Re: trackid sp 006 a theadgateway.com
Napsal: 16 čer 2015 08:43
Už se to zdá být v naprostém pořádku. Děkuji. 
Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Miroslav at 2015-06-16 09:36:46 Run:2
Running from C:\Users\Miroslav\Desktop\frst
Loaded Profiles: Miroslav (Available Profiles: Miroslav)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3224447469-2905802030-4228407692-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3224447469-2905802030-4228407692-1001\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1720584 2015-02-09] (CyberLink Corp.)
HKU\S-1-5-21-3224447469-2905802030-4228407692-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-3224447469-2905802030-4228407692-1001\...\MountPoints2: {3e5d343c-ff0d-11e4-826c-38b1dbe81f72} - "F:\LenovoUsbDriver.exe"
HKU\S-1-5-21-3224447469-2905802030-4228407692-1001\...\MountPoints2: {c4cd905b-cefa-11e4-8264-38b1dbe81f72} - "F:\LenovoUsbDriver.exe"
BootExecute: autocheck autochk * sh4native Sh4Removal
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 SliceDisk5; \??\C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [X]
C:\Program Files\Enigma Software Group
C:\Program Files (x86)\Lavasoft
2015-06-15 09:23 - 2015-06-15 09:24 - 00023593 _____ C:\Users\Miroslav\Desktop\FRST.txt
2015-06-15 09:23 - 2015-06-15 09:23 - 00000000 ____D C:\Users\Miroslav\Desktop\FRST-OlderVersion
2015-06-15 08:25 - 2015-06-15 08:25 - 00002912 _____ C:\Windows\System32\Tasks\Start OPBHOBroker
2015-06-15 08:21 - 2015-06-15 08:21 - 00003154 _____ C:\Windows\System32\Tasks\YCMServiceAgent
2015-06-15 08:01 - 2015-06-15 07:33 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-06-15 07:35 - 2015-06-15 08:03 - 00032003 _____ C:\zoek-results.log
2015-06-15 07:30 - 2015-06-15 07:59 - 00000000 ____D C:\zoek_backup
2015-06-12 14:54 - 2015-06-15 09:20 - 00000000 ____D C:\AdwCleaner
2015-06-12 14:52 - 2015-06-12 14:52 - 02231296 _____ C:\Users\Miroslav\Desktop\adwcleaner_4.206.exe
2015-06-12 07:41 - 2015-06-12 07:42 - 00050740 _____ C:\Users\Miroslav\Downloads\Addition.txt
2015-06-12 07:40 - 2015-06-12 07:42 - 00059432 _____ C:\Users\Miroslav\Downloads\FRST.txt
2015-06-11 17:04 - 2015-06-15 08:03 - 00003416 _____ C:\Windows\System32\Tasks\Ad-Aware Update (Daily 4)
2015-06-11 17:04 - 2015-06-15 08:03 - 00003416 _____ C:\Windows\System32\Tasks\Ad-Aware Update (Daily 3)
2015-06-11 17:04 - 2015-06-15 08:03 - 00003416 _____ C:\Windows\System32\Tasks\Ad-Aware Update (Daily 2)
2015-06-11 17:04 - 2015-06-15 08:03 - 00003416 _____ C:\Windows\System32\Tasks\Ad-Aware Update (Daily 1)
2015-06-11 17:03 - 2015-06-15 08:02 - 00001564 _____ C:\aaw7boot.log
2015-06-11 13:32 - 2015-06-11 13:32 - 00000000 ____D C:\Program Files\Lavasoft
2015-06-11 13:05 - 2010-05-13 17:34 - 00014232 _____ C:\Windows\SysWOW64\sh4native.exe
2015-06-11 13:03 - 2015-06-11 13:17 - 02063465 _____ C:\spyhunter.fix
2015-06-11 11:20 - 2015-06-12 14:45 - 00000000 ____D C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2015-06-11 11:20 - 2015-06-11 11:20 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2015-06-11 10:40 - 2015-06-14 16:40 - 00000366 _____ C:\Windows\Tasks\Bidaily Synchronize Task[973b].job
2015-06-11 08:42 - 2015-06-11 11:13 - 00000000 ____D C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2015-06-11 08:42 - 2015-06-11 08:42 - 00000000 ____D C:\Program Files\Enigma Software Group
2015-06-11 08:40 - 2015-06-11 08:40 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Miroslav\Downloads\SpyHunter-Installer.exe
2015-06-10 13:15 - 2015-06-10 13:15 - 00532480 _____ (Trend Micro Incorporated) C:\Users\Miroslav\Downloads\cwshredder.exe
