VIRY.CZ
https://forum.viry.cz:443/

Oznamovací okno plné reklam.
https://forum.viry.cz:443/viewtopic.php?f=13&t=155878
Stránka 1 z 1

Autor:  drobek1985 [ 01 kvě 2019 15:41 ]
Předmět příspěvku:  Oznamovací okno plné reklam.

Před nějakou dobou jsem nechtěně odklikl souhlas softu třetí strany a od té doby si užívám vytuněného :arcisit: prohlížeče. Stáhl jsem asi 7 top antimalware a přeinstaloval chrome, ale stejně někde něco zbylo, jelikož chrome sám o sobě už nezlobí jako klasický únosce, ale za to mě vyskakují v oznámení úžasné stránky na kde co od megaup.net.

Frst:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-05.2019
Ran by Viktor (administrator) on GRONUS (MSI MS-7850) (01-05-2019 15:48:14)
Running from A:\Users\Viktor\Downloads
Loaded Profiles: Viktor (Available Profiles: Viktor)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: Čeština (Česko)
Default browser: IE
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE
() [File not signed] C:\Program Files (x86)\Gaming Keyboard\OSD.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\Steam.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [193024 2019-02-13] (Microsoft Corporation) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-01-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.)
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [270336 2013-04-09] () [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\...\Run: [Steam] => "A:\Program Files (x86)\Steam\steam.exe" -silent
HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\...\Run: [Discord] => C:\Users\Viktor\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46506040 2019-04-09] (Google LLC -> )
HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\...\Run: [Gaijin.Net Updater] => C:\Users\Viktor\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2105416 2019-04-20] (Gaijin Network LTD -> Gaijin Entertainment)
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.108\Installer\chrmstp.exe [2019-04-25] (Google LLC -> Google Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1C37C83A-1082-4447-9C95-2861E7E270A4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648688 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2327AE85-ACFA-428E-90FA-EF3D619B846D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3729392 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {32FA7A9E-F958-4926-A395-D4F051AD2B52} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2408496 2019-04-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3C19D1E0-2F09-4789-A180-C654B929CF19} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3F3BD994-DB02-4FEE-B3C3-817E98F1F20A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {59C7141D-284D-4CAA-BE9F-EFB5C21005C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
Task: {5A0EA278-AF1A-4533-9549-B9C6EF8486AF} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5EBBE9E7-EBE6-48BB-811C-D525D0B5E7EA} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {638C7CF6-8E19-43EF-80D3-F64BEA19727A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [591344 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6390889A-6A6C-4B41-98B2-51D7ABD6B665} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6ADA3922-59B0-438D-8C52-6F309324F734} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
Task: {72B024C5-7984-4B7C-81CF-1B6854EADC02} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {75858300-5267-453C-9B9B-C039B3E2FAA7} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9534C801-1BED-4230-919A-6FE6CA8B560B} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1652536 2018-11-05] (Intel(R) Software -> Intel Corporation)
Task: {97570CEF-AFDC-4AD7-9ABA-AF2FDFA744A5} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9BCF1657-6DBC-4B2C-A2E3-198C649E515A} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
Task: {BDFFE908-BAC2-41EB-93F6-7E29B2B884EA} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [9037664 2019-02-28] (Reimage Ltd. -> Reimage®) <==== ATTENTION
Task: {BFBE4C0D-35F6-4DDA-B848-788CF7664F59} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BFE741A5-5854-4A06-B96F-164E976790A5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {CCCC5529-DCFB-475F-A1DB-695BF91F2D41} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D6AE993E-76D7-4501-A2BE-751AD9EEC365} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
Task: {DE1FE768-6AB8-486A-8EA7-9DB2B8796683} - System32\Tasks\RogueKiller Anti-Malware => C:\Program Files\RogueKiller\RogueKiller64.exe [33953848 2019-04-24] (Adlice -> )
Task: {FD7D8255-14C5-492F-8D35-D91310D5A98F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7C88A368-4F75-4C37-9469-2391468D556A}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.2\bin\jp2ssv.dll [2018-10-10] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\dtplugin\npDeployJava1.dll [2018-10-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\plugin2\npjp2.dll [2018-10-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2017-07-14] (Adobe Systems Incorporated -> )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.cz/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default [2019-05-01]
CHR Extension: (Prezentace) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-25]
CHR Extension: (Dokumenty) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-25]
CHR Extension: (Disk Google) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-25]
CHR Extension: (YouTube) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-25]
CHR Extension: (Tabulky) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-25]
CHR Extension: (AdBlock) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-25]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-04-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-25]
CHR Extension: (Gmail) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-25]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8361960 2019-01-25] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2019-01-24] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [9037664 2019-02-28] (Reimage Ltd. -> Reimage®)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\NisSrv.exe [4096976 2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
R2 XTU3SERVICE; C:\WINDOWS\SysWOW64\XtuService.exe [26200 2019-03-26] (Intel Corporation -> Intel(R) Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.)
S3 aswbIDSAgent; "C:\Program Files\AVAST Software\Avast\aswidsagent.exe" [X]
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-02-06] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249456 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-30] (Comodo Security Solutions, Inc. -> COMODO)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [114040 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_52ac7eb8f32780d5\nvlddmkm.sys [17211376 2018-08-01] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-02-26] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 qcfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [49208 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbnet; C:\WINDOWS\system32\DRIVERS\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46488 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [343032 2019-01-24] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [63480 2019-01-24] (Microsoft Windows -> Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [56024 2019-03-26] (Intel(R) Extreme Tuning Utility -> Intel Corporation)
R3 XTUComponent; C:\WINDOWS\System32\drivers\iocbios2.sys [38064 2019-03-26] (Intel Corporation -> Intel Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2019-04-25] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2019-04-25] (Zemana Ltd. -> Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-01 12:55 - 2019-05-01 12:55 - 000001339 ____C C:\Users\Viktor\Desktop\kenshi_x64.exe – zástupce.lnk
2019-05-01 12:54 - 2019-05-01 12:54 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-05-01 12:54 - 2019-05-01 12:54 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-05-01 12:54 - 2019-05-01 12:54 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-05-01 12:54 - 2019-05-01 12:54 - 000114040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-05-01 12:54 - 2019-05-01 12:54 - 000073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-05-01 12:31 - 2019-05-01 12:34 - 000000000 ____D C:\ProgramData\ReimageRepair
2019-05-01 12:31 - 2019-05-01 12:31 - 000004336 _____ C:\WINDOWS\System32\Tasks\ReimageUpdater
2019-05-01 12:31 - 2019-05-01 12:31 - 000001886 _____ C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2019-05-01 12:31 - 2019-05-01 12:31 - 000000000 ____D C:\rei
2019-05-01 12:31 - 2019-05-01 12:31 - 000000000 ____D C:\ProgramData\Reimage Protector
2019-05-01 12:31 - 2019-05-01 12:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2019-05-01 12:31 - 2019-05-01 12:31 - 000000000 ____D C:\Program Files\Reimage
2019-05-01 12:30 - 2019-05-01 12:31 - 000000150 _____ C:\WINDOWS\Reimage.ini
2019-05-01 09:59 - 2019-05-01 12:30 - 000000000 ____D C:\ProgramData\RogueKiller
2019-05-01 09:59 - 2019-05-01 09:59 - 000003136 _____ C:\WINDOWS\System32\Tasks\RogueKiller Anti-Malware
2019-05-01 09:59 - 2019-05-01 09:59 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2019-05-01 09:59 - 2019-05-01 09:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2019-05-01 09:59 - 2019-05-01 09:59 - 000000000 ____D C:\Program Files\RogueKiller
2019-04-29 03:08 - 2016-04-13 06:54 - 000000000 ___DC C:\Users\Viktor\Desktop\SKIDROW
2019-04-29 03:02 - 2019-04-29 10:36 - 000000000 ___DC C:\Users\Viktor\Documents\Assassin's Creed Syndicate
2019-04-29 02:34 - 2019-04-29 02:34 - 000001270 _____ C:\Users\Public\Desktop\Assassins Creed Syndicate - The Dreadful Crimes.lnk
2019-04-29 02:34 - 2019-04-29 02:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2019-04-27 10:28 - 2019-04-27 10:28 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignf1888b1774cd1e76
2019-04-27 09:30 - 2019-04-27 09:30 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign2a69c0a303261ade
2019-04-27 09:27 - 2019-04-27 09:27 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignfd44f93a0717b2ad
2019-04-27 09:27 - 2019-04-27 09:27 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignd86e65b5cd902c00
2019-04-26 14:01 - 2019-04-28 02:10 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\launcher-main
2019-04-26 14:01 - 2019-04-26 14:01 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Paradox Launcher
2019-04-26 14:01 - 2019-04-26 14:01 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Paradox Interactive
2019-04-26 12:51 - 2019-04-26 12:51 - 000000974 _____ C:\Users\Public\Desktop\Imperator - Rome.lnk
2019-04-26 12:51 - 2019-04-26 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imperator - Rome [GOG.com]
2019-04-25 09:42 - 2019-04-25 09:42 - 000000053 _____ C:\WINDOWS\WrpYGF74DrEm.ini
2019-04-25 06:15 - 2019-04-25 06:15 - 000003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-25 06:15 - 2019-04-25 06:15 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-25 06:15 - 2019-04-25 06:15 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-25 06:15 - 2019-04-25 06:15 - 000002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-25 03:23 - 2019-04-25 10:01 - 000002395 ____C C:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-25 03:06 - 2019-04-25 03:06 - 000101634 ____C C:\Users\Viktor\Documents\cc_20190425_030647.reg
2019-04-25 02:35 - 2019-05-01 15:48 - 000376961 _____ C:\WINDOWS\ZAM.krnl.trace
2019-04-25 02:35 - 2019-05-01 15:48 - 000356082 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2019-04-25 02:35 - 2019-04-25 03:16 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2019-04-25 02:35 - 2019-04-25 02:35 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2019-04-25 02:35 - 2019-04-25 02:35 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2019-04-25 02:35 - 2019-04-25 02:35 - 000001145 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2019-04-25 02:35 - 2019-04-25 02:35 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Zemana
2019-04-25 02:35 - 2019-04-25 02:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2019-04-25 02:00 - 2019-04-25 02:00 - 000001966 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2019-04-25 02:00 - 2019-04-25 02:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2019-04-25 02:00 - 2019-04-25 02:00 - 000000000 ____D C:\Program Files\HitmanPro
2019-04-25 01:50 - 2019-04-25 01:50 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-25 01:50 - 2019-04-25 01:50 - 000000000 ___DC C:\Users\Viktor\AppData\Local\mbamtray
