VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Dns unlocker

https://forum.viry.cz:443/viewtopic.php?t=150084

Stránka 1 z 2

Dns unlocker

Napsal: 23 zář 2016 18:02
od micalinin
Dobry den mam v počítači Dns Unlocker prosim o pomoc s odinstalovanim , stahnul sem proto Malwarebytes Anti-Malware Free a ten po instali nejde spsustit, nic to nepiše ani neděla prosim moc o pomoc .

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-09-2016
Ran by čunda (administrator) on LAPTOP-LCVD3MHM (23-09-2016 19:29:20)
Running from C:\Users\čunda\Downloads
Loaded Profiles: čunda (Available Profiles: čunda)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Amazon Inc.) C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(SweetLabs, Inc) C:\Users\čunda\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
() C:\ProgramData\UvConverter\UvConverter.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Intel Corporation) C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\DiskTrace.exe
() C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: H - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {37fe60c3-5be5-11e6-9bd0-3065ec81dabc} - "E:\Setup.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {9b5c289d-66c4-11e6-b8d2-3065ec81dabc} - "H:\setup\rsrc\Autorun.exe"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-2707501228-4093202152-1413403342-1001] => 127.0.0.1:18159
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\Parameters: [NameServer] 82.163.143.171 82.163.142.173
Tcpip\..\Interfaces\{4c05c3ce-f25a-4e64-82c1-5b3eca53fd9e}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9ed3fe4a-2b02-4783-b201-67652e3e9e11}: [NameServer] 82.163.143.171 82.163.142.173
Tcpip\..\Interfaces\{9ed3fe4a-2b02-4783-b201-67652e3e9e11}: [DhcpNameServer] 82.163.143.171
Tcpip\..\Interfaces\{eea7fe2d-21aa-4222-be63-103c86fec1db}: [DhcpNameServer] 82.163.143.171

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544401372&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544420656&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mylucky123.com/search/?type=ds&ts=1 ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mylucky123.com/?type=hp&ts=14746203 ... PFH64PFH64
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mylucky123.com/?type=hp&ts=14746203 ... PFH64PFH64
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1 ... earchTerms}
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mylucky123.com/search/?type=ds&ts=1 ... earchTerms}
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544482462&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mylucky123.com/?type=hp&ts=14746203 ... PFH64PFH64
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {0644EE93-D778-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {1F4F7198-8B19-4F61-B21A-8DBCC5C114E1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {2349977B-D64A-4633-B5FA-7AD1802BE099} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {252FA411-AD31-4A29-918C-C21FC9D9D214} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {32673C6B-27F9-4E97-A68E-43D564E14C45} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {403F17D7-960C-4456-A2D3-E47AD1F43922} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {65F404CD-F576-4A92-927F-F454C5924183} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {C376FE94-E51D-4037-BFAB-34C798E6170F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {EC2C06C7-B9F2-4A54-9BCF-E9C89C6045AB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F154C596-75A9-4028-90E8-9752BD7CA05B} URL =
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F200769B-1323-4202-8BF1-DB7DC7F88909} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
StartMenuInternet: IEXPLORE.EXE - c:\program files\internet explorer\iexplore.exe hxxp://www.mylucky123.com/?type=sc&ts=14746203 ... PFH64PFH64

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=147324502 ... PFH64PFH64

FireFox:
========
FF ProfilePath: C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Seznam
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: hxxp://www.mylucky123.com/?type=hp&ts=14746203 ... PFH64PFH64
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
FF SearchPlugin: C:\Users\čunda\AppData\Roaming\Mozilla\Firefox\Profiles\ce9otcc9.default\searchplugins\McSiteAdvisor.xml [2016-08-17]
FF SearchPlugin: C:\Users\čunda\AppData\Roaming\Mozilla\Firefox\Profiles\ce9otcc9.default\searchplugins\mylucky123.xml [2016-09-23]
FF SearchPlugin: C:\Users\čunda\AppData\Roaming\Mozilla\Firefox\Profiles\ce9otcc9.default\searchplugins\nice.xml [2016-08-30]
FF SearchPlugin: C:\Users\čunda\AppData\Roaming\Mozilla\Firefox\Profiles\ce9otcc9.default\searchplugins\nuesearch.xml [2016-09-07]
FF SearchPlugin: C:\Users\čunda\AppData\Roaming\Mozilla\Firefox\Profiles\ce9otcc9.default\searchplugins\seznam-avast.xml [2016-09-22]
FF SearchPlugin: C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\searchplugins\McSiteAdvisor.xml [2016-08-17]
FF SearchPlugin: C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\searchplugins\nice.xml [2016-08-30]
FF SearchPlugin: C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\searchplugins\searchinme.xml [2016-08-24]
FF SearchPlugin: C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\searchplugins\seznam-avast.xml [2016-09-22]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\čunda\AppData\Roaming\Mozilla\Firefox\Profiles\ce9otcc9.default\Extensions\abb@amazon.com.xpi [2016-08-06]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\čunda\AppData\Roaming\Mozilla\Firefox\Profiles\ce9otcc9.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2016-08-13]
FF Extension: (Seznam lištička) - C:\Users\čunda\AppData\Roaming\Mozilla\Firefox\Profiles\ce9otcc9.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-08-20]
FF Extension: (GsearchFinder) - C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\Extensions\@90B817C8-8A5C-413B-9DDD-B2C61ED6E79A.xpi [2016-08-19]
FF Extension: (SimilarWeb) - C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\Extensions\@DA3566E2-F709-11E5-8E87-A604BC8E7F8B.xpi [2016-08-24] [not signed]
FF Extension: (FF Adr) - C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi [2016-08-24] [not signed]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\Extensions\abb@amazon.com.xpi [2016-08-06]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2016-08-24]
FF Extension: (English (US) Language Pack) - C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2016-08-24] [not signed]
FF Extension: (Seznam lištička) - C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-08-24]
StartMenuInternet: FIREFOX.EXE - c:\program files (x86)\mozilla firefox\firefox.exe hxxp://www.mylucky123.com/?type=sc&ts=14746203 ... PFH64PFH64

Chrome:
=======
CHR HomePage: qudachmupishplalily -> hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w
CHR StartupUrls: qudachmupishplalily -> "hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w"
CHR DefaultSearchURL: qudachmupishplalily -> hxxp://www.nicesearches.com/search.php?type=ds ... earchTerms}
CHR DefaultSearchKeyword: qudachmupishplalily -> nice
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default [2016-09-22]
CHR Extension: (Prezentace Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-20]
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-06]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-06]
CHR Extension: (Seznam Lištička - Email) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-06]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-06]
CHR Extension: (SiteAdvisor) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-08-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-06]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-20]
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily [2016-09-23] <==== ATTENTION
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-20]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-20]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-20]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-20]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
StartMenuInternet: Google Chrome - c:\program files (x86)\google\chrome\application\chrome.exe hxxp://www.mylucky123.com/?type=sc&ts=14746203 ... PFH64PFH64