2015-06-10 10:23 - 2015-06-11 11:14 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-06-10 10:23 - 2015-06-11 11:13 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-06-10 10:23 - 2015-06-10 10:23 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-06-10 10:21 - 2015-06-10 10:22 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Miroslav\Downloads\spybot-2.4.exe
2015-06-10 10:12 - 2015-06-10 10:12 - 01700501 _____ C:\Users\Miroslav\Downloads\Keygen_v10.rar
2015-06-10 09:50 - 2015-06-10 09:50 - 01066979 _____ ( ) C:\Users\Miroslav\Downloads\AdwareAway.exe
2015-06-10 09:30 - 2015-04-09 00:07 - 00410336 _____ C:\Windows\system32\ApnDatabase.xml
2015-06-10 09:16 - 2015-06-15 07:57 - 00000000 ____D C:\Users\Miroslav\AppData\Local\Lavasoft
2015-06-10 09:16 - 2015-06-10 09:16 - 00000000 ____D C:\Users\Miroslav\AppData\Roaming\LavasoftStatistics
2015-06-10 09:16 - 2015-06-10 09:16 - 00000000 ____D C:\searchplugins
2015-06-10 09:16 - 2015-06-08 14:13 - 00428880 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-06-10 09:09 - 2015-06-11 08:47 - 00000000 ____D C:\Users\Miroslav\AppData\Roaming\Lavasoft
2015-06-10 09:07 - 2015-06-15 08:12 - 00000000 ____D C:\ProgramData\Lavasoft
2015-06-10 09:07 - 2015-06-10 09:07 - 01753736 _____ C:\Users\Miroslav\Downloads\Adaware_Installer.exe
2015-05-25 14:17 - 2015-05-25 14:34 - 00000000 ____D C:\ProgramData\RogueKiller
2015-05-25 14:17 - 2015-05-25 14:17 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-05-25 14:16 - 2015-05-25 14:16 - 17023576 _____ C:\Users\Miroslav\Downloads\RogueKiller.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value removed successfully
HKU\S-1-5-21-3224447469-2905802030-4228407692-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully
HKU\S-1-5-21-3224447469-2905802030-4228407692-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Power2GoExpress8 => value removed successfully
HKU\S-1-5-21-3224447469-2905802030-4228407692-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Web Companion => value removed successfully
"HKU\S-1-5-21-3224447469-2905802030-4228407692-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e5d343c-ff0d-11e4-826c-38b1dbe81f72}" => key removed successfully
HKCR\CLSID\{3e5d343c-ff0d-11e4-826c-38b1dbe81f72} => key not found.
"HKU\S-1-5-21-3224447469-2905802030-4228407692-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c4cd905b-cefa-11e4-8264-38b1dbe81f72}" => key removed successfully
HKCR\CLSID\{c4cd905b-cefa-11e4-8264-38b1dbe81f72} => key not found.
hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => key removed successfully
HKCR\Wow6432Node\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
esgiguard => Service removed successfully
SliceDisk5 => Service removed successfully
C:\Program Files\Enigma Software Group => moved successfully.
"C:\Program Files (x86)\Lavasoft" => File/Folder not found.
"C:\Users\Miroslav\Desktop\FRST.txt" => File/Folder not found.
"C:\Users\Miroslav\Desktop\FRST-OlderVersion" => File/Folder not found.
C:\Windows\System32\Tasks\Start OPBHOBroker => moved successfully.
C:\Windows\System32\Tasks\YCMServiceAgent => moved successfully.
C:\Windows\zoek-delete.exe => moved successfully.
C:\zoek-results.log => moved successfully.
C:\zoek_backup => moved successfully.
C:\AdwCleaner => moved successfully.
"C:\Users\Miroslav\Desktop\adwcleaner_4.206.exe" => File/Folder not found.
"C:\Users\Miroslav\Downloads\Addition.txt" => File/Folder not found.
"C:\Users\Miroslav\Downloads\FRST.txt" => File/Folder not found.
C:\Windows\System32\Tasks\Ad-Aware Update (Daily 4) => moved successfully.
C:\Windows\System32\Tasks\Ad-Aware Update (Daily 3) => moved successfully.
