kontrola logu :)

[tombola6]

Dobrý ďen poprosím o kontrolu logu ďakujem



Additional scan result of Farbar Recovery Scan Tool (x86) Version:27-01-2016
Ran by adinko (2016-01-31 18:01:00)
Running from C:\Users\adinko\Desktop
Windows 7 Professional Service Pack 1 (X86) (2015-11-21 13:56:23)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

adinko (S-1-5-21-3847442437-178053374-3691882369-1001 - Administrator - Enabled) => C:\Users\adinko
Administrator (S-1-5-21-3847442437-178053374-3691882369-500 - Administrator - Disabled)
Guest (S-1-5-21-3847442437-178053374-3691882369-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3847442437-178053374-3691882369-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Adobe Flash Player 20 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Advanced SystemCare 9 (HKLM\...\Advanced SystemCare_is1) (Version: 9.1.0 - IObit)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Aktualizácie NVIDIA 2.7.4.10 (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Armored Warfare MyCom (HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\Armored Warfare MyCom) (Version: 1.64 - My.com B.V.)
AVG (HKLM\...\AvgZen) (Version: 1.22.1.40089 - AVG Technologies)
AVG (Version: 16.12.7303 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4522 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM\...\AVG PC TuneUp) (Version: 16.13.1.47453 - AVG Technologies)
AVG PC TuneUp (Version: 16.13.3 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.12.7303 - AVG Technologies)
AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 4.2.4.155 - AVG Technologies)
AVG Zen (Version: 1.22.1 - AVG Technologies) Hidden
Brawlhalla (HKLM\...\Steam App 291550) (Version: - Blue Mammoth Games)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Clownfish for Skype (HKLM\...\Clownfish) (Version: - )
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Dota 2 (HKLM\...\Steam App 570) (Version: - Valve)
Driver Booster 3.1 (HKLM\...\Driver Booster_is1) (Version: 3.1 - IObit)
Firestorm Launcher version 1.0 (HKLM\...\{008D5963-9A73-4472-8C16-A5BF04491B9D}_is1) (Version: 1.0 - Firestorm)
FMW 1 (Version: 1.32.2 - AVG Technologies) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 46.0.2490.86 - Spoločnosť Google Inc.)
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
IdleMaster (HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\1d85483b1c982d8c) (Version: 1.4.0.0 - IdleMaster)
IObit Malware Fighter 3 (HKLM\...\IObit Malware Fighter_is1) (Version: 3.4 - IObit)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 5.2.1.126 - IObit)
Java 8 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware verzia 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
My.com Game Center (HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\MyComGames) (Version: 3.167 - My.com B.V.)
NVIDIA 3D Vision radič ovládača 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Grafický ovládač 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.92 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Opera Stable 34.0.2036.50 (HKLM\...\Opera 34.0.2036.50) (Version: 34.0.2036.50 - Opera Software)
osu! (HKLM\...\{37504f5d-5d6f-4770-894a-a7478ae27f8e}) (Version: latest - ppy Pty Ltd)
Ovládací panel NVIDIA 341.92 (Version: 341.92 - NVIDIA Corporation) Hidden
ParkControl (HKLM\...\ParkControl) (Version: 1.0.1.4 - Bitsum)
Re 2.0 (HKLM\...\ReQuick_is1) (Version: - My Company, Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7628 - Realtek Semiconductor Corp.)
Registry Repair 5.0.1.70 (HKLM\...\Registry Repair) (Version: 5.0.1.70 - Glarysoft Ltd)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix)
Rust (HKLM\...\Steam App 252490) (Version: - Facepunch Studios)
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Skype™ 7.15 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.102 - Skype Technologies S.A.)
SpeedyPC Pro (HKLM\...\{604CD5A1-4520-4844-B064-A3D884B77E91}) (Version: 3.2.15.0 - SpeedyPC Software) <==== ATTENTION
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
TeamSpeak 3 Client (HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM\...\TeamViewer) (Version: 11.0.52465 - TeamViewer)
The Adventures of Mr. Bobley (HKLM\...\Steam App 375710) (Version: - Jan Zizka)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3847442437-178053374-3691882369-1001_Classes\CLSID\{9FBA1E11-455C-4499-8C34-BABB1DF85598}\InprocServer32 -> C:\Users\adinko\AppData\Local\MyComGames\NPMyComDetector.dll (MY.COM B.V.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1C34FEBC-BFAB-4627-8AF1-611461CCE4F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-11-21] (Google Inc.)
Task: {1ECBD0A3-03EB-44E8-BCD6-EDF925DB2E61} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare\Monitor.exe [2016-01-15] (IObit)
Task: {1FF110C8-915F-4955-B878-1191684BC645} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {2D69333F-B88D-4691-B118-192412433C7D} - System32\Tasks\Opera scheduled Autoupdate 1448114330 => C:\Program Files\Opera\launcher.exe [2016-01-18] (Opera Software)
Task: {310BC78E-4139-4516-A593-A71FA467CA56} - System32\Tasks\Driver Booster SkipUAC (adinko) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe [2015-11-18] (IObit)
Task: {353355E6-80E9-4B4B-93A1-20D937955A77} - System32\Tasks\SpeedyPC Pro_sch_FB7B39B1-9117-11E5-B2CD-60A44C2C2E60 => C:\Program Files\SpeedyPC Software\SpeedyPC\SpeedyPC.exe [2015-09-17] (SpeedyPC Software) <==== ATTENTION
Task: {3C3E4932-4A52-43A3-85A1-DF26709BDBDA} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\ParkControl.exe [2016-01-22] (Bitsum LLC)
Task: {44383203-ABCB-4276-AF3B-2BD771E6BF11} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-10-06] (Oracle Corporation)
Task: {57D6A1CC-EDDA-499F-8EA4-676FE86948F7} - System32\Tasks\{DD8C8DED-9797-49C1-97C0-AFA99E406217} => C:\Program Files\driver\SmartGeniusSetup.exe [2015-12-30] (KYE Systems Corp. )
Task: {58A43EF8-B84F-4046-A032-64AE6F742E53} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files\AVG\AVG PC TuneUp\tuscanx.exe [2015-12-11] (AVG Technologies CZ, s.r.o.)
Task: {61DB7CCA-DF97-462A-9D09-9E96057004F7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-11-21] (Google Inc.)
Task: {6AEF0C98-2CB4-4B67-8C70-4C977C7355CC} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {71FB81C8-B197-477E-B21A-B38AFC532662} - System32\Tasks\SpeedyPC Registration3 => Rundll32.exe "C:\Program Files\Common Files\SpeedyPC Software\UUS3\UUS3.dll" RunUns
Task: {78FFA9C9-81D6-40C7-861E-FA4157CE3A9A} - System32\Tasks\Uninstaller_SkipUac_adinko => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-01-12] (IObit)
Task: {9705C293-28FE-4E72-9645-B647C7AA6BC7} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe [2015-12-12] (Adobe Systems Incorporated)
Task: {9A20C5A4-B65E-48C0-BBBD-CDB221B32EDC} - System32\Tasks\Driver Booster Scheduler => C:\Program Files\IObit\Driver Booster\Scheduler.exe [2015-11-18] (IObit)
Task: {C5ACCAB1-1297-48FD-B1FF-F7C3C652436D} - System32\Tasks\{61F3FF9E-4E3C-4EDF-A157-70FC0524962D} => C:\Program Files\driver\SmartGeniusSetup.exe [2015-12-30] (KYE Systems Corp. )
Task: {D622195C-D680-4FEA-9C56-59660C7C9E94} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {EDF42B0F-08F2-49EA-9C42-15E5D90655AE} - System32\Tasks\ASC9_SkipUac_adinko => C:\Program Files\IObit\Advanced SystemCare\ASC.exe [2016-01-18] (IObit)
Task: {F9364DE9-56B1-4B28-B289-1FE22B85EDFD} - System32\Tasks\{F305D478-C73B-483F-9AD3-C7465032AA19} => C:\Program Files\driver\SmartGeniusSetup.exe [2015-12-30] (KYE Systems Corp. )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SpeedyPC Pro_sch_FB7B39B1-9117-11E5-B2CD-60A44C2C2E60.job => C:\Program Files\SpeedyPC Software\SpeedyPC\SpeedyPC.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedyPC Registration3.job => C:\Windows\system32\rundll32.exeGC:\Program Files\Common Files\SpeedyPC Software\UUS3\UUS3.dll <==== ATTENTION