2019-04-25 01:50 - 2019-04-25 01:50 - 000000000 ___DC C:\Users\Viktor\AppData\Local\mbam
2019-04-25 01:50 - 2019-04-25 01:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-25 01:50 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-04-25 01:50 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-04-25 01:04 - 2019-05-01 05:02 - 000000000 ____D C:\ProgramData\{A9E6D5CC-C748-245C-30DA-DFA8303D86F9}
2019-04-25 01:04 - 2019-05-01 05:02 - 000000000 ____D C:\ProgramData\{981C4A17-5893-15A6-EB45-2599EBA27CC8}
2019-04-25 01:04 - 2019-04-25 01:55 - 000000000 ____D C:\Program Files (x86)\Fartouch
2019-04-25 01:04 - 2019-04-25 01:04 - 000000000 ____D C:\ProgramData\fb
2019-04-25 01:03 - 2019-04-25 01:03 - 000014710 ____C C:\Users\Viktor\Documents\kenshi-v1_0_25.torrent
2019-04-24 08:42 - 2019-04-24 08:42 - 000000894 ____C C:\Users\Viktor\Desktop\Steel Division Normandy 44 Back to Hell.lnk
2019-04-24 08:42 - 2019-04-24 08:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steel Division Normandy 44 Back to Hell
2019-04-22 01:28 - 2019-04-22 01:28 - 000000852 _____ C:\Users\Public\Desktop\Project Highrise.lnk
2019-04-22 01:28 - 2019-04-22 01:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project Highrise [GOG.com]
2019-04-21 04:29 - 2019-04-21 19:05 - 000000000 ____D C:\ProgramData\Intel
2019-04-21 04:25 - 2019-04-21 04:25 - 000002685 _____ C:\Users\Public\Desktop\Intel(R) Extreme Tuning Utility.lnk
2019-04-21 04:25 - 2019-04-21 04:25 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel
2019-04-21 04:25 - 2019-04-21 04:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-04-21 04:25 - 2019-04-21 04:25 - 000000000 ____D C:\Program Files (x86)\Intel
2019-04-21 04:22 - 2019-04-21 04:22 - 000000914 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2019-04-21 04:22 - 2019-04-21 04:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2019-04-21 04:22 - 2019-04-21 04:22 - 000000000 ____D C:\Program Files\CPUID
2019-04-20 02:18 - 2019-04-20 02:18 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2019-04-20 02:18 - 2019-04-20 02:18 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2019-04-19 04:49 - 2019-04-19 04:49 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Kaedrin Mod Manager
2019-04-18 07:24 - 2019-04-18 07:24 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignab9d47fd729f0e99
2019-04-18 07:19 - 2019-04-18 07:19 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign48192dfd30b81c22
2019-04-18 07:18 - 2019-04-18 07:18 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignee4b6bec070b6ef2
2019-04-18 07:18 - 2019-04-18 07:18 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignca22dc866afc2035
2019-04-18 07:18 - 2019-04-18 07:18 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign30991d3624d56e27
2019-04-17 06:43 - 2019-04-17 06:43 - 000000905 ____C C:\Users\Viktor\Desktop\blender.lnk
2019-04-17 06:43 - 2019-04-17 06:43 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2019-04-17 03:20 - 2019-04-17 03:22 - 000000000 ____D C:\Users\Viktor\New Unity Project
2019-04-17 03:20 - 2019-04-17 03:20 - 000000000 ___DC C:\Users\Viktor\AppData\LocalLow\DefaultCompany
2019-04-17 03:15 - 2019-04-17 03:15 - 000000000 ___DC C:\Users\Viktor\Documents\Visual Studio 2017
2019-04-17 03:15 - 2019-04-17 03:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2017 Tools for Unity
2019-04-17 03:15 - 2019-04-17 03:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
2019-04-17 03:13 - 2019-04-17 03:13 - 000000000 ____D C:\ProgramData\Windows App Certification Kit
2019-04-17 03:13 - 2019-04-17 03:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2019-04-17 03:13 - 2019-04-17 03:13 - 000000000 ____D C:\Program Files\Application Verifier
2019-04-17 03:13 - 2019-04-17 03:13 - 000000000 ____D C:\Program Files (x86)\Application Verifier
2019-04-17 03:07 - 2019-04-17 03:20 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Unity
2019-04-17 03:07 - 2019-04-17 03:20 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Unity
2019-04-17 03:03 - 2019-04-17 03:15 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2019-04-17 03:03 - 2019-04-17 03:13 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2019-04-17 03:03 - 2019-04-17 03:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
2019-04-17 03:02 - 2019-04-17 03:02 - 000001499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017.lnk
2019-04-17 03:01 - 2019-04-17 03:15 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Visual Studio Setup
2019-04-17 03:01 - 2019-04-17 03:01 - 000001359 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2019-04-17 03:01 - 2019-04-17 03:01 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\vstelemetry
2019-04-17 03:01 - 2019-04-17 03:01 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Microsoft Visual Studio
2019-04-17 03:01 - 2019-04-17 03:01 - 000000000 ___DC C:\Users\Viktor\AppData\Local\ServiceHub
2019-04-17 03:01 - 2019-04-17 03:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2019-04-17 03:00 - 2019-04-17 03:00 - 000001292 _____ C:\Users\Public\Desktop\Unity 2019.1.0f2 (64-bit).lnk
2019-04-17 03:00 - 2019-04-17 03:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2019.1.0f2 (64-bit)
2019-04-17 03:00 - 2019-04-17 03:00 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio
2019-04-17 02:59 - 2019-04-17 02:59 - 000000000 ____D C:\Program Files\Unity
2019-04-17 02:50 - 2019-04-17 02:50 - 000000000 ____D C:\ProgramData\Unity
2019-04-17 02:45 - 2019-04-21 04:26 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\UnityHub
2019-04-17 02:44 - 2019-04-17 02:45 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Unity Hub
2019-04-17 02:44 - 2019-04-17 02:44 - 000000963 _____ C:\Users\Public\Desktop\Unity Hub.lnk
2019-04-17 02:44 - 2019-04-17 02:44 - 000000963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity Hub.lnk
2019-04-14 17:30 - 2019-04-29 02:56 - 000001894 ____C C:\Users\Viktor\Desktop\RimWorldWin64.exe – zástupce (2).lnk
2019-04-14 17:14 - 2019-04-14 17:11 - 007025360 ____C (Malwarebytes) C:\Users\Viktor\Desktop\AdwCleaner.exe
2019-04-14 14:16 - 2019-05-01 15:48 - 000000000 ____D C:\FRST
2019-04-14 13:55 - 2019-04-14 13:57 - 000000000 ____D C:\AdwCleaner
2019-04-14 02:02 - 2019-04-14 02:02 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignf3ccd56604a6f1ce
2019-04-14 01:57 - 2019-04-14 01:57 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign689c36f6b586d2e3
2019-04-14 01:55 - 2019-04-14 01:55 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign003510523f393a63
2019-04-14 01:11 - 2019-04-14 01:11 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignd844b315cfb03a40
2019-04-14 01:03 - 2019-04-14 01:03 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignd05436b799aa4477
2019-04-14 00:38 - 2019-04-14 00:38 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign124104dc2ff97511
2019-04-14 00:37 - 2019-04-14 00:37 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignd492c9d4e8f9042a
2019-04-14 00:37 - 2019-04-14 00:37 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign325f5095b18056f1
2019-04-14 00:37 - 2019-04-14 00:37 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign23630efe59e689da
2019-04-13 13:54 - 2019-04-13 13:54 - 000001324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Repair.lnk
2019-04-13 13:54 - 2019-04-13 13:54 - 000001312 _____ C:\Users\Public\Desktop\Registry Repair.lnk
2019-04-13 13:54 - 2019-04-13 13:54 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\GlarySoft
2019-04-13 13:54 - 2019-04-13 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2019-04-13 13:54 - 2019-04-13 13:54 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2019-04-13 02:22 - 2019-04-13 02:22 - 000699824 ____C C:\Users\Viktor\Documents\cc_20190413_022209.reg
2019-04-13 01:54 - 2019-04-13 01:54 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign8b87c090ef903010
2019-04-13 01:41 - 2019-04-13 01:41 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign8d24925776db14e9
2019-04-13 01:08 - 2019-04-13 01:08 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignf92f806b41f021f8
2019-04-13 01:05 - 2019-04-13 01:05 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign29f568f672d5b4a7
2019-04-13 00:29 - 2019-04-13 00:29 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignb32499e6640af6ef
2019-04-13 00:29 - 2019-04-13 00:29 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign346aec6a6a76ad2d
2019-04-13 00:25 - 2019-04-13 00:25 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign110e15a64e51cfae
2019-04-12 23:30 - 2019-04-13 02:20 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2019-04-12 23:29 - 2019-04-13 02:20 - 000000000 ____D C:\ProgramData\NCH Software
2019-04-12 23:29 - 2019-04-13 02:18 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\NCH Software
2019-04-12 22:13 - 2019-04-12 22:13 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignf7e51400cfa6fa7d
2019-04-12 15:23 - 2019-04-12 15:23 - 000000814 _____ C:\Users\Public\Desktop\Frostpunk.lnk
2019-04-12 15:23 - 2019-04-12 15:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frostpunk [GOG.com]
2019-04-12 01:15 - 2019-04-12 01:15 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign0426d50f0d2e7d23
2019-04-12 00:52 - 2019-04-12 00:52 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign71dbd6bdf7a9f829
2019-04-11 23:49 - 2019-04-11 23:49 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign494651ddf307f466
2019-04-11 23:37 - 2019-04-11 23:40 - 000000000 ___DC C:\Users\Viktor\Desktop\svět po světě
2019-04-11 00:41 - 2019-04-11 00:41 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign084e453206e6c1f0
2019-04-11 00:38 - 2019-04-11 00:38 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignf06a5cd787eddea0
2019-04-11 00:38 - 2019-04-11 00:38 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign70793c8a3803f36f
2019-04-09 22:03 - 2019-04-09 22:03 - 000000782 ____C C:\Users\Viktor\Desktop\ЗапуститьAssassins Creed Odyssey.lnk
2019-04-08 20:04 - 2019-04-08 20:04 - 000001430 _____ C:\Users\Public\Desktop\Farming Simulator 19.lnk
2019-04-08 13:24 - 2019-04-08 13:24 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Targem
2019-04-08 12:17 - 2019-04-08 12:17 - 000000222 ____C C:\Users\Viktor\Desktop\Crossout.url
2019-04-08 12:17 - 2019-04-08 12:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossout
2019-04-06 22:58 - 2019-04-06 22:58 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\launcher
2019-04-05 03:03 - 2019-04-05 03:03 - 000000000 ____C C:\Users\Viktor\Desktop\Nový textový dokument (3).txt
2019-04-03 13:29 - 2019-04-03 13:29 - 000000000 _____ C:\WINDOWS\System32\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
2019-04-03 02:09 - 2019-04-25 01:23 - 000000000 ___HD C:\VTRoot
2019-04-03 01:59 - 2019-04-03 01:59 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2019-04-03 01:59 - 2019-04-03 01:59 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2019-04-03 01:54 - 2019-04-29 02:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2019-04-03 01:54 - 2019-04-29 02:57 - 000000000 ____D C:\Program Files (x86)\Comodo
2019-04-03 01:54 - 2019-01-29 10:42 - 000254440 _____ (COMODO) C:\WINDOWS\system32\iseguard64.dll
2019-04-03 01:54 - 2019-01-29 10:42 - 000205024 _____ (COMODO) C:\WINDOWS\SysWOW64\iseguard32.dll
2019-04-03 01:54 - 2018-08-30 00:55 - 000063256 _____ (COMODO) C:\WINDOWS\system32\Drivers\isedrv.sys
2019-04-03 01:52 - 2019-04-29 02:58 - 000000000 ____D C:\ProgramData\Comodo
2019-04-02 13:59 - 2019-04-02 13:59 - 000001059 _____ C:\Users\Public\Desktop\Shadow Tactics - Blades of the Shogun.lnk
2019-04-02 13:59 - 2019-04-02 13:59 - 000000000 ___DC C:\Users\Viktor\AppData\LocalLow\Daedalic Entertainment GmbH
2019-04-02 13:59 - 2019-04-02 13:59 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Daedalic Entertainment GmbH
2019-04-02 13:59 - 2019-04-02 13:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shadow Tactics - Blades of the Shogun [GOG.com]
2019-04-02 11:35 - 2019-04-02 11:35 - 000000895 _____ C:\Users\Public\Desktop\Project Hospital.lnk
2019-04-02 11:35 - 2019-04-02 11:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project Hospital [GOG.com]
2019-04-01 16:02 - 2019-04-01 16:03 - 000000000 ___DC C:\Users\Viktor\Desktop\game
2019-04-01 01:52 - 2019-04-01 01:52 - 000000837 ____C C:\Users\Viktor\Desktop\Europa Universalis IV Golden Century.lnk
2019-04-01 01:42 - 2019-04-01 01:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Europa Universalis IV Golden Century