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Amazon 1Button App Service; c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [436032 2016-02-17] (Amazon Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-07-29] (Disc Soft Ltd)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [368552 2016-08-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] ()
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5893272 2016-07-19] (INCA Internet Co., Ltd.)
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 UvConverter; C:\ProgramData\UvConverter\UvConverter.exe [336104 2016-09-23] ()
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-08-17] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation)
S2 grkCachePls.exe; "C:\Program Files (x86)\Bvafivagh\grkCachePls.exe" {C25DA384-2010-45A4-A1ED-BFA540D4789B} {9DC74CD5-24EA-4ADE-9C42-608A8CE17116} [X]
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2016-08-30] (The OpenVPN Project)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-06] (Disc Soft Ltd)
S3 EagleX64; C:\Windows\system32\drivers\EagleX64.sys [140600 2016-09-08] (AhnLab, Inc.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-09-22] ()
S3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [41984 2015-06-03] (Intel(R) Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [345872 2016-05-26] (Intel Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5759240 2016-08-06] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3528976 2016-06-14] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [411712 2015-05-19] (Realsil Semiconductor Corporation)
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [47784 2015-05-27] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
R1 UCGuard; C:\Windows\System32\DRIVERS\ucguard.sys [81792 2016-08-02] (Huorong Borui (Beijing) Technology Co., Ltd.) <==== ATTENTION
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [36904 2016-08-11] (Wellbia.com Co., Ltd.)
U0 aswVmm; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-23 19:20 - 2016-09-23 19:22 - 00026097 _____ C:\Users\čunda\Downloads\Addition.txt
2016-09-23 19:17 - 2016-09-23 19:29 - 00028693 _____ C:\Users\čunda\Downloads\FRST.txt
2016-09-23 19:17 - 2016-09-23 19:29 - 00000000 ____D C:\FRST
2016-09-23 19:16 - 2016-09-23 19:17 - 02402816 _____ (Farbar) C:\Users\čunda\Downloads\FRST64.exe
2016-09-23 18:33 - 2016-09-23 18:48 - 00001179 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-23 18:33 - 2016-09-23 18:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-23 18:33 - 2016-09-23 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-23 18:33 - 2016-09-23 18:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-23 18:33 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-23 18:33 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-23 18:33 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-23 18:25 - 2016-09-23 18:32 - 22851472 _____ (Malwarebytes ) C:\Users\čunda\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-23 11:19 - 2016-07-27 21:25 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-09-23 10:45 - 2016-09-23 10:45 - 00000000 ____D C:\ProgramData\UvConverter
2016-09-23 10:31 - 2016-09-23 10:31 - 00003388 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2016-09-23 10:12 - 2016-09-23 10:13 - 34739208 _____ C:\Users\čunda\Downloads\Nepotvrzeno 715697.crdownload
2016-09-23 09:39 - 2016-09-23 18:06 - 00007603 _____ C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-09-22 23:06 - 2016-09-22 23:13 - 00000000 ____D C:\AdwCleaner
2016-09-22 23:05 - 2016-09-22 23:06 - 03861056 _____ C:\Users\čunda\Downloads\adwcleaner.exe
2016-09-22 23:05 - 2015-03-09 12:26 - 00019768 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
2016-09-22 23:05 - 2011-04-21 11:31 - 00017240 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg.sys
2016-09-22 23:03 - 2016-09-22 23:04 - 34739208 _____ C:\Users\čunda\Downloads\se-setup.exe
2016-09-22 22:56 - 2008-06-11 16:16 - 00001287 _____ C:\Users\čunda\Downloads\Přečti si!.txt
2016-09-22 22:55 - 2016-09-22 22:55 - 00234343 _____ C:\Users\čunda\Downloads\SUPERAntiSpyware4151000cz.zip
2016-09-22 22:52 - 2016-09-22 22:52 - 00000282 _____ C:\Users\čunda\Documents\cc_20160922_225210.reg
2016-09-22 22:51 - 2016-09-22 22:51 - 00004846 _____ C:\Users\čunda\Documents\cc_20160922_225122.reg
2016-09-22 22:40 - 2016-09-22 22:40 - 00179682 _____ C:\Users\čunda\Documents\cc_20160922_224017.reg
2016-09-22 22:35 - 2016-09-22 22:35 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-09-22 22:35 - 2016-09-22 22:35 - 00000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\Program Files\CCleaner
2016-09-22 22:34 - 2016-09-22 22:35 - 08244656 _____ (Piriform Ltd) C:\Users\čunda\Downloads\ccsetup522.exe
2016-09-22 22:33 - 2016-09-22 22:36 - 00000000 ____D C:\ProgramData\Avg
2016-09-22 22:32 - 2016-09-22 22:36 - 00000000 ____D C:\Users\čunda\AppData\Local\AvgSetupLog
2016-09-22 22:32 - 2016-09-22 22:32 - 02945520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\čunda\Downloads\AVG_Antivirus_Free_1425.exe
2016-09-22 22:32 - 2016-09-22 22:32 - 00000000 ____D C:\Users\čunda\AppData\Local\Avg
2016-09-22 18:44 - 2016-09-22 22:30 - 00004020 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1474562663
2016-09-22 16:59 - 2016-09-22 17:11 - 00000000 ____D C:\Program Files (x86)\pack
2016-09-22 16:59 - 2016-09-22 16:59 - 00000000 ____D C:\Program Files (x86)\lib
2016-09-22 16:54 - 2016-09-22 16:54 - 00000118 _____ C:\Users\čunda\Downloads\startmetin2.bat
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\python22.dll
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\nastaveni.exe
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\clientversion.txt
2016-09-22 16:31 - 2016-09-22 16:31 - 00000000 _____ C:\autoexec.bat
2016-09-22 16:27 - 2016-09-22 16:27 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-09-22 16:26 - 2016-09-22 16:26 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\čunda\Downloads\SpyHunter-Installer.exe
2016-09-22 16:10 - 2016-09-23 19:25 - 00000408 _____ C:\WINDOWS\Tasks\WpsUpdateTask_čunda.job
2016-09-22 16:10 - 2016-09-22 16:10 - 00003426 _____ C:\WINDOWS\System32\Tasks\WpsUpdateTask_čunda
2016-09-22 16:09 - 2016-09-23 18:52 - 00000408 _____ C:\WINDOWS\Tasks\WpsNotifyTask_čunda.job
2016-09-22 16:09 - 2016-09-22 16:09 - 00003426 _____ C:\WINDOWS\System32\Tasks\WpsNotifyTask_čunda
2016-09-22 16:09 - 2016-09-22 16:09 - 00000000 ____D C:\Users\čunda\AppData\Local\kingsoft
2016-09-22 15:47 - 2016-09-22 15:48 - 02373640 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x64.exe
2016-09-22 15:25 - 2016-09-22 15:25 - 00000000 ____D C:\Program Files\Kazrog LLC
2016-09-22 13:53 - 2016-09-22 15:22 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\quadcorem2-instalator.exe
2016-09-20 23:32 - 2016-09-21 00:18 - 00000000 ____D C:\Users\čunda\Downloads\Nová složka
2016-09-20 23:29 - 2016-09-20 23:29 - 00009922 _____ C:\Users\čunda\Downloads\fishingbot_1.2.rar
2016-09-17 23:10 - 2016-09-17 23:10 - 00001056 _____ C:\Users\Public\Desktop\Metin2.lnk
2016-09-17 23:10 - 2016-09-17 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2
2016-09-17 23:08 - 2016-09-23 18:39 - 00000000 ____D C:\Program Files (x86)\Metin2
2016-09-17 22:51 - 2016-09-22 16:54 - 00000000 ____D C:\Users\čunda\Downloads\pack
2016-09-17 22:51 - 2016-09-17 22:51 - 00000000 ____D C:\Users\čunda\Downloads\lib
2016-09-17 22:44 - 2016-09-17 23:07 - 720572809 _____ (Gameforge 4D GmbH ) C:\Users\čunda\Downloads\Metin2_cz_20111216.exe
2016-09-17 22:44 - 2016-09-17 22:44 - 00339609 _____ (Gameforge 4D ) C:\Users\čunda\Downloads\Downloader_Metin2_cz.exe
2016-09-17 22:43 - 2016-09-17 22:43 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\MSBuild
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-17 22:39 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:34 - 2016-09-17 22:34 - 01064960 _____ (Dupl3xx) C:\Program Files (x86)\Launcher.exe
2016-09-17 22:31 - 2016-09-17 22:31 - 02869264 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx35setup.exe
2016-09-17 22:04 - 2016-09-22 13:23 - 00000000 ____D C:\Kazrog LLC
2016-09-17 22:03 - 2016-09-23 17:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Quadcore
2016-09-17 21:03 - 2016-09-17 22:02 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\QuadcoreM2_instalator.exe
2016-09-17 18:43 - 2016-09-17 18:43 - 00000917 _____ C:\Users\Public\Desktop\Gameforge Live.lnk
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Users\čunda\AppData\Local\Gameforge4d
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Program Files\GameforgeLive
2016-09-17 18:05 - 2016-09-17 18:06 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup (1).exe
2016-09-16 13:16 - 2016-09-16 13:16 - 00003436 _____ C:\WINDOWS\System32\Tasks\{FA59C3EB-B5C8-49EA-99E7-B29317B79F49}
2016-09-15 22:48 - 2016-09-16 06:18 - 00000000 ____D C:\Program Files\Plumbytes Software
2016-09-15 22:48 - 2016-09-15 23:02 - 00000000 ____D C:\Users\čunda\AppData\Local\{698D0BA5-6E4B-44BD-9F9A-AA32F2E98D9A}
2016-09-15 21:57 - 2016-09-15 23:26 - 00000000 ____D C:\Program Files\Reimage
2016-09-15 21:55 - 2016-09-15 21:58 - 00000140 _____ C:\WINDOWS\Reimage.ini
2016-09-13 21:15 - 2016-09-13 21:15 - 00000000 ____D C:\Users\čunda\AppData\Local\Tejkys
2016-09-13 19:55 - 2016-09-17 19:35 - 00000000 ____D C:\Users\čunda\Downloads\SpaceWorld
2016-09-11 08:26 - 2016-07-19 09:54 - 05893272 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\GameMon.des
2016-09-11 08:26 - 2004-12-30 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\npptNT2.sys
2016-09-11 08:26 - 2003-07-15 23:17 - 00005174 _____ C:\WINDOWS\SysWOW64\nppt9x.vxd
2016-09-11 08:25 - 2016-09-11 08:25 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2016-09-11 00:55 - 2016-09-22 17:27 - 00000000 ____D C:\Users\�unda
2016-09-11 00:55 - 2016-09-17 18:00 - 00000000 ____D C:\Users\�unda\Downloads\Gameforge Live
2016-09-11 00:54 - 2016-09-17 18:42 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2016-09-11 00:53 - 2016-09-11 00:54 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup.exe
2016-09-10 20:44 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-09-10 20:31 - 2016-09-10 20:31 - 00000000 ____D C:\Users\Public\Documents\Arc
2016-09-10 20:29 - 2016-08-20 01:16 - 10828376 _____ (Perfect World Entertainment) C:\Users\čunda\Downloads\ArcInstall_NW_v20160818a.exe
2016-09-10 09:46 - 2016-09-10 09:46 - 00875472 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\msvcr110.dll
2016-09-10 09:42 - 2016-09-10 09:42 - 00000000 ____D C:\Users\čunda\Downloads\d3dx9_43
2016-09-10 09:42 - 2010-06-14 14:26 - 01998168 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\D3DX9_43.dll
2016-09-10 09:15 - 2016-09-10 09:18 - 849671643 _____ C:\Users\čunda\Downloads\MuLegend S6ep3.rar
2016-09-08 23:46 - 2016-09-09 15:38 - 00000000 __SHD C:\Users\čunda\AppData\Local\.#
2016-09-08 23:21 - 2016-09-08 23:21 - 730915713 _____ C:\Users\čunda\Downloads\Dragon Mu Season 6 v3.5 Sonido & Musica On.rar
2016-09-08 22:26 - 2016-09-08 22:30 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86 (1).exe
2016-09-08 18:24 - 2016-09-08 22:38 - 00000000 ____D C:\Program Files (x86)\TitanMu.net Season 10Ep3
2016-09-07 15:00 - 2016-09-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrimeMu
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73254359.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247734.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247562.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000378 _____ C:\WINDOWS\SysWOW64\data.bin
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223750.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223609.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73222312.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\en_73221375.html
2016-09-06 18:59 - 2016-09-06 20:03 - 775166660 _____ C:\Users\čunda\Downloads\Žena-v-kleci-(2013)-CZ-Dabing.avi
2016-09-06 18:28 - 2016-09-16 13:11 - 00000000 ____D C:\ProgramData\Setmike
2016-09-06 18:25 - 2016-09-06 18:25 - 00003672 _____ C:\WINDOWS\System32\Tasks\SetmikeUpdateTaskMachineCore
2016-09-06 18:25 - 2016-09-06 18:25 - 00003582 _____ C:\WINDOWS\System32\Tasks\SetmikeUpdateTaskMachineUA
2016-09-06 18:25 - 2016-09-06 18:25 - 00000000 ____D C:\Users\čunda\AppData\Local\Setmike
2016-09-06 18:25 - 2016-09-06 18:25 - 00000000 ____D C:\ProgramData\Sun
2016-09-06 18:25 - 2016-09-06 18:25 - 00000000 ____D C:\Program Files (x86)\Setmike
2016-09-06 18:24 - 2016-09-22 17:38 - 00000351 _____ C:\Users\Public\Documents\temp.dat
2016-09-06 16:33 - 2016-09-06 16:33 - 00889416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx40_Full_setup.exe
2016-09-06 16:20 - 2016-09-06 16:20 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86.exe
2016-09-06 12:35 - 2016-09-06 13:07 - 00000000 ____D C:\Users\čunda\Desktop\Dorty na facebook
2016-09-06 12:30 - 2016-09-07 20:41 - 00000000 _____ C:\WINDOWS\SysWOW64\last.dump
2016-09-05 18:07 - 2014-04-22 21:18 - 00000000 ____D C:\Users\čunda\Downloads\rome 1
2016-09-05 16:26 - 2016-09-05 17:33 - 1612176103 _____ C:\Users\čunda\Downloads\Rome-Total-War-CZ-(genrot).rar
2016-09-05 16:15 - 2016-09-05 16:15 - 00003200 _____ C:\WINDOWS\System32\Tasks\{3871AF8C-709B-4770-A3A4-E2BA52556370}
2016-09-05 15:37 - 2016-09-05 16:01 - 581629952 _____ C:\Users\čunda\Downloads\ROME-TOTAL-WAR-DISK-1.ISO
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-09-04 12:43 - 2016-09-04 12:43 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Foxit Software
2016-09-04 12:42 - 2016-09-04 12:42 - 00000000 ____D C:\ProgramData\IntelDLM
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\Downloads\Intel Components
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\AppData\Local\Intel
2016-09-04 12:38 - 2016-09-04 12:38 - 00001243 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.6.lnk
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-09-04 12:38 - 2015-06-04 13:33 - 00021984 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2016-09-04 12:37 - 2016-09-04 12:37 - 07491840 _____ (Intel) C:\Users\čunda\Downloads\Intel Driver Update Utility Installer.exe
2016-09-04 12:37 - 2016-09-04 12:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel
2016-09-03 12:36 - 2016-09-03 12:36 - 00121638 _____ C:\Users\čunda\Downloads\MicrosoftEasyFix20140.mini.diagcab
2016-09-03 11:19 - 2016-09-03 11:19 - 00000010 _____ C:\Users\čunda\Desktop\Nový textový dokument.txt
2016-09-03 09:59 - 2016-09-03 09:59 - 00000000 ____D C:\ProgramData\BlueStacks
2016-09-03 09:58 - 2016-09-03 09:58 - 00000000 ____D C:\Users\čunda\AppData\Roaming\WildTangent
2016-09-02 13:57 - 2016-09-02 15:06 - 855987284 _____ C:\Users\čunda\Downloads\Sicario---Nájemný-vrah---2015-CZ-dabing.avi
2016-09-02 12:30 - 2016-09-02 12:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\CareCenter
2016-09-02 12:28 - 2016-09-02 12:28 - 00000000 ____D C:\Users\čunda\AppData\Roaming\CareCenter
2016-09-01 18:07 - 2016-09-01 18:07 - 00000000 _____ C:\Recovery.txt
2016-09-01 17:05 - 2016-09-19 20:35 - 00000000 ___HD C:\$Windows.~BT
2016-09-01 15:55 - 2016-09-01 18:07 - 00000000 ___HD C:\$SysReset
2016-08-31 16:22 - 2016-09-12 16:10 - 00000000 ____D C:\Users\čunda\AppData\Local\ElevatedDiagnostics
2016-08-30 14:54 - 2016-08-30 14:54 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp0.html
2016-08-30 14:07 - 2016-08-30 14:07 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp2.html
2016-08-30 10:28 - 2016-08-30 10:28 - 00044640 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2016-08-30 10:24 - 2016-08-30 10:24 - 06306272 _____ (AVAST Software) C:\Users\čunda\Downloads\avast_premier_antivirus_setup_online_b0h.exe
2016-08-30 07:48 - 2016-08-30 07:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MUX Global Arkania Episode 3
2016-08-29 23:46 - 2016-08-30 06:22 - 594256970 _____ () C:\Users\čunda\Downloads\MUX Global Arkania Episode 3 (17.03.2016).exe
2016-08-29 15:46 - 2016-08-29 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G4Story_CZ
2016-08-29 15:39 - 2016-08-31 16:56 - 00000000 ____D C:\Program Files (x86)\G4Story_CZ
2016-08-29 15:28 - 2016-08-29 15:35 - 1327986213 _____ (G4Story Studio ) C:\Users\čunda\Downloads\G4Story_CZ.exe
2016-08-28 22:26 - 2016-08-28 22:27 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-08-28 22:19 - 2016-09-10 08:52 - 00000000 ____D C:\Program Files\P4StoryEN
2016-08-25 09:07 - 2015-06-18 09:54 - 00091272 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2016-08-24 19:54 - 2016-08-24 19:55 - 00000000 ____D C:\ProgramData\e384c823-07f7-1
2016-08-24 19:54 - 2016-08-24 19:54 - 00000000 ____D C:\ProgramData\e384c823-4675-0
2016-08-24 13:54 - 2016-08-24 13:55 - 00000000 ____D C:\ProgramData\e384c823-1767-0
2016-08-24 13:54 - 2016-08-24 13:54 - 00000000 ____D C:\ProgramData\e384c823-2dd7-1
2016-08-24 13:42 - 2016-08-24 13:42 - 00000000 ____D C:\Users\Public\Documents\chrome
2016-08-24 12:43 - 2016-09-07 12:43 - 00002464 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-24 12:43 - 2016-08-24 12:43 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Firefox
2016-08-24 12:43 - 2016-08-24 12:43 - 00000000 ____D C:\Users\čunda\AppData\Local\Junetoe
2016-08-24 12:43 - 2016-08-24 12:43 - 00000000 ____D C:\Users\čunda\AppData\Local\Firefox
2016-08-24 12:42 - 2016-09-07 12:43 - 00002385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-24 12:42 - 2016-09-07 12:43 - 00001380 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-24 12:42 - 2016-08-24 12:42 - 00003582 _____ C:\WINDOWS\System32\Tasks\JunetoeUpdateTaskMachineUA
2016-08-24 12:42 - 2016-08-24 12:42 - 00000000 ____D C:\Program Files (x86)\Firefox
2016-08-24 12:41 - 2016-08-24 12:41 - 00000000 ____D C:\WINDOWS\system32\log
2016-08-24 12:41 - 2016-05-23 04:41 - 00055056 _____ (Elex do Brasil Participações Ltda) C:\WINDOWS\system32\Drivers\iSafeKrnlBoot.sys
2016-08-24 12:39 - 2016-09-23 12:41 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-08-24 12:39 - 2016-08-28 16:42 - 00000495 _____ C:\Users\Public\Documents\report1.dat

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-23 18:46 - 2015-08-10 23:25 - 00000424 _____ C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job
2016-09-23 18:43 - 2015-08-10 23:25 - 00000424 _____ C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job
2016-09-23 18:35 - 2016-08-20 13:43 - 00000000 ___HD C:\Program Files (x86)\ydp7C23
2016-09-23 17:43 - 2016-08-06 20:59 - 00000000 ____D C:\Users\čunda\AppData\Local\CrashDumps
2016-09-23 17:31 - 2016-08-17 15:06 - 00000000 ____D C:\Users\čunda
2016-09-23 16:29 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\Host App Service
2016-09-23 16:20 - 2016-08-20 13:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Seznam.cz
2016-09-23 14:14 - 2016-08-23 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
2016-09-23 12:44 - 2015-07-16 05:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-23 11:34 - 2016-04-27 08:54 - 01761358 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-23 11:34 - 2016-04-27 08:11 - 00744960 _____ C:\WINDOWS\system32\perfh005.dat
2016-09-23 11:34 - 2016-04-27 08:11 - 00147258 _____ C:\WINDOWS\system32\perfc005.dat
2016-09-23 11:34 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-23 10:37 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-23 10:31 - 2015-07-16 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-09-23 10:30 - 2016-08-06 08:31 - 00000000 ____D C:\Users\čunda\AppData\Local\clear.fi
2016-09-23 10:27 - 2016-08-17 15:03 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-23 10:27 - 2016-08-06 08:27 - 00000000 __SHD C:\Users\čunda\IntelGraphicsProfiles
2016-09-23 10:18 - 2016-04-27 08:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-23 10:18 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-09-23 08:00 - 2016-08-08 07:05 - 00000000 ____D C:\Users\čunda\AppData\Roaming\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files\AVAST Software
2016-09-22 22:41 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\Packages
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-22 22:38 - 2016-08-06 20:56 - 00000000 ____D C:\Users\čunda\AppData\Roaming\DAEMON Tools Lite
2016-09-22 21:29 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-22 20:26 - 2016-08-23 19:54 - 00000000 ____D C:\ProgramData\e384c823-2b91-1
2016-09-22 20:26 - 2016-08-23 12:43 - 00000000 ____D C:\ProgramData\MwinpM
2016-09-22 20:26 - 2016-08-20 13:49 - 00000000 ____D C:\ProgramData\e384c823-6ec3-1
2016-09-22 20:26 - 2016-08-20 13:49 - 00000000 ____D C:\ProgramData\e384c823-0457-0
2016-09-22 17:31 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-09-22 17:31 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-09-22 17:27 - 2015-07-10 11:05 - 00000000 ____D C:\Users\Default.migrated
2016-09-22 16:10 - 2016-08-20 13:20 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Kingsoft
2016-09-22 15:51 - 2015-08-10 22:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-20 08:24 - 2015-07-16 05:31 - 00000000 ____D C:\Program Files (x86)\Acer
2016-09-19 20:36 - 2016-08-17 15:52 - 00000000 ____D C:\Windows.old
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-16 14:35 - 2016-08-09 13:29 - 00000000 ____D C:\Users\čunda\AppData\Local\Akamai
2016-09-16 13:22 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\WildTangent
2016-09-16 13:22 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-09-16 13:22 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildGames
2016-09-16 06:33 - 2016-08-13 07:48 - 00000000 ____D C:\Games
2016-09-13 13:34 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-13 13:34 - 2015-08-10 22:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-12 23:07 - 2015-08-10 23:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-11 08:02 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\VirtualStore
2016-09-09 18:30 - 2016-08-15 07:28 - 00000000 ____D C:\Users\čunda\AppData\Local\RabanSoft
2016-09-08 21:29 - 2016-08-12 06:09 - 00140600 _____ (AhnLab, Inc.) C:\WINDOWS\system32\Drivers\EagleX64.sys
2016-09-07 03:00 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 03:00 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-04 12:59 - 2015-08-10 22:58 - 00000000 ____D C:\ProgramData\Intel
2016-09-04 12:48 - 2015-08-10 22:58 - 00000000 ____D C:\Program Files (x86)\Intel
2016-09-04 12:45 - 2016-08-17 15:02 - 00000000 ____D C:\Program Files\Intel
2016-09-04 12:24 - 2015-08-10 23:06 - 00000000 ___HD C:\Intel
2016-09-03 13:19 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-03 09:54 - 2015-08-10 23:30 - 00000000 ____D C:\ProgramData\CyberLink
2016-09-03 09:50 - 2016-08-06 21:04 - 00000000 ____D C:\Program Files\Flagship Studios
2016-09-02 12:45 - 2016-08-20 13:43 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-09-02 12:26 - 2016-08-06 08:30 - 00000000 ____D C:\Users\čunda\AppData\Local\CareCenter
2016-09-01 21:07 - 2016-08-17 15:56 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-30 11:04 - 2016-08-17 15:23 - 00003508 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2016-08-30 11:04 - 2015-07-16 06:13 - 00000000 ___HD C:\OEM
2016-08-29 13:08 - 2016-08-17 15:23 - 00005404 _____ C:\WINDOWS\System32\Tasks\Software Update Application
2016-08-29 13:08 - 2016-08-17 15:23 - 00003778 _____ C:\WINDOWS\System32\Tasks\ACC
2016-08-29 13:08 - 2016-08-17 15:23 - 00003060 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2016-08-29 11:49 - 2016-04-26 23:45 - 00194472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-28 22:26 - 2016-08-12 12:37 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2016-08-28 22:26 - 2016-08-11 12:56 - 00000852 _____ C:\Users\Public\Desktop\P4StoryEN.lnk
2016-08-28 22:26 - 2016-08-11 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\P4StoryEN
2016-08-25 12:54 - 2016-08-06 20:44 - 00000000 ____D C:\Users\čunda\Downloads\Hellgate London (CZ)
2016-08-24 19:55 - 2016-08-20 13:58 - 00003882 _____ C:\WINDOWS\System32\Tasks\{27AA665D-379F-0712-1D4A-7BEEC285C919}
2016-08-24 19:55 - 2016-08-20 13:58 - 00000000 ____D C:\ProgramData\6115e571
2016-08-24 12:42 - 2016-08-20 13:43 - 00000000 ____D C:\Program Files (x86)\SoSoEasy

==================== Files in the root of some directories =======

2016-09-17 22:34 - 2016-09-17 22:34 - 1064960 _____ (Dupl3xx) C:\Program Files (x86)\Launcher.exe
2016-09-23 09:39 - 2016-09-23 18:06 - 0007603 _____ () C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-08-17 15:02 - 2016-08-17 15:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-15 05:45 - 2016-08-15 05:45 - 0000016 _____ () C:\ProgramData\mntemp
2016-08-20 13:43 - 2016-08-20 13:43 - 0000197 _____ () C:\ProgramData\Mozilla Firefox.lnk.bat

Files to move or delete:
====================
C:\ProgramData\Mozilla Firefox.lnk.bat


Some files in TEMP:
====================
C:\Users\čunda\AppData\Local\Temp\AOPSetup.exe
C:\Users\čunda\AppData\Local\Temp\libeay32.dll
C:\Users\čunda\AppData\Local\Temp\Microsoft.Win32.TaskScheduler.dll
C:\Users\čunda\AppData\Local\Temp\msvcr120.dll
C:\Users\čunda\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-09-22 00:10

==================== End of FRST.txt ============================

Re: Dns unlocker

Napsal: 24 zář 2016 17:18
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Dns unlocker

Napsal: 24 zář 2016 19:10
od micalinin
Dobry večer stahnul sem AdwCleaner spustil sem sken tady je log před čištěním při kliknutí na čištění začal program neodpovidat.

