppData\Local\Mozilla\Firefox\Profiles\r3q09esf.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Aca\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=843 folders=122 8832155630 bytes)

==== Empty Temp Folders ======================

C:\Users\Aca\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Aca\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\PROGRA~2\Air Globe" not found
"C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp" deleted
"C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3PA9AOFC" not found
"C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EOUGAQGS" not found
"C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7HIJ1459" deleted
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5" not found

==== EOF on Sat 05/23/2015 at 9:28:20.12 ======================

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Da, da , e to je vec nesto ...

Uklonicu prvi postovani zoek log da ne zauzima mesto u temi.





Arrow Idemo dalje, ponavljamo postupak sa zoek alatom;

zatvori browser i ostale pokrenute programe;
privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ;
dvoklikom pokreni zoek na ikonicu programa ;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:

Winstaller-List;
MSConfigCheck;
C:\Windows\Tasks\Bidaily Synchronize Task[pr].job;f
C:\ProgramData\mtbjfghn.xbe;f
C:\programdata\ed5d3532-d489-c11d-ed5d-d3532d48d4cb\removewat 2.2.8 windows 7 working activator download.exe;f
C:\Program Files (x86)\YTDownloader;fs
FFDefaults;https://www.google.rs
C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com;f
C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF};f
C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\{2eb930fb-5d92-450f-a5ff-14c391caa31b}.xpi;f
CHRDefaults;
papbadoldddalgcjcicnikcfenodpghp;chr
ShortCutFix;
[HKEY_USERS\S-1-5-21-776529118-1432443362-4020625924-1000\Software\Microsoft\Windows\CurrentVersion\Run];r
"YTDownloader"=-;r
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];r
"YTDownloader"=-;r
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r
"YTDownloader"=-;r
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions];r
"searchffv2@gmail.com"=-;r
EmptyAllTemp;
Reboot;


Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadrzaj tog loga u poruku.

offline
  • Student by day. Hacker by night
  • Pridružio: 11 Maj 2014
  • Poruke: 189
  • Gde živiš: 192.168.0.1

Izvoli

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Aca on Sat 05/23/2015 at 18:46:10.00.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Aca\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2015-05-23-072820.log 70415 bytes
C:\zoek-results2015-05-23-073207.log 1251 bytes
C:\zoek-results2015-05-23-112610.log 41331 bytes