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-01 15:46 - 2017-09-19 21:34 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\uTorrent
2019-05-01 15:46 - 2017-05-22 17:10 - 000000000 ___DC C:\Users\Viktor\AppData\Local\CrashDumps
2019-05-01 13:24 - 2018-05-14 17:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-01 12:42 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-05-01 12:25 - 2017-05-19 16:48 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-01 04:52 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-30 11:34 - 2018-05-14 17:13 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-30 11:34 - 2018-04-12 17:50 - 000715034 _____ C:\WINDOWS\system32\perfh005.dat
2019-04-30 11:34 - 2018-04-12 17:50 - 000144328 _____ C:\WINDOWS\system32\perfc005.dat
2019-04-30 11:34 - 2018-04-12 01:36 - 000000000 ___HD C:\WINDOWS\INF
2019-04-30 11:29 - 2019-02-26 21:34 - 000000000 ___RD C:\Users\Viktor\Disk Google
2019-04-30 11:28 - 2018-05-14 17:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-29 05:30 - 2018-05-14 17:06 - 000000000 ____D C:\Users\Viktor
2019-04-29 03:09 - 2018-05-15 23:22 - 000000000 ___DC C:\Users\Viktor\AppData\Local\D3DSCache
2019-04-29 03:08 - 2018-03-13 22:28 - 000000000 ___DC C:\Users\Viktor\Documents\SkidRow
2019-04-29 03:02 - 2017-12-02 21:12 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Ubisoft Game Launcher
2019-04-29 02:57 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-29 02:56 - 2018-10-31 12:05 - 000001801 ____C C:\Users\Viktor\Desktop\ProjectHospital.exe – zástupce.lnk
2019-04-29 02:56 - 2018-10-27 01:14 - 000001621 ____C C:\Users\Viktor\Desktop\RimWorldWin64.exe – zástupce.lnk
2019-04-29 02:56 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-27 02:20 - 2017-07-29 15:16 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\vlc
2019-04-26 14:01 - 2017-05-28 15:04 - 000000000 ___DC C:\Users\Viktor\Documents\Paradox Interactive
2019-04-25 06:15 - 2017-05-19 17:53 - 000000000 ____D C:\Program Files (x86)\Google
2019-04-25 03:23 - 2017-05-19 17:53 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Google
2019-04-25 02:40 - 2018-04-12 01:38 - 000000000 __SHD C:\Program Files\Windows Sidebar
2019-04-25 01:53 - 2017-10-23 01:04 - 000000000 ____D C:\ProgramData\HitmanPro
2019-04-25 01:50 - 2017-10-18 13:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-24 02:56 - 2019-02-06 14:55 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-04-22 10:13 - 2019-01-02 15:06 - 000000000 ___HD C:\WINDOWS\Minidump
2019-04-21 04:25 - 2017-05-20 01:41 - 000000000 ____D C:\ProgramData\Package Cache
2019-04-20 02:21 - 2019-02-26 21:29 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2019-04-20 02:21 - 2019-02-26 21:29 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2019-04-20 02:21 - 2019-02-26 21:29 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2019-04-20 02:21 - 2019-02-26 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-04-19 04:08 - 2018-05-14 17:10 - 000003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3348608579-3824376785-1914751379-1001
2019-04-19 04:08 - 2018-05-14 17:06 - 000002404 ____C C:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-19 04:08 - 2017-12-28 17:28 - 000000000 ___RD C:\Users\Viktor\OneDrive
2019-04-19 00:53 - 2018-05-14 15:58 - 000000000 __HDC C:\WINDOWS\Panther
2019-04-19 00:53 - 2017-05-19 16:59 - 000000000 ____D C:\ESD
2019-04-17 03:20 - 2017-09-16 17:04 - 000000000 ___DC C:\Users\Viktor\AppData\LocalLow\Unity
2019-04-17 03:14 - 2018-04-12 01:30 - 000000000 ___HD C:\WINDOWS\CbsTemp
2019-04-17 03:05 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-04-17 03:03 - 2018-05-14 18:00 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-04-15 12:58 - 2018-04-25 19:17 - 000000000 ___DC C:\Users\Viktor\AppData\LocalLow\Temp
2019-04-11 00:41 - 2018-12-21 23:17 - 000000000 ___DC C:\Users\Viktor\Desktop\Nová složka
2019-04-08 20:04 - 2019-01-04 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 19
2019-04-08 13:24 - 2018-07-14 21:08 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\EasyAntiCheat
2019-04-08 13:24 - 2017-05-21 00:34 - 000000000 ___DC C:\Users\Viktor\Documents\My Games
2019-04-08 12:17 - 2017-05-19 18:39 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-04-06 23:19 - 2017-05-22 19:25 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\TS3Client
2019-04-03 13:29 - 2019-02-26 21:34 - 000001965 ____C C:\Users\Viktor\Desktop\Disk Google.lnk
2019-04-03 13:29 - 2018-11-18 08:24 - 000002361 ____C C:\Users\Viktor\Desktop\WeMod.lnk
2019-04-03 13:29 - 2018-05-21 21:23 - 000002441 ____C C:\Users\Viktor\Desktop\Discord.lnk
2019-04-03 13:29 - 2017-09-19 21:34 - 000001196 ____C C:\Users\Viktor\Desktop\µTorrent.lnk
2019-04-03 13:29 - 2017-05-22 19:25 - 000001429 ____C C:\Users\Viktor\Desktop\TeamSpeak 3 Client.lnk
2019-04-03 01:58 - 2019-02-13 13:30 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2019-04-03 01:57 - 2017-05-19 16:48 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-04-03 01:56 - 2018-11-18 08:24 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\WeMod
2019-04-03 01:44 - 2019-03-29 17:43 - 000000000 ___DC C:\Users\Viktor\AppData\Local\WeMod
2019-04-03 01:44 - 2018-11-18 08:24 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2019-04-03 01:44 - 2018-05-21 21:23 - 000000000 ___DC C:\Users\Viktor\AppData\Local\SquirrelTemp
2019-04-01 18:02 - 2017-10-14 15:56 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\.minecraft
2019-04-01 16:02 - 2019-02-14 22:52 - 000000516 ____C C:\Users\Viktor\Desktop\updateLog.txt
2019-04-01 16:02 - 2018-09-08 19:37 - 000000843 ____C C:\Users\Viktor\Desktop\nativelog.txt
2019-04-01 16:02 - 2018-09-08 19:37 - 000000000 ___DC C:\Users\Viktor\Desktop\tmp
2019-04-01 16:02 - 2018-08-05 23:13 - 001526144 ____C (Mojang) C:\Users\Viktor\Desktop\Minecraft.exe