# AdwCleaner v6.020 - Log soubor vytvořen 24/09/2016 na 19:34:39
# Aktualizováno dne 14/09/2016 z ToolsLib
# Databáze : 2016-09-24.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : čunda - LAPTOP-LCVD3MHM
# Beží od : C:\Users\čunda\Downloads\adwcleaner_6.020.exe
# Mod: Skenování
# Podpora : https://toolslib.net/forum



***** [ Služby ] *****

SLužba nalezena: UCGuard
SLužba nalezena: Amazon 1Button App Service


***** [ Adresáře ] *****

Složka nalezena: C:\ProgramData\6115e571
Složka nalezena: C:\ProgramData\MwinpM
Složka nalezena: C:\Users\čunda\AppData\Local\Host App Service
Složka nalezena: C:\Program Files\Reimage
Složka nalezena: C:\Program Files\DriverSetupUtility
Složka nalezena: C:\ProgramData\DriverSetupUtility
Složka nalezena: C:\Program Files (x86)\Amazon\Amazon1ButtonApp
Složka nalezena: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\Uncheckit
Složka nalezena: C:\Users\čunda\AppData\Local\Host App Service
Složka nalezena: C:\Program Files (x86)\Firefox
Složka nalezena: C:\Users\Default\AppData\Local\Host App Service
Složka nalezena: C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default


***** [ Soubory ] *****

Soubor nalezen: C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
Soubor nalezen: C:\WINDOWS\SysNative\drivers\ucguard.sys
Soubor nalezen: C:\ProgramData\Mozilla Firefox.lnk.bat
Soubor nalezen: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Soubor nalezen: C:\Program Files (x86)\launcher.exe
Soubor nalezen: C:\WINDOWS\Reimage.ini
Soubor nalezen: C:\ProgramData\Mozilla Firefox.lnk.bat
Soubor nalezen: C:\ProgramData\Mozilla Firefox.lnk.bat
Soubor nalezen: C:\Users\Default\Desktop\App Explorer.lnk
Soubor nalezen: C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\extensions\abb@amazon.com.xpi
Soubor nalezen: C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\searchplugins\nice.xml


***** [ DLL ] *****

Nebyly nalezeny žádné škodlivé DLL soubory.


***** [ WMI ] *****

Nebyly nalezeny žádné škodlivé klíče.


***** [ Zástupce ] *****

Žádné infikovaný zástupce nenalezen.


***** [ Plánovač úloh ] *****

Úkol nalezen: App Explorer
Úkol nalezen: ACC
Úkol nalezen: Software Update Application


***** [ Registry ] *****

Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.CRX
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTM
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTML
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.MHT
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTM
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTML
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.WEBP
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHT
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHTML
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.001
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.7z
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.arj
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.bz2
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.bzip2
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.cab
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.cpio
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.deb
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.dmg
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.fat
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.gz
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.gzip
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.hfs
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.iso
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.lha
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.lzh
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.lzma
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.ntfs
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.rar
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.rpm
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.squashfs
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.swm
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.tar
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.taz
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.tbz
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.tbz2
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.tgz
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.tpz
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.txz
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.vhd
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.wim
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.xar
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.xz
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.z
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.zip
Klíč nalezen: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
Klíč nalezen: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
Klíč nalezen: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
Klíč nalezen: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
Klíč nalezen: HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Reimage
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Host App Service
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\INSTALLPATH\STATUS
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\UCBrowser
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\UCBrowserPID
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Klíč nalezen: HKCU\Software\Reimage
Klíč nalezen: HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Klíč nalezen: HKCU\Software\Host App Service
Klíč nalezen: HKCU\Software\INSTALLPATH\STATUS
Klíč nalezen: HKCU\Software\UCBrowser
Klíč nalezen: HKCU\Software\UCBrowserPID
Klíč nalezen: HKLM\SOFTWARE\hdcode
Klíč nalezen: HKLM\SOFTWARE\qkseeSvc
Klíč nalezen: HKLM\SOFTWARE\qksee
Klíč nalezen: HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
Klíč nalezen: HKLM\SOFTWARE\UCBrowser
Klíč nalezen: HKLM\SOFTWARE\UCBrowserPID
Klíč nalezen: HKLM\SOFTWARE\WinZiper
Klíč nalezen: HKLM\SOFTWARE\WinSaberSvc
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}
Klíč nalezen: [x64] HKCU\Software\Reimage
Klíč nalezen: [x64] HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Klíč nalezen: [x64] HKCU\Software\Host App Service
Klíč nalezen: [x64] HKCU\Software\INSTALLPATH\STATUS
Klíč nalezen: [x64] HKCU\Software\UCBrowser
Klíč nalezen: [x64] HKCU\Software\UCBrowserPID
Klíč nalezen: [x64] HKLM\SOFTWARE\Reimage
Klíč nalezen: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Klíč nalezen: HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
Klíč nalezen: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
Klíč nalezen: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0644EE93-D778-472f-A0FF-E1416B8B2E3A}
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0644EE93-D778-472f-A0FF-E1416B8B2E3A}
Klíč nalezen: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0644EE93-D778-472f-A0FF-E1416B8B2E3A}
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mpc.am
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\search.mpc.am
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.it
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mpc.am
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\search.mpc.am
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.it
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.c
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mpc.am
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\search.mpc.am
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.it
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mpc.am
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\search.mpc.am
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.it
Hodnota nalezena: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [apphide]
Hodnota nalezena: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [apphide]
Hodnota nalezena: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [pcspeedup]
Hodnota nalezena: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [PCSpeedUp]
Klíč nalezen: HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
Klíč nalezen: HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
Klíč nalezen: HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
Klíč nalezen: HKLM\SOFTWARE\Clients\StartMenuInternet\UCBrowser
Hodnota nalezena: HKLM\SOFTWARE\RegisteredApplications [UCBrowser]
Klíč nalezen: HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\UCBrowser.exe
Klíč nalezen: HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper


***** [ Internetové prohlížeče ] *****

Firefox nastavení nalezeno: [C:\Users\čunda\AppData\Roaming\Mozilla\Firefox\] - Profile1
Firefox nastavení nalezeno: [C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\prefs.js] - "browser.search.searchengine.iconURL" - "hxxp://www.nicesearches.com/favicon.ico?t=1"
Firefox nastavení nalezeno: [C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\prefs.js] - "browser.search.searchengine.url" - "hxxp://www.nicesearches.com/search.php?type=ds ... wd5000lpvx
Firefox nastavení nalezeno: [C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\prefs.js] - "browser.startup.homepage" - "hxxp://www.mylucky123.com/?type=hp&ts=14746203 ... t0m&from=c
Nebyly nalezeny žádné škodlivé položky prohlížeče Chromium báze.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [25141 Bajtů] - [22/09/2016 23:13:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [15329 Bajtů] - [24/09/2016 19:34:39]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [15404 Bajtů] ##########

Re: Dns unlocker

Napsal: 24 zář 2016 20:21
od Rudy
ADW nemazal, neklikl jste na mazání. Zkuste ještě jednou.

Re: Dns unlocker

Napsal: 24 zář 2016 20:39
od micalinin
Potom co ADW dokončil skenování sem kliknul na čístění a ADW začal Neodpovidat

Re: Dns unlocker

Napsal: 24 zář 2016 21:32
od Rudy
Zkuste to v nouz. režimu.

Re: Dns unlocker

Napsal: 25 zář 2016 07:42
od micalinin
Zdravím tady je log po čištění v nouzovem režimu , (vyskočil na mě po restartu počítače z nouzoveho režimu)

# AdwCleaner v6.020 - Log soubor vytvořen 25/09/2016 na 08:36:01
# Aktualizováno dne 14/09/2016 z ToolsLib
# Databáze : 2016-09-24.1 [Místní]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : čunda - LAPTOP-LCVD3MHM
# Beží od : C:\Users\čunda\Downloads\adwcleaner_6.020.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum



***** [ Služby ] *****

[-] Služby smazány:UCGuard
[-] Služby smazány:Amazon 1Button App Service


***** [ Adresáře ] *****

[-] Adresář smazán:C:\ProgramData\6115e571
[-] Adresář smazán:C:\ProgramData\MwinpM
[-] Adresář smazán:C:\Users\čunda\AppData\Local\Host App Service
[-] Adresář smazán:C:\Program Files\Reimage
[-] Adresář smazán:C:\Program Files\DriverSetupUtility
[-] Adresář smazán:C:\ProgramData\DriverSetupUtility
[-] Adresář smazán:C:\Program Files (x86)\Amazon\Amazon1ButtonApp
[-] Adresář smazán:C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\Uncheckit
[#] Adresář nelze smazat:C:\Users\čunda\AppData\Local\Host App Service
[-] Adresář smazán:C:\Program Files (x86)\Firefox
[-] Adresář smazán:C:\Users\Default\AppData\Local\Host App Service
[-] Adresář smazán:C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default


***** [ Soubory ] *****

[-] Soubor smazán:C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
[-] Soubor smazán:C:\WINDOWS\SysNative\drivers\ucguard.sys
[-] Soubor smazán:C:\ProgramData\Mozilla Firefox.lnk.bat
[-] Soubor smazán:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
[-] Soubor smazán:C:\Program Files (x86)\launcher.exe
[-] Soubor smazán:C:\WINDOWS\Reimage.ini
[#] Soubor smazán:C:\ProgramData\Mozilla Firefox.lnk.bat
[#] Soubor smazán:C:\ProgramData\Mozilla Firefox.lnk.bat
[-] Soubor smazán:C:\Users\Default\Desktop\App Explorer.lnk
[#] Soubor smazán:C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\extensions\abb@amazon.com.xpi
[#] Soubor smazán:C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\searchplugins\nice.xml


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****

[-] Úlohy smazány:App Explorer
[-] Úlohy smazány:ACC
[-] Úlohy smazány:Software Update Application


***** [ Registry ] *****

[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.CRX
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTM
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTML
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.MHT
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTM
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTML
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.WEBP
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHT
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHTML
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.001
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.7z
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.arj
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.bz2
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.bzip2
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.cab
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.cpio
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.deb
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.dmg
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.fat
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.gz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.gzip
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.hfs
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.iso
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.lha
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.lzh
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.lzma
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.ntfs
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.rar
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.rpm
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.squashfs
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.swm
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tar
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.taz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tbz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tbz2
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tgz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tpz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.txz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.vhd
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.wim
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.xar
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.xz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.z
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.zip
[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[#] Klíč smazán po restartování:[x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[#] Klíč smazán po restartování:[x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[-] Klíč smazán:HKLM\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Reimage
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Host App Service
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\INSTALLPATH\STATUS
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\UCBrowser
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\UCBrowserPID
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
[#] Klíč smazán po restartování:HKCU\Software\Reimage
[#] Klíč smazán po restartování:HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[#] Klíč smazán po restartování:HKCU\Software\Host App Service
[#] Klíč smazán po restartování:HKCU\Software\INSTALLPATH\STATUS
[#] Klíč smazán po restartování:HKCU\Software\UCBrowser
[#] Klíč smazán po restartování:HKCU\Software\UCBrowserPID
[-] Klíč smazán:HKLM\SOFTWARE\hdcode
[-] Klíč smazán:HKLM\SOFTWARE\qkseeSvc
[-] Klíč smazán:HKLM\SOFTWARE\qksee
[-] Klíč smazán:HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Klíč smazán:HKLM\SOFTWARE\UCBrowser
[-] Klíč smazán:HKLM\SOFTWARE\UCBrowserPID
[-] Klíč smazán:HKLM\SOFTWARE\WinZiper
[-] Klíč smazán:HKLM\SOFTWARE\WinSaberSvc
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}
[#] Klíč smazán po restartování:[x64] HKCU\Software\Reimage
[#] Klíč smazán po restartování:[x64] HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[#] Klíč smazán po restartování:[x64] HKCU\Software\Host App Service
[#] Klíč smazán po restartování:[x64] HKCU\Software\INSTALLPATH\STATUS
[#] Klíč smazán po restartování:[x64] HKCU\Software\UCBrowser
[#] Klíč smazán po restartování:[x64] HKCU\Software\UCBrowserPID
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Reimage
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0644EE93-D778-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0644EE93-D778-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0644EE93-D778-472f-A0FF-E1416B8B2E3A}
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mpc.am
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\search.mpc.am
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.it
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mpc.am
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\search.mpc.am
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.it
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mpc.am
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\search.mpc.am
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.it
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mpc.am
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\search.mpc.am
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.it
[-] Hodnota smazána:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [apphide]
[-] Hodnota smazána:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [apphide]
[-] Hodnota smazána:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [pcspeedup]
[#] Hodnota smazána po restartování:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [PCSpeedUp]
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
[-] Klíč smazán:HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
[-] Klíč smazán:HKLM\SOFTWARE\Clients\StartMenuInternet\UCBrowser
[-] Hodnota smazána:HKLM\SOFTWARE\RegisteredApplications [UCBrowser]
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\UCBrowser.exe
[-] Klíč smazán:HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper


***** [ Prohlížeče ] *****

[-] Firefox profil vyčištěn:Profile1


*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [15502 Bajtů] - [25/09/2016 08:36:01]
C:\AdwCleaner\AdwCleaner[S0].txt - [15522 Bajtů] - [24/09/2016 21:42:10]
C:\AdwCleaner\AdwCleaner[S1].txt - [15599 Bajtů] - [25/09/2016 08:34:00]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [15727 Bajtů] ##########

Re: Dns unlocker

Napsal: 25 zář 2016 09:34
od micalinin
Tak reklamy zmizely po čistění Adw clearem v nouzovem režimu ale občas to píše Změna sítě nebo se treba vypne hra .

Re: Dns unlocker

Napsal: 25 zář 2016 10:23
od Rudy
Ještě musíme dočistit. Dejte nový log FRST.