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-12-21 18:11 - 2015-12-21 18:15 - 01164688 ____N () C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
2015-11-22 12:38 - 2015-10-13 17:47 - 00113840 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2015-12-12 19:01 - 2015-12-12 19:01 - 00018432 _____ () C:\Windows\System32\us005lm.dll
2016-01-26 20:24 - 2015-01-09 18:46 - 00517408 _____ () C:\Program Files\IObit\IObit Malware Fighter\sqlite3.dll
2016-01-26 20:22 - 2015-12-23 18:32 - 00355616 _____ () C:\Program Files\IObit\Advanced SystemCare\madExcept_.bpl
2016-01-26 20:22 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files\IObit\Advanced SystemCare\madBasic_.bpl
2016-01-26 20:22 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files\IObit\Advanced SystemCare\madDisAsm_.bpl
2015-12-21 18:28 - 2015-12-21 18:28 - 40500224 _____ () C:\Program Files\AVG\UiDll\2171\libcef.dll
2015-11-22 12:25 - 2015-11-12 19:39 - 00012080 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll
2016-01-26 20:22 - 2015-12-23 18:32 - 00355616 _____ () C:\Program Files\IObit\IObit Uninstaller\madExcept_.bpl
2016-01-26 20:22 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files\IObit\IObit Uninstaller\madBasic_.bpl
2016-01-26 20:22 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-11-21 15:15 - 2015-11-10 20:55 - 00778752 _____ () D:\Steam\SDL2.dll
2015-11-21 15:15 - 2015-07-03 17:12 - 04962816 _____ () D:\Steam\v8.dll
2015-11-21 15:15 - 2015-07-03 17:12 - 01556992 _____ () D:\Steam\icui18n.dll
2015-11-21 15:15 - 2015-07-03 17:12 - 01187840 _____ () D:\Steam\icuuc.dll
2015-11-21 15:15 - 2015-12-14 21:01 - 02547280 _____ () D:\Steam\video.dll
2015-11-21 15:15 - 2015-09-24 01:33 - 02549248 _____ () D:\Steam\libavcodec-56.dll
2015-11-21 15:15 - 2015-09-24 01:33 - 00442880 _____ () D:\Steam\libavutil-54.dll
2015-11-21 15:15 - 2015-09-24 01:33 - 00491008 _____ () D:\Steam\libavformat-56.dll
2015-11-21 15:15 - 2015-09-24 01:33 - 00332800 _____ () D:\Steam\libavresample-2.dll
2015-11-21 15:15 - 2015-09-24 01:33 - 00485888 _____ () D:\Steam\libswscale-3.dll
2015-11-21 15:15 - 2015-12-14 21:01 - 00804432 _____ () D:\Steam\bin\chromehtml.DLL
2015-11-21 15:15 - 2015-11-03 23:00 - 00201728 _____ () D:\Steam\bin\openvr_api.dll
2015-11-21 15:15 - 2015-11-17 01:31 - 47846176 _____ () D:\Steam\bin\libcef.dll
2015-11-21 15:15 - 2015-09-25 00:56 - 00119208 _____ () D:\Steam\winh264.dll
2015-12-12 15:23 - 2015-12-12 15:23 - 16573120 _____ () C:\Windows\system32\Macromed\Flash\pepflashplayer32_20_0_0_228.dll
2015-10-22 12:22 - 2015-10-22 12:22 - 00149480 _____ () C:\Users\adinko\AppData\Local\TeamSpeak 3 Client\quazip.dll
2015-10-22 12:21 - 2015-10-22 12:21 - 00090088 _____ () C:\Users\adinko\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2015-10-22 12:21 - 2015-10-22 12:21 - 00103400 _____ () C:\Users\adinko\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2015-10-22 12:22 - 2015-10-22 12:22 - 00260072 _____ () C:\Users\adinko\AppData\Local\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2015-10-22 12:22 - 2015-10-22 12:22 - 00369640 _____ () C:\Users\adinko\AppData\Local\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2015-10-22 12:22 - 2015-10-22 12:22 - 00025576 _____ () C:\Users\adinko\AppData\Local\TeamSpeak 3 Client\plugins\test_plugin.dll
2015-10-22 12:22 - 2015-10-22 12:22 - 00034280 _____ () C:\Users\adinko\AppData\Local\TeamSpeak 3 Client\plugins\ts3g15.dll
2015-09-21 14:42 - 2015-09-21 14:42 - 00270336 _____ () C:\Users\adinko\AppData\Local\TeamSpeak 3 Client\ssleay32.dll
2015-09-21 14:42 - 2015-09-21 14:42 - 01291776 _____ () C:\Users\adinko\AppData\Local\TeamSpeak 3 Client\LIBEAY32.dll
2016-01-21 14:05 - 2016-01-21 14:05 - 61568120 _____ () C:\Program Files\Opera\34.0.2036.50\opera.dll
2016-01-21 14:05 - 2016-01-21 14:05 - 01983096 _____ () C:\Program Files\Opera\34.0.2036.50\libglesv2.dll
2016-01-21 14:05 - 2016-01-21 14:05 - 00081528 _____ () C:\Program Files\Opera\34.0.2036.50\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3847442437-178053374-3691882369-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: avgsvc => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: ihpmServer => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: vToolbarUpdater40.2.4 => 2
MSCONFIG\Services: WerSvc => 3
MSCONFIG\startupreg: AvgUi => "C:\Program Files\AVG\Framework\Common\avguix.exe" /fmw.trayonly
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: Clownfish =>
MSCONFIG\startupreg: gmsd_ra_005010153 =>
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "D:\Steam\steam.exe" -silent
MSCONFIG\startupreg: vProt => "C:\Program Files\AVG Web TuneUp\vprot.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{2FC7E11E-CDD5-469E-B708-521B321A01A0}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{3B2B28A3-06AE-48D3-8F9C-30DDEA4A537B}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{DB980D2E-01C8-4C8F-AF80-5D3D8D4BB173}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{78B8CD05-CCD1-448D-AA86-898E3FBFB399}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{4C6599AB-EECB-423A-8287-AC24D23CB7B4}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{44E55FB3-397A-4144-85BC-95C41961CC3F}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{49D70A62-9EA3-452B-BDE2-4729688DB2CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{36EE156A-C6D2-4438-9A0B-B58E0F6254D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BE280D78-F6B8-424C-925D-B6E537ADDD27}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{E960804F-A074-49BD-985F-3802927263BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5180B23C-F49B-47F7-9C81-F087672EF11D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{22ACE48E-47FC-49B2-8BBA-0BA22394DB8E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6B17BC24-A251-4629-8EA8-0C08B074B92C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B6F9D73E-DB3C-4686-B23C-C33E8252135D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FD4182E8-E7B1-456E-B18A-18BD85CFEFA0}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{DADFAFDA-7B7D-4CBE-A3DB-E56FC8F79E66}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{8100B59F-A9F2-412E-A5D6-14203CF9BA43}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{1D29B1CD-3390-406B-A3BB-DB1F7369D51F}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{9FF23B6E-0951-43F4-85C5-F7838F04B8BD}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{C2DBC041-65B2-45BD-BD87-D197EBABE73E}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{FCEA29A5-A7BA-4F74-B680-B541128DBB32}] => (Allow) C:\Users\adinko\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BBAE009D-E42D-43EF-9E35-D72B07AFB189}] => (Allow) C:\Users\adinko\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{311589E7-DA7E-465B-BD4C-90ABF622F8D1}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [UDP Query User{2F393B4C-989E-4C5B-BBAD-F83E773A9A2F}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [{ECC45C9F-EBB0-49DC-8A1B-C164AD36A920}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{E149D2D7-1D3D-4D82-B8CE-131FF5A3B47C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{6C39B0C7-1B59-4EBF-82F2-851622A52137}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BF389C11-8E08-45EC-BEA3-B07C85371DCC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{3BE5D093-08AD-4953-AFF9-E216340FC625}C:\program files\java\jre1.8.0_65\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\java.exe
FirewallRules: [UDP Query User{07A08B5A-1EFA-4682-BC43-55117D09C34B}C:\program files\java\jre1.8.0_65\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\java.exe
FirewallRules: [{20909D65-9DD9-4B61-9177-C1762B011450}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{18C99C50-A2C5-473B-8B08-67B3B20F1D74}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{A4EF2A14-1799-46DF-96CA-0642A56BE961}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{DB65BE3B-695D-4307-A746-7D9AEFFE90E5}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{E6D39824-0E73-4353-93BB-9417EF810ECB}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{28D25E3A-F7C1-4FD1-BA47-690DFF087A3A}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{E591FDBD-DEA1-4B72-9B7B-0C6A0BD48377}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{5A0567D9-9905-4D98-B4FC-57AB6D72EB54}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{49E61A30-F1B1-4B25-8025-AD1E318EEBBE}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{EC85575A-3EDF-4661-9337-6C61CC3B5A56}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{01B002BA-64B2-4526-87E9-A43D866DE87C}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{CE92005B-2600-4333-9BE6-C243FC728818}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{C148CEA7-CF59-451B-B064-69D117C4CD47}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{F3FAF269-3C68-4559-B172-0687B310E796}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{4122DD3D-88A1-4932-82C3-4E8AB207B112}] => (Allow) D:\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{85EC0546-A527-49AC-9CBF-54492713BC7B}] => (Allow) D:\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled
Could not list restore points
Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/31/2016 03:18:08 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/31/2016 03:17:57 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/31/2016 03:17:57 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/31/2016 03:17:57 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/31/2016 03:05:57 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/31/2016 03:05:45 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/31/2016 03:05:45 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/31/2016 03:05:45 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/30/2016 04:24:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (2844) WebCacheLocal: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Users\adinko\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (01/29/2016 01:05:32 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.