==== Windows Installer Info ======================

AMD Accelerated Video Transcoding [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\527E024438069986E9033D8CB078461D]C:\Windows\Installer\e013e.msi
AMD Catalyst Control Center [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6BDE4A8EDA0928FB15E4F33E30F46405]C:\Windows\Installer\e012b.msi
AMD Catalyst Install Manager [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\456E0CDE7C06D857B6188C3DCAECED5E]C:\Windows\Installer\e007b.msi
AMD Drag and Drop Transcoding [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\802E50C5E6543D43122EE58337A7E3FD]C:\Windows\Installer\e0132.msi
AMD Fuel [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6615E3CDADC2F3B81B758DD6CF4177B1]C:\Windows\Installer\e008e.msi
AMD Media Foundation Decoders [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\888082EA47A62685053365DE1F2A4897]C:\Windows\Installer\e0138.msi
AMD Wireless Display v3.0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1882061E03D11DA317E95286146DD3EA]C:\Windows\Installer\e0081.msi
Catalyst Control Center - Branding [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FCBA2B8800C91C74F84C63B98948D57D]C:\Windows\Installer\e0087.msi
Catalyst Control Center Graphics Previews Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\49CB7CEBD19731525673FD348BFEB71B]C:\Windows\Installer\e0094.msi
Catalyst Control Center InstallProxy [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\49F2B411185A3E6570AC24F35AEA8A63]C:\Windows\Installer\e0074.msi
Catalyst Control Center Localization All [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ADDD51C95222B0749081EAEE92A46BE0]C:\Windows\Installer\e011e.msi
ccc-utility64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\89D5859CAE6DDBFFB15124A5EF9B70C1]C:\Windows\Installer\e0124.msi
CCC Help Chinese Standard [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8CE871ADB8ADD16526571C5B4E6F9844]C:\Windows\Installer\e0112.msi
CCC Help Chinese Traditional [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\442B26F260136E2D1C6427E206EA4F1B]C:\Windows\Installer\e0118.msi
CCC Help Czech [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9253E26E51331AF9268673DC79B78BDE]C:\Windows\Installer\e009a.msi
CCC Help Danish [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DBA16C7B14AE51AB0F2785AF38BBF627]C:\Windows\Installer\e00a0.msi
CCC Help Dutch [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\80E41C771D976891F8F37411D357D533]C:\Windows\Installer\e00e2.msi
CCC Help English [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F15BB517D9CD6DFE3627DF0BBEFC5281]C:\Windows\Installer\e00b2.msi
CCC Help Finnish [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\87ED3039278EE2F7388581AFBBE4F28A]C:\Windows\Installer\e00be.msi
CCC Help French [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A68277340407AEC48E4CAC09CA3634ED]C:\Windows\Installer\e00c4.msi
CCC Help German [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\38AEB3BEF6DE8B007BCA8A569A3373D9]C:\Windows\Installer\e00a6.msi
CCC Help Greek [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A7E7DA5204576C9D07A31E37BA787AB]C:\Windows\Installer\e00ac.msi
CCC Help Hungarian [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3158D0284FC4E0C12D7BBDD60C1C488F]C:\Windows\Installer\e00ca.msi
CCC Help Italian [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\956312B0FE794902C0F8A6B87C3E7D88]C:\Windows\Installer\e00d0.msi
CCC Help Japanese [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FCE022DD6DAF11FDFCB7DBE5F6200B36]C:\Windows\Installer\e00d6.msi
CCC Help Korean [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DA73BC621CE1D9A3742AE23BBC1EF8A4]C:\Windows\Installer\e00dc.msi
CCC Help Norwegian [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\137CEEEF0C19ECA3D88FEDFA21A60BA9]C:\Windows\Installer\e00e8.msi
CCC Help Polish [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A825D0C0D1D0FC49C13E6E44C665EB63]C:\Windows\Installer\e00ee.msi
CCC Help Portuguese [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\81761900002A2A575E2AA7990303A007]C:\Windows\Installer\e00f4.msi
CCC Help Russian [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\01DD3E2B36A27A70E208A159A70D09C3]C:\Windows\Installer\e00fa.msi
CCC Help Spanish [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5AAC3361A0005FEDFD8F92B12F654A3D]C:\Windows\Installer\e00b8.msi
CCC Help Swedish [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2C40EAFA190FB70C12CF1B49D2A65B7]C:\Windows\Installer\e0100.msi
CCC Help Thai [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D76CFDADDD4678EA39D93C7BC927DE09]C:\Windows\Installer\e0106.msi
CCC Help Turkish [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5A5C3BBBE8B61129956CBF9A35DD993A]C:\Windows\Installer\e010c.msi
globalupdate Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E]C:\Windows\Installer\19e798f.msi
Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A089CE062ADB6BC44A720BA745894BAC]C:\Windows\Installer\34a136.msi
HP Support Solutions Framework [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\77B2C3CF00866C841AD5D9011331C061]C:\Windows\Installer\3510f.msi
Java 8 Update 45 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF2381208540F]C:\Windows\Installer\11cd8c3.msi
Microsoft .NET Framework 4.5 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0D741DA1E0EBC6D3CA11466FCD14361F]C:\Windows\Installer\6172c0.msi
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\66C587142F09EC04C85BC149FB9C2708]C:\Windows\Installer\56b346.msi