==================== Files in the root of some directories =======

2018-07-28 22:55 - 2018-07-28 22:55 - 000000112 ____C () C:\Users\Viktor\AppData\Roaming\Předvolby CS6 pro JP2K
2019-01-15 21:35 - 2019-01-16 11:35 - 000000600 ____C () C:\Users\Viktor\AppData\Roaming\winscp.rnd
2018-10-13 14:13 - 2018-10-13 14:18 - 000001480 ____C () C:\Users\Viktor\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2017-11-05 01:36 - 2017-11-05 01:38 - 000007605 ____C () C:\Users\Viktor\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Přílohy:
Addition.rar [14.91 KiB]
16 krát

Autor:  Rudy [ 01 kvě 2019 15:57 ]
Předmět příspěvku:  Re: Oznamovací okno plné reklam.

Zdravím!
Spusťte tuto utilitu:

Citace:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Autor:  drobek1985 [ 01 kvě 2019 16:42 ]
Předmět příspěvku:  Re: Oznamovací okno plné reklam.

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-01-2019
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 33
# Failed: 0


***** [ Services ] *****

Deleted ReimageRealTimeProtector

***** [ Folders ] *****

Deleted C:\Program Files\Reimage
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
Deleted C:\ProgramData\Reimage Protector
Deleted C:\rei

***** [ Files ] *****

Deleted C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
Deleted C:\Windows\Reimage.ini
Deleted C:\Windows\Temp\reimage.log

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\REIMAGEUPDATER

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKCU\Software\Reimage
Deleted HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDFFE908-BAC2-41EB-93F6-7E29B2B884EA}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReimageUpdater
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe
Deleted HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine.1
Deleted HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
Deleted HKLM\Software\Reimage
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email
Deleted Seznam doplněk - Esko

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4732 octets] - [14/04/2019 13:56:26]
AdwCleaner[C00].txt - [4246 octets] - [14/04/2019 13:57:17]
AdwCleaner_Debug.log - [119715 octets] - [14/04/2019 17:14:57]
AdwCleaner[S01].txt - [1507 octets] - [14/04/2019 17:16:14]
AdwCleaner[C01].txt - [1656 octets] - [14/04/2019 17:17:00]
AdwCleaner[S02].txt - [1630 octets] - [14/04/2019 17:19:48]
AdwCleaner[S03].txt - [4181 octets] - [25/04/2019 01:34:37]
AdwCleaner[C03].txt - [3863 octets] - [25/04/2019 01:34:53]
AdwCleaner[S04].txt - [1838 octets] - [25/04/2019 01:36:39]
AdwCleaner[C04].txt - [1966 octets] - [25/04/2019 01:37:06]
AdwCleaner[S05].txt - [1960 octets] - [25/04/2019 01:38:27]
AdwCleaner[S06].txt - [2406 octets] - [25/04/2019 03:14:09]
AdwCleaner[C06].txt - [2500 octets] - [25/04/2019 03:15:43]
AdwCleaner[S07].txt - [2045 octets] - [25/04/2019 03:17:32]
AdwCleaner[S08].txt - [4870 octets] - [01/05/2019 17:39:12]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C08].txt ##########

Autor:  Rudy [ 01 kvě 2019 17:04 ]
Předmět příspěvku:  Re: Oznamovací okno plné reklam.

Dejte nové lpgy FRST+Addition.

Autor:  drobek1985 [ 02 kvě 2019 05:36 ]
Předmět příspěvku:  Re: Oznamovací okno plné reklam.