System errors:
=============
Error: (01/31/2016 12:39:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Windows Management Instrumentation, od ktorej závisí služba Security Center, zlyhalo kvôli nasledujúcej chybe:
%%1058

Error: (01/31/2016 12:38:53 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (01/31/2016 12:38:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Function Discovery Provider Host, od ktorej závisí služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe:
%%1058

Error: (01/31/2016 12:36:44 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "60A44C2C2E60" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.

Error: (01/31/2016 12:36:44 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "60A44C2C2E60" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.

Error: (01/31/2016 12:36:44 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "009027905FE8" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.

Error: (01/31/2016 12:36:44 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "009027905FE8" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.

Error: (01/30/2016 04:29:33 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (01/30/2016 04:25:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Windows Management Instrumentation, od ktorej závisí služba Security Center, zlyhalo kvôli nasledujúcej chybe:
%%1058

Error: (01/30/2016 04:25:22 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422


==================== Memory info ===========================

Processor: AMD A4-5300 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 51%
Total physical RAM: 3049.65 MB
Available physical RAM: 1482.67 MB
Total Virtual: 6096.94 MB
Available Virtual: 3632.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:172.69 GB) (Free:87.44 GB) NTFS
Drive d: () (Fixed) (Total:292.97 GB) (Free:182.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=172.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[altrok]

Krasny den Vam preju



Nebezi Vam WMI a na nej navazane sluzby Security center, body obnoveni apod. Pokusime se to napravit. Priste prosim vlozte oba vygenerovane logy (FRST.txt i Addition.txt), protoze ze samotneho Addition.txt vyctu jen cast informaci.