Microsoft Dynamics NAV 2013 Outlook Add-in [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000000000000000700003DF09C5F82B4]C:\Windows\Installer\29b49.msi
Microsoft Dynamics NAV RoleTailored Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00000000000000070000C09ED03A15B2]C:\Windows\Installer\29ac9.msi
Microsoft Dynamics NAV Setup [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00000000000000075A77000038B62D2D]C:\Windows\Installer\6170ce.msi
Microsoft Office Access MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109510090400000000000F01FEC]C:\Windows\Installer\14975ed.msi
Microsoft Office Access Setup Metadata MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109711090400000000000F01FEC]C:\Windows\Installer\14975f3.msi
Microsoft Office Excel MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109610090400000000000F01FEC]C:\Windows\Installer\14975aa.msi
Microsoft Office Groove MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109AB0090400000000000F01FEC]C:\Windows\Installer\14975b0.msi
Microsoft Office InfoPath MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109440090400000000000F01FEC]C:\Windows\Installer\14975e6.msi
Microsoft Office Office 64-bit Components 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109A20000000100000000F01FEC]C:\Windows\Installer\1497606.msi
Microsoft Office OneNote MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000041091A0090400000000000F01FEC]C:\Windows\Installer\14975e0.msi
Microsoft Office Outlook MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109A10090400000000000F01FEC]C:\Windows\Installer\14975b6.msi
Microsoft Office PowerPoint MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109810090400000000000F01FEC]C:\Windows\Installer\14975a4.msi
Microsoft Office Professional Plus 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109110000000000000000F01FEC]C:\Windows\Installer\1497613.msi
Microsoft Office Proof (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400000000000F01FEC]C:\Windows\Installer\14975d4.msi
Microsoft Office Proof (French) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100C0400000000000F01FEC]C:\Windows\Installer\14975ce.msi
Microsoft Office Proof (Spanish) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100A0C00000000000F01FEC]C:\Windows\Installer\14975c8.msi
Microsoft Office Proofing (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109C20090400000000000F01FEC]C:\Windows\Installer\14975da.msi
Microsoft Office Publisher MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109910090400000000000F01FEC]C:\Windows\Installer\14975f9.msi
Microsoft Office Shared 64-bit MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109A20090400100000000F01FEC]C:\Windows\Installer\14975bc.msi
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109611090400100000000F01FEC]C:\Windows\Installer\14975c2.msi
Microsoft Office Shared MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109E60090400000000000F01FEC]C:\Windows\Installer\1497598.msi
Microsoft Office Shared Setup Metadata MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109511090400000000000F01FEC]C:\Windows\Installer\149759e.msi
Microsoft Office Word MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109B10090400000000000F01FEC]C:\Windows\Installer\14975ff.msi
Microsoft ReportViewer 2010 SP1 Redistributable (KB2549864) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CB0C282122B34D337BE226294251DDAC]C:\Windows\Installer\44f37.msi
Microsoft SQL Server 2008 R2 Native Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C2DAA1748709CAD4DB34AF01BFC7F3EC]C:\Windows\Installer\6f7097.msi
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1007C6B46D7C017319E3B52CF3EC196E]C:\Windows\Installer\6170b9.msi
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\67D6ECF5CD5FBA732B8B22BAC8DE1B4D]C:\Windows\Installer\1f1ed9c.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CFD2C1F142D260E3CB8B271543DA9F98]C:\Windows\Installer\6170b3.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E815EB96CCE9A53884E7857C57002F0]C:\Windows\Installer\1f1eda3.msi
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1926E8D15D0BCE53481466615F760A7F]C:\Windows\Installer\242842.msi
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D5E3C0FEDA1E123187686FED06E995A]C:\Windows\Installer\1ef5469.msi
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B8CF35CA81EEC9F3B9950639D7B081C2]C:\Windows\Installer\e006e.msi
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BCA1BC2A2A49AB231AE5D70813F95798]C:\Windows\Installer\e0068.msi
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\39103BDF0ADFAAD3CAAC7AE5FE5E6370]C:\Windows\Installer\c1a16.msi
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B7A37F2E05E6A93A9CBFE984E6CE263]C:\Windows\Installer\c1a10.msi
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4BEA594979BAED93C82408E6FE57CE7A]C:\Windows\Installer\1ef554a.msi
Nitro Pro 9 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\249D4C8615F5DC14CA9B34271B48731F]C:\Windows\Installer\35115.msi
Open XML SDK 2.0 for Microsoft Office [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\67D8D17150F3A5548AFA5C162C769950]C:\Windows\Installer\6f709d.msi
SQL Server Report Builder 3 for SQL Server 2012 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\02535C7F5EC265A4DA1B1CCA5A485B4A]C:\Windows\Installer\6f70ab.msi
System Requirements Lab Detection [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\84A71CC2ED53808419B81CA54871313C]C:\Windows\Installer\108aee4.msi

