﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2016
Ran by Cukva (20-08-2016 16:42:14)
Running from C:\Users\Cukva\Desktop
Windows 10 Pro Version 1511 (X64) (2016-07-18 02:19:23)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-183318848-1229375432-8495929-500 - Administrator - Disabled)
Cukva (S-1-5-21-183318848-1229375432-8495929-1001 - Administrator - Enabled) => C:\Users\Cukva
DefaultAccount (S-1-5-21-183318848-1229375432-8495929-503 - Limited - Disabled)
Guest (S-1-5-21-183318848-1229375432-8495929-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Body Text Feathering (HKLM-x32\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== ATTENTION
Compress (HKLM-x32\...\ZipTool) (Version: 1.1.14.18 - ) <==== ATTENTION
Dishonored RHCP (HKLM\...\Steam App 217980) (Version:  - )
DPower version 1.0 (HKLM-x32\...\DPower_is1) (Version: 1.0 - WeMonetize) <==== ATTENTION
Dropbox (HKLM-x32\...\Dropbox) (Version: 8.4.19 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.45.1 - Dropbox, Inc.) Hidden
Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version:  - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
LastPass (pouze odinstalace) (HKLM-x32\...\LastPass) (Version:  - LastPass)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.493 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.493 - LogMeIn, Inc.) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
mpck version 1.1 (HKLM-x32\...\mobilepcstarterkit_is1) (Version: 1.1 - mobilepcstarterkit) <==== ATTENTION
NVIDIA Ovladač 3D Vision 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.91 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.91 - NVIDIA Corporation)
Online.io Application (HKLM-x32\...\{102BD58E-AC7E-47DB-B2AB-4A444FFF82CF}) (Version: 1.0.8 - Microleaves)
Ovládací panel NVIDIA 358.91 (Version: 358.91 - NVIDIA Corporation) Hidden
PAYDAY 2 (HKLM\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PlanetSide 2 (HKU\S-1-5-21-183318848-1229375432-8495929-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version:  - Ubisoft)
SafeFinder (HKLM-x32\...\{33DB3FD7-B8AC-4CD5-AFC2-3810C1CC8506}) (Version: 1.0.0.0 - Linkury) <==== ATTENTION
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Splinter Cell Blacklist (HKLM-x32\...\Uplay Install 91) (Version:  - Ubisoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
trotux - Uninstall (HKLM-x32\...\{7B584C5A-2170-4B2B-A8E0-0F6AA0E64F8F}) (Version:  - ) <==== ATTENTION
Unturned (HKLM\...\Steam App 304930) (Version:  - Smartly Dressed Games)
Uplay (HKLM-x32\...\Uplay) (Version: 21.0 - Ubisoft)
War Thunder Launcher 1.0.1.674 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Weather Chickn (HKLM-x32\...\WeatherChickn) (Version:  - ) <==== ATTENTION
WebShield (HKLM-x32\...\WebShield) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-183318848-1229375432-8495929-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Cukva\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {273E340C-DCBB-4572-94A0-CFFE7A38B4C7} - System32\Tasks\Coerwcult Center => C:\Program Files (x86)\Crecult\Coerwcultcntdnk.exe [2016-08-19] ()
Task: {365E0FCB-10C7-4202-803C-2B9CA63A0FBB} - System32\Tasks\Online Application Updater => C:\Program Files (x86)\Microleaves\Online.io Application\Online Application Updater.exe [2016-08-18] (Microleaves)
Task: {448CBF71-45C4-46E7-AC62-47C662BD6D42} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [2016-08-02] (UCWeb Inc) <==== ATTENTION
Task: {744E12C3-5E2C-4EF0-8BA4-C6685D57FBF4} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-07-18] (Dropbox, Inc.)
Task: {7679FEF0-A69A-46F3-BC5F-F5395B41355E} - System32\Tasks\KuaiZip_Update => C:\Program Files\żěŃą\X86\Update.exe [2016-08-19] (Shanghai Guangle Network Technology Ltd
) <==== ATTENTION
Task: {B1EEF660-50D5-4940-9A70-A1E5448E910E} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Cukva\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-18] (Microsoft Corporation)
Task: {CD18F0FA-95B5-4061-8B88-07F1B105B2B8} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-07-18] (Dropbox, Inc.)
Task: {D487AC78-3BB3-4526-949C-C5B5002DA8E6} - System32\Tasks\Online Application => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe [2016-08-17] (Microleaves LTD)
Task: {DD96591E-53F6-4DC9-B986-F9995B75C1E0} - System32\Tasks\tasklist => C:\Users\Cukva\AppData\Roaming\UPUpdata\service72564.exe [2016-08-19] () <==== ATTENTION
Task: {E58E8979-B362-4305-8C43-37D7CFB816BA} - System32\Tasks\{8F083867-5942-48F5-AB03-2958835248A6} => pcalua.exe -a "C:\Program Files (x86)\GreatMaker\MaohaWiFi\Uninstall.exe"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

WMI_ActiveScriptEventConsumer_ASEC: <===== ATTENTION

ShortcutWithArgument: C:\Users\Cukva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\Cukva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://yeabests.cc
ShortcutWithArgument: C:\Users\Cukva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\Cukva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://yeabests.cc
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\Cukva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://yeabests.cc
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\Cukva\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://yeabests.cc

==================== Loaded Modules (Whitelisted) ==============