V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).


Odinstalujte Advanced System Care a dale i ostatni produkty od IObitu. Jsou to cinske smejdy, ktere svou karieru zapocaly kradezi databaze spolecnosti Malwarebytes a navic pri nekterych "opravach" timto produktem nekolikrat doslo k poskozeni operacniho systemu takovym zpusobem, ze vse zcela vyresil az kompletni reinstall. Obecne jsem proti vsem zrychlovacum a optimizerum krome nekolik let odzkouseneho CCleaneru, ktery je v defaultnim nastaveni neskodny.


Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Cleaning
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

[tombola6]

Log z ADWCLEANERU:

# AdwCleaner v5.032 - Logfile created 01/02/2016 at 14:22:32
# Updated 31/01/2016 by Xplode
# Database : 2016-01-31.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : adinko - ADINKO-PC
# Running from : C:\Users\adinko\Desktop\adwcleaner_5.032.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : vToolbarUpdater40.2.4

***** [ Folders ] *****

[-] Folder Deleted : C:\ftb
[-] Folder Deleted : C:\Program Files\speedypc software
[-] Folder Deleted : C:\Program Files\57AE1801-1448114648-D04C-58D5-60A44C2C2E60
[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
[-] Folder Deleted : C:\Program Files\Common Files\speedypc software
[-] Folder Deleted : C:\ProgramData\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\ProgramData\ParetoLogic
[-] Folder Deleted : C:\ProgramData\speedypc software
[-] Folder Deleted : C:\Users\adinko\AppData\Roaming\cpuminer
[-] Folder Deleted : C:\Users\adinko\AppData\Roaming\ParetoLogic
[-] Folder Deleted : C:\Users\adinko\AppData\Roaming\speedypc software
[-] Folder Deleted : C:\Users\adinko\AppData\Roaming\Systweak
[-] Folder Deleted : C:\Users\adinko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\speedypc software

***** [ Files ] *****

[-] File Deleted : C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : SpeedyPC Registration3

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\DAILYPCCLEAN
[-] Key Deleted : HKCU\Software\Microsoft\Tinstalls
[-] Key Deleted : HKCU\Software\ParetoLogic
[-] Key Deleted : HKCU\Software\Reg\Clean
[-] Key Deleted : HKCU\Software\speedypc software
[-] Key Deleted : HKLM\SOFTWARE\ParetoLogic
[-] Key Deleted : HKLM\SOFTWARE\Reg\Clean
[-] Key Deleted : HKLM\SOFTWARE\speedypc software
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{604CD5A1-4520-4844-B064-A3D884B77E91}
[!] Key Not Deleted : HKU\S-1-5-21-3847442437-178053374-3691882369-1001\Software\DAILYPCCLEAN
[!] Key Not Deleted : HKU\S-1-5-21-3847442437-178053374-3691882369-1001\Software\Microsoft\Tinstalls
[!] Key Not Deleted : HKU\S-1-5-21-3847442437-178053374-3691882369-1001\Software\ParetoLogic
[!] Key Not Deleted : HKU\S-1-5-21-3847442437-178053374-3691882369-1001\Software\Reg\Clean
[!] Key Not Deleted : HKU\S-1-5-21-3847442437-178053374-3691882369-1001\Software\speedypc software
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[!] Key Not Deleted : HKU\S-1-5-21-3847442437-178053374-3691882369-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5001 bytes] ##########


