Jump to content

kombicko

Honorary Members
  • Posts

    29
  • Joined

  • Last visited

Everything posted by kombicko

  1. No it didnt.. I m just idiot sorry, here you go Fixlog.txt
  2. I ran the fix - note my computer was in safemode It ran till the end created the fixlog HOWEVER after the fix wash finished I clicked ok and my computer restarted which is ok but the log disapeared... should I just run scan or fix again?
  3. Ok here we go, Posting reports FRST.txt Addition.txt
  4. Hello, My PC got recently infected by ransomware somehow I restarted my PC, turned it on in safe mode and ran anti-virus and malwarebytes yet was unable to find the source of infection Then I tried to instal SpyHunter but was unable to do so for some error Anyone who could help please? I m Windows 8 user Thanks
  5. Hello, My PC got recently infected by ransomware somehow I restarted my PC, turned it on in safe mode and ran anti-virus and malwarebytes yet was unable to find the source of infection Then I tried to instal SpyHunter but was unable to do so for some error Anyone who could help please? I m Windows 8 user
  6. Oh... it was private, now its public try again please...
  7. http://www.ulozto.net/xQLRqNAi/rkreport-0-s-05022014-213051-txt You can download it here, its typical sharing site, you dont need to register or anything just click on download
  8. MrC, sorry it just doesnt work... internal server error all the time... I tried attaching file used two different browsers, basic uploader, advanced uploader, doesnt work... Is there any other place I can post the report or send it via mail or something?
  9. I tried already internal server error.... Here at least partial report.... the rest is bunch of drivers RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software mail : http://www.adlice.com/contact/ Podpora : http://forum.adlice.com Webové stránky : http://www.adlice.com/softwares/roguekiller/ : http://www.adlice.com Operační systém : Windows 8 (6.2.9200 ) 64 bits version Spuštěno v : Normální režim Uživatel : tomas_000 [Práva správce] Mód : Kontrola -- Datum : 05/02/2014 04:36:28 | ARK || FAK || MBR | ¤¤¤ Škodlivé procesy: : 0 ¤¤¤ ¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤ [HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO ¤¤¤ naplánované úlohy : 0 ¤¤¤ ¤¤¤ spuštění položky : 1 ¤¤¤ [tomas_000][sUSP PATH] jbfrxhb.lnk : C:\Users\tomas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jbfrxhb.lnk @C:\Windows\System32\rundll32.exe C:\PROGRA~3\bhxrfbj.gsa,MMS1 [-][-][x] -> NALEZENO ¤¤¤ Webové prohlížeče : 0 ¤¤¤ ¤¤¤ Browser Addons : 0 ¤¤¤ ¤¤¤ Zvláštní soubory / Složky: ¤¤¤
  10. hmmm cant post for some reason...
  11. Hey I got some virus again on my PC that runs on Win 8 and it seems to mess up my registry since Rundll error pops up every time I turn on the systém. I've conductet scan via FRST this is result post first scan and in attached files is addition txt. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2014 Ran by tomas_000 (administrator) on TOMAS on 28-04-2014 11:34:21 Running from C:\Users\tomas_000\Desktop Windows 8 (X64) OS Language: Czech Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (BlueStack Systems, Inc.) c:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Windows\system32\dashost.exe (Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (MSI) C:\Program Files (x86)\SCM\Radio Manager.exe (MSI) C:\Program Files (x86)\SCM\SCM.exe () C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe (WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK32.EXE (MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2013-04-27] (Realtek Semiconductor) HKLM\...\Run: [btServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [452608 2013-01-28] (Realtek Semiconductor Corporation) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-04-27] (ELAN Microelectronics Corp.) HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2013-04-24] (MSI) HKLM\...\Run: [sCM] => C:\Program Files (x86)\SCM\SCM.exe [406944 2013-04-24] (MSI) HKLM\...\Run: [MBCfg64] => C:\Windows\system32\MBCfg64.dll [27648 2013-01-07] (Creative Technology Ltd.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation) HKLM\...\Run: [shadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation) HKLM-x32\...\Run: [sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd) HKLM-x32\...\Run: [updReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-02-07] (MSI) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.) HKLM-x32\...\Run: [blueStacks Agent] => c:\Program Files (x86)\BlueStacks\HD-Agent.exe [597880 2013-01-08] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-28] (AVAST Software) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1699877965-1772311906-267468670-1002\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1825984 2014-04-24] (Valve Corporation) HKU\S-1-5-21-1699877965-1772311906-267468670-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd) HKU\S-1-5-21-1699877965-1772311906-267468670-1002\...\MountPoints2: {2c7e839b-00ed-11e3-be78-806e6f6e6963} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\autorun.exe HKU\S-1-5-21-1699877965-1772311906-267468670-1002\...\MountPoints2: {a1232edd-6ef0-11e3-be94-240a644aa602} - "G:\SETUP.EXE" AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK32.EXE (WinZip Computing, S.L.) Startup: C:\Users\tomas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jbfrxhb.lnk ShortcutTarget: jbfrxhb.lnk -> C:\PROGRA~3\bhxrfbj.gsa (No File) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi13.msn.com SearchScopes: HKLM - DefaultScope {004887DC-5E12-420E-ABBD-4542392F48A2} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS; SearchScopes: HKLM - {004887DC-5E12-420E-ABBD-4542392F48A2} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS; SearchScopes: HKLM-x32 - {004887DC-5E12-420E-ABBD-4542392F48A2} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS; SearchScopes: HKCU - DefaultScope {004887DC-5E12-420E-ABBD-4542392F48A2} URL = SearchScopes: HKCU - {004887DC-5E12-420E-ABBD-4542392F48A2} URL = BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 05 