Pardon..
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-05.2019
Ran by Viktor (administrator) on GRONUS (MSI MS-7850) (02-05-2019 06:30:44)
Running from A:\Users\Viktor\Downloads
Loaded Profiles: Viktor (Available Profiles: Viktor)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: Čeština (Česko)
Default browser: IE
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE
() [File not signed] C:\Program Files (x86)\Gaming Keyboard\OSD.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Gaijin Network LTD -> Gaijin Entertainment) C:\Users\Viktor\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Users\Viktor\Desktop\AdwCleaner.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\Steam.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [193024 2019-02-13] (Microsoft Corporation) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-01-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.)
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [270336 2013-04-09] () [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\...\Run: [Steam] => "A:\Program Files (x86)\Steam\steam.exe" -silent
HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\...\Run: [Discord] => C:\Users\Viktor\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46506040 2019-04-09] (Google LLC -> )
HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\...\Run: [Gaijin.Net Updater] => C:\Users\Viktor\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2105416 2019-04-20] (Gaijin Network LTD -> Gaijin Entertainment)
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.108\Installer\chrmstp.exe [2019-04-25] (Google LLC -> Google Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1C37C83A-1082-4447-9C95-2861E7E270A4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648688 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2327AE85-ACFA-428E-90FA-EF3D619B846D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3729392 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {32FA7A9E-F958-4926-A395-D4F051AD2B52} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2408496 2019-04-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3C19D1E0-2F09-4789-A180-C654B929CF19} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3F3BD994-DB02-4FEE-B3C3-817E98F1F20A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {59C7141D-284D-4CAA-BE9F-EFB5C21005C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
Task: {5A0EA278-AF1A-4533-9549-B9C6EF8486AF} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5EBBE9E7-EBE6-48BB-811C-D525D0B5E7EA} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {638C7CF6-8E19-43EF-80D3-F64BEA19727A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [591344 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6390889A-6A6C-4B41-98B2-51D7ABD6B665} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6ADA3922-59B0-438D-8C52-6F309324F734} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
Task: {72B024C5-7984-4B7C-81CF-1B6854EADC02} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {75858300-5267-453C-9B9B-C039B3E2FAA7} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9534C801-1BED-4230-919A-6FE6CA8B560B} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1652536 2018-11-05] (Intel(R) Software -> Intel Corporation)
Task: {97570CEF-AFDC-4AD7-9ABA-AF2FDFA744A5} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9BCF1657-6DBC-4B2C-A2E3-198C649E515A} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
Task: {BFBE4C0D-35F6-4DDA-B848-788CF7664F59} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BFE741A5-5854-4A06-B96F-164E976790A5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {CCCC5529-DCFB-475F-A1DB-695BF91F2D41} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D6AE993E-76D7-4501-A2BE-751AD9EEC365} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
Task: {DE1FE768-6AB8-486A-8EA7-9DB2B8796683} - System32\Tasks\RogueKiller Anti-Malware => C:\Program Files\RogueKiller\RogueKiller64.exe [33953848 2019-04-24] (Adlice -> )
Task: {FD7D8255-14C5-492F-8D35-D91310D5A98F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7C88A368-4F75-4C37-9469-2391468D556A}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.2\bin\jp2ssv.dll [2018-10-10] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\dtplugin\npDeployJava1.dll [2018-10-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\plugin2\npjp2.dll [2018-10-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2017-07-14] (Adobe Systems Incorporated -> )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.cz/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default [2019-05-02]
CHR Extension: (Prezentace) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-25]
CHR Extension: (Dokumenty) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-25]
CHR Extension: (Disk Google) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-25]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-05-01]
CHR Extension: (YouTube) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-25]
CHR Extension: (Tabulky) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-25]
CHR Extension: (AdBlock) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-25]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-04-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-25]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-05-01]
CHR Extension: (Gmail) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-25]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8361960 2019-01-25] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2019-01-24] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\NisSrv.exe [4096976 2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
R2 XTU3SERVICE; C:\WINDOWS\SysWOW64\XtuService.exe [26200 2019-03-26] (Intel Corporation -> Intel(R) Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.)
S3 aswbIDSAgent; "C:\Program Files\AVAST Software\Avast\aswidsagent.exe" [X]
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-02-06] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249456 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-30] (Comodo Security Solutions, Inc. -> COMODO)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [114040 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_52ac7eb8f32780d5\nvlddmkm.sys [17211376 2018-08-01] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-02-26] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 qcfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [49208 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbnet; C:\WINDOWS\system32\DRIVERS\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46488 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [343032 2019-01-24] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [63480 2019-01-24] (Microsoft Windows -> Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [56024 2019-03-26] (Intel(R) Extreme Tuning Utility -> Intel Corporation)
R3 XTUComponent; C:\WINDOWS\System32\drivers\iocbios2.sys [38064 2019-03-26] (Intel Corporation -> Intel Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2019-04-25] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2019-04-25] (Zemana Ltd. -> Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-01 17:40 - 2019-05-01 17:40 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-05-01 17:40 - 2019-05-01 17:40 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-05-01 17:40 - 2019-05-01 17:40 - 000114040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-05-01 17:40 - 2019-05-01 17:40 - 000073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-05-01 12:55 - 2019-05-01 12:55 - 000001339 ____C C:\Users\Viktor\Desktop\kenshi_x64.exe – zástupce.lnk
2019-05-01 12:54 - 2019-05-01 12:54 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-05-01 12:31 - 2019-05-01 12:34 - 000000000 ____D C:\ProgramData\ReimageRepair
2019-05-01 09:59 - 2019-05-01 12:30 - 000000000 ____D C:\ProgramData\RogueKiller
2019-05-01 09:59 - 2019-05-01 09:59 - 000003136 _____ C:\WINDOWS\System32\Tasks\RogueKiller Anti-Malware
2019-05-01 09:59 - 2019-05-01 09:59 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2019-05-01 09:59 - 2019-05-01 09:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2019-05-01 09:59 - 2019-05-01 09:59 - 000000000 ____D C:\Program Files\RogueKiller
2019-04-29 03:08 - 2016-04-13 06:54 - 000000000 ___DC C:\Users\Viktor\Desktop\SKIDROW
2019-04-29 03:02 - 2019-04-29 10:36 - 000000000 ___DC C:\Users\Viktor\Documents\Assassin's Creed Syndicate
2019-04-29 02:34 - 2019-04-29 02:34 - 000001270 _____ C:\Users\Public\Desktop\Assassins Creed Syndicate - The Dreadful Crimes.lnk
2019-04-29 02:34 - 2019-04-29 02:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2019-04-27 10:28 - 2019-04-27 10:28 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignf1888b1774cd1e76
2019-04-27 09:30 - 2019-04-27 09:30 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign2a69c0a303261ade
2019-04-27 09:27 - 2019-04-27 09:27 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignfd44f93a0717b2ad
2019-04-27 09:27 - 2019-04-27 09:27 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignd86e65b5cd902c00
2019-04-26 14:01 - 2019-04-28 02:10 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\launcher-main
2019-04-26 14:01 - 2019-04-26 14:01 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Paradox Launcher
2019-04-26 14:01 - 2019-04-26 14:01 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Paradox Interactive
2019-04-26 12:51 - 2019-04-26 12:51 - 000000974 _____ C:\Users\Public\Desktop\Imperator - Rome.lnk
2019-04-26 12:51 - 2019-04-26 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imperator - Rome [GOG.com]
2019-04-25 09:42 - 2019-04-25 09:42 - 000000053 _____ C:\WINDOWS\WrpYGF74DrEm.ini
2019-04-25 06:15 - 2019-04-25 06:15 - 000003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-25 06:15 - 2019-04-25 06:15 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-25 06:15 - 2019-04-25 06:15 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-25 06:15 - 2019-04-25 06:15 - 000002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-25 03:23 - 2019-04-25 10:01 - 000002395 ____C C:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-25 03:06 - 2019-04-25 03:06 - 000101634 ____C C:\Users\Viktor\Documents\cc_20190425_030647.reg
2019-04-25 02:35 - 2019-05-02 06:30 - 000145849 _____ C:\WINDOWS\ZAM.krnl.trace
2019-04-25 02:35 - 2019-05-02 06:30 - 000117362 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2019-04-25 02:35 - 2019-04-25 03:16 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2019-04-25 02:35 - 2019-04-25 02:35 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2019-04-25 02:35 - 2019-04-25 02:35 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2019-04-25 02:35 - 2019-04-25 02:35 - 000001145 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2019-04-25 02:35 - 2019-04-25 02:35 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Zemana
2019-04-25 02:35 - 2019-04-25 02:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2019-04-25 02:00 - 2019-04-25 02:00 - 000001966 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2019-04-25 02:00 - 2019-04-25 02:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2019-04-25 02:00 - 2019-04-25 02:00 - 000000000 ____D C:\Program Files\HitmanPro
2019-04-25 01:50 - 2019-04-25 01:50 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-25 01:50 - 2019-04-25 01:50 - 000000000 ___DC C:\Users\Viktor\AppData\Local\mbamtray
2019-04-25 01:50 - 2019-04-25 01:50 - 000000000 ___DC C:\Users\Viktor\AppData\Local\mbam
2019-04-25 01:50 - 2019-04-25 01:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-25 01:50 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-04-25 01:50 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-04-25 01:04 - 2019-05-01 05:02 - 000000000 ____D C:\ProgramData\{A9E6D5CC-C748-245C-30DA-DFA8303D86F9}
2019-04-25 01:04 - 2019-05-01 05:02 - 000000000 ____D C:\ProgramData\{981C4A17-5893-15A6-EB45-2599EBA27CC8}
2019-04-25 01:04 - 2019-04-25 01:55 - 000000000 ____D C:\Program Files (x86)\Fartouch
2019-04-25 01:04 - 2019-04-25 01:04 - 000000000 ____D C:\ProgramData\fb
2019-04-25 01:03 - 2019-04-25 01:03 - 000014710 ____C C:\Users\Viktor\Documents\kenshi-v1_0_25.torrent
2019-04-24 08:42 - 2019-04-24 08:42 - 000000894 ____C C:\Users\Viktor\Desktop\Steel Division Normandy 44 Back to Hell.lnk
2019-04-24 08:42 - 2019-04-24 08:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steel Division Normandy 44 Back to Hell
2019-04-22 01:28 - 2019-04-22 01:28 - 000000852 _____ C:\Users\Public\Desktop\Project Highrise.lnk
2019-04-22 01:28 - 2019-04-22 01:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project Highrise [GOG.com]
2019-04-21 04:29 - 2019-04-21 19:05 - 000000000 ____D C:\ProgramData\Intel
2019-04-21 04:25 - 2019-04-21 04:25 - 000002685 _____ C:\Users\Public\Desktop\Intel(R) Extreme Tuning Utility.lnk
2019-04-21 04:25 - 2019-04-21 04:25 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel
2019-04-21 04:25 - 2019-04-21 04:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-04-21 04:25 - 2019-04-21 04:25 - 000000000 ____D C:\Program Files (x86)\Intel
2019-04-21 04:22 - 2019-04-21 04:22 - 000000914 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2019-04-21 04:22 - 2019-04-21 04:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2019-04-21 04:22 - 2019-04-21 04:22 - 000000000 ____D C:\Program Files\CPUID
2019-04-20 02:18 - 2019-04-20 02:18 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2019-04-20 02:18 - 2019-04-20 02:18 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2019-04-19 04:49 - 2019-04-19 04:49 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Kaedrin Mod Manager
2019-04-18 07:24 - 2019-04-18 07:24 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignab9d47fd729f0e99
2019-04-18 07:19 - 2019-04-18 07:19 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign48192dfd30b81c22
2019-04-18 07:18 - 2019-04-18 07:18 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignee4b6bec070b6ef2
2019-04-18 07:18 - 2019-04-18 07:18 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignca22dc866afc2035
2019-04-18 07:18 - 2019-04-18 07:18 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign30991d3624d56e27
2019-04-17 06:43 - 2019-04-17 06:43 - 000000905 ____C C:\Users\Viktor\Desktop\blender.lnk
2019-04-17 06:43 - 2019-04-17 06:43 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2019-04-17 03:20 - 2019-04-17 03:22 - 000000000 ____D C:\Users\Viktor\New Unity Project
2019-04-17 03:20 - 2019-04-17 03:20 - 000000000 ___DC C:\Users\Viktor\AppData\LocalLow\DefaultCompany
2019-04-17 03:15 - 2019-04-17 03:15 - 000000000 ___DC C:\Users\Viktor\Documents\Visual Studio 2017
2019-04-17 03:15 - 2019-04-17 03:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2017 Tools for Unity
2019-04-17 03:15 - 2019-04-17 03:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
2019-04-17 03:13 - 2019-04-17 03:13 - 000000000 ____D C:\ProgramData\Windows App Certification Kit
2019-04-17 03:13 - 2019-04-17 03:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2019-04-17 03:13 - 2019-04-17 03:13 - 000000000 ____D C:\Program Files\Application Verifier
2019-04-17 03:13 - 2019-04-17 03:13 - 000000000 ____D C:\Program Files (x86)\Application Verifier
2019-04-17 03:07 - 2019-04-17 03:20 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Unity
2019-04-17 03:07 - 2019-04-17 03:20 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Unity
2019-04-17 03:03 - 2019-04-17 03:15 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2019-04-17 03:03 - 2019-04-17 03:13 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2019-04-17 03:03 - 2019-04-17 03:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
2019-04-17 03:02 - 2019-04-17 03:02 - 000001499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017.lnk
2019-04-17 03:01 - 2019-04-17 03:15 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Visual Studio Setup
2019-04-17 03:01 - 2019-04-17 03:01 - 000001359 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2019-04-17 03:01 - 2019-04-17 03:01 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\vstelemetry
2019-04-17 03:01 - 2019-04-17 03:01 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Microsoft Visual Studio
2019-04-17 03:01 - 2019-04-17 03:01 - 000000000 ___DC C:\Users\Viktor\AppData\Local\ServiceHub
2019-04-17 03:01 - 2019-04-17 03:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2019-04-17 03:00 - 2019-04-17 03:00 - 000001292 _____ C:\Users\Public\Desktop\Unity 2019.1.0f2 (64-bit).lnk
2019-04-17 03:00 - 2019-04-17 03:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2019.1.0f2 (64-bit)
2019-04-17 03:00 - 2019-04-17 03:00 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio
2019-04-17 02:59 - 2019-04-17 02:59 - 000000000 ____D C:\Program Files\Unity
2019-04-17 02:50 - 2019-04-17 02:50 - 000000000 ____D C:\ProgramData\Unity
2019-04-17 02:45 - 2019-04-21 04:26 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\UnityHub
2019-04-17 02:44 - 2019-04-17 02:45 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Unity Hub
2019-04-17 02:44 - 2019-04-17 02:44 - 000000963 _____ C:\Users\Public\Desktop\Unity Hub.lnk
2019-04-17 02:44 - 2019-04-17 02:44 - 000000963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity Hub.lnk
2019-04-14 17:30 - 2019-04-29 02:56 - 000001894 ____C C:\Users\Viktor\Desktop\RimWorldWin64.exe – zástupce (2).lnk
2019-04-14 17:14 - 2019-04-14 17:11 - 007025360 ____C (Malwarebytes) C:\Users\Viktor\Desktop\AdwCleaner.exe
2019-04-14 14:16 - 2019-05-02 06:30 - 000000000 ____D C:\FRST
2019-04-14 13:55 - 2019-04-14 13:57 - 000000000 ____D C:\AdwCleaner
2019-04-14 02:02 - 2019-04-14 02:02 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignf3ccd56604a6f1ce
2019-04-14 01:57 - 2019-04-14 01:57 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign689c36f6b586d2e3
2019-04-14 01:55 - 2019-04-14 01:55 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign003510523f393a63
2019-04-14 01:11 - 2019-04-14 01:11 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignd844b315cfb03a40
2019-04-14 01:03 - 2019-04-14 01:03 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignd05436b799aa4477
2019-04-14 00:38 - 2019-04-14 00:38 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign124104dc2ff97511
2019-04-14 00:37 - 2019-04-14 00:37 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignd492c9d4e8f9042a
2019-04-14 00:37 - 2019-04-14 00:37 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign325f5095b18056f1
2019-04-14 00:37 - 2019-04-14 00:37 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign23630efe59e689da
2019-04-13 13:54 - 2019-04-13 13:54 - 000001324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Repair.lnk
2019-04-13 13:54 - 2019-04-13 13:54 - 000001312 _____ C:\Users\Public\Desktop\Registry Repair.lnk
2019-04-13 13:54 - 2019-04-13 13:54 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\GlarySoft
2019-04-13 13:54 - 2019-04-13 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2019-04-13 13:54 - 2019-04-13 13:54 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2019-04-13 02:22 - 2019-04-13 02:22 - 000699824 ____C C:\Users\Viktor\Documents\cc_20190413_022209.reg
2019-04-13 01:54 - 2019-04-13 01:54 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign8b87c090ef903010
2019-04-13 01:41 - 2019-04-13 01:41 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign8d24925776db14e9
2019-04-13 01:08 - 2019-04-13 01:08 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignf92f806b41f021f8
2019-04-13 01:05 - 2019-04-13 01:05 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign29f568f672d5b4a7
2019-04-13 00:29 - 2019-04-13 00:29 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignb32499e6640af6ef
2019-04-13 00:29 - 2019-04-13 00:29 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign346aec6a6a76ad2d
2019-04-13 00:25 - 2019-04-13 00:25 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign110e15a64e51cfae
2019-04-12 23:30 - 2019-04-13 02:20 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2019-04-12 23:29 - 2019-04-13 02:20 - 000000000 ____D C:\ProgramData\NCH Software
2019-04-12 23:29 - 2019-04-13 02:18 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\NCH Software
2019-04-12 22:13 - 2019-04-12 22:13 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignf7e51400cfa6fa7d
2019-04-12 15:23 - 2019-04-12 15:23 - 000000814 _____ C:\Users\Public\Desktop\Frostpunk.lnk
2019-04-12 15:23 - 2019-04-12 15:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frostpunk [GOG.com]
2019-04-12 01:15 - 2019-04-12 01:15 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign0426d50f0d2e7d23
2019-04-12 00:52 - 2019-04-12 00:52 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign71dbd6bdf7a9f829
2019-04-11 23:49 - 2019-04-11 23:49 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign494651ddf307f466
2019-04-11 23:37 - 2019-04-11 23:40 - 000000000 ___DC C:\Users\Viktor\Desktop\svět po světě
2019-04-11 00:41 - 2019-04-11 00:41 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign084e453206e6c1f0
2019-04-11 00:38 - 2019-04-11 00:38 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignf06a5cd787eddea0
2019-04-11 00:38 - 2019-04-11 00:38 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign70793c8a3803f36f
2019-04-09 22:03 - 2019-04-09 22:03 - 000000782 ____C C:\Users\Viktor\Desktop\ЗапуститьAssassins Creed Odyssey.lnk
2019-04-08 20:04 - 2019-04-08 20:04 - 000001430 _____ C:\Users\Public\Desktop\Farming Simulator 19.lnk
2019-04-08 13:24 - 2019-04-08 13:24 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Targem
2019-04-08 12:17 - 2019-04-08 12:17 - 000000222 ____C C:\Users\Viktor\Desktop\Crossout.url
2019-04-08 12:17 - 2019-04-08 12:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossout
2019-04-06 22:58 - 2019-04-06 22:58 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\launcher
2019-04-05 03:03 - 2019-04-05 03:03 - 000000000 ____C C:\Users\Viktor\Desktop\Nový textový dokument (3).txt
2019-04-03 13:29 - 2019-04-03 13:29 - 000000000 _____ C:\WINDOWS\System32\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
2019-04-03 02:09 - 2019-04-25 01:23 - 000000000 ___HD C:\VTRoot
2019-04-03 01:59 - 2019-04-03 01:59 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2019-04-03 01:59 - 2019-04-03 01:59 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2019-04-03 01:54 - 2019-04-29 02:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2019-04-03 01:54 - 2019-04-29 02:57 - 000000000 ____D C:\Program Files (x86)\Comodo
2019-04-03 01:54 - 2019-01-29 10:42 - 000254440 _____ (COMODO) C:\WINDOWS\system32\iseguard64.dll
2019-04-03 01:54 - 2019-01-29 10:42 - 000205024 _____ (COMODO) C:\WINDOWS\SysWOW64\iseguard32.dll
2019-04-03 01:54 - 2018-08-30 00:55 - 000063256 _____ (COMODO) C:\WINDOWS\system32\Drivers\isedrv.sys
2019-04-03 01:52 - 2019-04-29 02:58 - 000000000 ____D C:\ProgramData\Comodo
2019-04-02 13:59 - 2019-04-02 13:59 - 000001059 _____ C:\Users\Public\Desktop\Shadow Tactics - Blades of the Shogun.lnk
2019-04-02 13:59 - 2019-04-02 13:59 - 000000000 ___DC C:\Users\Viktor\AppData\LocalLow\Daedalic Entertainment GmbH
2019-04-02 13:59 - 2019-04-02 13:59 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Daedalic Entertainment GmbH
2019-04-02 13:59 - 2019-04-02 13:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shadow Tactics - Blades of the Shogun [GOG.com]
2019-04-02 11:35 - 2019-04-02 11:35 - 000000895 _____ C:\Users\Public\Desktop\Project Hospital.lnk
2019-04-02 11:35 - 2019-04-02 11:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project Hospital [GOG.com]