Log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:27-01-2016
Ran by adinko (administrator) on ADINKO-PC (31-01-2016 18:00:19)
Running from C:\Users\adinko\Desktop
Loaded Profiles: adinko (Available Profiles: adinko)
Platform: Windows 7 Professional Service Pack 1 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
() C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare\Monitor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Valve Corporation) D:\Steam\Steam.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(TeamSpeak Systems GmbH) C:\Users\adinko\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe
(Opera Software) C:\Program Files\Opera\34.0.2036.50\opera.exe
(Opera Software) C:\Program Files\Opera\34.0.2036.50\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\34.0.2036.50\opera.exe
(Opera Software) C:\Program Files\Opera\34.0.2036.50\opera.exe
(Opera Software) C:\Program Files\Opera\34.0.2036.50\opera.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Opera Software) C:\Program Files\Opera\34.0.2036.50\opera.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Opera Software) C:\Program Files\Opera\34.0.2036.50\opera.exe
(Opera Software) C:\Program Files\Opera\34.0.2036.50\opera.exe
(Opera Software) C:\Program Files\Opera\34.0.2036.50\opera.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguix.exe [1136552 2015-11-12] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3855272 2015-12-09] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [IObit Malware Fighter] => C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [5893920 2015-11-12] (IObit)
HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\Run: [Clownfish] => 0
HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\Run: [MyComGames] => C:\Users\adinko\AppData\Local\MyComGames\MyComGames.exe [4769136 2016-01-29] (MY.COM B.V.)
HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe [2019616 2016-01-11] (IObit)
HKU\S-1-5-21-3847442437-178053374-3691882369-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F2FEA783-CB17-45C3-992C-EE4534491F2C}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3847442437-178053374-3691882369-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={A1899C4B-AA13-452C-BDA8-73FF3AD1DB4D}&mid=100f8d4f867c47cc9972b1ed0ac8c793-b59216cfae9987ba7b012ad5a6e2f08b550d52cc&lang=en&ds=AVG&coid=avgtbavg&cmpid=0615piz&pr=fr&d=2015-12-21 18:11:53&v=4.2.4.155&pid=wtu&sg=&sap=hp
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3847442437-178053374-3691882369-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={A1899C4B-AA13-452C-BDA8-73FF3AD1DB4D}&mid=100f8d4f867c47cc9972b1ed0ac8c793-b59216cfae9987ba7b012ad5a6e2f08b550d52cc&lang=en&ds=AVG&coid=avgtbavg&cmpid=0615piz&pr=fr&d=2015-12-21 18:11:53&v=4.2.4.155&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-12-14] (Oracle Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.2.4.155\AVG Web TuneUp.dll [2015-12-21] (AVG)
BHO: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-12-14] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-12-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-12-14] (Oracle Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-21] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-3847442437-178053374-3691882369-1001: @my.com/Games -> C:\Users\adinko\AppData\Local\MyComGames\NPMyComDetector.dll [2016-01-27] (MY.COM B.V.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\adinko\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\adinko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-22]
CHR Extension: (Disk Google) - C:\Users\adinko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (YouTube) - C:\Users\adinko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-22]
CHR Extension: (Google Search) - C:\Users\adinko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\adinko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\adinko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-22]
CHR Extension: (Gmail) - C:\Users\adinko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-22]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService9; C:\Program Files\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit)
S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [615584 2015-12-09] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3857272 2015-12-09] (AVG Technologies CZ, s.r.o.)
S4 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [862632 2015-11-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [579776 2015-12-09] (AVG Technologies CZ, s.r.o.)
S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [236832 2015-12-27] (EasyAntiCheat Ltd)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [922928 2015-11-12] (NVIDIA Corporation)
R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-11-04] (IObit)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6288688 2015-11-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4611888 2015-11-12] (NVIDIA Corporation)
S4 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6887696 2015-11-30] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [3515816 2015-12-11] (AVG Technologies CZ, s.r.o.)
S4 vToolbarUpdater40.2.4; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe [1923984 2015-12-21] (AVG Secure Search)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [1164688 2015-12-21] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [73928 2015-11-21] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [36040 2015-11-21] (Advanced Micro Devices)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [149936 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [255920 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [231344 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [308656 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [193968 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [36784 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies CZ, s.r.o.)
S4 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [21480 2015-03-25] (IObit)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-11-21] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-01-31] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18736 2015-11-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [44840 2015-08-11] (NVIDIA Corporation)
R3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [32288 2015-03-25] (IObit.com)
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [30632 2015-12-11] (TuneUp Software)
S3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [20944 2015-03-25] (IObit.com)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-31 18:00 - 2016-01-31 18:00 - 00014454 _____ C:\Users\adinko\Desktop\FRST.txt
2016-01-31 17:59 - 2016-01-31 17:59 - 00112640 _____ (forum.viry.cz) C:\Users\adinko\Downloads\FRSTLauncher.exe
2016-01-31 17:59 - 2016-01-31 17:59 - 00112640 _____ (forum.viry.cz) C:\Users\adinko\Desktop\FRSTLauncher.exe
2016-01-31 17:59 - 2016-01-31 17:59 - 00015327 _____ C:\Users\adinko\Desktop\LM.bat
2016-01-31 17:58 - 2016-01-31 18:00 - 00000000 ____D C:\FRST
2016-01-31 17:58 - 2016-01-31 17:58 - 01721856 _____ (Farbar) C:\Users\adinko\Downloads\FRST.exe
2016-01-31 17:58 - 2016-01-31 17:58 - 01721856 _____ (Farbar) C:\Users\adinko\Desktop\FRST.exe
2016-01-31 17:55 - 2016-01-31 17:55 - 01107968 _____ C:\Users\adinko\Downloads\RSIT.exe
2016-01-28 21:48 - 2016-01-28 21:51 - 00000080 _____ C:\Users\adinko\Desktop\uTorrent.lnk
2016-01-28 20:47 - 2016-01-31 17:46 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-28 20:47 - 2016-01-28 21:52 - 00001054 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-28 20:47 - 2016-01-28 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-28 20:47 - 2016-01-28 20:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-28 20:47 - 2016-01-28 20:47 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-01-28 20:47 - 2015-10-05 09:50 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-01-28 20:47 - 2015-10-05 09:50 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-01-28 20:47 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-01-28 20:46 - 2016-01-28 20:46 - 22908888 _____ (Malwarebytes ) C:\Users\adinko\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-28 20:46 - 2016-01-28 20:46 - 22908888 _____ (Malwarebytes ) C:\Users\adinko\Downloads\mbam-setup-2.2.0.1024 (1).exe
2016-01-28 18:51 - 2016-01-28 18:51 - 00087658 _____ C:\Users\adinko\Downloads\cfg (1).rar
2016-01-28 18:51 - 2015-11-20 02:30 - 00011094 _____ C:\Users\adinko\Desktop\oskar.cfg
2016-01-28 18:51 - 2015-01-12 14:06 - 00001142 _____ C:\Users\adinko\Desktop\oskarexeeec.cfg
2016-01-28 16:17 - 2016-01-28 16:17 - 00000000 ____D C:\Users\adinko\Documents\League of Legends
2016-01-28 15:43 - 2016-01-28 15:46 - 278927592 _____ (Microsoft Corporation) C:\Users\adinko\Downloads\WindowsXP-KB835935-SP2-ENU.exe
2016-01-28 15:30 - 2016-01-28 15:31 - 00000000 ____D C:\Program Files\driver
2016-01-28 15:25 - 2016-01-29 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReQuick
2016-01-28 15:25 - 2016-01-28 15:37 - 00000000 ____D C:\Program Files\ReQuick
2016-01-28 15:25 - 2016-01-28 15:25 - 01220954 _____ (My Company, Inc. ) C:\Users\adinko\Downloads\RegistryQuick_setup (1).exe
2016-01-28 15:24 - 2016-01-28 15:24 - 01220954 _____ (My Company, Inc. ) C:\Users\adinko\Downloads\RegistryQuick_setup.exe
2016-01-28 15:09 - 2016-01-28 15:10 - 65528135 _____ C:\Users\adinko\Downloads\SmartGenius_Win (4).zip
2016-01-28 14:48 - 2016-01-28 14:48 - 65528135 _____ C:\Users\adinko\Downloads\SmartGenius_Win (3).zip
2016-01-27 19:08 - 2016-01-27 19:08 - 00000202 _____ C:\Users\adinko\Desktop\Brawlhalla.url
2016-01-27 14:37 - 2016-01-27 14:41 - 531885367 _____ C:\Users\adinko\Downloads\WoW_WotLK.zip
2016-01-27 14:34 - 2016-01-27 14:34 - 00169218 _____ C:\Users\adinko\Downloads\WoW_WotLK.torrent
2016-01-27 14:33 - 2016-01-27 14:41 - 405788579 _____ C:\Users\adinko\Downloads\WOW Wotlk 3.3.5a.rar
2016-01-27 14:27 - 2016-01-27 14:27 - 00101051 _____ C:\Users\adinko\Downloads\[SkT]World_of_Warcraft-_Wrath_of_the_Lich_King_-_3.3.5a_(12340)_-_enUS_(No_Install).torrent
2016-01-26 22:27 - 2016-01-31 13:13 - 39796736 _____ C:\Windows\system32\config\SOFTWARE.iobit
2016-01-26 22:27 - 2016-01-31 13:13 - 00438272 _____ C:\Windows\system32\config\DEFAULT.iobit
2016-01-26 22:27 - 2016-01-31 13:13 - 00028672 _____ C:\Windows\system32\config\SECURITY.iobit
2016-01-26 22:27 - 2016-01-31 13:13 - 00028672 _____ C:\Windows\system32\config\SAM.iobit
2016-01-26 20:24 - 2016-01-28 21:52 - 00001125 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2016-01-26 20:24 - 2016-01-26 20:24 - 00000000 ____D C:\Users\adinko\AppData\Roaming\Apple Computer
2016-01-26 20:24 - 2016-01-26 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2016-01-26 20:23 - 2016-01-26 20:23 - 00000000 ____D C:\Users\adinko\AppData\Roaming\ProductData
2016-01-26 20:22 - 2016-01-29 19:09 - 00002186 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2016-01-26 20:22 - 2016-01-28 21:52 - 00002094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2016-01-26 20:22 - 2016-01-28 21:52 - 00002088 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2016-01-26 20:22 - 2016-01-26 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-01-26 20:22 - 2016-01-26 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2016-01-26 20:22 - 2016-01-26 20:22 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-01-26 20:22 - 2016-01-26 20:22 - 00000000 ____D C:\Program Files\Common Files\IObit
2016-01-26 20:21 - 2016-01-26 20:21 - 41171496 _____ (IObit ) C:\Users\adinko\Downloads\advanced-systemcare-setup.exe
2016-01-26 20:18 - 2016-01-26 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParkControl
2016-01-26 20:17 - 2016-01-26 20:18 - 00825760 _____ (Bitsum LLC) C:\Users\adinko\Downloads\parkcontrolsetup32.exe
2016-01-26 14:33 - 2016-01-26 14:33 - 00092916 _____ C:\Users\adinko\Downloads\MarkC_Windows_10+8.x+7_MouseFix.zip
2016-01-26 13:17 - 2016-01-26 13:17 - 00000000 ____D C:\Users\adinko\AppData\Local\Blizzard Entertainment
2016-01-26 13:10 - 2016-01-28 21:48 - 00000000 ____D C:\Users\adinko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-01-26 13:08 - 2016-01-26 13:08 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-01-26 13:06 - 2016-01-26 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firestorm Launcher
2016-01-26 13:05 - 2016-01-26 13:06 - 25838469 _____ (Firestorm ) C:\Users\adinko\Downloads\FirestormLauncherSetup.exe
2016-01-25 13:11 - 2016-01-25 13:11 - 00010677 _____ C:\Users\adinko\Desktop\fallen.cfg
2016-01-24 20:36 - 2016-01-24 20:54 - 235850462 _____ C:\Users\adinko\Downloads\Rytmus---Eternal-(PROMO)-(2015).avi
2016-01-23 23:20 - 2016-01-23 23:21 - 10282956 _____ C:\Users\adinko\Downloads\World of Warcraft - Cataclysm.zip
2016-01-23 23:17 - 2016-01-23 23:17 - 04747214 _____ C:\Users\adinko\Downloads\wow.exe.zip
2016-01-23 23:16 - 2016-01-23 23:20 - 2451867803 _____ C:\Users\adinko\Downloads\WoW_Cata.zip
2016-01-23 23:15 - 2016-01-23 23:15 - 00146563 _____ C:\Users\adinko\Downloads\WoW_Cata.torrent
2016-01-23 17:25 - 2016-01-25 11:09 - 00000000 ____D C:\Users\adinko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Armored Warfare MyCom Beta
2016-01-23 16:59 - 2016-01-31 12:39 - 00000000 ____D C:\Users\adinko\AppData\Local\MyComGames
2016-01-23 16:59 - 2016-01-25 11:09 - 00000123 _____ C:\Users\adinko\Desktop\Armored Warfare.url
2016-01-23 16:59 - 2016-01-23 16:59 - 05602760 _____ (MY.COM B.V.) C:\Users\adinko\Downloads\ArmoredWarfareMycomLoader_8956d580cee42718da28711010cbcd02_A_en.exe
2016-01-23 16:59 - 2016-01-23 16:59 - 00000000 ____D C:\Users\adinko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2016-01-22 22:43 - 2016-01-28 21:45 - 00000000 ____D C:\Users\adinko\BrawlhallaReplays
2016-01-21 22:16 - 2016-01-21 22:24 - 1791969280 _____ C:\Users\adinko\Downloads\The.Wolf.of.Wall.Street.2013.BDRip.XviD.CZ-TreZzoR.avi
2016-01-21 22:16 - 2016-01-21 22:16 - 00017636 _____ C:\Users\adinko\Downloads\[SkT]Vlk_z_Wall_Street_-_The_Wolf_of_Wall_Street_(2013)(CZ)_=_CSFD_83%.torrent
2016-01-21 20:47 - 2016-01-21 20:49 - 00000000 ____D C:\Users\adinko\Downloads\LokalFilmis.2015.DVDRip.XviD.SK-TreZzoR
2016-01-21 20:47 - 2016-01-21 20:47 - 00013616 _____ C:\Users\adinko\Downloads\[SkT]LokalFilmis_(2015)(SK)_=_CSFD_50%.torrent
2016-01-21 20:12 - 2016-01-21 20:12 - 00546199 _____ C:\Users\adinko\Downloads\Unpark-CPU-App.zip
2016-01-20 20:33 - 2016-01-20 20:33 - 00822218 _____ C:\Users\adinko\Downloads\Prezentácia4.pptx
2016-01-20 18:59 - 2016-01-20 19:00 - 00000000 ____D C:\Users\adinko\Downloads\American.Sniper.2014.BDRip.XviD.AC3.CZ-GRAcE
2016-01-20 18:58 - 2016-01-20 18:58 - 00020235 _____ C:\Users\adinko\Downloads\[SkT]Americky_sniper_-_American_Sniper_(2014)(CZ)_=_CSFD_76%.torrent
2016-01-19 20:35 - 2016-01-19 20:40 - 1429354810 _____ C:\Users\adinko\Downloads\Ted.2.2015.BDRip.x264.CZ-TreZzoR.mkv
2016-01-19 20:34 - 2016-01-19 20:34 - 00014158 _____ C:\Users\adinko\Downloads\[SkT]Meda_2_-_Ted_2_(2015)(CZ)_=_CSFD_73%.torrent
2016-01-19 20:31 - 2016-01-28 21:48 - 00000000 ____D C:\Users\adinko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2016-01-19 20:31 - 2016-01-19 20:31 - 02168720 _____ (emc) C:\Users\adinko\Downloads\uTorrent221.exe
2016-01-19 20:31 - 2016-01-19 20:31 - 00000954 _____ C:\Users\adinko\Desktop\µTorrent.lnk
2016-01-18 21:29 - 2016-01-18 21:29 - 00000000 ____D C:\Users\adinko\AppData\Roaming\BrawlhallaAir
2016-01-17 16:10 - 2016-01-17 16:10 - 00032633 _____ C:\Users\adinko\Downloads\[navi-gaming.com]guardian_new_config_2014.rar
2016-01-15 15:50 - 2016-01-15 15:51 - 65528135 _____ C:\Users\adinko\Downloads\SmartGenius_Win (2).zip
2016-01-15 15:34 - 2016-01-15 15:34 - 01037873 _____ C:\Users\adinko\Downloads\Glarysoft Downloader.rar
2016-01-15 15:32 - 2016-01-15 15:32 - 02096923 _____ C:\Users\adinko\Downloads\Crack Tool v15.33 - Razor1911.zip
2016-01-15 15:27 - 2016-01-28 21:52 - 00001201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Repair.lnk
2016-01-15 15:27 - 2016-01-15 15:27 - 00000000 ____D C:\Users\adinko\AppData\Roaming\GlarySoft
2016-01-15 15:27 - 2016-01-15 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2016-01-15 15:27 - 2016-01-15 15:27 - 00000000 ____D C:\Program Files\Glarysoft
2016-01-15 15:26 - 2016-01-15 15:27 - 04880712 _____ C:\Users\adinko\Downloads\rrsetup.exe
2016-01-15 15:26 - 2016-01-15 15:26 - 03901768 _____ (solvusoft Corporation ) C:\Users\adinko\Downloads\WinThruster_Setup_2016.exe
2016-01-15 15:26 - 2016-01-15 15:26 - 00178176 _____ (Microsoft Corporation) C:\Users\adinko\Downloads\wbemdisp.dll
2016-01-15 15:19 - 2016-01-15 15:19 - 07136072 _____ (ParetoLogic, Inc.) C:\Users\adinko\Downloads\RegCureProSetup_E527CF7F-2135-4210-A63C-07B904BD809F_.exe
2016-01-12 20:22 - 2016-01-12 20:23 - 65528135 _____ C:\Users\adinko\Downloads\SmartGenius_Win (1).zip
2016-01-12 20:10 - 2016-01-12 20:11 - 65528135 _____ C:\Users\adinko\Downloads\SmartGenius_Win.zip
2016-01-09 14:53 - 2016-01-09 14:53 - 00004165 _____ C:\Users\adinko\Downloads\tazCFG.rar
2016-01-09 14:53 - 2016-01-09 14:53 - 00004165 _____ C:\Users\adinko\Downloads\tazCFG (1).rar
2016-01-09 01:04 - 2016-01-09 01:04 - 00000000 ____D C:\Users\adinko\AppData\Roaming\.tlauncher
2016-01-09 01:03 - 2016-01-09 01:03 - 02354011 _____ () C:\Users\adinko\Downloads\TLauncher-MCL.exe
2016-01-07 21:14 - 2016-01-07 21:14 - 00000709 _____ C:\Users\adinko\Downloads\theskitzmachine_config_details.txt
2016-01-06 18:14 - 2016-01-06 18:14 - 00000000 ____D C:\Users\adinko\AppData\Local\SLAM
2016-01-06 18:12 - 2016-01-06 18:12 - 00317840 _____ C:\Users\adinko\Downloads\SLAM_v1.2.2.zip
2016-01-05 16:34 - 2016-01-05 16:34 - 00074272 _____ C:\Users\adinko\Downloads\cfg2015.zip
2016-01-02 23:56 - 2016-01-23 23:19 - 00000000 ____D C:\Users\adinko\Desktop\Configs
2016-01-02 23:54 - 2016-01-02 23:54 - 00005449 _____ C:\Users\adinko\Downloads\kennyS_cfg (1).zip
2016-01-01 21:56 - 2016-01-01 21:56 - 00000202 _____ C:\Users\adinko\Desktop\Rocket League.url
2016-01-01 00:31 - 2016-01-01 00:31 - 00000199 _____ C:\Users\adinko\Desktop\Counter-Strike Global Offensive.url

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-31 18:00 - 2015-11-22 13:45 - 00000470 _____ C:\Windows\Tasks\SpeedyPC Registration3.job
2016-01-31 17:57 - 2015-11-21 15:08 - 00000000 ____D C:\Users\adinko\AppData\Roaming\TS3Client
2016-01-31 13:15 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-01-31 12:45 - 2009-07-14 05:34 - 00033712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-31 12:45 - 2009-07-14 05:34 - 00033712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-31 12:41 - 2015-11-21 16:37 - 00000000 ____D C:\ProgramData\MFAData
2016-01-31 12:37 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-31 03:18 - 2015-11-22 13:53 - 00000549 _____ C:\Windows\Tasks\SpeedyPC Pro_sch_FB7B39B1-9117-11E5-B2CD-60A44C2C2E60.job
2016-01-31 03:18 - 2010-11-20 22:01 - 00765992 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-31 03:17 - 2015-11-24 15:05 - 00000000 ____D C:\Windows\system32\MRT
2016-01-31 03:09 - 2015-11-24 15:05 - 141317472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-31 01:49 - 2015-11-21 19:19 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-01-29 14:04 - 2015-11-21 23:34 - 00000000 ____D C:\Users\adinko\AppData\Roaming\Skype
2016-01-28 21:52 - 2015-12-31 16:00 - 00000512 _____ C:\Users\Public\Desktop\Steam.lnk
2016-01-28 21:52 - 2015-12-22 16:06 - 00002198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2016-01-28 21:52 - 2015-12-21 18:29 - 00000872 _____ C:\Users\Public\Desktop\AVG.lnk
2016-01-28 21:52 - 2015-12-10 17:50 - 00000989 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-01-28 21:52 - 2015-12-10 17:50 - 00000983 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-01-28 21:52 - 2015-11-22 13:41 - 00000959 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-28 21:52 - 2015-11-22 00:40 - 00001841 _____ C:\Users\Public\Desktop\Clownfish.lnk
2016-01-28 21:52 - 2015-11-21 23:33 - 00002695 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-28 21:52 - 2015-11-21 20:00 - 00001607 _____ C:\Users\Public\Desktop\League of Legends.lnk
2016-01-28 21:52 - 2015-11-21 19:19 - 00002135 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-28 21:52 - 2015-11-21 15:13 - 00002096 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2016-01-28 21:52 - 2015-11-21 14:58 - 00001069 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-01-28 21:52 - 2015-11-21 14:58 - 00001063 _____ C:\Users\Public\Desktop\Opera.lnk
2016-01-28 21:52 - 2015-11-21 14:53 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-01-28 21:52 - 2015-11-21 14:53 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-01-28 21:52 - 2009-07-14 05:46 - 00001479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-28 21:52 - 2009-07-14 05:46 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-01-28 21:52 - 2009-07-14 05:42 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-01-28 21:52 - 2009-07-14 05:42 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-01-28 21:52 - 2009-07-14 05:42 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-01-28 21:52 - 2009-07-14 05:42 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-01-28 21:52 - 2009-07-14 05:37 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-01-28 21:51 - 2015-12-14 21:09 - 00001211 _____ C:\Users\adinko\Desktop\TeamSpeak 3 Client.lnk
2016-01-28 21:51 - 2015-12-03 20:04 - 00000948 _____ C:\Users\adinko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2016-01-28 21:51 - 2015-11-21 14:57 - 00001413 _____ C:\Users\adinko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-28 21:50 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system
2016-01-28 12:14 - 2015-11-21 15:14 - 00000000 ____D C:\ProgramData\ProductData
2016-01-28 12:13 - 2009-07-14 05:53 - 00032596 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-01-27 19:08 - 2015-11-21 15:18 - 00000000 ____D C:\Users\adinko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-27 17:03 - 2015-11-28 22:06 - 00000000 ____D C:\Users\adinko\AppData\Roaming\uTorrent
2016-01-27 16:59 - 2015-11-28 22:10 - 00000000 ____D C:\Users\adinko\Downloads\World of Warcraft - 3.3.5a (12340) - enUS (No Install)
2016-01-27 11:19 - 2015-11-21 15:13 - 00000000 ____D C:\ProgramData\IObit
2016-01-26 20:25 - 2015-11-21 15:13 - 00000000 ____D C:\Users\adinko\AppData\Roaming\IObit
2016-01-26 20:24 - 2015-11-21 15:13 - 00000000 ____D C:\Users\adinko\AppData\LocalLow\IObit
2016-01-26 20:24 - 2015-11-21 15:13 - 00000000 ____D C:\Program Files\IObit
2016-01-26 20:18 - 2015-11-23 17:40 - 00000000 ____D C:\Program Files\ParkControl
2016-01-25 13:35 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\LiveKernelReports
2016-01-24 20:52 - 2015-11-21 15:16 - 00007598 _____ C:\Users\adinko\AppData\Local\Resmon.ResmonCfg
2016-01-22 22:43 - 2015-11-21 14:56 - 00000000 ____D C:\Users\adinko
2016-01-21 14:05 - 2015-11-21 14:58 - 00000000 ____D C:\Program Files\Opera
2016-01-19 20:44 - 2011-04-12 07:45 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-01-15 15:27 - 2015-11-24 15:15 - 00000000 ____D C:\ProgramData\ParetoLogic
2016-01-09 01:35 - 2015-12-05 20:56 - 00000000 ____D C:\Users\adinko\AppData\Roaming\.minecraft
2016-01-01 00:26 - 2015-11-21 15:14 - 00000000 ____D C:\Program Files\Common Files\Steam

==================== Files in the root of some directories =======

2015-11-22 13:44 - 2016-01-15 15:27 - 0000115 _____ () C:\Users\adinko\AppData\Roaming\LogFile.txt
2015-11-21 15:07 - 2015-11-21 15:07 - 0000024 ___SH () C:\Users\adinko\AppData\Roaming\rfgid
2015-11-21 15:05 - 2015-11-21 15:05 - 0000187 _____ () C:\Users\adinko\AppData\Local\Latcore.exe.config
2015-11-21 15:16 - 2016-01-24 20:52 - 0007598 _____ () C:\Users\adinko\AppData\Local\Resmon.ResmonCfg
2015-11-21 15:41 - 2015-11-21 15:41 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-11-21 15:14 - 2015-11-21 16:25 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-16 13:01

==================== End of FRST.txt ============================

[tombola6]

A ešte jednu vec by som chcel poradiť neviem či to budete vediet ale chcel by som si nainstalovat driver na myšku ale ked to dam inštalovať vypíše my že Niaky SWBEMLOCATOR neni spusteni alebo neviem čo.......

Dakujem za radu popripade vam sem dam screen.

https://ctrlv.cz/hYdm

[altrok]

Ulozte na plochu MBAR - http://www.bleepingcomputer.com/downloa ... i-rootkit/

• Spuste dvojklikem a extrahujte na plochu
• kliknete na Next
• Aktualizujte virovou databazi klikem na Update a pokracujte na Next
• Vsechny 3 moznosti nechte zaskrtnute a zvolte Scan (potrva cca 15 minut)
• zatrhnete vsechny nalezy a take zkontrolujte zatrzitko u Create Restore Point
• kliknete na Cleanup a souhlaste s restartem - Yes
• obsah logu ulozene na plose v mbar\mbar-log-2015-mm-dd (hh-mm-ss).txt vlozte do pristi odpovedi

[tombola6]

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
main: v2016.02.01.04
rootkit: v2016.01.20.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.18097
adinko :: ADINKO-PC [administrator]

1. 2. 2016 16:38:17
mbar-log-2016-02-01 (16-38-17).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 291960
Time elapsed: 24 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

[altrok]

Start -> vepiste cmd

• na vysledek vyhledavani kliknete pravym a zvolte Spustit jako spravce
• do spusteneho okna vepiste: sfc /scannow
• a odentrujte
• po jeho skonceni jeste do otevreneho prikazoveho radku vepiste (pripadne text zkopirujte do schranky pomoci Ctrl+C a vlozte pres pravy klik a vlozit)
• findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"
• a odentrujte
• obsah logu sfcdetails.txt umisteneho na plose zkopirujte do pristi odpovedi

[tombola6]

https://ctrlv.cz/x3T2 nejde mi to :/

[altrok]

Provedte tedy tento postup v nouzovem rezimu.

[tombola6]

Nejde mi to ani v núdzovom režime

[altrok]

Zazalohujte si pro jistotu dulezite soubory.

Nabootujte z instalacniho media a spustte sfc z CD/DVD - anglicky navod zde http://www.sevenforums.com/tutorials/13 ... -boot.html
V pripade nejasnosti se ptejte.

[tombola6]

ešte som to neurobil no chcel by som pomoct s tím driverom na tu myš... Nejde mi to stále

[altrok]

Dle meho to muze souviset s nefunkcnim WMI. Jakym zpusobem se snazite driver nainstalovat? O jakou mys presne se jedna?

[tombola6]

Myš genius gx scorpion m6-400
snažil som sa myš nainštalovať tak že som si stiahol driver z ich oficialnej stránky od genius ale nejde to piše mi tam niečo s niakym SWBemLocatorom a ani neviem čo to je ... velmi by mi to pomohlo dakujem

[altrok]

Pokud problem souvisi s nefunkcnim WMI, problem bez jeho opravy nevyresime...
Vyzkousejte driver nainstalovat v nouzovem rezimu.