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 06 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9 18 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 01 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 02 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 03 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 04 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 05 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 06 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 18 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.) Tcpip\Parameters: [DhcpNameServer] 10.0.0.1 FireFox: ======== FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @kb-ext.cz/PKIComponent - C:\Users\tomas_000\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll (Komerční banka, a.s.) Chrome: ======= CHR Extension: (Dokumenty Google) - C:\Users\tomas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-28] CHR Extension: (Disk Google) - C:\Users\tomas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-28] CHR Extension: (YouTube) - C:\Users\tomas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-28] CHR Extension: (VyhledávánĂ­ Google) - C:\Users\tomas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-28] CHR Extension: (avast! Online Security) - C:\Users\tomas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-28] CHR Extension: (Peněženka Google) - C:\Users\tomas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-28] CHR Extension: (Gmail) - C:\Users\tomas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-28] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-28] ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-28] (AVAST Software) S2 BstHdAndroidSvc; c:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2013-01-08] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; c:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2013-01-08] (BlueStack Systems, Inc.) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [39424 2012-12-07] () R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2211000 2014-03-30] (Microsoft Corporation) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99664 2013-04-27] (ELAN Microelectronics Corp.) S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation) S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation) R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation) R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2013-04-24] (Micro-Star International Co., Ltd.) S2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [154112 2013-02-08] (MSI) S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-26] () R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] () S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-03-28] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-03-28] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-03-28] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-03-28] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-03-28] (AVAST Software) R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-03-28] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-03-28] () R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2013-03-15] (Qualcomm Atheros, Inc.) R2 BstHdDrv; c:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-01-08] (BlueStack Systems) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) R3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-12-28] (Disc Soft Ltd) S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19952 2013-02-01] (Windows ® Win 7 DDK provider) R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [174448 2013-03-15] (Qualcomm Atheros, Inc.) S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-26] (MSI) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [524360 2013-04-27] (Realtek Semiconductor Corporation) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [448072 2013-04-27] (RTS Corporation) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1552456 2013-04-27] (Realtek Semiconductor Corporation ) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-28 11:34 - 2014-04-28 11:34 - 00019844 _____ () C:\Users\tomas_000\Desktop\FRST.txt 2014-04-28 11:34 - 2014-04-28 11:34 - 00000000 ____D () C:\FRST 2014-04-28 11:31 - 2014-04-28 11:31 - 02061824 _____ (Farbar) C:\Users\tomas_000\Desktop\FRST64.exe 2014-04-21 05:31 - 2014-04-24 22:28 - 00000000 ____D () C:\ProgramData\2992199F9A 2014-04-12 21:21 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-12 21:21 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-12 21:21 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe 2014-04-12 21:21 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2014-04-12 21:21 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll 2014-04-12 21:21 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2014-04-12 21:21 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-04-12 21:21 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2014-04-12 21:21 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll 2014-04-12 21:21 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-04-12 21:21 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-04-12 21:21 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-04-12 21:21 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-04-12 21:21 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-04-12 21:21 - 2014-01-27 01:17 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml 2014-04-12 21:21 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2014-04-12 21:21 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-04-12 21:21 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-04-12 21:21 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2014-04-12 21:21 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2014-04-12 20:18 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-04-12 20:18 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-04-12 20:18 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-04-12 20:18 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-04-12 20:18 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-04-12 20:18 