C:\Windows\System32\Tasks\Ad-Aware Update (Daily 2) => moved successfully.
C:\Windows\System32\Tasks\Ad-Aware Update (Daily 1) => moved successfully.
C:\aaw7boot.log => moved successfully.
C:\Program Files\Lavasoft => moved successfully.
C:\Windows\SysWOW64\sh4native.exe => moved successfully.
C:\spyhunter.fix => moved successfully.
C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP => moved successfully.
C:\Program Files (x86)\Enigma Software Group => moved successfully.
C:\Windows\Tasks\Bidaily Synchronize Task[973b].job => moved successfully.
C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP => moved successfully.
"C:\Program Files\Enigma Software Group" => File/Folder not found.
"C:\Users\Miroslav\Downloads\SpyHunter-Installer.exe" => File/Folder not found.
"C:\Users\Miroslav\Downloads\cwshredder.exe" => File/Folder not found.
C:\Program Files (x86)\Spybot - Search & Destroy 2 => moved successfully.
C:\ProgramData\Spybot - Search & Destroy => moved successfully.
C:\Windows\System32\Tasks\Safer-Networking => moved successfully.
"C:\Users\Miroslav\Downloads\spybot-2.4.exe" => File/Folder not found.
"C:\Users\Miroslav\Downloads\Keygen_v10.rar" => File/Folder not found.
"C:\Users\Miroslav\Downloads\AdwareAway.exe" => File/Folder not found.
C:\Windows\system32\ApnDatabase.xml => moved successfully.
C:\Users\Miroslav\AppData\Local\Lavasoft => moved successfully.
C:\Users\Miroslav\AppData\Roaming\LavasoftStatistics => moved successfully.
C:\searchplugins => moved successfully.
C:\Windows\system32\LavasoftTcpService64.dll => moved successfully.
C:\Users\Miroslav\AppData\Roaming\Lavasoft => moved successfully.
C:\ProgramData\Lavasoft => moved successfully.
"C:\Users\Miroslav\Downloads\Adaware_Installer.exe" => File/Folder not found.
C:\ProgramData\RogueKiller => moved successfully.
C:\Windows\system32\Drivers\TrueSight.sys => moved successfully.
"C:\Users\Miroslav\Downloads\RogueKiller.exe" => File/Folder not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 601.2 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 09:37:46 ====
Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Miroslav at 2015-06-16 09:36:46 Run:2
Running from C:\Users\Miroslav\Desktop\frst
Loaded Profiles: Miroslav (Available Profiles: Miroslav)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3224447469-2905802030-4228407692-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3224447469-2905802030-4228407692-1001\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1720584 2015-02-09] (CyberLink Corp.)
HKU\S-1-5-21-3224447469-2905802030-4228407692-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-3224447469-2905802030-4228407692-1001\...\MountPoints2: {3e5d343c-ff0d-11e4-826c-38b1dbe81f72} - "F:\LenovoUsbDriver.exe"
HKU\S-1-5-21-3224447469-2905802030-4228407692-1001\...\MountPoints2: {c4cd905b-cefa-11e4-8264-38b1dbe81f72} - "F:\LenovoUsbDriver.exe"
BootExecute: autocheck autochk * sh4native Sh4Removal
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 SliceDisk5; \??\C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [X]
C:\Program Files\Enigma Software Group
C:\Program Files (x86)\Lavasoft
2015-06-15 09:23 - 2015-06-15 09:24 - 00023593 _____ C:\Users\Miroslav\Desktop\FRST.txt
2015-06-15 09:23 - 2015-06-15 09:23 - 00000000 ____D C:\Users\Miroslav\Desktop\FRST-OlderVersion
2015-06-15 08:25 - 2015-06-15 08:25 - 00002912 _____ C:\Windows\System32\Tasks\Start OPBHOBroker
2015-06-15 08:21 - 2015-06-15 08:21 - 00003154 _____ C:\Windows\System32\Tasks\YCMServiceAgent
2015-06-15 08:01 - 2015-06-15 07:33 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-06-15 07:35 - 2015-06-15 08:03 - 00032003 _____ C:\zoek-results.log
2015-06-15 07:30 - 2015-06-15 07:59 - 00000000 ____D C:\zoek_backup
2015-06-12 14:54 - 2015-06-15 09:20 - 00000000 ____D C:\AdwCleaner
2015-06-12 14:52 - 2015-06-12 14:52 - 02231296 _____ C:\Users\Miroslav\Desktop\adwcleaner_4.206.exe