==== FireFox Fix ======================

Deleted from C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\prefs.js:

Added to C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.google.rs");
user_pref("browser.newtab.url", "about:newtab");

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_USERS\S-1-5-21-776529118-1432443362-4020625924-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"YTDownloader"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"YTDownloader"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"YTDownloader"=-
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"searchffv2@gmail.com"=-

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\YTDownloader not found
"C:\programdata\ed5d3532-d489-c11d-ed5d-d3532d48d4cb\removewat 2.2.8 windows 7 working activator download.exe" not found
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}" not found
"C:\ProgramData\mtbjfghn.xbe" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\{2eb930fb-5d92-450f-a5ff-14c391caa31b}.xpi" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome.manifest" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\install.rdf" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\modules\addonmanager.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\modules\aes.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\modules\config.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\modules\dialogs.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\modules\last_tab.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\modules\misc.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\modules\properties.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\modules\remoterequest.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\modules\restoreprefs.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\modules\settings.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\index.html" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\quick_start.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\quick_start.xul" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\skin\default_logo.png" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\skin\googlelogo.png" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\skin\google_trends.png" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\skin\icon.png" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\skin\loading.gif" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\skin\logo.png" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\skin\newtab.ico" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\skin\simple.css" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\skin\style.css" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\include\speed_dial.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\js\js.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\include\tools\about_blank_hook.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\include\tools\misc.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\include\tools\popup_image_helper.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\include\tools\urlrequestor.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\js\lib\doT.min.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\js\lib\jquery-2.1.0.min.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\js\lib\jquery.autocomplete.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\js\module\hotSearch.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\js\module\mostgrid.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\js\module\search.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\js\module\stat.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\js\pack\common.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\js\pack\ga.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\js\pack\xagainit.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\en\locale.properties" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\en-US\locale.properties" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\es\locale.properties" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\es-419\locale.properties" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\fr\locale.properties" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\fr-BE\locale.properties" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\fr-CA\locale.properties" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\fr-CH\locale.properties" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\fr-LU\locale.properties" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\it\locale.properties" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\it-CH\locale.properties" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\pl\locale.properties" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\pt-BR\locale.properties" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\ru\locale.properties" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\ru-MO\locale.properties" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\tr\locale.properties" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\vi\locale.properties" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\zh-CN\locale.properties" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\zh-TW\locale.properties" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\defaults\preferences\fvd.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\defaults\preferences\preferences.js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\defaults" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\modules" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\skin" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\include" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\js" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\include\tools" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\js\lib" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\js\module" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\content\js\pack" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\en" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\en-US" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\es" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\es-419" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\fr" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\fr-BE" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\fr-CA" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\fr-CH" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\fr-LU" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\it" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\it-CH" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\pl" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\pt-BR" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\ru" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\ru-MO" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\tr" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\vi" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\zh-CN" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\chrome\locale\zh-TW" deleted
"C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default\extensions\searchffv2@gmail.com\defaults\preferences" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default
user_pref("browser.startup.homepage", "https://www.google.rs");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [05/02/2015 12:26 PM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default
- Youtube playlist converter to MP3 - %ProfilePath%\extensions\jid0-oxBE8TGrmyDm30WPvO8i9EFHmtQ@jetpack.xpi
- YouTube Flash Video Player - %ProfilePath%\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Aca\AppData\Roaming\Mozilla\Firefox\Profiles\r3q09esf.default
9AE02005247DA91AB1743F5208DBEF76 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll - Shockwave Flash
FBF151BDF3156D1FEFD5E992D89D65CC - C:\Users\Aca\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player


==== Chromium Look ======================

Google Chrome Version: 43.0.2357.65

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[05/02/2015 12:26 PM]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[05/02/2015 12:26 PM]