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-01 18:46 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-01 18:43 - 2017-05-22 17:10 - 000000000 ___DC C:\Users\Viktor\AppData\Local\CrashDumps
2019-05-01 17:53 - 2017-05-19 16:48 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-01 17:46 - 2018-05-14 17:13 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-01 17:46 - 2018-04-12 17:50 - 000715034 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-01 17:46 - 2018-04-12 17:50 - 000144328 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-01 17:46 - 2018-04-12 01:36 - 000000000 ___HD C:\WINDOWS\INF
2019-05-01 17:40 - 2019-02-26 21:34 - 000000000 ___RD C:\Users\Viktor\Disk Google
2019-05-01 17:40 - 2018-05-14 17:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-01 17:39 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-05-01 15:54 - 2018-05-14 17:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-01 15:46 - 2017-09-19 21:34 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\uTorrent
2019-05-01 12:42 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-04-29 05:30 - 2018-05-14 17:06 - 000000000 ____D C:\Users\Viktor
2019-04-29 03:09 - 2018-05-15 23:22 - 000000000 ___DC C:\Users\Viktor\AppData\Local\D3DSCache
2019-04-29 03:08 - 2018-03-13 22:28 - 000000000 ___DC C:\Users\Viktor\Documents\SkidRow
2019-04-29 03:02 - 2017-12-02 21:12 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Ubisoft Game Launcher
2019-04-29 02:56 - 2018-10-31 12:05 - 000001801 ____C C:\Users\Viktor\Desktop\ProjectHospital.exe – zástupce.lnk
2019-04-29 02:56 - 2018-10-27 01:14 - 000001621 ____C C:\Users\Viktor\Desktop\RimWorldWin64.exe – zástupce.lnk
2019-04-29 02:56 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-27 02:20 - 2017-07-29 15:16 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\vlc
2019-04-26 14:01 - 2017-05-28 15:04 - 000000000 ___DC C:\Users\Viktor\Documents\Paradox Interactive
2019-04-25 06:15 - 2017-05-19 17:53 - 000000000 ____D C:\Program Files (x86)\Google
2019-04-25 03:23 - 2017-05-19 17:53 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Google
2019-04-25 02:40 - 2018-04-12 01:38 - 000000000 __SHD C:\Program Files\Windows Sidebar
2019-04-25 01:53 - 2017-10-23 01:04 - 000000000 ____D C:\ProgramData\HitmanPro
2019-04-25 01:50 - 2017-10-18 13:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-24 02:56 - 2019-02-06 14:55 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-04-22 10:13 - 2019-01-02 15:06 - 000000000 ___HD C:\WINDOWS\Minidump
2019-04-21 04:25 - 2017-05-20 01:41 - 000000000 ____D C:\ProgramData\Package Cache
2019-04-20 02:21 - 2019-02-26 21:29 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2019-04-20 02:21 - 2019-02-26 21:29 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2019-04-20 02:21 - 2019-02-26 21:29 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2019-04-20 02:21 - 2019-02-26 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-04-19 04:08 - 2018-05-14 17:10 - 000003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3348608579-3824376785-1914751379-1001
2019-04-19 04:08 - 2018-05-14 17:06 - 000002404 ____C C:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-19 04:08 - 2017-12-28 17:28 - 000000000 ___RD C:\Users\Viktor\OneDrive
2019-04-19 00:53 - 2018-05-14 15:58 - 000000000 __HDC C:\WINDOWS\Panther
2019-04-19 00:53 - 2017-05-19 16:59 - 000000000 ____D C:\ESD
2019-04-17 03:20 - 2017-09-16 17:04 - 000000000 ___DC C:\Users\Viktor\AppData\LocalLow\Unity
2019-04-17 03:14 - 2018-04-12 01:30 - 000000000 ___HD C:\WINDOWS\CbsTemp
2019-04-17 03:05 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-04-17 03:03 - 2018-05-14 18:00 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-04-15 12:58 - 2018-04-25 19:17 - 000000000 ___DC C:\Users\Viktor\AppData\LocalLow\Temp
2019-04-11 00:41 - 2018-12-21 23:17 - 000000000 ___DC C:\Users\Viktor\Desktop\Nová složka
2019-04-08 20:04 - 2019-01-04 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 19
2019-04-08 13:24 - 2018-07-14 21:08 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\EasyAntiCheat
2019-04-08 13:24 - 2017-05-21 00:34 - 000000000 ___DC C:\Users\Viktor\Documents\My Games
2019-04-08 12:17 - 2017-05-19 18:39 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-04-06 23:19 - 2017-05-22 19:25 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\TS3Client
2019-04-03 13:29 - 2019-02-26 21:34 - 000001965 ____C C:\Users\Viktor\Desktop\Disk Google.lnk
2019-04-03 13:29 - 2018-11-18 08:24 - 000002361 ____C C:\Users\Viktor\Desktop\WeMod.lnk
2019-04-03 13:29 - 2018-05-21 21:23 - 000002441 ____C C:\Users\Viktor\Desktop\Discord.lnk
2019-04-03 13:29 - 2017-09-19 21:34 - 000001196 ____C C:\Users\Viktor\Desktop\µTorrent.lnk
2019-04-03 13:29 - 2017-05-22 19:25 - 000001429 ____C C:\Users\Viktor\Desktop\TeamSpeak 3 Client.lnk
2019-04-03 01:58 - 2019-02-13 13:30 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2019-04-03 01:57 - 2017-05-19 16:48 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-04-03 01:56 - 2018-11-18 08:24 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\WeMod
2019-04-03 01:44 - 2019-03-29 17:43 - 000000000 ___DC C:\Users\Viktor\AppData\Local\WeMod
2019-04-03 01:44 - 2018-11-18 08:24 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2019-04-03 01:44 - 2018-05-21 21:23 - 000000000 ___DC C:\Users\Viktor\AppData\Local\SquirrelTemp