2015-06-12 07:41 - 2015-06-12 07:42 - 00050740 _____ C:\Users\Miroslav\Downloads\Addition.txt
2015-06-12 07:40 - 2015-06-12 07:42 - 00059432 _____ C:\Users\Miroslav\Downloads\FRST.txt
2015-06-11 17:04 - 2015-06-15 08:03 - 00003416 _____ C:\Windows\System32\Tasks\Ad-Aware Update (Daily 4)
2015-06-11 17:04 - 2015-06-15 08:03 - 00003416 _____ C:\Windows\System32\Tasks\Ad-Aware Update (Daily 3)
2015-06-11 17:04 - 2015-06-15 08:03 - 00003416 _____ C:\Windows\System32\Tasks\Ad-Aware Update (Daily 2)
2015-06-11 17:04 - 2015-06-15 08:03 - 00003416 _____ C:\Windows\System32\Tasks\Ad-Aware Update (Daily 1)
2015-06-11 17:03 - 2015-06-15 08:02 - 00001564 _____ C:\aaw7boot.log
2015-06-11 13:32 - 2015-06-11 13:32 - 00000000 ____D C:\Program Files\Lavasoft
2015-06-11 13:05 - 2010-05-13 17:34 - 00014232 _____ C:\Windows\SysWOW64\sh4native.exe
2015-06-11 13:03 - 2015-06-11 13:17 - 02063465 _____ C:\spyhunter.fix
2015-06-11 11:20 - 2015-06-12 14:45 - 00000000 ____D C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2015-06-11 11:20 - 2015-06-11 11:20 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2015-06-11 10:40 - 2015-06-14 16:40 - 00000366 _____ C:\Windows\Tasks\Bidaily Synchronize Task[973b].job
2015-06-11 08:42 - 2015-06-11 11:13 - 00000000 ____D C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2015-06-11 08:42 - 2015-06-11 08:42 - 00000000 ____D C:\Program Files\Enigma Software Group
2015-06-11 08:40 - 2015-06-11 08:40 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Miroslav\Downloads\SpyHunter-Installer.exe
2015-06-10 13:15 - 2015-06-10 13:15 - 00532480 _____ (Trend Micro Incorporated) C:\Users\Miroslav\Downloads\cwshredder.exe
2015-06-10 10:23 - 2015-06-11 11:14 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-06-10 10:23 - 2015-06-11 11:13 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-06-10 10:23 - 2015-06-10 10:23 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-06-10 10:21 - 2015-06-10 10:22 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Miroslav\Downloads\spybot-2.4.exe
2015-06-10 10:12 - 2015-06-10 10:12 - 01700501 _____ C:\Users\Miroslav\Downloads\Keygen_v10.rar
2015-06-10 09:50 - 2015-06-10 09:50 - 01066979 _____ ( ) C:\Users\Miroslav\Downloads\AdwareAway.exe
2015-06-10 09:30 - 2015-04-09 00:07 - 00410336 _____ C:\Windows\system32\ApnDatabase.xml
2015-06-10 09:16 - 2015-06-15 07:57 - 00000000 ____D C:\Users\Miroslav\AppData\Local\Lavasoft
2015-06-10 09:16 - 2015-06-10 09:16 - 00000000 ____D C:\Users\Miroslav\AppData\Roaming\LavasoftStatistics
2015-06-10 09:16 - 2015-06-10 09:16 - 00000000 ____D C:\searchplugins
2015-06-10 09:16 - 2015-06-08 14:13 - 00428880 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-06-10 09:09 - 2015-06-11 08:47 - 00000000 ____D C:\Users\Miroslav\AppData\Roaming\Lavasoft
2015-06-10 09:07 - 2015-06-15 08:12 - 00000000 ____D C:\ProgramData\Lavasoft
2015-06-10 09:07 - 2015-06-10 09:07 - 01753736 _____ C:\Users\Miroslav\Downloads\Adaware_Installer.exe
2015-05-25 14:17 - 2015-05-25 14:34 - 00000000 ____D C:\ProgramData\RogueKiller
2015-05-25 14:17 - 2015-05-25 14:17 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-05-25 14:16 - 2015-05-25 14:16 - 17023576 _____ C:\Users\Miroslav\Downloads\RogueKiller.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value removed successfully
HKU\S-1-5-21-3224447469-2905802030-4228407692-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully
HKU\S-1-5-21-3224447469-2905802030-4228407692-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Power2GoExpress8 => value removed successfully
HKU\S-1-5-21-3224447469-2905802030-4228407692-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Web Companion => value removed successfully
"HKU\S-1-5-21-3224447469-2905802030-4228407692-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e5d343c-ff0d-11e4-826c-38b1dbe81f72}" => key removed successfully
HKCR\CLSID\{3e5d343c-ff0d-11e4-826c-38b1dbe81f72} => key not found.