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-04-12 20:18 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-04-12 20:18 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-04-12 20:18 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-04-12 20:18 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-12 20:18 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-12 20:18 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-12 20:18 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-12 20:18 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-12 20:18 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-12 20:18 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2014-04-12 20:18 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-04-12 20:18 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-12 20:18 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-12 20:18 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2014-04-12 20:18 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2014-04-12 20:18 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-12 20:18 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-12 20:18 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-04-12 20:18 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-04-12 20:18 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-04-12 20:18 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-04-12 20:18 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-04-12 20:18 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-12 20:18 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2014-04-12 20:18 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-12 20:18 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-12 20:18 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-09 14:21 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-09 14:21 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-04-09 14:21 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-04-09 14:21 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-04-04 14:11 - 2014-04-04 14:11 - 00000000 ____D () C:\Windows\System32\Tasks\GenericSettingsHandler ==================== One Month Modified Files and Folders ======= 2014-04-28 11:34 - 2014-04-28 11:34 - 00019844 _____ () C:\Users\tomas_000\Desktop\FRST.txt 2014-04-28 11:34 - 2014-04-28 11:34 - 00000000 ____D () C:\FRST 2014-04-28 11:34 - 2013-10-03 16:10 - 00037564 _____ () C:\Users\tomas_000\AppData\Local\BTServer.log 2014-04-28 11:31 - 2014-04-28 11:31 - 02061824 _____ (Farbar) C:\Users\tomas_000\Desktop\FRST64.exe 2014-04-28 11:30 - 2013-10-03 16:49 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-04-28 11:23 - 2013-10-03 16:07 - 01203466 _____ () C:\Windows\WindowsUpdate.log 2014-04-28 11:21 - 2013-04-28 01:51 - 00000000 ____D () C:\ProgramData\Realtek 2014-04-28 11:14 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru 2014-04-28 11:13 - 2014-03-28 05:57 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-26 17:25 - 2013-10-03 16:19 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1699877965-1772311906-267468670-1002 2014-04-26 16:45 - 2014-03-28 05:57 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-26 16:45 - 2013-04-28 01:49 - 00000000 ____D () C:\ProgramData\Bigfoot Networks 2014-04-26 00:26 - 2013-10-04 01:09 - 00000000 ____D () C:\Users\tomas_000\AppData\Local\CrashDumps 2014-04-25 22:46 - 2013-11-05 22:22 - 00000000 ____D () C:\Users\tomas_000\AppData\Roaming\TS3Client 2014-04-25 22:06 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-25 22:03 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-04-24 22:28 - 2014-04-21 05:31 - 00000000 ____D () C:\ProgramData\2992199F9A 2014-04-24 22:28 - 2013-10-03 16:11 - 00000000 ___RD () C:\Users\tomas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-18 21:04 - 2014-03-19 05:35 - 00000222 _____ () C:\Users\tomas_000\Desktop\Wargame Red Dragon.url 2014-04-18 08:45 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent 2014-04-16 18:53 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache 2014-04-16 14:37 - 2013-10-03 16:11 - 00000000 ___RD () C:\Users\tomas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-04-16 14:36 - 2013-02-22 09:00 - 01331294 _____ () C:\Windows\PFRO.log 2014-04-16 14:33 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData 2014-04-16 14:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore 2014-04-15 13:49 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF 2014-04-14 17:22 - 2013-10-08 15:41 - 00395264 ___SH () C:\Users\tomas_000\Desktop\Thumbs.db 2014-04-13 20:26 - 2013-11-29 00:43 - 00000000 ____D () C:\Users\tomas_000\AppData\Local\Game Dev Tycoon - Steam 2014-04-10 23:38 - 2013-11-30 00:10 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-04-10 03:04 - 2013-10-05 16:07 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-10 03:02 - 2013-10-05 16:07 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-04-04 14:11 - 2014-04-04 14:11 - 00000000 ____D () C:\Windows\System32\Tasks\GenericSettingsHandler 2014-04-03 17:37 - 2013-10-03 16:07 - 00000000 ____D () C:\Users\tomas_000 2014-03-31 23:18 - 2013-11-16 21:39 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-03-31 23:18 - 2013-11-16 21:39 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-31 05:08 - 2014-03-28 05:57 - 00003942 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-03-31 05:08 - 2014-03-28 05:57 - 00003706 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-03-30 02:42 - 2013-10-03 16:42 - 00000000 ___RD () C:\Users\tomas_000\Desktop\PC Stuff Some content of TEMP: ==================== C:\Users\tomas_000\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-27 11:54 ==================== End Of Log ============================ Addition.txt
  12. Hello, I've yet again succesfuly accomplished getting a trojan horse into my PC which in turn messed up my registry, I'm wondering, should I use exactly same measures which I was instructed to follow last time? Thank you for help
  13. Thank you very much, you had patience, you were clear with instructions and most importantly you solved my problem thank you very much