Google Drive - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
BeFunky Photo Editor - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apfkepiiddolifkgjmfdgpnipgnfejab
YouTube - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
TANX - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\khalolpadgppinfmjajjbdgljhcameji
Chrome Hotword Shared Module - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Google Wallet - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Aca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Preferences
E30D","homepage_is_newtabpage":"F575A8C066C96A515D790487355BDCB99DF69C33579FFD530321EBE11B9FA80E","pinned_tabs":"71889793483034BCBB84185CE0C514D302BE5FBEA02094B0E69292D568F78D0A","prefs":{"preference_reset_time":"5792A297BA8546168B42CC7675675C195C3DC7185C045419247466A64DA75F53"},"profile":{"reset_prompt_memento":"FF179974F8C28D7665A02082401928C14483973E2132186CCDD36A847BF9F117"},"safebrowsing":{"incidents_sent":"67EA6A72A9D334F01C5D900507A9C704A3462B05830623A7FD986552DD6A3694"},"search_provider_overrides":"91EB1A10FA29E4D48DD9B38CCB278619AD384768BAD3E11F105974BA33CEB90E","session":{"restore_on_startup":"9AC265B95CB3095F6534B78096597DB3FCF77BEFF838A9B6C7F10DE8B9C8B844","startup_urls":"F59712628BBD928C0954E6D9942F60C2BB96F02D8E24FCB2AF97065ABC8580DE"},"software_reporter":{"prompt_reason":"23DAB705FE94D2F4BE5C20B9768862A3C104BE828D5A8DD15FD776335279EE95","prompt_seed":"91FA3B7E38420D544E83A4C6FA9B14AD10FD0B38BECD458CFC7B0F626B3D3370","prompt_version":"8FCB241360B0DD87FB628414D34FA7580A63B5E7DA07A0A29AD2FCF1A85BE249"},"sync":{"remaining_rollback_tries":"15D8B0CD86CDFCE08CD4040123435B5858010B364D030E93B2D1B39BC57A5FBD"}},"super_mac":"A6D8F45FE74EE727C61C69CCF0896D1269C2B205593ED2EFA16501C1867BECFE"},"session":{"startup_urls":["http://www.istartsurf.com/?type=hp&ts=1432363346&z=b7892fedd9d471119e38a1bg6z2cco7c0qecac9cfb&from=obw&uid=TOSHIBAXDT01ACA050_X3O6ENGGSXXX3O6ENGGSX"]},"software_reporter":{"prompt_reason":0,"prompt_version":"3.20.1"}}


==== Reset Google Chrome ======================

C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Aca\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Aca\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\Aca\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Aca\Desktop\Chrome App Launcher.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Aca\Desktop\Counter-Strike WaRzOnE.lnk - D:\Games\Counter-Strike\hl.exe -steam -game cstrike -noforcemparms -noforcemaccel
C:\Users\Aca\Desktop\KMPlayer.lnk - C:\KMPlayer\KMPlayer.exe
C:\Users\Aca\Desktop\Microsoft Access 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe
C:\Users\Aca\Desktop\Microsoft Excel 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\Aca\Desktop\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Aca\Desktop\Notepad++.lnk - C:\Program Files (x86)\Notepad++\notepad++.exe
C:\Users\Aca\Desktop\µTorrent.lnk -