Re: Dns unlocker

Napsal: 25 zář 2016 12:01
od micalinin
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-09-2016 02
Ran by čunda (administrator) on LAPTOP-LCVD3MHM (25-09-2016 12:58:30)
Running from C:\Users\čunda\Downloads
Loaded Profiles: čunda & (Available Profiles: čunda)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\ProgramData\UvConverter\UvConverter.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Flexera Software LLC) C:\Users\UNDA~1\AppData\Local\Temp\{71BBB325-2EEC-491E-BC3F-DA3BBAC11BBD}\ISBEW64.exe
(Flexera Software LLC) C:\Users\UNDA~1\AppData\Local\Temp\{71BBB325-2EEC-491E-BC3F-DA3BBAC11BBD}\ISBEW64.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(WildTangent, Inc.) C:\Program Files (x86)\WildGames\Uninstall.exe
(WildTangent, Inc.) C:\ProgramData\uninstall3558290.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
Failed to access process -> metin2client.bin
Failed to access process -> GameMon.des
Failed to access process -> GameMon64.des
(Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: H - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {37fe60c3-5be5-11e6-9bd0-3065ec81dabc} - "E:\Setup.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {9b5c289d-66c4-11e6-b8d2-3065ec81dabc} - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: H - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {37fe60c3-5be5-11e6-9bd0-3065ec81dabc} - "E:\Setup.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9b5c289d-66c4-11e6-b8d2-3065ec81dabc} - "H:\setup\rsrc\Autorun.exe"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{4c05c3ce-f25a-4e64-82c1-5b3eca53fd9e}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{4c05c3ce-f25a-4e64-82c1-5b3eca53fd9e}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{eea7fe2d-21aa-4222-be63-103c86fec1db}: [DhcpNameServer] 82.163.143.171

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544401372&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544420656&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544482462&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544482462&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {1F4F7198-8B19-4F61-B21A-8DBCC5C114E1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {2349977B-D64A-4633-B5FA-7AD1802BE099} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {252FA411-AD31-4A29-918C-C21FC9D9D214} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {32673C6B-27F9-4E97-A68E-43D564E14C45} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {403F17D7-960C-4456-A2D3-E47AD1F43922} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {65F404CD-F576-4A92-927F-F454C5924183} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {C376FE94-E51D-4037-BFAB-34C798E6170F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {EC2C06C7-B9F2-4A54-9BCF-E9C89C6045AB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F154C596-75A9-4028-90E8-9752BD7CA05B} URL =
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F200769B-1323-4202-8BF1-DB7DC7F88909} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {1F4F7198-8B19-4F61-B21A-8DBCC5C114E1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {2349977B-D64A-4633-B5FA-7AD1802BE099} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {252FA411-AD31-4A29-918C-C21FC9D9D214} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {32673C6B-27F9-4E97-A68E-43D564E14C45} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {403F17D7-960C-4456-A2D3-E47AD1F43922} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {65F404CD-F576-4A92-927F-F454C5924183} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {C376FE94-E51D-4037-BFAB-34C798E6170F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {EC2C06C7-B9F2-4A54-9BCF-E9C89C6045AB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {F154C596-75A9-4028-90E8-9752BD7CA05B} URL =
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {F200769B-1323-4202-8BF1-DB7DC7F88909} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=147324502 ... PFH64PFH64

FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage: qudachmupishplalily -> hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w
CHR StartupUrls: qudachmupishplalily -> "hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w"
CHR DefaultSearchURL: qudachmupishplalily -> hxxp://www.nicesearches.com/search.php?type=ds ... earchTerms}
CHR DefaultSearchKeyword: qudachmupishplalily -> nice
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default [2016-09-25]
CHR Extension: (Prezentace Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-20]
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-06]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-06]
CHR Extension: (Seznam Lištička - Email) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-06]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-06]
CHR Extension: (SiteAdvisor) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-08-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-06]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-20]
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily [2016-09-25] <==== ATTENTION
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-20]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-20]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-20]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-20]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
StartMenuInternet: Google Chrome - Chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-07-29] (Disc Soft Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [368552 2016-08-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] ()
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5893272 2016-07-19] (INCA Internet Co., Ltd.)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 UvConverter; C:\ProgramData\UvConverter\UvConverter.exe [336104 2016-09-23] ()
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-08-17] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2016-08-30] (The OpenVPN Project)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-06] (Disc Soft Ltd)
U3 dump_wmimmc; C:\Program Files (x86)\Metin2\GameGuard\dump_wmimmc.sys [196912 2016-09-25] ()
S3 EagleX64; C:\Windows\system32\drivers\EagleX64.sys [140600 2016-09-08] (AhnLab, Inc.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-09-22] ()
S3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [41984 2015-06-03] (Intel(R) Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [345872 2016-05-26] (Intel Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5759240 2016-08-06] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-25] (Malwarebytes)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3528976 2016-06-14] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [47784 2015-05-27] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [36904 2016-08-11] (Wellbia.com Co., Ltd.)
U0 aswVmm; no ImagePath
S3 RTSUER; \SystemRoot\system32\Drivers\RtsUer.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-25 12:58 - 2016-09-25 12:58 - 00000000 ____D C:\Users\čunda\Downloads\FRST-OlderVersion
2016-09-25 09:59 - 2014-04-17 00:08 - 00658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall3558290.exe
2016-09-25 09:52 - 2016-09-25 09:52 - 00003294 _____ C:\WINDOWS\System32\Tasks\{AF6D9DA6-7772-4F89-9D63-08887B4C6B7B}
2016-09-25 09:49 - 2014-04-17 00:08 - 00658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2942882.exe
2016-09-25 08:41 - 2016-09-25 08:41 - 00003388 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2016-09-25 08:29 - 2016-09-25 08:36 - 00189502 _____ C:\WINDOWS\ntbtlog.txt
2016-09-25 08:29 - 2016-09-25 08:29 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-09-24 21:33 - 2016-09-24 21:34 - 03861056 _____ C:\Users\čunda\Downloads\adwcleaner_6.020.exe
2016-09-24 21:23 - 2016-09-24 21:29 - 00000000 ____D C:\WINDOWS\Minidump
2016-09-24 21:04 - 2016-09-24 21:04 - 00034154 _____ C:\Users\čunda\Documents\cc_20160924_210419.reg
2016-09-24 20:30 - 2016-09-24 20:30 - 00000952 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-24 20:29 - 2016-09-24 20:30 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-09-24 20:29 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-24 20:29 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-24 20:29 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-24 20:24 - 2016-09-25 08:36 - 00000000 ____D C:\AdwCleaner
2016-09-24 19:42 - 2016-09-24 19:42 - 00015600 _____ C:\Users\čunda\Documents\AdwCleaner[S1].txt
2016-09-24 19:41 - 2016-09-24 19:41 - 00025144 _____ C:\Users\čunda\Documents\AdwCleaner[S0].txt
2016-09-23 22:24 - 2016-09-23 22:24 - 00001137 _____ C:\Users\čunda\Desktop\tadik.txt
2016-09-23 21:31 - 2016-09-25 08:56 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-23 21:29 - 2016-09-23 21:29 - 00000020 ___SH C:\Users\čunda\ntuser.ini
2016-09-23 19:20 - 2016-09-23 19:22 - 00026097 _____ C:\Users\čunda\Downloads\Addition.txt
2016-09-23 19:17 - 2016-09-25 12:58 - 00026550 _____ C:\Users\čunda\Downloads\FRST.txt
2016-09-23 19:17 - 2016-09-25 12:58 - 00000000 ____D C:\FRST
2016-09-23 19:16 - 2016-09-25 12:58 - 02402816 _____ (Farbar) C:\Users\čunda\Downloads\FRST64.exe
2016-09-23 18:33 - 2016-09-24 21:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-23 18:33 - 2016-09-23 18:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-23 18:25 - 2016-09-23 18:32 - 22851472 _____ (Malwarebytes ) C:\Users\čunda\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-23 11:19 - 2016-07-27 21:25 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-09-23 10:45 - 2016-09-23 10:45 - 00000000 ____D C:\ProgramData\UvConverter
2016-09-23 10:12 - 2016-09-23 10:13 - 34739208 _____ C:\Users\čunda\Downloads\Nepotvrzeno 715697.crdownload
2016-09-23 09:39 - 2016-09-23 18:06 - 00007603 _____ C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-09-22 23:05 - 2016-09-22 23:06 - 03861056 _____ C:\Users\čunda\Downloads\adwcleaner.exe
2016-09-22 23:05 - 2015-03-09 12:26 - 00019768 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
2016-09-22 23:05 - 2011-04-21 11:31 - 00017240 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg.sys
2016-09-22 23:03 - 2016-09-22 23:04 - 34739208 _____ C:\Users\čunda\Downloads\se-setup.exe
2016-09-22 22:56 - 2008-06-11 16:16 - 00001287 _____ C:\Users\čunda\Downloads\Přečti si!.txt
2016-09-22 22:55 - 2016-09-22 22:55 - 00234343 _____ C:\Users\čunda\Downloads\SUPERAntiSpyware4151000cz.zip
2016-09-22 22:52 - 2016-09-22 22:52 - 00000282 _____ C:\Users\čunda\Documents\cc_20160922_225210.reg
2016-09-22 22:51 - 2016-09-22 22:51 - 00004846 _____ C:\Users\čunda\Documents\cc_20160922_225122.reg
2016-09-22 22:40 - 2016-09-22 22:40 - 00179682 _____ C:\Users\čunda\Documents\cc_20160922_224017.reg
2016-09-22 22:35 - 2016-09-24 08:06 - 00000911 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-22 22:35 - 2016-09-22 22:35 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\Program Files\CCleaner
2016-09-22 22:34 - 2016-09-22 22:35 - 08244656 _____ (Piriform Ltd) C:\Users\čunda\Downloads\ccsetup522.exe
2016-09-22 22:33 - 2016-09-22 22:36 - 00000000 ____D C:\ProgramData\Avg
2016-09-22 22:32 - 2016-09-22 22:36 - 00000000 ____D C:\Users\čunda\AppData\Local\AvgSetupLog
2016-09-22 22:32 - 2016-09-22 22:32 - 02945520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\čunda\Downloads\AVG_Antivirus_Free_1425.exe
2016-09-22 22:32 - 2016-09-22 22:32 - 00000000 ____D C:\Users\čunda\AppData\Local\Avg
2016-09-22 18:44 - 2016-09-22 22:30 - 00004020 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1474562663
2016-09-22 16:59 - 2016-09-22 17:11 - 00000000 ____D C:\Program Files (x86)\pack
2016-09-22 16:59 - 2016-09-22 16:59 - 00000000 ____D C:\Program Files (x86)\lib
2016-09-22 16:54 - 2016-09-22 16:54 - 00000118 _____ C:\Users\čunda\Downloads\startmetin2.bat
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\python22.dll
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\nastaveni.exe
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\clientversion.txt
2016-09-22 16:31 - 2016-09-22 16:31 - 00000000 _____ C:\autoexec.bat
2016-09-22 16:27 - 2016-09-22 16:27 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-09-22 16:26 - 2016-09-22 16:26 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\čunda\Downloads\SpyHunter-Installer.exe
2016-09-22 16:09 - 2016-09-25 09:48 - 00000000 ____D C:\Users\čunda\AppData\Local\kingsoft
2016-09-22 15:47 - 2016-09-22 15:48 - 02373640 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x64.exe
2016-09-22 15:25 - 2016-09-22 15:25 - 00000000 ____D C:\Program Files\Kazrog LLC
2016-09-22 13:53 - 2016-09-22 15:22 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\quadcorem2-instalator.exe
2016-09-20 23:32 - 2016-09-21 00:18 - 00000000 ____D C:\Users\čunda\Downloads\Nová složka
2016-09-20 23:29 - 2016-09-20 23:29 - 00009922 _____ C:\Users\čunda\Downloads\fishingbot_1.2.rar
2016-09-17 23:10 - 2016-09-24 08:06 - 00001056 _____ C:\Users\Public\Desktop\Metin2.lnk
2016-09-17 23:10 - 2016-09-17 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2
2016-09-17 23:08 - 2016-09-25 11:53 - 00000000 ____D C:\Program Files (x86)\Metin2
2016-09-17 22:51 - 2016-09-22 16:54 - 00000000 ____D C:\Users\čunda\Downloads\pack
2016-09-17 22:51 - 2016-09-17 22:51 - 00000000 ____D C:\Users\čunda\Downloads\lib
2016-09-17 22:44 - 2016-09-17 23:07 - 720572809 _____ (Gameforge 4D GmbH ) C:\Users\čunda\Downloads\Metin2_cz_20111216.exe
2016-09-17 22:44 - 2016-09-17 22:44 - 00339609 _____ (Gameforge 4D ) C:\Users\čunda\Downloads\Downloader_Metin2_cz.exe
2016-09-17 22:43 - 2016-09-17 22:43 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\MSBuild
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-17 22:39 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:31 - 2016-09-17 22:31 - 02869264 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx35setup.exe
2016-09-17 22:04 - 2016-09-22 13:23 - 00000000 ____D C:\Kazrog LLC
2016-09-17 22:03 - 2016-09-23 17:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Quadcore
2016-09-17 21:03 - 2016-09-17 22:02 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\QuadcoreM2_instalator.exe
2016-09-17 18:43 - 2016-09-24 08:06 - 00000961 _____ C:\Users\Public\Desktop\Gameforge Live.lnk
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Users\čunda\AppData\Local\Gameforge4d
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Program Files\GameforgeLive
2016-09-17 18:05 - 2016-09-17 18:06 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup (1).exe
2016-09-16 13:16 - 2016-09-24 21:10 - 00002420 _____ C:\WINDOWS\System32\Tasks\{FA59C3EB-B5C8-49EA-99E7-B29317B79F49}
2016-09-15 22:48 - 2016-09-16 06:18 - 00000000 ____D C:\Program Files\Plumbytes Software
2016-09-13 21:15 - 2016-09-13 21:15 - 00000000 ____D C:\Users\čunda\AppData\Local\Tejkys
2016-09-13 19:55 - 2016-09-24 07:54 - 00000000 ____D C:\Users\čunda\Downloads\SpaceWorld
2016-09-11 08:26 - 2016-07-19 09:54 - 05893272 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\GameMon.des
2016-09-11 08:26 - 2004-12-30 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\npptNT2.sys
2016-09-11 08:26 - 2003-07-15 23:17 - 00005174 _____ C:\WINDOWS\SysWOW64\nppt9x.vxd
2016-09-11 08:25 - 2016-09-11 08:25 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2016-09-11 00:55 - 2016-09-22 17:27 - 00000000 ____D C:\Users\�unda
2016-09-11 00:55 - 2016-09-17 18:00 - 00000000 ____D C:\Users\�unda\Downloads\Gameforge Live
2016-09-11 00:54 - 2016-09-17 18:42 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2016-09-11 00:53 - 2016-09-11 00:54 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup.exe
2016-09-10 20:44 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-09-10 20:31 - 2016-09-10 20:31 - 00000000 ____D C:\Users\Public\Documents\Arc
2016-09-10 20:29 - 2016-08-20 01:16 - 10828376 _____ (Perfect World Entertainment) C:\Users\čunda\Downloads\ArcInstall_NW_v20160818a.exe
2016-09-10 09:46 - 2016-09-10 09:46 - 00875472 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\msvcr110.dll
2016-09-10 09:42 - 2016-09-10 09:42 - 00000000 ____D C:\Users\čunda\Downloads\d3dx9_43
2016-09-10 09:42 - 2010-06-14 14:26 - 01998168 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\D3DX9_43.dll
2016-09-10 09:15 - 2016-09-10 09:18 - 849671643 _____ C:\Users\čunda\Downloads\MuLegend S6ep3.rar
2016-09-08 23:46 - 2016-09-09 15:38 - 00000000 __SHD C:\Users\čunda\AppData\Local\.#
2016-09-08 23:21 - 2016-09-08 23:21 - 730915713 _____ C:\Users\čunda\Downloads\Dragon Mu Season 6 v3.5 Sonido & Musica On.rar
2016-09-08 22:26 - 2016-09-08 22:30 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86 (1).exe
2016-09-08 18:24 - 2016-09-25 10:01 - 00000000 ____D C:\Program Files (x86)\TitanMu.net Season 10Ep3
2016-09-07 15:00 - 2016-09-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrimeMu
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73254359.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247734.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247562.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000378 _____ C:\WINDOWS\SysWOW64\data.bin
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223750.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223609.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73222312.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\en_73221375.html
2016-09-06 18:59 - 2016-09-06 20:03 - 775166660 _____ C:\Users\čunda\Downloads\Žena-v-kleci-(2013)-CZ-Dabing.avi
2016-09-06 18:25 - 2016-09-06 18:25 - 00000000 ____D C:\ProgramData\Sun
2016-09-06 18:24 - 2016-09-22 17:38 - 00000351 _____ C:\Users\Public\Documents\temp.dat
2016-09-06 16:33 - 2016-09-06 16:33 - 00889416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx40_Full_setup.exe
2016-09-06 16:20 - 2016-09-06 16:20 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86.exe
2016-09-06 12:35 - 2016-09-06 13:07 - 00000000 ____D C:\Users\čunda\Desktop\Dorty na facebook
2016-09-06 12:30 - 2016-09-07 20:41 - 00000000 _____ C:\WINDOWS\SysWOW64\last.dump
2016-09-05 18:07 - 2014-04-22 21:18 - 00000000 ____D C:\Users\čunda\Downloads\rome 1
2016-09-05 16:26 - 2016-09-05 17:33 - 1612176103 _____ C:\Users\čunda\Downloads\Rome-Total-War-CZ-(genrot).rar
2016-09-05 16:15 - 2016-09-05 16:15 - 00003200 _____ C:\WINDOWS\System32\Tasks\{3871AF8C-709B-4770-A3A4-E2BA52556370}
2016-09-05 15:37 - 2016-09-05 16:01 - 581629952 _____ C:\Users\čunda\Downloads\ROME-TOTAL-WAR-DISK-1.ISO
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-09-04 12:43 - 2016-09-04 12:43 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Foxit Software
2016-09-04 12:42 - 2016-09-04 12:42 - 00000000 ____D C:\ProgramData\IntelDLM
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\Downloads\Intel Components
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\AppData\Local\Intel
2016-09-04 12:38 - 2016-09-24 08:06 - 00001243 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.6.lnk
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-09-04 12:38 - 2015-06-04 13:33 - 00021984 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2016-09-04 12:37 - 2016-09-04 12:37 - 07491840 _____ (Intel) C:\Users\čunda\Downloads\Intel Driver Update Utility Installer.exe
2016-09-04 12:37 - 2016-09-04 12:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel
2016-09-03 12:36 - 2016-09-03 12:36 - 00121638 _____ C:\Users\čunda\Downloads\MicrosoftEasyFix20140.mini.diagcab
2016-09-03 11:19 - 2016-09-03 11:19 - 00000010 _____ C:\Users\čunda\Desktop\Nový textový dokument.txt
2016-09-03 09:59 - 2016-09-03 09:59 - 00000000 ____D C:\ProgramData\BlueStacks
2016-09-03 09:58 - 2016-09-03 09:58 - 00000000 ____D C:\Users\čunda\AppData\Roaming\WildTangent
2016-09-02 13:57 - 2016-09-02 15:06 - 855987284 _____ C:\Users\čunda\Downloads\Sicario---Nájemný-vrah---2015-CZ-dabing.avi
2016-09-02 12:30 - 2016-09-02 12:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\CareCenter
2016-09-02 12:28 - 2016-09-02 12:28 - 00000000 ____D C:\Users\čunda\AppData\Roaming\CareCenter
2016-09-01 18:07 - 2016-09-01 18:07 - 00000000 _____ C:\Recovery.txt
2016-09-01 17:05 - 2016-09-19 20:35 - 00000000 ___HD C:\$Windows.~BT
2016-09-01 15:55 - 2016-09-01 18:07 - 00000000 ___HD C:\$SysReset
2016-08-31 16:22 - 2016-09-12 16:10 - 00000000 ____D C:\Users\čunda\AppData\Local\ElevatedDiagnostics
2016-08-30 14:54 - 2016-08-30 14:54 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp0.html
2016-08-30 14:07 - 2016-08-30 14:07 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp2.html
2016-08-30 10:28 - 2016-08-30 10:28 - 00044640 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2016-08-30 10:24 - 2016-08-30 10:24 - 06306272 _____ (AVAST Software) C:\Users\čunda\Downloads\avast_premier_antivirus_setup_online_b0h.exe
2016-08-30 07:48 - 2016-08-30 07:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MUX Global Arkania Episode 3
2016-08-29 23:46 - 2016-08-30 06:22 - 594256970 _____ () C:\Users\čunda\Downloads\MUX Global Arkania Episode 3 (17.03.2016).exe
2016-08-29 15:46 - 2016-08-29 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G4Story_CZ
2016-08-29 15:39 - 2016-08-31 16:56 - 00000000 ____D C:\Program Files (x86)\G4Story_CZ
2016-08-29 15:28 - 2016-08-29 15:35 - 1327986213 _____ (G4Story Studio ) C:\Users\čunda\Downloads\G4Story_CZ.exe
2016-08-28 22:26 - 2016-08-28 22:27 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-08-28 22:19 - 2016-09-10 08:52 - 00000000 ____D C:\Program Files\P4StoryEN