  14. Yup I'm from Czech Republic posting checkup Results of screen317's Security Check version 0.99.81 x64 (UAC is enabled) Internet Explorer 10 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 51 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log``````````````````````
  15. Czech again but it seems clean to me though.... And since my PC is running as smooth as ever I'd like to thank you for your time and patience with me.... Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300 www.malwarebytes.org Verze: v2014.03.22.10 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16843 tomas_000 :: TOMAS [administrátor] Ochrana: Povolena 3/23/2014 1:14:04 AM mbam-log-2014-03-23 (01-14-04).txt Typ: Rychlá kontrola Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM Nastavení kontroly zakázáno: P2P Kontrolované objekty: 244776 Uplynulý čas: 3 minut, 16 sekund Nalezené procesy v paměti: 0 (Žádné škodlivé položky nebyly zjištěny) Nalezené moduly v paměti: 0 (Žádné škodlivé položky nebyly zjištěny) Nalezené klíče v registru: 0 (Žádné škodlivé položky nebyly zjištěny) Nalezené hodnoty v registru: 0 (Žádné škodlivé položky nebyly zjištěny) Nalezené datové položky v registru: 0 (Žádné škodlivé položky nebyly zjištěny) Nalezené složky: 0 (Žádné škodlivé položky nebyly zjištěny) Nalezené soubory: 0 (Žádné škodlivé položky nebyly zjištěny) (konec)
  16. It seemed that after reboot everything was running smooth again as far as I can see, stand by for post report...
  17. Post-reboot report: # AdwCleaner v3.022 - Report created 23/03/2014 at 00:50:53 # Updated 13/03/2014 by Xplode # Operating System : Windows 8 (64 bits) # Username : tomas_000 - TOMAS # Running from : C:\Users\tomas_000\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\boost_interprocess Folder Deleted : C:\ProgramData\ParetoLogic Folder Deleted : C:\Program Files (x86)\Mobogenie Folder Deleted : C:\Program Files (x86)\ParetoLogic Folder Deleted : C:\Users\tomas_000\AppData\Local\genienext Folder Deleted : C:\Users\tomas_000\AppData\Local\Mobogenie Folder Deleted : C:\Users\tomas_000\AppData\Roaming\DriverCure Folder Deleted : C:\Users\tomas_000\AppData\Roaming\newnext.me Folder Deleted : C:\Users\tomas_000\AppData\Roaming\OpenCandy Folder Deleted : C:\Users\tomas_000\AppData\Roaming\ParetoLogic Folder Deleted : C:\Users\tomas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\Classes\pokki Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844} Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\ParetoLogic Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\ParetoLogic Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16843 ************************* AdwCleaner[R0].txt - [1974 octets] - [23/03/2014 00:48:02] AdwCleaner[s0].txt - [1867 octets] - [23/03/2014 00:50:53] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1927 octets] ##########
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.