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\AIMP3.lnk - C:\Program Files (x86)\AIMP3\AIMP3.exe
C:\Users\Public\Desktop\Autodata 3.38.lnk - C:\ADCDA2\ADBCD.exe
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\Public\Desktop\Driver Updater.lnk - C:\Program Files (x86)\Carambis\Driver Updater\dupdater.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\TeamViewer 10.lnk - C:\Program Files (x86)\TeamViewer\TeamViewer.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -
C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Dynamics NAV 2013 Administration Shell.lnk - C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell.exe -NoExit -ExecutionPolicy RemoteSigned " & ' C:\Program Files\Microsoft Dynamics NAV\70\Service\NavAdminTool.ps1 ' "
C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Counter-Strike WaRzOnE.lnk - D:\Games\Counter-Strike\hl.exe -steam -game cstrike -noforcemparms -noforcemaccel
C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Chrome App Launcher.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life\Half-Life WaRzOnE.lnk - D:\Games\Counter-Strike\hl.exe -steam -noforcemparms -noforcemaccel
C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HLDS\HLDS.lnk - D:\Games\Counter-Strike\hlds.exe
C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer.lnk - C:\KMPlayer\KMPlayer.exe
C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\Uninstall KMPlayer.lnk - C:\KMPlayer\uninstall.exe
C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt
C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\Users\Aca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Driver Updater.lnk - C:\Program Files (x86)\Carambis\Driver Updater\dupdater.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk - C:\Windows\ehome\ehshell.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Dynamics NAV 2013 Development Environment.lnk - C:\Program Files (x86)\Microsoft Dynamics NAV\70\RoleTailored Client\finsql.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Dynamics NAV 2013.lnk - C:\Program Files (x86)\Microsoft Dynamics NAV\70\RoleTailored Client\Microsoft.Dynamics.Nav.Client.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Dynamics NAV Administration.lnk - C:\Program Files (x86)\Microsoft Dynamics NAV\70\RoleTailored Client\Microsoft Dynamics Nav Server.msc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 9.lnk - C:\Program Files (x86)\Nitro\Pro 9\NitroPDF.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro Evolution Soccer 2015.lnk - C:\Program Files (x86)\Pro Evolution Soccer 2015\PES2015.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk - C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3 Advanced Tag Editor.lnk - C:\Program Files (x86)\AIMP3\AIMP3ate.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3 Audio Converter.lnk - C:\Program Files (x86)\AIMP3\AIMP3ac.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3 Audio Library.lnk - C:\Program Files (x86)\AIMP3\AIMP3lib.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3 Home Page.lnk - C:\Program Files (x86)\AIMP3\AIMP3.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3.lnk - C:\Program Files (x86)\AIMP3\AIMP3.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\History.lnk - C:\Program Files (x86)\AIMP3\history.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\License.lnk - C:\Program Files (x86)\AIMP3\license.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\Uninstall.lnk - C:\Program Files (x86)\AIMP3\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\AMD Catalyst Control Center.lnk - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\Help.lnk - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe Start Help -help
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio FREE\Ashampoo Burning Studio FREE .lnk - C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio FREE\burningstudio.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio FREE\Help.lnk - C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio FREE\lang\BurningStudio-en-us.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio FREE\Readme.lnk - C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio FREE\readme_en_us.htm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio FREE\Uninstall Ashampoo Burning Studio FREE.lnk - C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio FREE\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast Free Antivirus.lnk - C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carambis\Driver Updater\Driver Updater.lnk - C:\Program Files (x86)\Carambis\Driver Updater\dupdater.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carambis\Driver Updater\Uninstall.lnk - C:\Program Files (x86)\Carambis\Driver Updater\uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk - C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chess.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Backgammon.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Checkers.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Spades.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mahjong.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP LaserJet 1020\Install Notes.lnk - C:\Program Files (x86)\HP\HP LaserJet 1020\manuals\readme.html
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP LaserJet 1020\Uninstall.lnk - C:\Program Files (x86)\HP\HP LaserJet 1020\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP LaserJet 1020\User Guide.lnk - C:\Program Files (x86)\HP\HP LaserJet 1020\manuals\HP1020UG.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - D:\Program Files (x86)\Java\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - D:\Program Files (x86)\Java\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - D:\Program Files (x86)\Java\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Java Mission Control.lnk - C:\Program Files (x86)\Java\jdk1.8.0_45\bin\jmc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Reference Documentation.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Access 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Excel 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft InfoPath Designer 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe /design
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft InfoPath Filler 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft OneNote 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Outlook 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft PowerPoint 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Publisher 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft SharePoint Workspace 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Digital Certificate for VBA Projects.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Clip Organizer.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Office 2010 Language Preferences.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Office 2010 Upload Center.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Office Picture Manager.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012 Report Builder 3.0\Report Builder 3.0 Help.lnk - C:\Program Files (x86)\Microsoft SQL Server\Report Builder 3.0\1033\s11ch_rptdesign.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012 Report Builder 3.0\Report Builder 3.0.lnk - C:\Program Files (x86)\Microsoft SQL Server\Report Builder 3.0\MSReportBuilder.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk - C:\Program Files (x86)\Notepad++\notepad++.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint\Microsoft SharePoint Workspace 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in Quick Launch ======================

C:\Users\Aca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Aca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Aca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Aca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Aca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\Aca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K3ZYBUAQ will be deleted at reboot
C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Aca\AppData\Local\Mozilla\Firefox\Profiles\r3q09esf.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Aca\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Aca\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=907 folders=155 8832541203 bytes)

==== Empty Temp Folders ======================

C:\Users\Aca\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Aca\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\Aca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K3ZYBUAQ" not found

==== EOF on Sat 05/23/2015 at 19:04:57.96 ======================

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Stanje bi sada trebalo da je mnogo bolje. Hajde sada ponovo pokreni FRST alat i pritisni Scan dugme.

Iskopiraj mi sadrzaj samo FRST.txt izvestaja, da proverimo da li je nesto zaostalo, ako jeste da i to sredimo.

Ko je trenutno na forumu
 

Ukupno su 738 korisnika na forumu :: 22 registrovanih, 4 sakrivenih i 712 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, A.R.Chafee.Jr., Andrija357, babaroga, Bane san, Ben Roj, Boris BM, Dannyboy2, Dukelander, elenemste, Futog 74, hyla, krkalon, Kruger, milutin134, nuke92, operniki, Oscar2, raptorsi, Rogonos, shaja1, W123