"HKU\S-1-5-21-3224447469-2905802030-4228407692-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c4cd905b-cefa-11e4-8264-38b1dbe81f72}" => key removed successfully
HKCR\CLSID\{c4cd905b-cefa-11e4-8264-38b1dbe81f72} => key not found.
hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => key removed successfully
HKCR\Wow6432Node\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
esgiguard => Service removed successfully
SliceDisk5 => Service removed successfully
C:\Program Files\Enigma Software Group => moved successfully.
"C:\Program Files (x86)\Lavasoft" => File/Folder not found.
"C:\Users\Miroslav\Desktop\FRST.txt" => File/Folder not found.
"C:\Users\Miroslav\Desktop\FRST-OlderVersion" => File/Folder not found.
C:\Windows\System32\Tasks\Start OPBHOBroker => moved successfully.
C:\Windows\System32\Tasks\YCMServiceAgent => moved successfully.
C:\Windows\zoek-delete.exe => moved successfully.
C:\zoek-results.log => moved successfully.
C:\zoek_backup => moved successfully.
C:\AdwCleaner => moved successfully.
"C:\Users\Miroslav\Desktop\adwcleaner_4.206.exe" => File/Folder not found.
"C:\Users\Miroslav\Downloads\Addition.txt" => File/Folder not found.
"C:\Users\Miroslav\Downloads\FRST.txt" => File/Folder not found.
C:\Windows\System32\Tasks\Ad-Aware Update (Daily 4) => moved successfully.
C:\Windows\System32\Tasks\Ad-Aware Update (Daily 3) => moved successfully.
C:\Windows\System32\Tasks\Ad-Aware Update (Daily 2) => moved successfully.
C:\Windows\System32\Tasks\Ad-Aware Update (Daily 1) => moved successfully.
C:\aaw7boot.log => moved successfully.
C:\Program Files\Lavasoft => moved successfully.
C:\Windows\SysWOW64\sh4native.exe => moved successfully.
C:\spyhunter.fix => moved successfully.
C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP => moved successfully.
C:\Program Files (x86)\Enigma Software Group => moved successfully.
C:\Windows\Tasks\Bidaily Synchronize Task[973b].job => moved successfully.
C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP => moved successfully.
"C:\Program Files\Enigma Software Group" => File/Folder not found.
"C:\Users\Miroslav\Downloads\SpyHunter-Installer.exe" => File/Folder not found.
"C:\Users\Miroslav\Downloads\cwshredder.exe" => File/Folder not found.
C:\Program Files (x86)\Spybot - Search & Destroy 2 => moved successfully.
C:\ProgramData\Spybot - Search & Destroy => moved successfully.
C:\Windows\System32\Tasks\Safer-Networking => moved successfully.
"C:\Users\Miroslav\Downloads\spybot-2.4.exe" => File/Folder not found.
"C:\Users\Miroslav\Downloads\Keygen_v10.rar" => File/Folder not found.
"C:\Users\Miroslav\Downloads\AdwareAway.exe" => File/Folder not found.
C:\Windows\system32\ApnDatabase.xml => moved successfully.
C:\Users\Miroslav\AppData\Local\Lavasoft => moved successfully.
C:\Users\Miroslav\AppData\Roaming\LavasoftStatistics => moved successfully.
C:\searchplugins => moved successfully.
C:\Windows\system32\LavasoftTcpService64.dll => moved successfully.
C:\Users\Miroslav\AppData\Roaming\Lavasoft => moved successfully.
C:\ProgramData\Lavasoft => moved successfully.
"C:\Users\Miroslav\Downloads\Adaware_Installer.exe" => File/Folder not found.
C:\ProgramData\RogueKiller => moved successfully.
C:\Windows\system32\Drivers\TrueSight.sys => moved successfully.
"C:\Users\Miroslav\Downloads\RogueKiller.exe" => File/Folder not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 601.2 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 09:37:46 ====
DelFix 