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-25 11:08 - 2016-08-06 20:59 - 00000000 ____D C:\Users\čunda\AppData\Local\CrashDumps
2016-09-25 09:51 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-25 09:51 - 2015-08-10 23:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-25 09:51 - 2015-08-10 23:00 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildGames
2016-09-25 09:44 - 2016-08-17 15:03 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-09-25 09:34 - 2016-08-20 13:20 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Kingsoft
2016-09-25 08:59 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-25 08:41 - 2015-07-16 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-09-25 08:40 - 2016-08-06 08:31 - 00000000 ____D C:\Users\čunda\AppData\Local\clear.fi
2016-09-25 08:38 - 2016-08-17 15:03 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-25 08:38 - 2016-08-06 08:27 - 00000000 __SHD C:\Users\čunda\IntelGraphicsProfiles
2016-09-25 08:37 - 2016-04-27 08:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-25 08:36 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-09-25 08:35 - 2016-08-24 12:41 - 00000000 ____D C:\WINDOWS\system32\log
2016-09-25 08:34 - 2015-08-10 23:23 - 00000000 ____D C:\Program Files (x86)\Amazon
2016-09-25 08:26 - 2016-08-17 15:06 - 00000000 ____D C:\Users\čunda
2016-09-24 22:05 - 2016-08-20 13:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Seznam.cz
2016-09-24 08:07 - 2016-08-06 08:32 - 00002395 _____ C:\Users\čunda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-24 08:07 - 2015-10-30 09:18 - 00000853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2016-09-24 08:06 - 2016-08-24 12:43 - 00002542 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-24 08:06 - 2016-08-24 12:42 - 00002280 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-24 08:06 - 2016-08-11 12:56 - 00000896 _____ C:\Users\Public\Desktop\P4StoryEN.lnk
2016-09-24 08:06 - 2016-08-06 20:56 - 00001862 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-09-24 07:55 - 2016-04-27 08:43 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-23 23:16 - 2016-08-24 12:42 - 00002385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-23 23:16 - 2016-08-17 15:13 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk
2016-09-23 23:16 - 2015-10-30 09:18 - 00001590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
2016-09-23 23:16 - 2015-10-30 09:17 - 00002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk
2016-09-23 18:35 - 2016-08-20 13:43 - 00000000 ___HD C:\Program Files (x86)\ydp7C23
2016-09-23 12:41 - 2016-08-24 12:39 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-09-23 11:34 - 2016-04-27 08:54 - 01761358 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-23 11:34 - 2016-04-27 08:11 - 00744960 _____ C:\WINDOWS\system32\perfh005.dat
2016-09-23 11:34 - 2016-04-27 08:11 - 00147258 _____ C:\WINDOWS\system32\perfc005.dat
2016-09-23 08:00 - 2016-08-08 07:05 - 00000000 ____D C:\Users\čunda\AppData\Roaming\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files\AVAST Software
2016-09-22 22:41 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\Packages
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-22 22:38 - 2016-08-06 20:56 - 00000000 ____D C:\Users\čunda\AppData\Roaming\DAEMON Tools Lite
2016-09-22 21:29 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-22 17:31 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-09-22 17:31 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-09-22 17:27 - 2015-07-10 11:05 - 00000000 ____D C:\Users\Default.migrated
2016-09-22 15:51 - 2015-08-10 22:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-20 08:24 - 2015-07-16 05:31 - 00000000 ____D C:\Program Files (x86)\Acer
2016-09-19 20:36 - 2016-08-17 15:52 - 00000000 ____D C:\Windows.old
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-16 14:35 - 2016-08-09 13:29 - 00000000 ____D C:\Users\čunda\AppData\Local\Akamai
2016-09-16 13:22 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\WildTangent
2016-09-16 06:33 - 2016-08-13 07:48 - 00000000 ____D C:\Games
2016-09-13 13:34 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-13 13:34 - 2015-08-10 22:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-11 08:02 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\VirtualStore
2016-09-09 18:30 - 2016-08-15 07:28 - 00000000 ____D C:\Users\čunda\AppData\Local\RabanSoft
2016-09-08 21:29 - 2016-08-12 06:09 - 00140600 _____ (AhnLab, Inc.) C:\WINDOWS\system32\Drivers\EagleX64.sys
2016-09-07 03:00 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 03:00 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-04 12:59 - 2015-08-10 22:58 - 00000000 ____D C:\ProgramData\Intel
2016-09-04 12:48 - 2015-08-10 22:58 - 00000000 ____D C:\Program Files (x86)\Intel
2016-09-04 12:45 - 2016-08-17 15:02 - 00000000 ____D C:\Program Files\Intel
2016-09-04 12:24 - 2015-08-10 23:06 - 00000000 ___HD C:\Intel
2016-09-03 13:19 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-03 09:54 - 2015-08-10 23:30 - 00000000 ____D C:\ProgramData\CyberLink
2016-09-03 09:50 - 2016-08-06 21:04 - 00000000 ____D C:\Program Files\Flagship Studios
2016-09-02 12:26 - 2016-08-06 08:30 - 00000000 ____D C:\Users\čunda\AppData\Local\CareCenter
2016-09-01 21:07 - 2016-08-17 15:56 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-30 11:04 - 2016-08-17 15:23 - 00003508 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2016-08-30 11:04 - 2015-07-16 06:13 - 00000000 ___HD C:\OEM
2016-08-29 13:08 - 2016-08-17 15:23 - 00003060 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2016-08-29 11:49 - 2016-04-26 23:45 - 00194472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-28 22:26 - 2016-08-12 12:37 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2016-08-28 22:26 - 2016-08-11 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\P4StoryEN
2016-08-28 16:42 - 2016-08-24 12:39 - 00000495 _____ C:\Users\Public\Documents\report1.dat

==================== Files in the root of some directories =======

2016-09-23 09:39 - 2016-09-23 18:06 - 0007603 _____ () C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-08-17 15:02 - 2016-08-17 15:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-15 05:45 - 2016-08-15 05:45 - 0000016 _____ () C:\ProgramData\mntemp
2016-09-25 09:49 - 2014-04-17 00:08 - 0658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2942882.exe
2016-09-25 09:59 - 2014-04-17 00:08 - 0658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall3558290.exe

Files to move or delete:
====================
C:\ProgramData\uninstall2942882.exe
C:\ProgramData\uninstall3558290.exe


Some files in TEMP:
====================
C:\Users\čunda\AppData\Local\Temp\libeay32.dll

Re: Dns unlocker

Napsal: 25 zář 2016 12:16
od Rudy
Log není kompletní.

Re: Dns unlocker

Napsal: 25 zář 2016 12:44
od micalinin
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-09-2016 02
Ran by čunda (administrator) on LAPTOP-LCVD3MHM (25-09-2016 13:42:42)
Running from C:\Users\čunda\Downloads
Loaded Profiles: čunda & (Available Profiles: čunda)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\ProgramData\UvConverter\UvConverter.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Flexera Software LLC) C:\Users\UNDA~1\AppData\Local\Temp\{71BBB325-2EEC-491E-BC3F-DA3BBAC11BBD}\ISBEW64.exe
(Flexera Software LLC) C:\Users\UNDA~1\AppData\Local\Temp\{71BBB325-2EEC-491E-BC3F-DA3BBAC11BBD}\ISBEW64.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(WildTangent, Inc.) C:\Program Files (x86)\WildGames\Uninstall.exe
(WildTangent, Inc.) C:\ProgramData\uninstall3558290.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin
(INCA Internet Co., Ltd.) C:\Program Files (x86)\Metin2\GameGuard\GameMon.des
(INCA Internet Co., Ltd.) C:\Program Files (x86)\Metin2\GameGuard\GameMon64.des
(Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: H - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {37fe60c3-5be5-11e6-9bd0-3065ec81dabc} - "E:\Setup.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {9b5c289d-66c4-11e6-b8d2-3065ec81dabc} - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: H - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {37fe60c3-5be5-11e6-9bd0-3065ec81dabc} - "E:\Setup.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9b5c289d-66c4-11e6-b8d2-3065ec81dabc} - "H:\setup\rsrc\Autorun.exe"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{4c05c3ce-f25a-4e64-82c1-5b3eca53fd9e}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{4c05c3ce-f25a-4e64-82c1-5b3eca53fd9e}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{eea7fe2d-21aa-4222-be63-103c86fec1db}: [DhcpNameServer] 82.163.143.171

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544401372&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544420656&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544482462&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544482462&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {1F4F7198-8B19-4F61-B21A-8DBCC5C114E1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {2349977B-D64A-4633-B5FA-7AD1802BE099} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {252FA411-AD31-4A29-918C-C21FC9D9D214} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {32673C6B-27F9-4E97-A68E-43D564E14C45} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {403F17D7-960C-4456-A2D3-E47AD1F43922} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {65F404CD-F576-4A92-927F-F454C5924183} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {C376FE94-E51D-4037-BFAB-34C798E6170F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {EC2C06C7-B9F2-4A54-9BCF-E9C89C6045AB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F154C596-75A9-4028-90E8-9752BD7CA05B} URL =
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F200769B-1323-4202-8BF1-DB7DC7F88909} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {1F4F7198-8B19-4F61-B21A-8DBCC5C114E1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {2349977B-D64A-4633-B5FA-7AD1802BE099} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {252FA411-AD31-4A29-918C-C21FC9D9D214} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {32673C6B-27F9-4E97-A68E-43D564E14C45} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {403F17D7-960C-4456-A2D3-E47AD1F43922} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {65F404CD-F576-4A92-927F-F454C5924183} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {C376FE94-E51D-4037-BFAB-34C798E6170F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {EC2C06C7-B9F2-4A54-9BCF-E9C89C6045AB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {F154C596-75A9-4028-90E8-9752BD7CA05B} URL =
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {F200769B-1323-4202-8BF1-DB7DC7F88909} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=147324502 ... PFH64PFH64

FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage: qudachmupishplalily -> hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w
CHR StartupUrls: qudachmupishplalily -> "hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w"
CHR DefaultSearchURL: qudachmupishplalily -> hxxp://www.nicesearches.com/search.php?type=ds ... earchTerms}
CHR DefaultSearchKeyword: qudachmupishplalily -> nice
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default [2016-09-25]
CHR Extension: (Prezentace Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-20]
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-06]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-06]
CHR Extension: (Seznam Lištička - Email) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-06]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-06]
CHR Extension: (SiteAdvisor) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-08-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-06]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-20]
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily [2016-09-25] <==== ATTENTION
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-20]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-20]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-20]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-20]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
StartMenuInternet: Google Chrome - Chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-07-29] (Disc Soft Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [368552 2016-08-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] ()
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5893272 2016-07-19] (INCA Internet Co., Ltd.)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 UvConverter; C:\ProgramData\UvConverter\UvConverter.exe [336104 2016-09-23] ()
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-08-17] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2016-08-30] (The OpenVPN Project)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-06] (Disc Soft Ltd)
U3 dump_wmimmc; C:\Program Files (x86)\Metin2\GameGuard\dump_wmimmc.sys [196912 2016-09-25] ()
S3 EagleX64; C:\Windows\system32\drivers\EagleX64.sys [140600 2016-09-08] (AhnLab, Inc.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-09-22] ()
S3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [41984 2015-06-03] (Intel(R) Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [345872 2016-05-26] (Intel Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5759240 2016-08-06] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-25] (Malwarebytes)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3528976 2016-06-14] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [47784 2015-05-27] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [36904 2016-08-11] (Wellbia.com Co., Ltd.)
U0 aswVmm; no ImagePath
S3 RTSUER; \SystemRoot\system32\Drivers\RtsUer.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-25 12:58 - 2016-09-25 12:58 - 00000000 ____D C:\Users\čunda\Downloads\FRST-OlderVersion
2016-09-25 09:59 - 2014-04-17 00:08 - 00658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall3558290.exe
2016-09-25 09:52 - 2016-09-25 09:52 - 00003294 _____ C:\WINDOWS\System32\Tasks\{AF6D9DA6-7772-4F89-9D63-08887B4C6B7B}
2016-09-25 09:49 - 2014-04-17 00:08 - 00658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2942882.exe
2016-09-25 08:41 - 2016-09-25 08:41 - 00003388 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2016-09-25 08:29 - 2016-09-25 08:36 - 00189502 _____ C:\WINDOWS\ntbtlog.txt
2016-09-25 08:29 - 2016-09-25 08:29 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-09-24 21:33 - 2016-09-24 21:34 - 03861056 _____ C:\Users\čunda\Downloads\adwcleaner_6.020.exe
2016-09-24 21:23 - 2016-09-24 21:29 - 00000000 ____D C:\WINDOWS\Minidump
2016-09-24 21:04 - 2016-09-24 21:04 - 00034154 _____ C:\Users\čunda\Documents\cc_20160924_210419.reg
2016-09-24 20:30 - 2016-09-24 20:30 - 00000952 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-24 20:29 - 2016-09-24 20:30 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-09-24 20:29 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-24 20:29 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-24 20:29 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-24 20:24 - 2016-09-25 08:36 - 00000000 ____D C:\AdwCleaner
2016-09-24 19:42 - 2016-09-24 19:42 - 00015600 _____ C:\Users\čunda\Documents\AdwCleaner[S1].txt
2016-09-24 19:41 - 2016-09-24 19:41 - 00025144 _____ C:\Users\čunda\Documents\AdwCleaner[S0].txt
2016-09-23 22:24 - 2016-09-23 22:24 - 00001137 _____ C:\Users\čunda\Desktop\tadik.txt
2016-09-23 21:31 - 2016-09-25 08:56 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-23 21:29 - 2016-09-23 21:29 - 00000020 ___SH C:\Users\čunda\ntuser.ini
2016-09-23 19:20 - 2016-09-23 19:22 - 00026097 _____ C:\Users\čunda\Downloads\Addition.txt
2016-09-23 19:17 - 2016-09-25 13:42 - 00026763 _____ C:\Users\čunda\Downloads\FRST.txt
2016-09-23 19:17 - 2016-09-25 13:42 - 00000000 ____D C:\FRST
2016-09-23 19:16 - 2016-09-25 12:58 - 02402816 _____ (Farbar) C:\Users\čunda\Downloads\FRST64.exe
2016-09-23 18:33 - 2016-09-24 21:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-23 18:33 - 2016-09-23 18:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-23 18:25 - 2016-09-23 18:32 - 22851472 _____ (Malwarebytes ) C:\Users\čunda\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-23 11:19 - 2016-07-27 21:25 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-09-23 10:45 - 2016-09-23 10:45 - 00000000 ____D C:\ProgramData\UvConverter
2016-09-23 10:12 - 2016-09-23 10:13 - 34739208 _____ C:\Users\čunda\Downloads\Nepotvrzeno 715697.crdownload
2016-09-23 09:39 - 2016-09-23 18:06 - 00007603 _____ C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-09-22 23:05 - 2016-09-22 23:06 - 03861056 _____ C:\Users\čunda\Downloads\adwcleaner.exe
2016-09-22 23:05 - 2015-03-09 12:26 - 00019768 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
2016-09-22 23:05 - 2011-04-21 11:31 - 00017240 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg.sys
2016-09-22 23:03 - 2016-09-22 23:04 - 34739208 _____ C:\Users\čunda\Downloads\se-setup.exe
2016-09-22 22:56 - 2008-06-11 16:16 - 00001287 _____ C:\Users\čunda\Downloads\Přečti si!.txt
2016-09-22 22:55 - 2016-09-22 22:55 - 00234343 _____ C:\Users\čunda\Downloads\SUPERAntiSpyware4151000cz.zip
2016-09-22 22:52 - 2016-09-22 22:52 - 00000282 _____ C:\Users\čunda\Documents\cc_20160922_225210.reg
2016-09-22 22:51 - 2016-09-22 22:51 - 00004846 _____ C:\Users\čunda\Documents\cc_20160922_225122.reg
2016-09-22 22:40 - 2016-09-22 22:40 - 00179682 _____ C:\Users\čunda\Documents\cc_20160922_224017.reg
2016-09-22 22:35 - 2016-09-24 08:06 - 00000911 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-22 22:35 - 2016-09-22 22:35 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\Program Files\CCleaner
2016-09-22 22:34 - 2016-09-22 22:35 - 08244656 _____ (Piriform Ltd) C:\Users\čunda\Downloads\ccsetup522.exe
2016-09-22 22:33 - 2016-09-22 22:36 - 00000000 ____D C:\ProgramData\Avg
2016-09-22 22:32 - 2016-09-22 22:36 - 00000000 ____D C:\Users\čunda\AppData\Local\AvgSetupLog
2016-09-22 22:32 - 2016-09-22 22:32 - 02945520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\čunda\Downloads\AVG_Antivirus_Free_1425.exe
2016-09-22 22:32 - 2016-09-22 22:32 - 00000000 ____D C:\Users\čunda\AppData\Local\Avg
2016-09-22 18:44 - 2016-09-22 22:30 - 00004020 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1474562663
2016-09-22 16:59 - 2016-09-22 17:11 - 00000000 ____D C:\Program Files (x86)\pack
2016-09-22 16:59 - 2016-09-22 16:59 - 00000000 ____D C:\Program Files (x86)\lib
2016-09-22 16:54 - 2016-09-22 16:54 - 00000118 _____ C:\Users\čunda\Downloads\startmetin2.bat
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\python22.dll
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\nastaveni.exe
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\clientversion.txt
2016-09-22 16:31 - 2016-09-22 16:31 - 00000000 _____ C:\autoexec.bat
2016-09-22 16:27 - 2016-09-22 16:27 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-09-22 16:26 - 2016-09-22 16:26 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\čunda\Downloads\SpyHunter-Installer.exe
2016-09-22 16:09 - 2016-09-25 09:48 - 00000000 ____D C:\Users\čunda\AppData\Local\kingsoft
2016-09-22 15:47 - 2016-09-22 15:48 - 02373640 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x64.exe
2016-09-22 15:25 - 2016-09-22 15:25 - 00000000 ____D C:\Program Files\Kazrog LLC
2016-09-22 13:53 - 2016-09-22 15:22 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\quadcorem2-instalator.exe
2016-09-20 23:32 - 2016-09-21 00:18 - 00000000 ____D C:\Users\čunda\Downloads\Nová složka
2016-09-20 23:29 - 2016-09-20 23:29 - 00009922 _____ C:\Users\čunda\Downloads\fishingbot_1.2.rar
2016-09-17 23:10 - 2016-09-24 08:06 - 00001056 _____ C:\Users\Public\Desktop\Metin2.lnk
2016-09-17 23:10 - 2016-09-17 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2
2016-09-17 23:08 - 2016-09-25 11:53 - 00000000 ____D C:\Program Files (x86)\Metin2
2016-09-17 22:51 - 2016-09-22 16:54 - 00000000 ____D C:\Users\čunda\Downloads\pack
2016-09-17 22:51 - 2016-09-17 22:51 - 00000000 ____D C:\Users\čunda\Downloads\lib
2016-09-17 22:44 - 2016-09-17 23:07 - 720572809 _____ (Gameforge 4D GmbH ) C:\Users\čunda\Downloads\Metin2_cz_20111216.exe
2016-09-17 22:44 - 2016-09-17 22:44 - 00339609 _____ (Gameforge 4D ) C:\Users\čunda\Downloads\Downloader_Metin2_cz.exe
2016-09-17 22:43 - 2016-09-17 22:43 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\MSBuild
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-17 22:39 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:31 - 2016-09-17 22:31 - 02869264 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx35setup.exe
2016-09-17 22:04 - 2016-09-22 13:23 - 00000000 ____D C:\Kazrog LLC
2016-09-17 22:03 - 2016-09-23 17:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Quadcore
2016-09-17 21:03 - 2016-09-17 22:02 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\QuadcoreM2_instalator.exe
2016-09-17 18:43 - 2016-09-24 08:06 - 00000961 _____ C:\Users\Public\Desktop\Gameforge Live.lnk
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Users\čunda\AppData\Local\Gameforge4d
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Program Files\GameforgeLive
2016-09-17 18:05 - 2016-09-17 18:06 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup (1).exe
2016-09-16 13:16 - 2016-09-24 21:10 - 00002420 _____ C:\WINDOWS\System32\Tasks\{FA59C3EB-B5C8-49EA-99E7-B29317B79F49}
2016-09-15 22:48 - 2016-09-16 06:18 - 00000000 ____D C:\Program Files\Plumbytes Software
2016-09-13 21:15 - 2016-09-13 21:15 - 00000000 ____D C:\Users\čunda\AppData\Local\Tejkys
2016-09-13 19:55 - 2016-09-24 07:54 - 00000000 ____D C:\Users\čunda\Downloads\SpaceWorld
2016-09-11 08:26 - 2016-07-19 09:54 - 05893272 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\GameMon.des
2016-09-11 08:26 - 2004-12-30 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\npptNT2.sys
2016-09-11 08:26 - 2003-07-15 23:17 - 00005174 _____ C:\WINDOWS\SysWOW64\nppt9x.vxd
2016-09-11 08:25 - 2016-09-11 08:25 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2016-09-11 00:55 - 2016-09-22 17:27 - 00000000 ____D C:\Users\�unda
2016-09-11 00:55 - 2016-09-17 18:00 - 00000000 ____D C:\Users\�unda\Downloads\Gameforge Live
2016-09-11 00:54 - 2016-09-17 18:42 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2016-09-11 00:53 - 2016-09-11 00:54 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup.exe
2016-09-10 20:44 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-09-10 20:31 - 2016-09-10 20:31 - 00000000 ____D C:\Users\Public\Documents\Arc
2016-09-10 20:29 - 2016-08-20 01:16 - 10828376 _____ (Perfect World Entertainment) C:\Users\čunda\Downloads\ArcInstall_NW_v20160818a.exe
2016-09-10 09:46 - 2016-09-10 09:46 - 00875472 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\msvcr110.dll
2016-09-10 09:42 - 2016-09-10 09:42 - 00000000 ____D C:\Users\čunda\Downloads\d3dx9_43
2016-09-10 09:42 - 2010-06-14 14:26 - 01998168 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\D3DX9_43.dll
2016-09-10 09:15 - 2016-09-10 09:18 - 849671643 _____ C:\Users\čunda\Downloads\MuLegend S6ep3.rar
2016-09-08 23:46 - 2016-09-09 15:38 - 00000000 __SHD C:\Users\čunda\AppData\Local\.#
2016-09-08 23:21 - 2016-09-08 23:21 - 730915713 _____ C:\Users\čunda\Downloads\Dragon Mu Season 6 v3.5 Sonido & Musica On.rar
2016-09-08 22:26 - 2016-09-08 22:30 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86 (1).exe
2016-09-08 18:24 - 2016-09-25 10:01 - 00000000 ____D C:\Program Files (x86)\TitanMu.net Season 10Ep3
2016-09-07 15:00 - 2016-09-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrimeMu
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73254359.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247734.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247562.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000378 _____ C:\WINDOWS\SysWOW64\data.bin
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223750.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223609.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73222312.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\en_73221375.html
2016-09-06 18:59 - 2016-09-06 20:03 - 775166660 _____ C:\Users\čunda\Downloads\Žena-v-kleci-(2013)-CZ-Dabing.avi
2016-09-06 18:25 - 2016-09-06 18:25 - 00000000 ____D C:\ProgramData\Sun
2016-09-06 18:24 - 2016-09-22 17:38 - 00000351 _____ C:\Users\Public\Documents\temp.dat
2016-09-06 16:33 - 2016-09-06 16:33 - 00889416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx40_Full_setup.exe
2016-09-06 16:20 - 2016-09-06 16:20 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86.exe
2016-09-06 12:35 - 2016-09-06 13:07 - 00000000 ____D C:\Users\čunda\Desktop\Dorty na facebook
2016-09-06 12:30 - 2016-09-07 20:41 - 00000000 _____ C:\WINDOWS\SysWOW64\last.dump
2016-09-05 18:07 - 2014-04-22 21:18 - 00000000 ____D C:\Users\čunda\Downloads\rome 1
2016-09-05 16:26 - 2016-09-05 17:33 - 1612176103 _____ C:\Users\čunda\Downloads\Rome-Total-War-CZ-(genrot).rar
2016-09-05 16:15 - 2016-09-05 16:15 - 00003200 _____ C:\WINDOWS\System32\Tasks\{3871AF8C-709B-4770-A3A4-E2BA52556370}
2016-09-05 15:37 - 2016-09-05 16:01 - 581629952 _____ C:\Users\čunda\Downloads\ROME-TOTAL-WAR-DISK-1.ISO
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-09-04 12:43 - 2016-09-04 12:43 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Foxit Software
2016-09-04 12:42 - 2016-09-04 12:42 - 00000000 ____D C:\ProgramData\IntelDLM
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\Downloads\Intel Components
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\AppData\Local\Intel
2016-09-04 12:38 - 2016-09-24 08:06 - 00001243 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.6.lnk
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-09-04 12:38 - 2015-06-04 13:33 - 00021984 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2016-09-04 12:37 - 2016-09-04 12:37 - 07491840 _____ (Intel) C:\Users\čunda\Downloads\Intel Driver Update Utility Installer.exe
2016-09-04 12:37 - 2016-09-04 12:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel
2016-09-03 12:36 - 2016-09-03 12:36 - 00121638 _____ C:\Users\čunda\Downloads\MicrosoftEasyFix20140.mini.diagcab
2016-09-03 11:19 - 2016-09-03 11:19 - 00000010 _____ C:\Users\čunda\Desktop\Nový textový dokument.txt
2016-09-03 09:59 - 2016-09-03 09:59 - 00000000 ____D C:\ProgramData\BlueStacks
2016-09-03 09:58 - 2016-09-03 09:58 - 00000000 ____D C:\Users\čunda\AppData\Roaming\WildTangent
2016-09-02 13:57 - 2016-09-02 15:06 - 855987284 _____ C:\Users\čunda\Downloads\Sicario---Nájemný-vrah---2015-CZ-dabing.avi
2016-09-02 12:30 - 2016-09-02 12:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\CareCenter
2016-09-02 12:28 - 2016-09-02 12:28 - 00000000 ____D C:\Users\čunda\AppData\Roaming\CareCenter
2016-09-01 18:07 - 2016-09-01 18:07 - 00000000 _____ C:\Recovery.txt
2016-09-01 17:05 - 2016-09-19 20:35 - 00000000 ___HD C:\$Windows.~BT
2016-09-01 15:55 - 2016-09-01 18:07 - 00000000 ___HD C:\$SysReset
2016-08-31 16:22 - 2016-09-12 16:10 - 00000000 ____D C:\Users\čunda\AppData\Local\ElevatedDiagnostics
2016-08-30 14:54 - 2016-08-30 14:54 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp0.html
2016-08-30 14:07 - 2016-08-30 14:07 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp2.html
2016-08-30 10:28 - 2016-08-30 10:28 - 00044640 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2016-08-30 10:24 - 2016-08-30 10:24 - 06306272 _____ (AVAST Software) C:\Users\čunda\Downloads\avast_premier_antivirus_setup_online_b0h.exe
2016-08-30 07:48 - 2016-08-30 07:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MUX Global Arkania Episode 3
2016-08-29 23:46 - 2016-08-30 06:22 - 594256970 _____ () C:\Users\čunda\Downloads\MUX Global Arkania Episode 3 (17.03.2016).exe
2016-08-29 15:46 - 2016-08-29 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G4Story_CZ
2016-08-29 15:39 - 2016-08-31 16:56 - 00000000 ____D C:\Program Files (x86)\G4Story_CZ
2016-08-29 15:28 - 2016-08-29 15:35 - 1327986213 _____ (G4Story Studio ) C:\Users\čunda\Downloads\G4Story_CZ.exe
2016-08-28 22:26 - 2016-08-28 22:27 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-08-28 22:19 - 2016-09-10 08:52 - 00000000 ____D C:\Program Files\P4StoryEN