==================== Files in the root of some directories =======

2018-07-28 22:55 - 2018-07-28 22:55 - 000000112 ____C () C:\Users\Viktor\AppData\Roaming\Předvolby CS6 pro JP2K
2019-01-15 21:35 - 2019-01-16 11:35 - 000000600 ____C () C:\Users\Viktor\AppData\Roaming\winscp.rnd
2018-10-13 14:13 - 2018-10-13 14:18 - 000001480 ____C () C:\Users\Viktor\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2017-11-05 01:36 - 2017-11-05 01:38 - 000007605 ____C () C:\Users\Viktor\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Přílohy:
Addition.rar [14.85 KiB]
16 krát

Autor:  Rudy [ 02 kvě 2019 09:44 ]
Předmět příspěvku:  Re: Oznamovací okno plné reklam.

Otevřte poznámkový blok a zkopírujte do něj:

Citace:
Start

CloseProcesses:
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.)
C:\Program Files (x86)\Zemana AntiMalware
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {59C7141D-284D-4CAA-BE9F-EFB5C21005C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
Task: {9BCF1657-6DBC-4B2C-A2E3-198C649E515A} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
Task: {D6AE993E-76D7-4501-A2BE-751AD9EEC365} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2019-04-25] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2019-04-25] (Zemana Ltd. -> Zemana Ltd.)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.)
C:\ProgramData\{A9E6D5CC-C748-245C-30DA-DFA8303D86F9}
C:\ProgramData\{981C4A17-5893-15A6-EB45-2599EBA27CC8}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
FirewallRules: [TCP Query User{D1971988-79C7-4330-B627-01DBE4289D76}A:\games\kenshi v1.0.25\kenshi_x64.exe] => (Allow) A:\games\kenshi v1.0.25\kenshi_x64.exe No File
FirewallRules: [UDP Query User{0BBF82C8-C133-45BC-8906-8EB17A2870D2}A:\games\kenshi v1.0.25\kenshi_x64.exe] => (Allow) A:\games\kenshi v1.0.25\kenshi_x64.exe No File

EmptyTemp:
Hosts:
End


Uložte do A:\Users\Viktor\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Autor:  drobek1985 [ 02 kvě 2019 10:53 ]
Předmět příspěvku:  Re: Oznamovací okno plné reklam.

Prosím zde fixlog:
Fix result of Farbar Recovery Scan Tool (x64) Version: 01-05.2019
Ran by Viktor (02-05-2019 11:49:36) Run:2
Running from A:\Users\Viktor\Downloads
Loaded Profiles: Viktor (Available Profiles: Viktor)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Zemana Bili�im Teknolojileri Sanayi Ticaret Limited �irketi -> Copyright 2017.)
C:\Program Files (x86)\Zemana AntiMalware
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {59C7141D-284D-4CAA-BE9F-EFB5C21005C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
Task: {9BCF1657-6DBC-4B2C-A2E3-198C649E515A} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
Task: {D6AE993E-76D7-4501-A2BE-751AD9EEC365} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2019-04-25] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2019-04-25] (Zemana Ltd. -> Zemana Ltd.)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Zemana Bili�im Teknolojileri Sanayi Ticaret Limited �irketi -> Copyright 2017.)
C:\ProgramData\{A9E6D5CC-C748-245C-30DA-DFA8303D86F9}
C:\ProgramData\{981C4A17-5893-15A6-EB45-2599EBA27CC8}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
FirewallRules: [TCP Query User{D1971988-79C7-4330-B627-01DBE4289D76}A:\games\kenshi v1.0.25\kenshi_x64.exe] => (Allow) A:\games\kenshi v1.0.25\kenshi_x64.exe No File
FirewallRules: [UDP Query User{0BBF82C8-C133-45BC-8906-8EB17A2870D2}A:\games\kenshi v1.0.25\kenshi_x64.exe] => (Allow) A:\games\kenshi v1.0.25\kenshi_x64.exe No File

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ZAM" => removed successfully
C:\Program Files (x86)\Zemana AntiMalware => moved successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{59C7141D-284D-4CAA-BE9F-EFB5C21005C3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59C7141D-284D-4CAA-BE9F-EFB5C21005C3}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9BCF1657-6DBC-4B2C-A2E3-198C649E515A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BCF1657-6DBC-4B2C-A2E3-198C649E515A}" => removed successfully
C:\WINDOWS\System32\Tasks\JavaUpdateSched => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\JavaUpdateSched" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D6AE993E-76D7-4501-A2BE-751AD9EEC365}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6AE993E-76D7-4501-A2BE-751AD9EEC365}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
ZAM => Unable to stop service.
HKLM\System\CurrentControlSet\Services\ZAM => removed successfully
ZAM => service removed successfully
ZAM_Guard => Unable to stop service.
HKLM\System\CurrentControlSet\Services\ZAM_Guard => removed successfully
ZAM_Guard => service removed successfully
HKLM\System\CurrentControlSet\Services\ZAMSvc => removed successfully
ZAMSvc => service removed successfully
C:\ProgramData\{A9E6D5CC-C748-245C-30DA-DFA8303D86F9} => moved successfully
C:\ProgramData\{981C4A17-5893-15A6-EB45-2599EBA27CC8} => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D1971988-79C7-4330-B627-01DBE4289D76}A:\games\kenshi v1.0.25\kenshi_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0BBF82C8-C133-45BC-8906-8EB17A2870D2}A:\games\kenshi v1.0.25\kenshi_x64.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 165359969 B
Java, Flash, Steam htmlcache => 188911323 B
Windows/system/drivers => 18772 B
Edge => 1086989 B
Chrome => 374251145 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 18042 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Viktor => 450605194 B

RecycleBin => 125676633 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:50:07 ====

Autor:  drobek1985 [ 02 kvě 2019 12:24 ]
Předmět příspěvku:  Re: Oznamovací okno plné reklam.

Stále to otravuje...
edit:jako ne že bych nepotřeboval shodit pár kilo... :oops:

Přílohy:
bordel.png
bordel.png [ 125.93 KiB | Zobrazeno 304 krát ]

Autor:  Rudy [ 02 kvě 2019 15:23 ]
Předmět příspěvku:  Re: Oznamovací okno plné reklam.

OK, ještě vyčistíme samotné prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize





Citace:
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;







Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Autor:  drobek1985 [ 02 kvě 2019 17:05 ]
Předmět příspěvku:  Re: Oznamovací okno plné reklam.

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Viktor on źt 02. 05. 2019 at 17:15:11,72.
Microsoft Windows 10 Home 10.0.17134 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Viktor\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

2. 5. 2019 17:18:20 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Viktor\AppData\Roaming\1337 deleted successfully
C:\Users\Viktor\AppData\Roaming\Crusader.Kings.II.v2.7.Incl.Monks.and.Mystics.DLC deleted successfully
C:\Users\Viktor\AppData\Roaming\Easeware deleted successfully
C:\Users\Viktor\AppData\Roaming\Europa.Universalis.IV.Extreme.Edition.v1.21.1.0.Repack deleted successfully
C:\Users\Viktor\AppData\Roaming\FlashgetSetup deleted successfully
C:\Users\Viktor\AppData\Roaming\QuickScan deleted successfully
C:\Users\Viktor\AppData\Roaming\Sid.Meiers.Civilization.VI.Deluxe.Edition.v1.0.0.167.Incl.8DLC.Repack deleted successfully
C:\Users\Viktor\AppData\Local\DBG deleted successfully
C:\Users\Viktor\AppData\Local\EmieSiteList deleted successfully
C:\Users\Viktor\AppData\Local\EmieUserList deleted successfully
C:\Users\Viktor\AppData\Local\FluxSoftware deleted successfully
C:\Users\Viktor\AppData\Local\GHISLER deleted successfully
C:\Users\Viktor\AppData\Local\Notepad++ deleted successfully
C:\Users\Viktor\AppData\Local\WMTools Downloaded Files deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\DBG deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3348608579-3824376785-1914751379-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B851AF-A4B9-43EF-97D3-28E1B4A5DB9B} deleted successfully
HKEY_USERS\S-1-5-21-3348608579-3824376785-1914751379-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} deleted successfully
HKEY_USERS\S-1-5-21-3348608579-3824376785-1914751379-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Viktor\AppData\Roaming\7DaysToDie deleted
C:\Users\Viktor\AppData\Roaming\discord deleted
C:\Users\Viktor\AppData\Roaming\Factorio deleted
C:\Users\Viktor\AppData\Roaming\UnityHub deleted
C:\Users\Viktor\AppData\Roaming\Visual Studio Setup deleted
C:\PROGRA~3\ReimageRepair deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Viktor\AppData\Local\Unity deleted
C:\Users\Viktor\AppData\Local\AVAST Software deleted
C:\Users\Viktor\AppData\Local\CrashRpt deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google deleted
C:\Users\Viktor\AppData\LocalLow\Unity deleted
C:\Users\Viktor\Desktop\4K Video Downloader.lnk deleted
"C:\Users\Viktor\AppData\Roaming\Předvolby CS6 pro JP2K" deleted

==== Chromium Look ======================

Google Chrome Version: 74.0.3729.108


HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
bgjpfhpjcgdppjbgnpnjllokbmcdllig - No path found[]
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]
olfeabkoenfaoljndfecamgilllcpiak - No path found[]

Seznam doplněk - Email - Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Google Drive App Launcher - Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
Seznam doplněk - Esko - Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
Chrome Media Router - Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Viktor\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Viktor\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4346 folders=867 5744963247 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Viktor\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Viktor\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on źt 02. 05. 2019 at 18:00:20,07 ======================

a JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by Viktor (Administrator) on źt 02. 05. 2019 at 18:02:42,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2

Successfully deleted: C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Folder)
Successfully deleted: C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Folder)



Registry: 2

Successfully deleted: HKCU\Software\Google\Chrome\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Registry Key)
Successfully deleted: HKCU\Software\Google\Chrome\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 02. 05. 2019 at 18:04:32,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Autor:  Rudy [ 02 kvě 2019 17:06 ]
Předmět příspěvku:  Re: Oznamovací okno plné reklam.

Změnilo se něco nyní?

Autor:  drobek1985 [ 02 kvě 2019 17:35 ]
Předmět příspěvku:  Re: Oznamovací okno plné reklam.

Nechám to chvilku běžet a uvidí se, jen by mě zajímalo jak moc je problém když synchronizuji prohlížeč s google účtem?

Autor:  Rudy [ 02 kvě 2019 18:07 ]
Předmět příspěvku:  Re: Oznamovací okno plné reklam.

Problé by být neměl, je to regulérní. Nic přesnějšího ale nevím, neprovozuji to.

Stránka 1 z 1 Všechny časy jsou v UTC + 1 hodina
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/