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-25 11:08 - 2016-08-06 20:59 - 00000000 ____D C:\Users\čunda\AppData\Local\CrashDumps
2016-09-25 09:51 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-25 09:51 - 2015-08-10 23:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-25 09:51 - 2015-08-10 23:00 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildGames
2016-09-25 09:44 - 2016-08-17 15:03 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-09-25 09:34 - 2016-08-20 13:20 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Kingsoft
2016-09-25 08:59 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-25 08:41 - 2015-07-16 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-09-25 08:40 - 2016-08-06 08:31 - 00000000 ____D C:\Users\čunda\AppData\Local\clear.fi
2016-09-25 08:38 - 2016-08-17 15:03 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-25 08:38 - 2016-08-06 08:27 - 00000000 __SHD C:\Users\čunda\IntelGraphicsProfiles
2016-09-25 08:37 - 2016-04-27 08:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-25 08:36 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-09-25 08:35 - 2016-08-24 12:41 - 00000000 ____D C:\WINDOWS\system32\log
2016-09-25 08:34 - 2015-08-10 23:23 - 00000000 ____D C:\Program Files (x86)\Amazon
2016-09-25 08:26 - 2016-08-17 15:06 - 00000000 ____D C:\Users\čunda
2016-09-24 22:05 - 2016-08-20 13:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Seznam.cz
2016-09-24 08:07 - 2016-08-06 08:32 - 00002395 _____ C:\Users\čunda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-24 08:07 - 2015-10-30 09:18 - 00000853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2016-09-24 08:06 - 2016-08-24 12:43 - 00002542 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-24 08:06 - 2016-08-24 12:42 - 00002280 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-24 08:06 - 2016-08-11 12:56 - 00000896 _____ C:\Users\Public\Desktop\P4StoryEN.lnk
2016-09-24 08:06 - 2016-08-06 20:56 - 00001862 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-09-24 07:55 - 2016-04-27 08:43 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-23 23:16 - 2016-08-24 12:42 - 00002385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-23 23:16 - 2016-08-17 15:13 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk
2016-09-23 23:16 - 2015-10-30 09:18 - 00001590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
2016-09-23 23:16 - 2015-10-30 09:17 - 00002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk
2016-09-23 18:35 - 2016-08-20 13:43 - 00000000 ___HD C:\Program Files (x86)\ydp7C23
2016-09-23 12:41 - 2016-08-24 12:39 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-09-23 11:34 - 2016-04-27 08:54 - 01761358 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-23 11:34 - 2016-04-27 08:11 - 00744960 _____ C:\WINDOWS\system32\perfh005.dat
2016-09-23 11:34 - 2016-04-27 08:11 - 00147258 _____ C:\WINDOWS\system32\perfc005.dat
2016-09-23 08:00 - 2016-08-08 07:05 - 00000000 ____D C:\Users\čunda\AppData\Roaming\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files\AVAST Software
2016-09-22 22:41 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\Packages
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-22 22:38 - 2016-08-06 20:56 - 00000000 ____D C:\Users\čunda\AppData\Roaming\DAEMON Tools Lite
2016-09-22 21:29 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-22 17:31 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-09-22 17:31 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-09-22 17:27 - 2015-07-10 11:05 - 00000000 ____D C:\Users\Default.migrated
2016-09-22 15:51 - 2015-08-10 22:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-20 08:24 - 2015-07-16 05:31 - 00000000 ____D C:\Program Files (x86)\Acer
2016-09-19 20:36 - 2016-08-17 15:52 - 00000000 ____D C:\Windows.old
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-16 14:35 - 2016-08-09 13:29 - 00000000 ____D C:\Users\čunda\AppData\Local\Akamai
2016-09-16 13:22 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\WildTangent
2016-09-16 06:33 - 2016-08-13 07:48 - 00000000 ____D C:\Games
2016-09-13 13:34 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-13 13:34 - 2015-08-10 22:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-11 08:02 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\VirtualStore
2016-09-09 18:30 - 2016-08-15 07:28 - 00000000 ____D C:\Users\čunda\AppData\Local\RabanSoft
2016-09-08 21:29 - 2016-08-12 06:09 - 00140600 _____ (AhnLab, Inc.) C:\WINDOWS\system32\Drivers\EagleX64.sys
2016-09-07 03:00 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 03:00 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-04 12:59 - 2015-08-10 22:58 - 00000000 ____D C:\ProgramData\Intel
2016-09-04 12:48 - 2015-08-10 22:58 - 00000000 ____D C:\Program Files (x86)\Intel
2016-09-04 12:45 - 2016-08-17 15:02 - 00000000 ____D C:\Program Files\Intel
2016-09-04 12:24 - 2015-08-10 23:06 - 00000000 ___HD C:\Intel
2016-09-03 13:19 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-03 09:54 - 2015-08-10 23:30 - 00000000 ____D C:\ProgramData\CyberLink
2016-09-03 09:50 - 2016-08-06 21:04 - 00000000 ____D C:\Program Files\Flagship Studios
2016-09-02 12:26 - 2016-08-06 08:30 - 00000000 ____D C:\Users\čunda\AppData\Local\CareCenter
2016-09-01 21:07 - 2016-08-17 15:56 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-30 11:04 - 2016-08-17 15:23 - 00003508 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2016-08-30 11:04 - 2015-07-16 06:13 - 00000000 ___HD C:\OEM
2016-08-29 13:08 - 2016-08-17 15:23 - 00003060 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2016-08-29 11:49 - 2016-04-26 23:45 - 00194472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-28 22:26 - 2016-08-12 12:37 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2016-08-28 22:26 - 2016-08-11 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\P4StoryEN
2016-08-28 16:42 - 2016-08-24 12:39 - 00000495 _____ C:\Users\Public\Documents\report1.dat

==================== Files in the root of some directories =======

2016-09-23 09:39 - 2016-09-23 18:06 - 0007603 _____ () C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-08-17 15:02 - 2016-08-17 15:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-15 05:45 - 2016-08-15 05:45 - 0000016 _____ () C:\ProgramData\mntemp
2016-09-25 09:49 - 2014-04-17 00:08 - 0658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2942882.exe
2016-09-25 09:59 - 2014-04-17 00:08 - 0658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall3558290.exe

Files to move or delete:
====================
C:\ProgramData\uninstall2942882.exe
C:\ProgramData\uninstall3558290.exe


Some files in TEMP:
====================
C:\Users\čunda\AppData\Local\Temp\libeay32.dll
C:\Users\čunda\AppData\Local\Temp\msvcr120.dll
C:\Users\čunda\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-09-22 00:10

==================== End of FRST.txt ============================

Re: Dns unlocker

Napsal: 25 zář 2016 13:00
od micalinin
Tak sem znovu vyčistil s ADW Cleaner tady je log
# AdwCleaner v6.020 - Log soubor vytvořen 25/09/2016 na 13:54:40
# Aktualizováno dne 14/09/2016 z ToolsLib
# Databáze : 2016-09-24.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : čunda - LAPTOP-LCVD3MHM
# Beží od : C:\Users\čunda\Downloads\adwcleaner_6.020.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum



***** [ Služby ] *****



***** [ Adresáře ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****



***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [15920 Bajtů] - [25/09/2016 08:36:01]
C:\AdwCleaner\AdwCleaner[C2].txt - [866 Bajtů] - [25/09/2016 13:54:40]
C:\AdwCleaner\AdwCleaner[S0].txt - [15522 Bajtů] - [24/09/2016 21:42:10]
C:\AdwCleaner\AdwCleaner[S1].txt - [15599 Bajtů] - [25/09/2016 08:34:00]
C:\AdwCleaner\AdwCleaner[S2].txt - [1662 Bajtů] - [25/09/2016 13:53:25]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1163 Bajtů] ##########

Re: Dns unlocker

Napsal: 25 zář 2016 15:19
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: H - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {37fe60c3-5be5-11e6-9bd0-3065ec81dabc} - "E:\Setup.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {9b5c289d-66c4-11e6-b8d2-3065ec81dabc} - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: H - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {37fe60c3-5be5-11e6-9bd0-3065ec81dabc} - "E:\Setup.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Edge HomeButtonPage: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=14 ... PFH64PFH64
CHR HomePage: qudachmupishplalily -> hxxp://www.nicesearches.com?type=hp&ts= ... 9cam7b8e3w
CHR StartupUrls: qudachmupishplalily -> "hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w"
CHR DefaultSearchURL: qudachmupishplalily -> hxxp://www.nicesearches.com/search.php? ... m7b8e3w&q={searchTerms}
CHR DefaultSearchKeyword: qudachmupishplalily -> nice
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily [2016-09-25] <==== ATTENTION
U0 aswVmm; no ImagePath
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
C:\ProgramData\uninstall2942882.exe
C:\ProgramData\uninstall3558290.exe
C:\Users\čunda\AppData\Local\Temp
End
Uložte do C:\Users\čunda\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Dns unlocker

Napsal: 25 zář 2016 19:16
od micalinin
Tady je log s FRST před kliknutim (po scanu ) na fix, po kliknutí na fix píse : No fixlist.txt found. The fixlist.txt should be in the same folder/directory the tool is located.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2016
Ran by čunda (administrator) on LAPTOP-LCVD3MHM (25-09-2016 20:11:05)
Running from C:\Users\čunda\Downloads
Loaded Profiles: čunda (Available Profiles: čunda)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\ProgramData\UvConverter\UvConverter.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: H - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {37fe60c3-5be5-11e6-9bd0-3065ec81dabc} - "E:\Setup.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {9b5c289d-66c4-11e6-b8d2-3065ec81dabc} - "G:\setup\rsrc\Autorun.exe"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{4c05c3ce-f25a-4e64-82c1-5b3eca53fd9e}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{4c05c3ce-f25a-4e64-82c1-5b3eca53fd9e}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{eea7fe2d-21aa-4222-be63-103c86fec1db}: [DhcpNameServer] 82.163.143.171

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544401372&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544420656&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544482462&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {1F4F7198-8B19-4F61-B21A-8DBCC5C114E1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {2349977B-D64A-4633-B5FA-7AD1802BE099} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {252FA411-AD31-4A29-918C-C21FC9D9D214} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {32673C6B-27F9-4E97-A68E-43D564E14C45} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {403F17D7-960C-4456-A2D3-E47AD1F43922} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {65F404CD-F576-4A92-927F-F454C5924183} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {C376FE94-E51D-4037-BFAB-34C798E6170F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {EC2C06C7-B9F2-4A54-9BCF-E9C89C6045AB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F154C596-75A9-4028-90E8-9752BD7CA05B} URL =
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F200769B-1323-4202-8BF1-DB7DC7F88909} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=147324502 ... PFH64PFH64

FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage: qudachmupishplalily -> hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w
CHR StartupUrls: qudachmupishplalily -> "hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w"
CHR DefaultSearchURL: qudachmupishplalily -> hxxp://www.nicesearches.com/search.php?type=ds ... earchTerms}
CHR DefaultSearchKeyword: qudachmupishplalily -> nice
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default [2016-09-25]
CHR Extension: (Prezentace Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-20]
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-06]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-06]
CHR Extension: (Seznam Lištička - Email) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-06]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-06]
CHR Extension: (SiteAdvisor) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-08-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-06]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-20]
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily [2016-09-25] <==== ATTENTION
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-20]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-20]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-20]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-20]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
StartMenuInternet: Google Chrome - Chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-07-29] (Disc Soft Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [368552 2016-08-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] ()
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5893272 2016-07-19] (INCA Internet Co., Ltd.)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 UvConverter; C:\ProgramData\UvConverter\UvConverter.exe [336104 2016-09-23] ()
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-08-17] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2016-08-30] (The OpenVPN Project)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-06] (Disc Soft Ltd)
S3 EagleX64; C:\Windows\system32\drivers\EagleX64.sys [140600 2016-09-08] (AhnLab, Inc.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-09-22] ()
R3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [41976 2015-10-09] (Intel(R) Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [345872 2016-05-26] (Intel Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5759240 2016-08-06] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3528976 2016-06-14] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [936192 2016-08-25] (Realtek )
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [47784 2015-05-27] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [36904 2016-08-11] (Wellbia.com Co., Ltd.)
U0 aswVmm; no ImagePath
S3 RTSUER; \SystemRoot\system32\Drivers\RtsUer.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-25 20:06 - 2016-09-25 20:05 - 00002669 _____ C:\Users\�unda\Downloads\fixlist.txt
2016-09-25 14:00 - 2016-09-25 14:00 - 00003388 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2016-09-25 12:58 - 2016-09-25 19:59 - 00000000 ____D C:\Users\čunda\Downloads\FRST-OlderVersion
2016-09-25 09:52 - 2016-09-25 09:52 - 00003294 _____ C:\WINDOWS\System32\Tasks\{AF6D9DA6-7772-4F89-9D63-08887B4C6B7B}
2016-09-25 08:29 - 2016-09-25 08:36 - 00189502 _____ C:\WINDOWS\ntbtlog.txt
2016-09-25 08:29 - 2016-09-25 08:29 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-09-24 21:33 - 2016-09-24 21:34 - 03861056 _____ C:\Users\čunda\Downloads\adwcleaner_6.020.exe
2016-09-24 21:23 - 2016-09-24 21:29 - 00000000 ____D C:\WINDOWS\Minidump
2016-09-24 21:04 - 2016-09-24 21:04 - 00034154 _____ C:\Users\čunda\Documents\cc_20160924_210419.reg
2016-09-24 20:30 - 2016-09-24 20:30 - 00000952 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-24 20:29 - 2016-09-24 20:30 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-09-24 20:29 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-24 20:29 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-24 20:29 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-24 20:24 - 2016-09-25 14:04 - 00000000 ____D C:\AdwCleaner
2016-09-24 19:42 - 2016-09-24 19:42 - 00015600 _____ C:\Users\čunda\Documents\AdwCleaner[S1].txt
2016-09-24 19:41 - 2016-09-24 19:41 - 00025144 _____ C:\Users\čunda\Documents\AdwCleaner[S0].txt
2016-09-23 22:24 - 2016-09-23 22:24 - 00001137 _____ C:\Users\čunda\Desktop\tadik.txt
2016-09-23 21:31 - 2016-09-25 17:51 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-23 21:29 - 2016-09-23 21:29 - 00000020 ___SH C:\Users\čunda\ntuser.ini
2016-09-23 19:20 - 2016-09-23 19:22 - 00026097 _____ C:\Users\čunda\Downloads\Addition.txt
2016-09-23 19:17 - 2016-09-25 20:11 - 00021150 _____ C:\Users\čunda\Downloads\FRST.txt
2016-09-23 19:17 - 2016-09-25 20:11 - 00000000 ____D C:\FRST
2016-09-23 19:16 - 2016-09-25 19:59 - 02403328 _____ (Farbar) C:\Users\čunda\Downloads\FRST64.exe
2016-09-23 18:33 - 2016-09-24 21:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-23 18:33 - 2016-09-23 18:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-23 18:25 - 2016-09-23 18:32 - 22851472 _____ (Malwarebytes ) C:\Users\čunda\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-23 11:19 - 2016-07-27 21:25 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-09-23 10:45 - 2016-09-23 10:45 - 00000000 ____D C:\ProgramData\UvConverter
2016-09-23 10:12 - 2016-09-23 10:13 - 34739208 _____ C:\Users\čunda\Downloads\Nepotvrzeno 715697.crdownload
2016-09-23 09:39 - 2016-09-23 18:06 - 00007603 _____ C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-09-22 23:05 - 2016-09-22 23:06 - 03861056 _____ C:\Users\čunda\Downloads\adwcleaner.exe
2016-09-22 23:05 - 2015-03-09 12:26 - 00019768 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
2016-09-22 23:05 - 2011-04-21 11:31 - 00017240 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg.sys
2016-09-22 23:03 - 2016-09-22 23:04 - 34739208 _____ C:\Users\čunda\Downloads\se-setup.exe
2016-09-22 22:56 - 2008-06-11 16:16 - 00001287 _____ C:\Users\čunda\Downloads\Přečti si!.txt
2016-09-22 22:55 - 2016-09-22 22:55 - 00234343 _____ C:\Users\čunda\Downloads\SUPERAntiSpyware4151000cz.zip
2016-09-22 22:52 - 2016-09-22 22:52 - 00000282 _____ C:\Users\čunda\Documents\cc_20160922_225210.reg
2016-09-22 22:51 - 2016-09-22 22:51 - 00004846 _____ C:\Users\čunda\Documents\cc_20160922_225122.reg
2016-09-22 22:40 - 2016-09-22 22:40 - 00179682 _____ C:\Users\čunda\Documents\cc_20160922_224017.reg
2016-09-22 22:35 - 2016-09-24 08:06 - 00000911 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-22 22:35 - 2016-09-22 22:35 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\Program Files\CCleaner
2016-09-22 22:34 - 2016-09-22 22:35 - 08244656 _____ (Piriform Ltd) C:\Users\čunda\Downloads\ccsetup522.exe
2016-09-22 22:33 - 2016-09-22 22:36 - 00000000 ____D C:\ProgramData\Avg
2016-09-22 22:32 - 2016-09-22 22:36 - 00000000 ____D C:\Users\čunda\AppData\Local\AvgSetupLog
2016-09-22 22:32 - 2016-09-22 22:32 - 02945520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\čunda\Downloads\AVG_Antivirus_Free_1425.exe
2016-09-22 22:32 - 2016-09-22 22:32 - 00000000 ____D C:\Users\čunda\AppData\Local\Avg
2016-09-22 18:44 - 2016-09-22 22:30 - 00004020 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1474562663
2016-09-22 16:59 - 2016-09-22 17:11 - 00000000 ____D C:\Program Files (x86)\pack
2016-09-22 16:59 - 2016-09-22 16:59 - 00000000 ____D C:\Program Files (x86)\lib
2016-09-22 16:54 - 2016-09-22 16:54 - 00000118 _____ C:\Users\čunda\Downloads\startmetin2.bat
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\python22.dll
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\nastaveni.exe
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\clientversion.txt
2016-09-22 16:31 - 2016-09-22 16:31 - 00000000 _____ C:\autoexec.bat
2016-09-22 16:27 - 2016-09-22 16:27 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-09-22 16:26 - 2016-09-22 16:26 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\čunda\Downloads\SpyHunter-Installer.exe
2016-09-22 16:09 - 2016-09-25 09:48 - 00000000 ____D C:\Users\čunda\AppData\Local\kingsoft
2016-09-22 15:47 - 2016-09-22 15:48 - 02373640 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x64.exe
2016-09-22 15:25 - 2016-09-22 15:25 - 00000000 ____D C:\Program Files\Kazrog LLC
2016-09-22 13:53 - 2016-09-22 15:22 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\quadcorem2-instalator.exe
2016-09-20 23:32 - 2016-09-21 00:18 - 00000000 ____D C:\Users\čunda\Downloads\Nová složka
2016-09-20 23:29 - 2016-09-20 23:29 - 00009922 _____ C:\Users\čunda\Downloads\fishingbot_1.2.rar
2016-09-17 23:10 - 2016-09-24 08:06 - 00001056 _____ C:\Users\Public\Desktop\Metin2.lnk
2016-09-17 23:10 - 2016-09-17 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2
2016-09-17 23:08 - 2016-09-25 16:47 - 00000000 ____D C:\Program Files (x86)\Metin2
2016-09-17 22:51 - 2016-09-22 16:54 - 00000000 ____D C:\Users\čunda\Downloads\pack
2016-09-17 22:51 - 2016-09-17 22:51 - 00000000 ____D C:\Users\čunda\Downloads\lib
2016-09-17 22:44 - 2016-09-17 23:07 - 720572809 _____ (Gameforge 4D GmbH ) C:\Users\čunda\Downloads\Metin2_cz_20111216.exe
2016-09-17 22:44 - 2016-09-17 22:44 - 00339609 _____ (Gameforge 4D ) C:\Users\čunda\Downloads\Downloader_Metin2_cz.exe
2016-09-17 22:43 - 2016-09-17 22:43 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\MSBuild
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-17 22:39 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:31 - 2016-09-17 22:31 - 02869264 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx35setup.exe
2016-09-17 22:04 - 2016-09-22 13:23 - 00000000 ____D C:\Kazrog LLC
2016-09-17 22:03 - 2016-09-23 17:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Quadcore
2016-09-17 21:03 - 2016-09-17 22:02 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\QuadcoreM2_instalator.exe
2016-09-17 18:43 - 2016-09-24 08:06 - 00000961 _____ C:\Users\Public\Desktop\Gameforge Live.lnk
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Users\čunda\AppData\Local\Gameforge4d
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Program Files\GameforgeLive
2016-09-17 18:05 - 2016-09-17 18:06 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup (1).exe
2016-09-16 13:16 - 2016-09-24 21:10 - 00002420 _____ C:\WINDOWS\System32\Tasks\{FA59C3EB-B5C8-49EA-99E7-B29317B79F49}
2016-09-15 22:48 - 2016-09-16 06:18 - 00000000 ____D C:\Program Files\Plumbytes Software
2016-09-13 21:15 - 2016-09-13 21:15 - 00000000 ____D C:\Users\čunda\AppData\Local\Tejkys
2016-09-13 19:55 - 2016-09-24 07:54 - 00000000 ____D C:\Users\čunda\Downloads\SpaceWorld
2016-09-11 08:26 - 2016-07-19 09:54 - 05893272 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\GameMon.des
2016-09-11 08:26 - 2004-12-30 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\npptNT2.sys
2016-09-11 08:26 - 2003-07-15 23:17 - 00005174 _____ C:\WINDOWS\SysWOW64\nppt9x.vxd
2016-09-11 08:25 - 2016-09-11 08:25 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2016-09-11 00:55 - 2016-09-22 17:27 - 00000000 ____D C:\Users\�unda
2016-09-11 00:55 - 2016-09-17 18:00 - 00000000 ____D C:\Users\�unda\Downloads\Gameforge Live
2016-09-11 00:54 - 2016-09-17 18:42 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2016-09-11 00:53 - 2016-09-11 00:54 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup.exe
2016-09-10 20:44 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-09-10 20:31 - 2016-09-10 20:31 - 00000000 ____D C:\Users\Public\Documents\Arc
2016-09-10 20:29 - 2016-08-20 01:16 - 10828376 _____ (Perfect World Entertainment) C:\Users\čunda\Downloads\ArcInstall_NW_v20160818a.exe
2016-09-10 09:46 - 2016-09-10 09:46 - 00875472 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\msvcr110.dll
2016-09-10 09:42 - 2016-09-10 09:42 - 00000000 ____D C:\Users\čunda\Downloads\d3dx9_43
2016-09-10 09:42 - 2010-06-14 14:26 - 01998168 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\D3DX9_43.dll
2016-09-10 09:15 - 2016-09-10 09:18 - 849671643 _____ C:\Users\čunda\Downloads\MuLegend S6ep3.rar
2016-09-08 23:46 - 2016-09-09 15:38 - 00000000 __SHD C:\Users\čunda\AppData\Local\.#
2016-09-08 23:21 - 2016-09-08 23:21 - 730915713 _____ C:\Users\čunda\Downloads\Dragon Mu Season 6 v3.5 Sonido & Musica On.rar
2016-09-08 22:26 - 2016-09-08 22:30 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86 (1).exe
2016-09-08 18:24 - 2016-09-25 10:01 - 00000000 ____D C:\Program Files (x86)\TitanMu.net Season 10Ep3
2016-09-07 15:00 - 2016-09-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrimeMu
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73254359.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247734.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247562.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000378 _____ C:\WINDOWS\SysWOW64\data.bin
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223750.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223609.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73222312.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\en_73221375.html
2016-09-06 18:59 - 2016-09-06 20:03 - 775166660 _____ C:\Users\čunda\Downloads\Žena-v-kleci-(2013)-CZ-Dabing.avi
2016-09-06 18:25 - 2016-09-06 18:25 - 00000000 ____D C:\ProgramData\Sun
2016-09-06 18:24 - 2016-09-22 17:38 - 00000351 _____ C:\Users\Public\Documents\temp.dat
2016-09-06 16:33 - 2016-09-06 16:33 - 00889416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx40_Full_setup.exe
2016-09-06 16:20 - 2016-09-06 16:20 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86.exe
2016-09-06 12:35 - 2016-09-06 13:07 - 00000000 ____D C:\Users\čunda\Desktop\Dorty na facebook
2016-09-06 12:30 - 2016-09-07 20:41 - 00000000 _____ C:\WINDOWS\SysWOW64\last.dump
2016-09-05 18:07 - 2014-04-22 21:18 - 00000000 ____D C:\Users\čunda\Downloads\rome 1
2016-09-05 16:26 - 2016-09-05 17:33 - 1612176103 _____ C:\Users\čunda\Downloads\Rome-Total-War-CZ-(genrot).rar
2016-09-05 16:15 - 2016-09-05 16:15 - 00003200 _____ C:\WINDOWS\System32\Tasks\{3871AF8C-709B-4770-A3A4-E2BA52556370}
2016-09-05 15:37 - 2016-09-05 16:01 - 581629952 _____ C:\Users\čunda\Downloads\ROME-TOTAL-WAR-DISK-1.ISO
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-09-04 12:43 - 2016-09-04 12:43 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Foxit Software
2016-09-04 12:42 - 2016-09-04 12:42 - 00000000 ____D C:\ProgramData\IntelDLM
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\Downloads\Intel Components
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\AppData\Local\Intel
2016-09-04 12:38 - 2016-09-24 08:06 - 00001243 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.6.lnk
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-09-04 12:38 - 2015-06-04 13:33 - 00021984 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2016-09-04 12:37 - 2016-09-04 12:37 - 07491840 _____ (Intel) C:\Users\čunda\Downloads\Intel Driver Update Utility Installer.exe
2016-09-04 12:37 - 2016-09-04 12:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel
2016-09-03 12:36 - 2016-09-03 12:36 - 00121638 _____ C:\Users\čunda\Downloads\MicrosoftEasyFix20140.mini.diagcab
2016-09-03 11:19 - 2016-09-03 11:19 - 00000010 _____ C:\Users\čunda\Desktop\Nový textový dokument.txt
2016-09-03 09:59 - 2016-09-03 09:59 - 00000000 ____D C:\ProgramData\BlueStacks
2016-09-03 09:58 - 2016-09-03 09:58 - 00000000 ____D C:\Users\čunda\AppData\Roaming\WildTangent
2016-09-02 13:57 - 2016-09-02 15:06 - 855987284 _____ C:\Users\čunda\Downloads\Sicario---Nájemný-vrah---2015-CZ-dabing.avi
2016-09-02 12:30 - 2016-09-02 12:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\CareCenter
2016-09-02 12:28 - 2016-09-02 12:28 - 00000000 ____D C:\Users\čunda\AppData\Roaming\CareCenter
2016-09-01 18:07 - 2016-09-01 18:07 - 00000000 _____ C:\Recovery.txt
2016-09-01 17:05 - 2016-09-19 20:35 - 00000000 ____D C:\$Windows.~BT
2016-09-01 15:55 - 2016-09-01 18:07 - 00000000 ___HD C:\$SysReset
2016-08-31 16:22 - 2016-09-12 16:10 - 00000000 ____D C:\Users\čunda\AppData\Local\ElevatedDiagnostics
2016-08-30 14:54 - 2016-08-30 14:54 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp0.html
2016-08-30 14:07 - 2016-08-30 14:07 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp2.html
2016-08-30 10:28 - 2016-08-30 10:28 - 00044640 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2016-08-30 10:24 - 2016-08-30 10:24 - 06306272 _____ (AVAST Software) C:\Users\čunda\Downloads\avast_premier_antivirus_setup_online_b0h.exe
2016-08-30 07:48 - 2016-08-30 07:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MUX Global Arkania Episode 3
2016-08-29 23:46 - 2016-08-30 06:22 - 594256970 _____ () C:\Users\čunda\Downloads\MUX Global Arkania Episode 3 (17.03.2016).exe
2016-08-29 15:46 - 2016-08-29 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G4Story_CZ
2016-08-29 15:39 - 2016-08-31 16:56 - 00000000 ____D C:\Program Files (x86)\G4Story_CZ
2016-08-29 15:28 - 2016-08-29 15:35 - 1327986213 _____ (G4Story Studio ) C:\Users\čunda\Downloads\G4Story_CZ.exe
2016-08-28 22:26 - 2016-08-28 22:27 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-08-28 22:19 - 2016-09-10 08:52 - 00000000 ____D C:\Program Files\P4StoryEN

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-25 17:45 - 2016-08-06 20:59 - 00000000 ____D C:\Users\čunda\AppData\Local\CrashDumps
2016-09-25 17:42 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-25 16:15 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-25 16:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-25 16:07 - 2016-08-06 12:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-25 16:03 - 2016-08-06 12:01 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-25 16:03 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-25 14:06 - 2016-08-20 13:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Seznam.cz
2016-09-25 14:00 - 2015-07-16 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-09-25 13:58 - 2016-08-06 08:31 - 00000000 ____D C:\Users\čunda\AppData\Local\clear.fi
2016-09-25 13:57 - 2016-08-06 08:27 - 00000000 __SHD C:\Users\čunda\IntelGraphicsProfiles
2016-09-25 13:56 - 2016-08-17 15:03 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-25 13:55 - 2016-04-27 08:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-25 13:55 - 2016-04-26 23:45 - 00194448 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-25 13:55 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-09-25 13:55 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildGames
2016-09-25 09:51 - 2015-08-10 23:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-25 09:51 - 2015-08-10 23:00 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-09-25 09:44 - 2016-08-17 15:03 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-09-25 09:34 - 2016-08-20 13:20 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Kingsoft
2016-09-25 08:35 - 2016-08-24 12:41 - 00000000 ____D C:\WINDOWS\system32\log
2016-09-25 08:34 - 2015-08-10 23:23 - 00000000 ____D C:\Program Files (x86)\Amazon
2016-09-25 08:26 - 2016-08-17 15:06 - 00000000 ____D C:\Users\čunda
2016-09-24 08:07 - 2016-08-06 08:32 - 00002395 _____ C:\Users\čunda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-24 08:07 - 2015-10-30 09:18 - 00000853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2016-09-24 08:06 - 2016-08-24 12:43 - 00002542 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-24 08:06 - 2016-08-24 12:42 - 00002280 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-24 08:06 - 2016-08-11 12:56 - 00000896 _____ C:\Users\Public\Desktop\P4StoryEN.lnk
2016-09-24 08:06 - 2016-08-06 20:56 - 00001862 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-09-24 07:55 - 2016-04-27 08:43 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-23 23:16 - 2016-08-24 12:42 - 00002385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-23 23:16 - 2016-08-17 15:13 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk
2016-09-23 23:16 - 2015-10-30 09:18 - 00001590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
2016-09-23 23:16 - 2015-10-30 09:17 - 00002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk
2016-09-23 18:35 - 2016-08-20 13:43 - 00000000 ___HD C:\Program Files (x86)\ydp7C23
2016-09-23 12:41 - 2016-08-24 12:39 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-09-23 11:34 - 2016-04-27 08:54 - 01761358 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-23 11:34 - 2016-04-27 08:11 - 00744960 _____ C:\WINDOWS\system32\perfh005.dat
2016-09-23 11:34 - 2016-04-27 08:11 - 00147258 _____ C:\WINDOWS\system32\perfc005.dat
2016-09-23 08:00 - 2016-08-08 07:05 - 00000000 ____D C:\Users\čunda\AppData\Roaming\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files\AVAST Software
2016-09-22 22:41 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\Packages
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-22 22:38 - 2016-08-06 20:56 - 00000000 ____D C:\Users\čunda\AppData\Roaming\DAEMON Tools Lite
2016-09-22 17:31 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-09-22 17:31 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-09-22 17:27 - 2015-07-10 11:05 - 00000000 ____D C:\Users\Default.migrated
2016-09-22 15:51 - 2015-08-10 22:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-20 08:24 - 2015-07-16 05:31 - 00000000 ____D C:\Program Files (x86)\Acer
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-16 14:35 - 2016-08-09 13:29 - 00000000 ____D C:\Users\čunda\AppData\Local\Akamai
2016-09-16 13:22 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\WildTangent
2016-09-16 06:33 - 2016-08-13 07:48 - 00000000 ____D C:\Games
2016-09-13 13:34 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-13 13:34 - 2015-08-10 22:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-11 08:02 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\VirtualStore
2016-09-09 18:30 - 2016-08-15 07:28 - 00000000 ____D C:\Users\čunda\AppData\Local\RabanSoft
2016-09-08 21:29 - 2016-08-12 06:09 - 00140600 _____ (AhnLab, Inc.) C:\WINDOWS\system32\Drivers\EagleX64.sys
2016-09-07 03:00 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 03:00 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-04 12:59 - 2015-08-10 22:58 - 00000000 ____D C:\ProgramData\Intel
2016-09-04 12:48 - 2015-08-10 22:58 - 00000000 ____D C:\Program Files (x86)\Intel
2016-09-04 12:45 - 2016-08-17 15:02 - 00000000 ____D C:\Program Files\Intel
2016-09-04 12:24 - 2015-08-10 23:06 - 00000000 ___HD C:\Intel
2016-09-03 09:54 - 2015-08-10 23:30 - 00000000 ____D C:\ProgramData\CyberLink
2016-09-03 09:50 - 2016-08-06 21:04 - 00000000 ____D C:\Program Files\Flagship Studios
2016-09-02 12:26 - 2016-08-06 08:30 - 00000000 ____D C:\Users\čunda\AppData\Local\CareCenter
2016-09-01 21:07 - 2016-08-17 15:56 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-30 11:04 - 2016-08-17 15:23 - 00003508 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2016-08-30 11:04 - 2015-07-16 06:13 - 00000000 ___HD C:\OEM
2016-08-29 13:08 - 2016-08-17 15:23 - 00003060 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2016-08-28 22:26 - 2016-08-12 12:37 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2016-08-28 22:26 - 2016-08-11 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\P4StoryEN
2016-08-28 16:42 - 2016-08-24 12:39 - 00000495 _____ C:\Users\Public\Documents\report1.dat

==================== Files in the root of some directories =======

2016-09-23 09:39 - 2016-09-23 18:06 - 0007603 _____ () C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-08-17 15:02 - 2016-08-17 15:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-15 05:45 - 2016-08-15 05:45 - 0000016 _____ () C:\ProgramData\mntemp

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-09-22 00:10

==================== End of FRST.txt ============================
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz