Dobry den mam v počítači Dns Unlocker prosim o pomoc s odinstalovanim , stahnul sem proto Malwarebytes Anti-Malware Free a ten po instali nejde spsustit, nic to nepiše ani neděla prosim moc o pomoc .
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-09-2016
Ran by čunda (administrator) on LAPTOP-LCVD3MHM (23-09-2016 19:29:20)
Running from C:\Users\čunda\Downloads
Loaded Profiles: čunda (Available Profiles: čunda)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Amazon Inc.) C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(SweetLabs, Inc) C:\Users\čunda\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
() C:\ProgramData\UvConverter\UvConverter.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Intel Corporation) C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\DiskTrace.exe
() C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: H - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {37fe60c3-5be5-11e6-9bd0-3065ec81dabc} - "E:\Setup.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {9b5c289d-66c4-11e6-b8d2-3065ec81dabc} - "H:\setup\rsrc\Autorun.exe"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-2707501228-4093202152-1413403342-1001] => 127.0.0.1:18159
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\Parameters: [NameServer] 82.163.143.171 82.163.142.173
Tcpip\..\Interfaces\{4c05c3ce-f25a-4e64-82c1-5b3eca53fd9e}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9ed3fe4a-2b02-4783-b201-67652e3e9e11}: [NameServer] 82.163.143.171 82.163.142.173
Tcpip\..\Interfaces\{9ed3fe4a-2b02-4783-b201-67652e3e9e11}: [DhcpNameServer] 82.163.143.171
Tcpip\..\Interfaces\{eea7fe2d-21aa-4222-be63-103c86fec1db}: [DhcpNameServer] 82.163.143.171
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544401372&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544420656&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mylucky123.com/search/?type=ds&ts=1 ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mylucky123.com/?type=hp&ts=14746203 ... PFH64PFH64
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mylucky123.com/?type=hp&ts=14746203 ... PFH64PFH64
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1 ... earchTerms}
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mylucky123.com/search/?type=ds&ts=1 ... earchTerms}
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544482462&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mylucky123.com/?type=hp&ts=14746203 ... PFH64PFH64
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {0644EE93-D778-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {1F4F7198-8B19-4F61-B21A-8DBCC5C114E1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {2349977B-D64A-4633-B5FA-7AD1802BE099} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {252FA411-AD31-4A29-918C-C21FC9D9D214} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {32673C6B-27F9-4E97-A68E-43D564E14C45} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {403F17D7-960C-4456-A2D3-E47AD1F43922} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {65F404CD-F576-4A92-927F-F454C5924183} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {C376FE94-E51D-4037-BFAB-34C798E6170F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {EC2C06C7-B9F2-4A54-9BCF-E9C89C6045AB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F154C596-75A9-4028-90E8-9752BD7CA05B} URL =
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F200769B-1323-4202-8BF1-DB7DC7F88909} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
StartMenuInternet: IEXPLORE.EXE - c:\program files\internet explorer\iexplore.exe hxxp://www.mylucky123.com/?type=sc&ts=14746203 ... PFH64PFH64
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=147324502 ... PFH64PFH64
FireFox:
========
FF ProfilePath: C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Seznam
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: hxxp://www.mylucky123.com/?type=hp&ts=14746203 ... PFH64PFH64
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
FF SearchPlugin: C:\Users\čunda\AppData\Roaming\Mozilla\Firefox\Profiles\ce9otcc9.default\searchplugins\McSiteAdvisor.xml [2016-08-17]
FF SearchPlugin: C:\Users\čunda\AppData\Roaming\Mozilla\Firefox\Profiles\ce9otcc9.default\searchplugins\mylucky123.xml [2016-09-23]
FF SearchPlugin: C:\Users\čunda\AppData\Roaming\Mozilla\Firefox\Profiles\ce9otcc9.default\searchplugins\nice.xml [2016-08-30]
FF SearchPlugin: C:\Users\čunda\AppData\Roaming\Mozilla\Firefox\Profiles\ce9otcc9.default\searchplugins\nuesearch.xml [2016-09-07]
FF SearchPlugin: C:\Users\čunda\AppData\Roaming\Mozilla\Firefox\Profiles\ce9otcc9.default\searchplugins\seznam-avast.xml [2016-09-22]
FF SearchPlugin: C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\searchplugins\McSiteAdvisor.xml [2016-08-17]
FF SearchPlugin: C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\searchplugins\nice.xml [2016-08-30]
FF SearchPlugin: C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\searchplugins\searchinme.xml [2016-08-24]
FF SearchPlugin: C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\searchplugins\seznam-avast.xml [2016-09-22]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\čunda\AppData\Roaming\Mozilla\Firefox\Profiles\ce9otcc9.default\Extensions\abb@amazon.com.xpi [2016-08-06]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\čunda\AppData\Roaming\Mozilla\Firefox\Profiles\ce9otcc9.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2016-08-13]
FF Extension: (Seznam lištička) - C:\Users\čunda\AppData\Roaming\Mozilla\Firefox\Profiles\ce9otcc9.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-08-20]
FF Extension: (GsearchFinder) - C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\Extensions\@90B817C8-8A5C-413B-9DDD-B2C61ED6E79A.xpi [2016-08-19]
FF Extension: (SimilarWeb) - C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\Extensions\@DA3566E2-F709-11E5-8E87-A604BC8E7F8B.xpi [2016-08-24] [not signed]
FF Extension: (FF Adr) - C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi [2016-08-24] [not signed]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\Extensions\abb@amazon.com.xpi [2016-08-06]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2016-08-24]
FF Extension: (English (US) Language Pack) - C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2016-08-24] [not signed]
FF Extension: (Seznam lištička) - C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-08-24]
StartMenuInternet: FIREFOX.EXE - c:\program files (x86)\mozilla firefox\firefox.exe hxxp://www.mylucky123.com/?type=sc&ts=14746203 ... PFH64PFH64
Chrome:
=======
CHR HomePage: qudachmupishplalily -> hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w
CHR StartupUrls: qudachmupishplalily -> "hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w"
CHR DefaultSearchURL: qudachmupishplalily -> hxxp://www.nicesearches.com/search.php?type=ds ... earchTerms}
CHR DefaultSearchKeyword: qudachmupishplalily -> nice
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default [2016-09-22]
CHR Extension: (Prezentace Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-20]
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-06]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-06]
CHR Extension: (Seznam Lištička - Email) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-06]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-06]
CHR Extension: (SiteAdvisor) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-08-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-06]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-20]
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily [2016-09-23] <==== ATTENTION
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-20]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-20]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-20]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-20]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
StartMenuInternet: Google Chrome - c:\program files (x86)\google\chrome\application\chrome.exe hxxp://www.mylucky123.com/?type=sc&ts=14746203 ... PFH64PFH64
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Amazon 1Button App Service; c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [436032 2016-02-17] (Amazon Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-07-29] (Disc Soft Ltd)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [368552 2016-08-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] ()
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5893272 2016-07-19] (INCA Internet Co., Ltd.)
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 UvConverter; C:\ProgramData\UvConverter\UvConverter.exe [336104 2016-09-23] ()
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-08-17] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation)
S2 grkCachePls.exe; "C:\Program Files (x86)\Bvafivagh\grkCachePls.exe" {C25DA384-2010-45A4-A1ED-BFA540D4789B} {9DC74CD5-24EA-4ADE-9C42-608A8CE17116} [X]
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2016-08-30] (The OpenVPN Project)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-06] (Disc Soft Ltd)
S3 EagleX64; C:\Windows\system32\drivers\EagleX64.sys [140600 2016-09-08] (AhnLab, Inc.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-09-22] ()
S3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [41984 2015-06-03] (Intel(R) Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [345872 2016-05-26] (Intel Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5759240 2016-08-06] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3528976 2016-06-14] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [411712 2015-05-19] (Realsil Semiconductor Corporation)
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [47784 2015-05-27] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
R1 UCGuard; C:\Windows\System32\DRIVERS\ucguard.sys [81792 2016-08-02] (Huorong Borui (Beijing) Technology Co., Ltd.) <==== ATTENTION
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [36904 2016-08-11] (Wellbia.com Co., Ltd.)
U0 aswVmm; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-23 19:20 - 2016-09-23 19:22 - 00026097 _____ C:\Users\čunda\Downloads\Addition.txt
2016-09-23 19:17 - 2016-09-23 19:29 - 00028693 _____ C:\Users\čunda\Downloads\FRST.txt
2016-09-23 19:17 - 2016-09-23 19:29 - 00000000 ____D C:\FRST
2016-09-23 19:16 - 2016-09-23 19:17 - 02402816 _____ (Farbar) C:\Users\čunda\Downloads\FRST64.exe
2016-09-23 18:33 - 2016-09-23 18:48 - 00001179 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-23 18:33 - 2016-09-23 18:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-23 18:33 - 2016-09-23 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-23 18:33 - 2016-09-23 18:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-23 18:33 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-23 18:33 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-23 18:33 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-23 18:25 - 2016-09-23 18:32 - 22851472 _____ (Malwarebytes ) C:\Users\čunda\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-23 11:19 - 2016-07-27 21:25 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-09-23 10:45 - 2016-09-23 10:45 - 00000000 ____D C:\ProgramData\UvConverter
2016-09-23 10:31 - 2016-09-23 10:31 - 00003388 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2016-09-23 10:12 - 2016-09-23 10:13 - 34739208 _____ C:\Users\čunda\Downloads\Nepotvrzeno 715697.crdownload
2016-09-23 09:39 - 2016-09-23 18:06 - 00007603 _____ C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-09-22 23:06 - 2016-09-22 23:13 - 00000000 ____D C:\AdwCleaner
2016-09-22 23:05 - 2016-09-22 23:06 - 03861056 _____ C:\Users\čunda\Downloads\adwcleaner.exe
2016-09-22 23:05 - 2015-03-09 12:26 - 00019768 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
2016-09-22 23:05 - 2011-04-21 11:31 - 00017240 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg.sys
2016-09-22 23:03 - 2016-09-22 23:04 - 34739208 _____ C:\Users\čunda\Downloads\se-setup.exe
2016-09-22 22:56 - 2008-06-11 16:16 - 00001287 _____ C:\Users\čunda\Downloads\Přečti si!.txt
2016-09-22 22:55 - 2016-09-22 22:55 - 00234343 _____ C:\Users\čunda\Downloads\SUPERAntiSpyware4151000cz.zip
2016-09-22 22:52 - 2016-09-22 22:52 - 00000282 _____ C:\Users\čunda\Documents\cc_20160922_225210.reg
2016-09-22 22:51 - 2016-09-22 22:51 - 00004846 _____ C:\Users\čunda\Documents\cc_20160922_225122.reg
2016-09-22 22:40 - 2016-09-22 22:40 - 00179682 _____ C:\Users\čunda\Documents\cc_20160922_224017.reg
2016-09-22 22:35 - 2016-09-22 22:35 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-09-22 22:35 - 2016-09-22 22:35 - 00000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\Program Files\CCleaner
2016-09-22 22:34 - 2016-09-22 22:35 - 08244656 _____ (Piriform Ltd) C:\Users\čunda\Downloads\ccsetup522.exe
2016-09-22 22:33 - 2016-09-22 22:36 - 00000000 ____D C:\ProgramData\Avg
2016-09-22 22:32 - 2016-09-22 22:36 - 00000000 ____D C:\Users\čunda\AppData\Local\AvgSetupLog
2016-09-22 22:32 - 2016-09-22 22:32 - 02945520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\čunda\Downloads\AVG_Antivirus_Free_1425.exe
2016-09-22 22:32 - 2016-09-22 22:32 - 00000000 ____D C:\Users\čunda\AppData\Local\Avg
2016-09-22 18:44 - 2016-09-22 22:30 - 00004020 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1474562663
2016-09-22 16:59 - 2016-09-22 17:11 - 00000000 ____D C:\Program Files (x86)\pack
2016-09-22 16:59 - 2016-09-22 16:59 - 00000000 ____D C:\Program Files (x86)\lib
2016-09-22 16:54 - 2016-09-22 16:54 - 00000118 _____ C:\Users\čunda\Downloads\startmetin2.bat
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\python22.dll
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\nastaveni.exe
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\clientversion.txt
2016-09-22 16:31 - 2016-09-22 16:31 - 00000000 _____ C:\autoexec.bat
2016-09-22 16:27 - 2016-09-22 16:27 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-09-22 16:26 - 2016-09-22 16:26 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\čunda\Downloads\SpyHunter-Installer.exe
2016-09-22 16:10 - 2016-09-23 19:25 - 00000408 _____ C:\WINDOWS\Tasks\WpsUpdateTask_čunda.job
2016-09-22 16:10 - 2016-09-22 16:10 - 00003426 _____ C:\WINDOWS\System32\Tasks\WpsUpdateTask_čunda
2016-09-22 16:09 - 2016-09-23 18:52 - 00000408 _____ C:\WINDOWS\Tasks\WpsNotifyTask_čunda.job
2016-09-22 16:09 - 2016-09-22 16:09 - 00003426 _____ C:\WINDOWS\System32\Tasks\WpsNotifyTask_čunda
2016-09-22 16:09 - 2016-09-22 16:09 - 00000000 ____D C:\Users\čunda\AppData\Local\kingsoft
2016-09-22 15:47 - 2016-09-22 15:48 - 02373640 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x64.exe
2016-09-22 15:25 - 2016-09-22 15:25 - 00000000 ____D C:\Program Files\Kazrog LLC
2016-09-22 13:53 - 2016-09-22 15:22 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\quadcorem2-instalator.exe
2016-09-20 23:32 - 2016-09-21 00:18 - 00000000 ____D C:\Users\čunda\Downloads\Nová složka
2016-09-20 23:29 - 2016-09-20 23:29 - 00009922 _____ C:\Users\čunda\Downloads\fishingbot_1.2.rar
2016-09-17 23:10 - 2016-09-17 23:10 - 00001056 _____ C:\Users\Public\Desktop\Metin2.lnk
2016-09-17 23:10 - 2016-09-17 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2
2016-09-17 23:08 - 2016-09-23 18:39 - 00000000 ____D C:\Program Files (x86)\Metin2
2016-09-17 22:51 - 2016-09-22 16:54 - 00000000 ____D C:\Users\čunda\Downloads\pack
2016-09-17 22:51 - 2016-09-17 22:51 - 00000000 ____D C:\Users\čunda\Downloads\lib
2016-09-17 22:44 - 2016-09-17 23:07 - 720572809 _____ (Gameforge 4D GmbH ) C:\Users\čunda\Downloads\Metin2_cz_20111216.exe
2016-09-17 22:44 - 2016-09-17 22:44 - 00339609 _____ (Gameforge 4D ) C:\Users\čunda\Downloads\Downloader_Metin2_cz.exe
2016-09-17 22:43 - 2016-09-17 22:43 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\MSBuild
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-17 22:39 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:34 - 2016-09-17 22:34 - 01064960 _____ (Dupl3xx) C:\Program Files (x86)\Launcher.exe
2016-09-17 22:31 - 2016-09-17 22:31 - 02869264 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx35setup.exe
2016-09-17 22:04 - 2016-09-22 13:23 - 00000000 ____D C:\Kazrog LLC
2016-09-17 22:03 - 2016-09-23 17:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Quadcore
2016-09-17 21:03 - 2016-09-17 22:02 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\QuadcoreM2_instalator.exe
2016-09-17 18:43 - 2016-09-17 18:43 - 00000917 _____ C:\Users\Public\Desktop\Gameforge Live.lnk
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Users\čunda\AppData\Local\Gameforge4d
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Program Files\GameforgeLive
2016-09-17 18:05 - 2016-09-17 18:06 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup (1).exe
2016-09-16 13:16 - 2016-09-16 13:16 - 00003436 _____ C:\WINDOWS\System32\Tasks\{FA59C3EB-B5C8-49EA-99E7-B29317B79F49}
2016-09-15 22:48 - 2016-09-16 06:18 - 00000000 ____D C:\Program Files\Plumbytes Software
2016-09-15 22:48 - 2016-09-15 23:02 - 00000000 ____D C:\Users\čunda\AppData\Local\{698D0BA5-6E4B-44BD-9F9A-AA32F2E98D9A}
2016-09-15 21:57 - 2016-09-15 23:26 - 00000000 ____D C:\Program Files\Reimage
2016-09-15 21:55 - 2016-09-15 21:58 - 00000140 _____ C:\WINDOWS\Reimage.ini
2016-09-13 21:15 - 2016-09-13 21:15 - 00000000 ____D C:\Users\čunda\AppData\Local\Tejkys
2016-09-13 19:55 - 2016-09-17 19:35 - 00000000 ____D C:\Users\čunda\Downloads\SpaceWorld
2016-09-11 08:26 - 2016-07-19 09:54 - 05893272 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\GameMon.des
2016-09-11 08:26 - 2004-12-30 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\npptNT2.sys
2016-09-11 08:26 - 2003-07-15 23:17 - 00005174 _____ C:\WINDOWS\SysWOW64\nppt9x.vxd
2016-09-11 08:25 - 2016-09-11 08:25 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2016-09-11 00:55 - 2016-09-22 17:27 - 00000000 ____D C:\Users\�unda
2016-09-11 00:55 - 2016-09-17 18:00 - 00000000 ____D C:\Users\�unda\Downloads\Gameforge Live
2016-09-11 00:54 - 2016-09-17 18:42 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2016-09-11 00:53 - 2016-09-11 00:54 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup.exe
2016-09-10 20:44 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-09-10 20:31 - 2016-09-10 20:31 - 00000000 ____D C:\Users\Public\Documents\Arc
2016-09-10 20:29 - 2016-08-20 01:16 - 10828376 _____ (Perfect World Entertainment) C:\Users\čunda\Downloads\ArcInstall_NW_v20160818a.exe
2016-09-10 09:46 - 2016-09-10 09:46 - 00875472 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\msvcr110.dll
2016-09-10 09:42 - 2016-09-10 09:42 - 00000000 ____D C:\Users\čunda\Downloads\d3dx9_43
2016-09-10 09:42 - 2010-06-14 14:26 - 01998168 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\D3DX9_43.dll
2016-09-10 09:15 - 2016-09-10 09:18 - 849671643 _____ C:\Users\čunda\Downloads\MuLegend S6ep3.rar
2016-09-08 23:46 - 2016-09-09 15:38 - 00000000 __SHD C:\Users\čunda\AppData\Local\.#
2016-09-08 23:21 - 2016-09-08 23:21 - 730915713 _____ C:\Users\čunda\Downloads\Dragon Mu Season 6 v3.5 Sonido & Musica On.rar
2016-09-08 22:26 - 2016-09-08 22:30 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86 (1).exe
2016-09-08 18:24 - 2016-09-08 22:38 - 00000000 ____D C:\Program Files (x86)\TitanMu.net Season 10Ep3
2016-09-07 15:00 - 2016-09-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrimeMu
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73254359.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247734.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247562.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000378 _____ C:\WINDOWS\SysWOW64\data.bin
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223750.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223609.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73222312.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\en_73221375.html
2016-09-06 18:59 - 2016-09-06 20:03 - 775166660 _____ C:\Users\čunda\Downloads\Žena-v-kleci-(2013)-CZ-Dabing.avi
2016-09-06 18:28 - 2016-09-16 13:11 - 00000000 ____D C:\ProgramData\Setmike
2016-09-06 18:25 - 2016-09-06 18:25 - 00003672 _____ C:\WINDOWS\System32\Tasks\SetmikeUpdateTaskMachineCore
2016-09-06 18:25 - 2016-09-06 18:25 - 00003582 _____ C:\WINDOWS\System32\Tasks\SetmikeUpdateTaskMachineUA
2016-09-06 18:25 - 2016-09-06 18:25 - 00000000 ____D C:\Users\čunda\AppData\Local\Setmike
2016-09-06 18:25 - 2016-09-06 18:25 - 00000000 ____D C:\ProgramData\Sun
2016-09-06 18:25 - 2016-09-06 18:25 - 00000000 ____D C:\Program Files (x86)\Setmike
2016-09-06 18:24 - 2016-09-22 17:38 - 00000351 _____ C:\Users\Public\Documents\temp.dat
2016-09-06 16:33 - 2016-09-06 16:33 - 00889416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx40_Full_setup.exe
2016-09-06 16:20 - 2016-09-06 16:20 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86.exe
2016-09-06 12:35 - 2016-09-06 13:07 - 00000000 ____D C:\Users\čunda\Desktop\Dorty na facebook
2016-09-06 12:30 - 2016-09-07 20:41 - 00000000 _____ C:\WINDOWS\SysWOW64\last.dump
2016-09-05 18:07 - 2014-04-22 21:18 - 00000000 ____D C:\Users\čunda\Downloads\rome 1
2016-09-05 16:26 - 2016-09-05 17:33 - 1612176103 _____ C:\Users\čunda\Downloads\Rome-Total-War-CZ-(genrot).rar
2016-09-05 16:15 - 2016-09-05 16:15 - 00003200 _____ C:\WINDOWS\System32\Tasks\{3871AF8C-709B-4770-A3A4-E2BA52556370}
2016-09-05 15:37 - 2016-09-05 16:01 - 581629952 _____ C:\Users\čunda\Downloads\ROME-TOTAL-WAR-DISK-1.ISO
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-09-04 12:43 - 2016-09-04 12:43 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Foxit Software
2016-09-04 12:42 - 2016-09-04 12:42 - 00000000 ____D C:\ProgramData\IntelDLM
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\Downloads\Intel Components
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\AppData\Local\Intel
2016-09-04 12:38 - 2016-09-04 12:38 - 00001243 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.6.lnk
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-09-04 12:38 - 2015-06-04 13:33 - 00021984 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2016-09-04 12:37 - 2016-09-04 12:37 - 07491840 _____ (Intel) C:\Users\čunda\Downloads\Intel Driver Update Utility Installer.exe
2016-09-04 12:37 - 2016-09-04 12:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel
2016-09-03 12:36 - 2016-09-03 12:36 - 00121638 _____ C:\Users\čunda\Downloads\MicrosoftEasyFix20140.mini.diagcab
2016-09-03 11:19 - 2016-09-03 11:19 - 00000010 _____ C:\Users\čunda\Desktop\Nový textový dokument.txt
2016-09-03 09:59 - 2016-09-03 09:59 - 00000000 ____D C:\ProgramData\BlueStacks
2016-09-03 09:58 - 2016-09-03 09:58 - 00000000 ____D C:\Users\čunda\AppData\Roaming\WildTangent
2016-09-02 13:57 - 2016-09-02 15:06 - 855987284 _____ C:\Users\čunda\Downloads\Sicario---Nájemný-vrah---2015-CZ-dabing.avi
2016-09-02 12:30 - 2016-09-02 12:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\CareCenter
2016-09-02 12:28 - 2016-09-02 12:28 - 00000000 ____D C:\Users\čunda\AppData\Roaming\CareCenter
2016-09-01 18:07 - 2016-09-01 18:07 - 00000000 _____ C:\Recovery.txt
2016-09-01 17:05 - 2016-09-19 20:35 - 00000000 ___HD C:\$Windows.~BT
2016-09-01 15:55 - 2016-09-01 18:07 - 00000000 ___HD C:\$SysReset
2016-08-31 16:22 - 2016-09-12 16:10 - 00000000 ____D C:\Users\čunda\AppData\Local\ElevatedDiagnostics
2016-08-30 14:54 - 2016-08-30 14:54 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp0.html
2016-08-30 14:07 - 2016-08-30 14:07 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp2.html
2016-08-30 10:28 - 2016-08-30 10:28 - 00044640 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2016-08-30 10:24 - 2016-08-30 10:24 - 06306272 _____ (AVAST Software) C:\Users\čunda\Downloads\avast_premier_antivirus_setup_online_b0h.exe
2016-08-30 07:48 - 2016-08-30 07:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MUX Global Arkania Episode 3
2016-08-29 23:46 - 2016-08-30 06:22 - 594256970 _____ () C:\Users\čunda\Downloads\MUX Global Arkania Episode 3 (17.03.2016).exe
2016-08-29 15:46 - 2016-08-29 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G4Story_CZ
2016-08-29 15:39 - 2016-08-31 16:56 - 00000000 ____D C:\Program Files (x86)\G4Story_CZ
2016-08-29 15:28 - 2016-08-29 15:35 - 1327986213 _____ (G4Story Studio ) C:\Users\čunda\Downloads\G4Story_CZ.exe
2016-08-28 22:26 - 2016-08-28 22:27 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-08-28 22:19 - 2016-09-10 08:52 - 00000000 ____D C:\Program Files\P4StoryEN
2016-08-25 09:07 - 2015-06-18 09:54 - 00091272 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2016-08-24 19:54 - 2016-08-24 19:55 - 00000000 ____D C:\ProgramData\e384c823-07f7-1
2016-08-24 19:54 - 2016-08-24 19:54 - 00000000 ____D C:\ProgramData\e384c823-4675-0
2016-08-24 13:54 - 2016-08-24 13:55 - 00000000 ____D C:\ProgramData\e384c823-1767-0
2016-08-24 13:54 - 2016-08-24 13:54 - 00000000 ____D C:\ProgramData\e384c823-2dd7-1
2016-08-24 13:42 - 2016-08-24 13:42 - 00000000 ____D C:\Users\Public\Documents\chrome
2016-08-24 12:43 - 2016-09-07 12:43 - 00002464 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-24 12:43 - 2016-08-24 12:43 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Firefox
2016-08-24 12:43 - 2016-08-24 12:43 - 00000000 ____D C:\Users\čunda\AppData\Local\Junetoe
2016-08-24 12:43 - 2016-08-24 12:43 - 00000000 ____D C:\Users\čunda\AppData\Local\Firefox
2016-08-24 12:42 - 2016-09-07 12:43 - 00002385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-24 12:42 - 2016-09-07 12:43 - 00001380 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-24 12:42 - 2016-08-24 12:42 - 00003582 _____ C:\WINDOWS\System32\Tasks\JunetoeUpdateTaskMachineUA
2016-08-24 12:42 - 2016-08-24 12:42 - 00000000 ____D C:\Program Files (x86)\Firefox
2016-08-24 12:41 - 2016-08-24 12:41 - 00000000 ____D C:\WINDOWS\system32\log
2016-08-24 12:41 - 2016-05-23 04:41 - 00055056 _____ (Elex do Brasil Participações Ltda) C:\WINDOWS\system32\Drivers\iSafeKrnlBoot.sys
2016-08-24 12:39 - 2016-09-23 12:41 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-08-24 12:39 - 2016-08-28 16:42 - 00000495 _____ C:\Users\Public\Documents\report1.dat
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-23 18:46 - 2015-08-10 23:25 - 00000424 _____ C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job
2016-09-23 18:43 - 2015-08-10 23:25 - 00000424 _____ C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job
2016-09-23 18:35 - 2016-08-20 13:43 - 00000000 ___HD C:\Program Files (x86)\ydp7C23
2016-09-23 17:43 - 2016-08-06 20:59 - 00000000 ____D C:\Users\čunda\AppData\Local\CrashDumps
2016-09-23 17:31 - 2016-08-17 15:06 - 00000000 ____D C:\Users\čunda
2016-09-23 16:29 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\Host App Service
2016-09-23 16:20 - 2016-08-20 13:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Seznam.cz
2016-09-23 14:14 - 2016-08-23 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
2016-09-23 12:44 - 2015-07-16 05:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-23 11:34 - 2016-04-27 08:54 - 01761358 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-23 11:34 - 2016-04-27 08:11 - 00744960 _____ C:\WINDOWS\system32\perfh005.dat
2016-09-23 11:34 - 2016-04-27 08:11 - 00147258 _____ C:\WINDOWS\system32\perfc005.dat
2016-09-23 11:34 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-23 10:37 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-23 10:31 - 2015-07-16 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-09-23 10:30 - 2016-08-06 08:31 - 00000000 ____D C:\Users\čunda\AppData\Local\clear.fi
2016-09-23 10:27 - 2016-08-17 15:03 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-23 10:27 - 2016-08-06 08:27 - 00000000 __SHD C:\Users\čunda\IntelGraphicsProfiles
2016-09-23 10:18 - 2016-04-27 08:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-23 10:18 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-09-23 08:00 - 2016-08-08 07:05 - 00000000 ____D C:\Users\čunda\AppData\Roaming\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files\AVAST Software
2016-09-22 22:41 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\Packages
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-22 22:38 - 2016-08-06 20:56 - 00000000 ____D C:\Users\čunda\AppData\Roaming\DAEMON Tools Lite
2016-09-22 21:29 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-22 20:26 - 2016-08-23 19:54 - 00000000 ____D C:\ProgramData\e384c823-2b91-1
2016-09-22 20:26 - 2016-08-23 12:43 - 00000000 ____D C:\ProgramData\MwinpM
2016-09-22 20:26 - 2016-08-20 13:49 - 00000000 ____D C:\ProgramData\e384c823-6ec3-1
2016-09-22 20:26 - 2016-08-20 13:49 - 00000000 ____D C:\ProgramData\e384c823-0457-0
2016-09-22 17:31 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-09-22 17:31 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-09-22 17:27 - 2015-07-10 11:05 - 00000000 ____D C:\Users\Default.migrated
2016-09-22 16:10 - 2016-08-20 13:20 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Kingsoft
2016-09-22 15:51 - 2015-08-10 22:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-20 08:24 - 2015-07-16 05:31 - 00000000 ____D C:\Program Files (x86)\Acer
2016-09-19 20:36 - 2016-08-17 15:52 - 00000000 ____D C:\Windows.old
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-16 14:35 - 2016-08-09 13:29 - 00000000 ____D C:\Users\čunda\AppData\Local\Akamai
2016-09-16 13:22 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\WildTangent
2016-09-16 13:22 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-09-16 13:22 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildGames
2016-09-16 06:33 - 2016-08-13 07:48 - 00000000 ____D C:\Games
2016-09-13 13:34 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-13 13:34 - 2015-08-10 22:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-12 23:07 - 2015-08-10 23:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-11 08:02 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\VirtualStore
2016-09-09 18:30 - 2016-08-15 07:28 - 00000000 ____D C:\Users\čunda\AppData\Local\RabanSoft
2016-09-08 21:29 - 2016-08-12 06:09 - 00140600 _____ (AhnLab, Inc.) C:\WINDOWS\system32\Drivers\EagleX64.sys
2016-09-07 03:00 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 03:00 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-04 12:59 - 2015-08-10 22:58 - 00000000 ____D C:\ProgramData\Intel
2016-09-04 12:48 - 2015-08-10 22:58 - 00000000 ____D C:\Program Files (x86)\Intel
2016-09-04 12:45 - 2016-08-17 15:02 - 00000000 ____D C:\Program Files\Intel
2016-09-04 12:24 - 2015-08-10 23:06 - 00000000 ___HD C:\Intel
2016-09-03 13:19 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-03 09:54 - 2015-08-10 23:30 - 00000000 ____D C:\ProgramData\CyberLink
2016-09-03 09:50 - 2016-08-06 21:04 - 00000000 ____D C:\Program Files\Flagship Studios
2016-09-02 12:45 - 2016-08-20 13:43 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-09-02 12:26 - 2016-08-06 08:30 - 00000000 ____D C:\Users\čunda\AppData\Local\CareCenter
2016-09-01 21:07 - 2016-08-17 15:56 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-30 11:04 - 2016-08-17 15:23 - 00003508 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2016-08-30 11:04 - 2015-07-16 06:13 - 00000000 ___HD C:\OEM
2016-08-29 13:08 - 2016-08-17 15:23 - 00005404 _____ C:\WINDOWS\System32\Tasks\Software Update Application
2016-08-29 13:08 - 2016-08-17 15:23 - 00003778 _____ C:\WINDOWS\System32\Tasks\ACC
2016-08-29 13:08 - 2016-08-17 15:23 - 00003060 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2016-08-29 11:49 - 2016-04-26 23:45 - 00194472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-28 22:26 - 2016-08-12 12:37 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2016-08-28 22:26 - 2016-08-11 12:56 - 00000852 _____ C:\Users\Public\Desktop\P4StoryEN.lnk
2016-08-28 22:26 - 2016-08-11 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\P4StoryEN
2016-08-25 12:54 - 2016-08-06 20:44 - 00000000 ____D C:\Users\čunda\Downloads\Hellgate London (CZ)
2016-08-24 19:55 - 2016-08-20 13:58 - 00003882 _____ C:\WINDOWS\System32\Tasks\{27AA665D-379F-0712-1D4A-7BEEC285C919}
2016-08-24 19:55 - 2016-08-20 13:58 - 00000000 ____D C:\ProgramData\6115e571
2016-08-24 12:42 - 2016-08-20 13:43 - 00000000 ____D C:\Program Files (x86)\SoSoEasy
==================== Files in the root of some directories =======
2016-09-17 22:34 - 2016-09-17 22:34 - 1064960 _____ (Dupl3xx) C:\Program Files (x86)\Launcher.exe
2016-09-23 09:39 - 2016-09-23 18:06 - 0007603 _____ () C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-08-17 15:02 - 2016-08-17 15:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-15 05:45 - 2016-08-15 05:45 - 0000016 _____ () C:\ProgramData\mntemp
2016-08-20 13:43 - 2016-08-20 13:43 - 0000197 _____ () C:\ProgramData\Mozilla Firefox.lnk.bat
Files to move or delete:
====================
C:\ProgramData\Mozilla Firefox.lnk.bat
Some files in TEMP:
====================
C:\Users\čunda\AppData\Local\Temp\AOPSetup.exe
C:\Users\čunda\AppData\Local\Temp\libeay32.dll
C:\Users\čunda\AppData\Local\Temp\Microsoft.Win32.TaskScheduler.dll
C:\Users\čunda\AppData\Local\Temp\msvcr120.dll
C:\Users\čunda\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-09-22 00:10
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Dns unlocker
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118265
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Dns unlocker
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Dns unlocker
Dobry večer stahnul sem AdwCleaner spustil sem sken tady je log před čištěním při kliknutí na čištění začal program neodpovidat.
# AdwCleaner v6.020 - Log soubor vytvořen 24/09/2016 na 19:34:39
# Aktualizováno dne 14/09/2016 z ToolsLib
# Databáze : 2016-09-24.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : čunda - LAPTOP-LCVD3MHM
# Beží od : C:\Users\čunda\Downloads\adwcleaner_6.020.exe
# Mod: Skenování
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
SLužba nalezena: UCGuard
SLužba nalezena: Amazon 1Button App Service
***** [ Adresáře ] *****
Složka nalezena: C:\ProgramData\6115e571
Složka nalezena: C:\ProgramData\MwinpM
Složka nalezena: C:\Users\čunda\AppData\Local\Host App Service
Složka nalezena: C:\Program Files\Reimage
Složka nalezena: C:\Program Files\DriverSetupUtility
Složka nalezena: C:\ProgramData\DriverSetupUtility
Složka nalezena: C:\Program Files (x86)\Amazon\Amazon1ButtonApp
Složka nalezena: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\Uncheckit
Složka nalezena: C:\Users\čunda\AppData\Local\Host App Service
Složka nalezena: C:\Program Files (x86)\Firefox
Složka nalezena: C:\Users\Default\AppData\Local\Host App Service
Složka nalezena: C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default
***** [ Soubory ] *****
Soubor nalezen: C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
Soubor nalezen: C:\WINDOWS\SysNative\drivers\ucguard.sys
Soubor nalezen: C:\ProgramData\Mozilla Firefox.lnk.bat
Soubor nalezen: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Soubor nalezen: C:\Program Files (x86)\launcher.exe
Soubor nalezen: C:\WINDOWS\Reimage.ini
Soubor nalezen: C:\ProgramData\Mozilla Firefox.lnk.bat
Soubor nalezen: C:\ProgramData\Mozilla Firefox.lnk.bat
Soubor nalezen: C:\Users\Default\Desktop\App Explorer.lnk
Soubor nalezen: C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\extensions\abb@amazon.com.xpi
Soubor nalezen: C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\searchplugins\nice.xml
***** [ DLL ] *****
Nebyly nalezeny žádné škodlivé DLL soubory.
***** [ WMI ] *****
Nebyly nalezeny žádné škodlivé klíče.
***** [ Zástupce ] *****
Žádné infikovaný zástupce nenalezen.
***** [ Plánovač úloh ] *****
Úkol nalezen: App Explorer
Úkol nalezen: ACC
Úkol nalezen: Software Update Application
***** [ Registry ] *****
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.CRX
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTM
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTML
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.MHT
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTM
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTML
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.WEBP
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHT
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHTML
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.001
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.7z
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.arj
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.bz2
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.bzip2
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.cab
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.cpio
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.deb
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.dmg
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.fat
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.gz
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.gzip
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.hfs
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.iso
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.lha
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.lzh
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.lzma
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.ntfs
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.rar
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.rpm
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.squashfs
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.swm
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.tar
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.taz
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.tbz
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.tbz2
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.tgz
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.tpz
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.txz
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.vhd
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.wim
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.xar
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.xz
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.z
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.zip
Klíč nalezen: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
Klíč nalezen: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
Klíč nalezen: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
Klíč nalezen: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
Klíč nalezen: HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Reimage
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Host App Service
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\INSTALLPATH\STATUS
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\UCBrowser
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\UCBrowserPID
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Klíč nalezen: HKCU\Software\Reimage
Klíč nalezen: HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Klíč nalezen: HKCU\Software\Host App Service
Klíč nalezen: HKCU\Software\INSTALLPATH\STATUS
Klíč nalezen: HKCU\Software\UCBrowser
Klíč nalezen: HKCU\Software\UCBrowserPID
Klíč nalezen: HKLM\SOFTWARE\hdcode
Klíč nalezen: HKLM\SOFTWARE\qkseeSvc
Klíč nalezen: HKLM\SOFTWARE\qksee
Klíč nalezen: HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
Klíč nalezen: HKLM\SOFTWARE\UCBrowser
Klíč nalezen: HKLM\SOFTWARE\UCBrowserPID
Klíč nalezen: HKLM\SOFTWARE\WinZiper
Klíč nalezen: HKLM\SOFTWARE\WinSaberSvc
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}
Klíč nalezen: [x64] HKCU\Software\Reimage
Klíč nalezen: [x64] HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Klíč nalezen: [x64] HKCU\Software\Host App Service
Klíč nalezen: [x64] HKCU\Software\INSTALLPATH\STATUS
Klíč nalezen: [x64] HKCU\Software\UCBrowser
Klíč nalezen: [x64] HKCU\Software\UCBrowserPID
Klíč nalezen: [x64] HKLM\SOFTWARE\Reimage
Klíč nalezen: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Klíč nalezen: HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
Klíč nalezen: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
Klíč nalezen: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0644EE93-D778-472f-A0FF-E1416B8B2E3A}
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0644EE93-D778-472f-A0FF-E1416B8B2E3A}
Klíč nalezen: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0644EE93-D778-472f-A0FF-E1416B8B2E3A}
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mpc.am
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\search.mpc.am
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.it
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mpc.am
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\search.mpc.am
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.it
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.c
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mpc.am
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\search.mpc.am
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.it
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mpc.am
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\search.mpc.am
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.it
Hodnota nalezena: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [apphide]
Hodnota nalezena: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [apphide]
Hodnota nalezena: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [pcspeedup]
Hodnota nalezena: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [PCSpeedUp]
Klíč nalezen: HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
Klíč nalezen: HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
Klíč nalezen: HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
Klíč nalezen: HKLM\SOFTWARE\Clients\StartMenuInternet\UCBrowser
Hodnota nalezena: HKLM\SOFTWARE\RegisteredApplications [UCBrowser]
Klíč nalezen: HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\UCBrowser.exe
Klíč nalezen: HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper
***** [ Internetové prohlížeče ] *****
Firefox nastavení nalezeno: [C:\Users\čunda\AppData\Roaming\Mozilla\Firefox\] - Profile1
Firefox nastavení nalezeno: [C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\prefs.js] - "browser.search.searchengine.iconURL" - "hxxp://www.nicesearches.com/favicon.ico?t=1"
Firefox nastavení nalezeno: [C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\prefs.js] - "browser.search.searchengine.url" - "hxxp://www.nicesearches.com/search.php?type=ds ... wd5000lpvx
Firefox nastavení nalezeno: [C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\prefs.js] - "browser.startup.homepage" - "hxxp://www.mylucky123.com/?type=hp&ts=14746203 ... t0m&from=c
Nebyly nalezeny žádné škodlivé položky prohlížeče Chromium báze.
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [25141 Bajtů] - [22/09/2016 23:13:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [15329 Bajtů] - [24/09/2016 19:34:39]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [15404 Bajtů] ##########
# AdwCleaner v6.020 - Log soubor vytvořen 24/09/2016 na 19:34:39
# Aktualizováno dne 14/09/2016 z ToolsLib
# Databáze : 2016-09-24.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : čunda - LAPTOP-LCVD3MHM
# Beží od : C:\Users\čunda\Downloads\adwcleaner_6.020.exe
# Mod: Skenování
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
SLužba nalezena: UCGuard
SLužba nalezena: Amazon 1Button App Service
***** [ Adresáře ] *****
Složka nalezena: C:\ProgramData\6115e571
Složka nalezena: C:\ProgramData\MwinpM
Složka nalezena: C:\Users\čunda\AppData\Local\Host App Service
Složka nalezena: C:\Program Files\Reimage
Složka nalezena: C:\Program Files\DriverSetupUtility
Složka nalezena: C:\ProgramData\DriverSetupUtility
Složka nalezena: C:\Program Files (x86)\Amazon\Amazon1ButtonApp
Složka nalezena: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\Uncheckit
Složka nalezena: C:\Users\čunda\AppData\Local\Host App Service
Složka nalezena: C:\Program Files (x86)\Firefox
Složka nalezena: C:\Users\Default\AppData\Local\Host App Service
Složka nalezena: C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default
***** [ Soubory ] *****
Soubor nalezen: C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
Soubor nalezen: C:\WINDOWS\SysNative\drivers\ucguard.sys
Soubor nalezen: C:\ProgramData\Mozilla Firefox.lnk.bat
Soubor nalezen: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Soubor nalezen: C:\Program Files (x86)\launcher.exe
Soubor nalezen: C:\WINDOWS\Reimage.ini
Soubor nalezen: C:\ProgramData\Mozilla Firefox.lnk.bat
Soubor nalezen: C:\ProgramData\Mozilla Firefox.lnk.bat
Soubor nalezen: C:\Users\Default\Desktop\App Explorer.lnk
Soubor nalezen: C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\extensions\abb@amazon.com.xpi
Soubor nalezen: C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\searchplugins\nice.xml
***** [ DLL ] *****
Nebyly nalezeny žádné škodlivé DLL soubory.
***** [ WMI ] *****
Nebyly nalezeny žádné škodlivé klíče.
***** [ Zástupce ] *****
Žádné infikovaný zástupce nenalezen.
***** [ Plánovač úloh ] *****
Úkol nalezen: App Explorer
Úkol nalezen: ACC
Úkol nalezen: Software Update Application
***** [ Registry ] *****
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.CRX
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTM
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTML
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.MHT
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTM
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTML
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.WEBP
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHT
Klíč nalezen: HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHTML
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.001
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.7z
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.arj
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.bz2
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.bzip2
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.cab
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.cpio
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.deb
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.dmg
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.fat
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.gz
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.gzip
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.hfs
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.iso
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.lha
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.lzh
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.lzma
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.ntfs
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.rar
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.rpm
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.squashfs
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.swm
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.tar
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.taz
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.tbz
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.tbz2
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.tgz
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.tpz
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.txz
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.vhd
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.wim
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.xar
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.xz
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.z
Klíč nalezen: HKLM\SOFTWARE\Classes\WinZippers.zip
Klíč nalezen: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
Klíč nalezen: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
Klíč nalezen: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
Klíč nalezen: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
Klíč nalezen: HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Reimage
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Host App Service
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\INSTALLPATH\STATUS
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\UCBrowser
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\UCBrowserPID
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Klíč nalezen: HKCU\Software\Reimage
Klíč nalezen: HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Klíč nalezen: HKCU\Software\Host App Service
Klíč nalezen: HKCU\Software\INSTALLPATH\STATUS
Klíč nalezen: HKCU\Software\UCBrowser
Klíč nalezen: HKCU\Software\UCBrowserPID
Klíč nalezen: HKLM\SOFTWARE\hdcode
Klíč nalezen: HKLM\SOFTWARE\qkseeSvc
Klíč nalezen: HKLM\SOFTWARE\qksee
Klíč nalezen: HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
Klíč nalezen: HKLM\SOFTWARE\UCBrowser
Klíč nalezen: HKLM\SOFTWARE\UCBrowserPID
Klíč nalezen: HKLM\SOFTWARE\WinZiper
Klíč nalezen: HKLM\SOFTWARE\WinSaberSvc
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}
Klíč nalezen: [x64] HKCU\Software\Reimage
Klíč nalezen: [x64] HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Klíč nalezen: [x64] HKCU\Software\Host App Service
Klíč nalezen: [x64] HKCU\Software\INSTALLPATH\STATUS
Klíč nalezen: [x64] HKCU\Software\UCBrowser
Klíč nalezen: [x64] HKCU\Software\UCBrowserPID
Klíč nalezen: [x64] HKLM\SOFTWARE\Reimage
Klíč nalezen: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Klíč nalezen: HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
Klíč nalezen: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
Klíč nalezen: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Klíč nalezen: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0644EE93-D778-472f-A0FF-E1416B8B2E3A}
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0644EE93-D778-472f-A0FF-E1416B8B2E3A}
Klíč nalezen: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0644EE93-D778-472f-A0FF-E1416B8B2E3A}
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mpc.am
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\search.mpc.am
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.it
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mpc.am
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\search.mpc.am
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com
Klíč nalezen: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.it
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.c
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mpc.am
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\search.mpc.am
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.it
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mpc.am
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\search.mpc.am
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com
Klíč nalezen: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.it
Hodnota nalezena: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [apphide]
Hodnota nalezena: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [apphide]
Hodnota nalezena: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [pcspeedup]
Hodnota nalezena: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [PCSpeedUp]
Klíč nalezen: HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
Klíč nalezen: HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
Klíč nalezen: HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
Klíč nalezen: HKLM\SOFTWARE\Clients\StartMenuInternet\UCBrowser
Hodnota nalezena: HKLM\SOFTWARE\RegisteredApplications [UCBrowser]
Klíč nalezen: HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\UCBrowser.exe
Klíč nalezen: HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper
***** [ Internetové prohlížeče ] *****
Firefox nastavení nalezeno: [C:\Users\čunda\AppData\Roaming\Mozilla\Firefox\] - Profile1
Firefox nastavení nalezeno: [C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\prefs.js] - "browser.search.searchengine.iconURL" - "hxxp://www.nicesearches.com/favicon.ico?t=1"
Firefox nastavení nalezeno: [C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\prefs.js] - "browser.search.searchengine.url" - "hxxp://www.nicesearches.com/search.php?type=ds ... wd5000lpvx
Firefox nastavení nalezeno: [C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\prefs.js] - "browser.startup.homepage" - "hxxp://www.mylucky123.com/?type=hp&ts=14746203 ... t0m&from=c
Nebyly nalezeny žádné škodlivé položky prohlížeče Chromium báze.
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [25141 Bajtů] - [22/09/2016 23:13:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [15329 Bajtů] - [24/09/2016 19:34:39]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [15404 Bajtů] ##########
-
Rudy
- Site Admin
- Příspěvky: 118265
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Dns unlocker
ADW nemazal, neklikl jste na mazání. Zkuste ještě jednou.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Dns unlocker
Potom co ADW dokončil skenování sem kliknul na čístění a ADW začal Neodpovidat
-
Rudy
- Site Admin
- Příspěvky: 118265
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Dns unlocker
Zkuste to v nouz. režimu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Dns unlocker
Zdravím tady je log po čištění v nouzovem režimu , (vyskočil na mě po restartu počítače z nouzoveho režimu)
# AdwCleaner v6.020 - Log soubor vytvořen 25/09/2016 na 08:36:01
# Aktualizováno dne 14/09/2016 z ToolsLib
# Databáze : 2016-09-24.1 [Místní]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : čunda - LAPTOP-LCVD3MHM
# Beží od : C:\Users\čunda\Downloads\adwcleaner_6.020.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
[-] Služby smazány:UCGuard
[-] Služby smazány:Amazon 1Button App Service
***** [ Adresáře ] *****
[-] Adresář smazán:C:\ProgramData\6115e571
[-] Adresář smazán:C:\ProgramData\MwinpM
[-] Adresář smazán:C:\Users\čunda\AppData\Local\Host App Service
[-] Adresář smazán:C:\Program Files\Reimage
[-] Adresář smazán:C:\Program Files\DriverSetupUtility
[-] Adresář smazán:C:\ProgramData\DriverSetupUtility
[-] Adresář smazán:C:\Program Files (x86)\Amazon\Amazon1ButtonApp
[-] Adresář smazán:C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\Uncheckit
[#] Adresář nelze smazat:C:\Users\čunda\AppData\Local\Host App Service
[-] Adresář smazán:C:\Program Files (x86)\Firefox
[-] Adresář smazán:C:\Users\Default\AppData\Local\Host App Service
[-] Adresář smazán:C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default
***** [ Soubory ] *****
[-] Soubor smazán:C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
[-] Soubor smazán:C:\WINDOWS\SysNative\drivers\ucguard.sys
[-] Soubor smazán:C:\ProgramData\Mozilla Firefox.lnk.bat
[-] Soubor smazán:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
[-] Soubor smazán:C:\Program Files (x86)\launcher.exe
[-] Soubor smazán:C:\WINDOWS\Reimage.ini
[#] Soubor smazán:C:\ProgramData\Mozilla Firefox.lnk.bat
[#] Soubor smazán:C:\ProgramData\Mozilla Firefox.lnk.bat
[-] Soubor smazán:C:\Users\Default\Desktop\App Explorer.lnk
[#] Soubor smazán:C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\extensions\abb@amazon.com.xpi
[#] Soubor smazán:C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\searchplugins\nice.xml
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
[-] Úlohy smazány:App Explorer
[-] Úlohy smazány:ACC
[-] Úlohy smazány:Software Update Application
***** [ Registry ] *****
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.CRX
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTM
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTML
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.MHT
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTM
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTML
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.WEBP
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHT
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHTML
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.001
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.7z
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.arj
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.bz2
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.bzip2
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.cab
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.cpio
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.deb
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.dmg
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.fat
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.gz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.gzip
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.hfs
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.iso
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.lha
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.lzh
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.lzma
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.ntfs
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.rar
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.rpm
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.squashfs
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.swm
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tar
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.taz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tbz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tbz2
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tgz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tpz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.txz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.vhd
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.wim
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.xar
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.xz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.z
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.zip
[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[#] Klíč smazán po restartování:[x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[#] Klíč smazán po restartování:[x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[-] Klíč smazán:HKLM\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Reimage
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Host App Service
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\INSTALLPATH\STATUS
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\UCBrowser
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\UCBrowserPID
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
[#] Klíč smazán po restartování:HKCU\Software\Reimage
[#] Klíč smazán po restartování:HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[#] Klíč smazán po restartování:HKCU\Software\Host App Service
[#] Klíč smazán po restartování:HKCU\Software\INSTALLPATH\STATUS
[#] Klíč smazán po restartování:HKCU\Software\UCBrowser
[#] Klíč smazán po restartování:HKCU\Software\UCBrowserPID
[-] Klíč smazán:HKLM\SOFTWARE\hdcode
[-] Klíč smazán:HKLM\SOFTWARE\qkseeSvc
[-] Klíč smazán:HKLM\SOFTWARE\qksee
[-] Klíč smazán:HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Klíč smazán:HKLM\SOFTWARE\UCBrowser
[-] Klíč smazán:HKLM\SOFTWARE\UCBrowserPID
[-] Klíč smazán:HKLM\SOFTWARE\WinZiper
[-] Klíč smazán:HKLM\SOFTWARE\WinSaberSvc
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}
[#] Klíč smazán po restartování:[x64] HKCU\Software\Reimage
[#] Klíč smazán po restartování:[x64] HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[#] Klíč smazán po restartování:[x64] HKCU\Software\Host App Service
[#] Klíč smazán po restartování:[x64] HKCU\Software\INSTALLPATH\STATUS
[#] Klíč smazán po restartování:[x64] HKCU\Software\UCBrowser
[#] Klíč smazán po restartování:[x64] HKCU\Software\UCBrowserPID
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Reimage
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0644EE93-D778-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0644EE93-D778-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0644EE93-D778-472f-A0FF-E1416B8B2E3A}
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mpc.am
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\search.mpc.am
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.it
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mpc.am
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\search.mpc.am
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.it
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mpc.am
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\search.mpc.am
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.it
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mpc.am
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\search.mpc.am
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.it
[-] Hodnota smazána:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [apphide]
[-] Hodnota smazána:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [apphide]
[-] Hodnota smazána:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [pcspeedup]
[#] Hodnota smazána po restartování:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [PCSpeedUp]
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
[-] Klíč smazán:HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
[-] Klíč smazán:HKLM\SOFTWARE\Clients\StartMenuInternet\UCBrowser
[-] Hodnota smazána:HKLM\SOFTWARE\RegisteredApplications [UCBrowser]
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\UCBrowser.exe
[-] Klíč smazán:HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper
***** [ Prohlížeče ] *****
[-] Firefox profil vyčištěn:Profile1
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [15502 Bajtů] - [25/09/2016 08:36:01]
C:\AdwCleaner\AdwCleaner[S0].txt - [15522 Bajtů] - [24/09/2016 21:42:10]
C:\AdwCleaner\AdwCleaner[S1].txt - [15599 Bajtů] - [25/09/2016 08:34:00]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [15727 Bajtů] ##########
# AdwCleaner v6.020 - Log soubor vytvořen 25/09/2016 na 08:36:01
# Aktualizováno dne 14/09/2016 z ToolsLib
# Databáze : 2016-09-24.1 [Místní]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : čunda - LAPTOP-LCVD3MHM
# Beží od : C:\Users\čunda\Downloads\adwcleaner_6.020.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
[-] Služby smazány:UCGuard
[-] Služby smazány:Amazon 1Button App Service
***** [ Adresáře ] *****
[-] Adresář smazán:C:\ProgramData\6115e571
[-] Adresář smazán:C:\ProgramData\MwinpM
[-] Adresář smazán:C:\Users\čunda\AppData\Local\Host App Service
[-] Adresář smazán:C:\Program Files\Reimage
[-] Adresář smazán:C:\Program Files\DriverSetupUtility
[-] Adresář smazán:C:\ProgramData\DriverSetupUtility
[-] Adresář smazán:C:\Program Files (x86)\Amazon\Amazon1ButtonApp
[-] Adresář smazán:C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\Uncheckit
[#] Adresář nelze smazat:C:\Users\čunda\AppData\Local\Host App Service
[-] Adresář smazán:C:\Program Files (x86)\Firefox
[-] Adresář smazán:C:\Users\Default\AppData\Local\Host App Service
[-] Adresář smazán:C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default
***** [ Soubory ] *****
[-] Soubor smazán:C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
[-] Soubor smazán:C:\WINDOWS\SysNative\drivers\ucguard.sys
[-] Soubor smazán:C:\ProgramData\Mozilla Firefox.lnk.bat
[-] Soubor smazán:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
[-] Soubor smazán:C:\Program Files (x86)\launcher.exe
[-] Soubor smazán:C:\WINDOWS\Reimage.ini
[#] Soubor smazán:C:\ProgramData\Mozilla Firefox.lnk.bat
[#] Soubor smazán:C:\ProgramData\Mozilla Firefox.lnk.bat
[-] Soubor smazán:C:\Users\Default\Desktop\App Explorer.lnk
[#] Soubor smazán:C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\extensions\abb@amazon.com.xpi
[#] Soubor smazán:C:\Users\čunda\AppData\Roaming\Profiles\pw18nw33.default\searchplugins\nice.xml
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
[-] Úlohy smazány:App Explorer
[-] Úlohy smazány:ACC
[-] Úlohy smazány:Software Update Application
***** [ Registry ] *****
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.CRX
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTM
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTML
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.MHT
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTM
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTML
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.WEBP
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHT
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHTML
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.001
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.7z
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.arj
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.bz2
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.bzip2
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.cab
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.cpio
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.deb
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.dmg
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.fat
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.gz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.gzip
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.hfs
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.iso
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.lha
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.lzh
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.lzma
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.ntfs
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.rar
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.rpm
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.squashfs
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.swm
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tar
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.taz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tbz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tbz2
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tgz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tpz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.txz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.vhd
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.wim
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.xar
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.xz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.z
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.zip
[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[#] Klíč smazán po restartování:[x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[#] Klíč smazán po restartování:[x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[-] Klíč smazán:HKLM\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Reimage
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Host App Service
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\INSTALLPATH\STATUS
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\UCBrowser
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\UCBrowserPID
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
[#] Klíč smazán po restartování:HKCU\Software\Reimage
[#] Klíč smazán po restartování:HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[#] Klíč smazán po restartování:HKCU\Software\Host App Service
[#] Klíč smazán po restartování:HKCU\Software\INSTALLPATH\STATUS
[#] Klíč smazán po restartování:HKCU\Software\UCBrowser
[#] Klíč smazán po restartování:HKCU\Software\UCBrowserPID
[-] Klíč smazán:HKLM\SOFTWARE\hdcode
[-] Klíč smazán:HKLM\SOFTWARE\qkseeSvc
[-] Klíč smazán:HKLM\SOFTWARE\qksee
[-] Klíč smazán:HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Klíč smazán:HKLM\SOFTWARE\UCBrowser
[-] Klíč smazán:HKLM\SOFTWARE\UCBrowserPID
[-] Klíč smazán:HKLM\SOFTWARE\WinZiper
[-] Klíč smazán:HKLM\SOFTWARE\WinSaberSvc
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}
[#] Klíč smazán po restartování:[x64] HKCU\Software\Reimage
[#] Klíč smazán po restartování:[x64] HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[#] Klíč smazán po restartování:[x64] HKCU\Software\Host App Service
[#] Klíč smazán po restartování:[x64] HKCU\Software\INSTALLPATH\STATUS
[#] Klíč smazán po restartování:[x64] HKCU\Software\UCBrowser
[#] Klíč smazán po restartování:[x64] HKCU\Software\UCBrowserPID
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Reimage
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
[-] Klíč smazán:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0644EE93-D778-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0644EE93-D778-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0644EE93-D778-472f-A0FF-E1416B8B2E3A}
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mpc.am
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\search.mpc.am
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.it
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mpc.am
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\search.mpc.am
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.it
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mpc.am
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\search.mpc.am
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.it
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mpc.am
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\search.mpc.am
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.it
[-] Hodnota smazána:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [apphide]
[-] Hodnota smazána:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [apphide]
[-] Hodnota smazána:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [pcspeedup]
[#] Hodnota smazána po restartování:HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [PCSpeedUp]
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
[-] Klíč smazán:HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
[-] Klíč smazán:HKLM\SOFTWARE\Clients\StartMenuInternet\UCBrowser
[-] Hodnota smazána:HKLM\SOFTWARE\RegisteredApplications [UCBrowser]
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\UCBrowser.exe
[-] Klíč smazán:HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper
***** [ Prohlížeče ] *****
[-] Firefox profil vyčištěn:Profile1
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [15502 Bajtů] - [25/09/2016 08:36:01]
C:\AdwCleaner\AdwCleaner[S0].txt - [15522 Bajtů] - [24/09/2016 21:42:10]
C:\AdwCleaner\AdwCleaner[S1].txt - [15599 Bajtů] - [25/09/2016 08:34:00]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [15727 Bajtů] ##########
Re: Dns unlocker
Tak reklamy zmizely po čistění Adw clearem v nouzovem režimu ale občas to píše Změna sítě nebo se treba vypne hra .
-
Rudy
- Site Admin
- Příspěvky: 118265
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Dns unlocker
Ještě musíme dočistit. Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Dns unlocker
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-09-2016 02
Ran by čunda (administrator) on LAPTOP-LCVD3MHM (25-09-2016 12:58:30)
Running from C:\Users\čunda\Downloads
Loaded Profiles: čunda & (Available Profiles: čunda)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\ProgramData\UvConverter\UvConverter.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Flexera Software LLC) C:\Users\UNDA~1\AppData\Local\Temp\{71BBB325-2EEC-491E-BC3F-DA3BBAC11BBD}\ISBEW64.exe
(Flexera Software LLC) C:\Users\UNDA~1\AppData\Local\Temp\{71BBB325-2EEC-491E-BC3F-DA3BBAC11BBD}\ISBEW64.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(WildTangent, Inc.) C:\Program Files (x86)\WildGames\Uninstall.exe
(WildTangent, Inc.) C:\ProgramData\uninstall3558290.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
Failed to access process -> metin2client.bin
Failed to access process -> GameMon.des
Failed to access process -> GameMon64.des
(Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: H - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {37fe60c3-5be5-11e6-9bd0-3065ec81dabc} - "E:\Setup.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {9b5c289d-66c4-11e6-b8d2-3065ec81dabc} - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: H - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {37fe60c3-5be5-11e6-9bd0-3065ec81dabc} - "E:\Setup.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9b5c289d-66c4-11e6-b8d2-3065ec81dabc} - "H:\setup\rsrc\Autorun.exe"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{4c05c3ce-f25a-4e64-82c1-5b3eca53fd9e}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{4c05c3ce-f25a-4e64-82c1-5b3eca53fd9e}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{eea7fe2d-21aa-4222-be63-103c86fec1db}: [DhcpNameServer] 82.163.143.171
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544401372&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544420656&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544482462&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544482462&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {1F4F7198-8B19-4F61-B21A-8DBCC5C114E1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {2349977B-D64A-4633-B5FA-7AD1802BE099} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {252FA411-AD31-4A29-918C-C21FC9D9D214} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {32673C6B-27F9-4E97-A68E-43D564E14C45} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {403F17D7-960C-4456-A2D3-E47AD1F43922} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {65F404CD-F576-4A92-927F-F454C5924183} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {C376FE94-E51D-4037-BFAB-34C798E6170F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {EC2C06C7-B9F2-4A54-9BCF-E9C89C6045AB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F154C596-75A9-4028-90E8-9752BD7CA05B} URL =
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F200769B-1323-4202-8BF1-DB7DC7F88909} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {1F4F7198-8B19-4F61-B21A-8DBCC5C114E1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {2349977B-D64A-4633-B5FA-7AD1802BE099} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {252FA411-AD31-4A29-918C-C21FC9D9D214} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {32673C6B-27F9-4E97-A68E-43D564E14C45} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {403F17D7-960C-4456-A2D3-E47AD1F43922} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {65F404CD-F576-4A92-927F-F454C5924183} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {C376FE94-E51D-4037-BFAB-34C798E6170F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {EC2C06C7-B9F2-4A54-9BCF-E9C89C6045AB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {F154C596-75A9-4028-90E8-9752BD7CA05B} URL =
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {F200769B-1323-4202-8BF1-DB7DC7F88909} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=147324502 ... PFH64PFH64
FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HomePage: qudachmupishplalily -> hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w
CHR StartupUrls: qudachmupishplalily -> "hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w"
CHR DefaultSearchURL: qudachmupishplalily -> hxxp://www.nicesearches.com/search.php?type=ds ... earchTerms}
CHR DefaultSearchKeyword: qudachmupishplalily -> nice
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default [2016-09-25]
CHR Extension: (Prezentace Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-20]
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-06]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-06]
CHR Extension: (Seznam Lištička - Email) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-06]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-06]
CHR Extension: (SiteAdvisor) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-08-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-06]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-20]
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily [2016-09-25] <==== ATTENTION
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-20]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-20]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-20]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-20]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
StartMenuInternet: Google Chrome - Chrome.exe
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-07-29] (Disc Soft Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [368552 2016-08-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] ()
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5893272 2016-07-19] (INCA Internet Co., Ltd.)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 UvConverter; C:\ProgramData\UvConverter\UvConverter.exe [336104 2016-09-23] ()
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-08-17] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2016-08-30] (The OpenVPN Project)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-06] (Disc Soft Ltd)
U3 dump_wmimmc; C:\Program Files (x86)\Metin2\GameGuard\dump_wmimmc.sys [196912 2016-09-25] ()
S3 EagleX64; C:\Windows\system32\drivers\EagleX64.sys [140600 2016-09-08] (AhnLab, Inc.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-09-22] ()
S3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [41984 2015-06-03] (Intel(R) Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [345872 2016-05-26] (Intel Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5759240 2016-08-06] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-25] (Malwarebytes)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3528976 2016-06-14] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [47784 2015-05-27] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [36904 2016-08-11] (Wellbia.com Co., Ltd.)
U0 aswVmm; no ImagePath
S3 RTSUER; \SystemRoot\system32\Drivers\RtsUer.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-25 12:58 - 2016-09-25 12:58 - 00000000 ____D C:\Users\čunda\Downloads\FRST-OlderVersion
2016-09-25 09:59 - 2014-04-17 00:08 - 00658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall3558290.exe
2016-09-25 09:52 - 2016-09-25 09:52 - 00003294 _____ C:\WINDOWS\System32\Tasks\{AF6D9DA6-7772-4F89-9D63-08887B4C6B7B}
2016-09-25 09:49 - 2014-04-17 00:08 - 00658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2942882.exe
2016-09-25 08:41 - 2016-09-25 08:41 - 00003388 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2016-09-25 08:29 - 2016-09-25 08:36 - 00189502 _____ C:\WINDOWS\ntbtlog.txt
2016-09-25 08:29 - 2016-09-25 08:29 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-09-24 21:33 - 2016-09-24 21:34 - 03861056 _____ C:\Users\čunda\Downloads\adwcleaner_6.020.exe
2016-09-24 21:23 - 2016-09-24 21:29 - 00000000 ____D C:\WINDOWS\Minidump
2016-09-24 21:04 - 2016-09-24 21:04 - 00034154 _____ C:\Users\čunda\Documents\cc_20160924_210419.reg
2016-09-24 20:30 - 2016-09-24 20:30 - 00000952 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-24 20:29 - 2016-09-24 20:30 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-09-24 20:29 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-24 20:29 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-24 20:29 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-24 20:24 - 2016-09-25 08:36 - 00000000 ____D C:\AdwCleaner
2016-09-24 19:42 - 2016-09-24 19:42 - 00015600 _____ C:\Users\čunda\Documents\AdwCleaner[S1].txt
2016-09-24 19:41 - 2016-09-24 19:41 - 00025144 _____ C:\Users\čunda\Documents\AdwCleaner[S0].txt
2016-09-23 22:24 - 2016-09-23 22:24 - 00001137 _____ C:\Users\čunda\Desktop\tadik.txt
2016-09-23 21:31 - 2016-09-25 08:56 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-23 21:29 - 2016-09-23 21:29 - 00000020 ___SH C:\Users\čunda\ntuser.ini
2016-09-23 19:20 - 2016-09-23 19:22 - 00026097 _____ C:\Users\čunda\Downloads\Addition.txt
2016-09-23 19:17 - 2016-09-25 12:58 - 00026550 _____ C:\Users\čunda\Downloads\FRST.txt
2016-09-23 19:17 - 2016-09-25 12:58 - 00000000 ____D C:\FRST
2016-09-23 19:16 - 2016-09-25 12:58 - 02402816 _____ (Farbar) C:\Users\čunda\Downloads\FRST64.exe
2016-09-23 18:33 - 2016-09-24 21:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-23 18:33 - 2016-09-23 18:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-23 18:25 - 2016-09-23 18:32 - 22851472 _____ (Malwarebytes ) C:\Users\čunda\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-23 11:19 - 2016-07-27 21:25 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-09-23 10:45 - 2016-09-23 10:45 - 00000000 ____D C:\ProgramData\UvConverter
2016-09-23 10:12 - 2016-09-23 10:13 - 34739208 _____ C:\Users\čunda\Downloads\Nepotvrzeno 715697.crdownload
2016-09-23 09:39 - 2016-09-23 18:06 - 00007603 _____ C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-09-22 23:05 - 2016-09-22 23:06 - 03861056 _____ C:\Users\čunda\Downloads\adwcleaner.exe
2016-09-22 23:05 - 2015-03-09 12:26 - 00019768 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
2016-09-22 23:05 - 2011-04-21 11:31 - 00017240 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg.sys
2016-09-22 23:03 - 2016-09-22 23:04 - 34739208 _____ C:\Users\čunda\Downloads\se-setup.exe
2016-09-22 22:56 - 2008-06-11 16:16 - 00001287 _____ C:\Users\čunda\Downloads\Přečti si!.txt
2016-09-22 22:55 - 2016-09-22 22:55 - 00234343 _____ C:\Users\čunda\Downloads\SUPERAntiSpyware4151000cz.zip
2016-09-22 22:52 - 2016-09-22 22:52 - 00000282 _____ C:\Users\čunda\Documents\cc_20160922_225210.reg
2016-09-22 22:51 - 2016-09-22 22:51 - 00004846 _____ C:\Users\čunda\Documents\cc_20160922_225122.reg
2016-09-22 22:40 - 2016-09-22 22:40 - 00179682 _____ C:\Users\čunda\Documents\cc_20160922_224017.reg
2016-09-22 22:35 - 2016-09-24 08:06 - 00000911 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-22 22:35 - 2016-09-22 22:35 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\Program Files\CCleaner
2016-09-22 22:34 - 2016-09-22 22:35 - 08244656 _____ (Piriform Ltd) C:\Users\čunda\Downloads\ccsetup522.exe
2016-09-22 22:33 - 2016-09-22 22:36 - 00000000 ____D C:\ProgramData\Avg
2016-09-22 22:32 - 2016-09-22 22:36 - 00000000 ____D C:\Users\čunda\AppData\Local\AvgSetupLog
2016-09-22 22:32 - 2016-09-22 22:32 - 02945520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\čunda\Downloads\AVG_Antivirus_Free_1425.exe
2016-09-22 22:32 - 2016-09-22 22:32 - 00000000 ____D C:\Users\čunda\AppData\Local\Avg
2016-09-22 18:44 - 2016-09-22 22:30 - 00004020 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1474562663
2016-09-22 16:59 - 2016-09-22 17:11 - 00000000 ____D C:\Program Files (x86)\pack
2016-09-22 16:59 - 2016-09-22 16:59 - 00000000 ____D C:\Program Files (x86)\lib
2016-09-22 16:54 - 2016-09-22 16:54 - 00000118 _____ C:\Users\čunda\Downloads\startmetin2.bat
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\python22.dll
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\nastaveni.exe
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\clientversion.txt
2016-09-22 16:31 - 2016-09-22 16:31 - 00000000 _____ C:\autoexec.bat
2016-09-22 16:27 - 2016-09-22 16:27 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-09-22 16:26 - 2016-09-22 16:26 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\čunda\Downloads\SpyHunter-Installer.exe
2016-09-22 16:09 - 2016-09-25 09:48 - 00000000 ____D C:\Users\čunda\AppData\Local\kingsoft
2016-09-22 15:47 - 2016-09-22 15:48 - 02373640 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x64.exe
2016-09-22 15:25 - 2016-09-22 15:25 - 00000000 ____D C:\Program Files\Kazrog LLC
2016-09-22 13:53 - 2016-09-22 15:22 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\quadcorem2-instalator.exe
2016-09-20 23:32 - 2016-09-21 00:18 - 00000000 ____D C:\Users\čunda\Downloads\Nová složka
2016-09-20 23:29 - 2016-09-20 23:29 - 00009922 _____ C:\Users\čunda\Downloads\fishingbot_1.2.rar
2016-09-17 23:10 - 2016-09-24 08:06 - 00001056 _____ C:\Users\Public\Desktop\Metin2.lnk
2016-09-17 23:10 - 2016-09-17 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2
2016-09-17 23:08 - 2016-09-25 11:53 - 00000000 ____D C:\Program Files (x86)\Metin2
2016-09-17 22:51 - 2016-09-22 16:54 - 00000000 ____D C:\Users\čunda\Downloads\pack
2016-09-17 22:51 - 2016-09-17 22:51 - 00000000 ____D C:\Users\čunda\Downloads\lib
2016-09-17 22:44 - 2016-09-17 23:07 - 720572809 _____ (Gameforge 4D GmbH ) C:\Users\čunda\Downloads\Metin2_cz_20111216.exe
2016-09-17 22:44 - 2016-09-17 22:44 - 00339609 _____ (Gameforge 4D ) C:\Users\čunda\Downloads\Downloader_Metin2_cz.exe
2016-09-17 22:43 - 2016-09-17 22:43 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\MSBuild
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-17 22:39 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:31 - 2016-09-17 22:31 - 02869264 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx35setup.exe
2016-09-17 22:04 - 2016-09-22 13:23 - 00000000 ____D C:\Kazrog LLC
2016-09-17 22:03 - 2016-09-23 17:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Quadcore
2016-09-17 21:03 - 2016-09-17 22:02 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\QuadcoreM2_instalator.exe
2016-09-17 18:43 - 2016-09-24 08:06 - 00000961 _____ C:\Users\Public\Desktop\Gameforge Live.lnk
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Users\čunda\AppData\Local\Gameforge4d
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Program Files\GameforgeLive
2016-09-17 18:05 - 2016-09-17 18:06 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup (1).exe
2016-09-16 13:16 - 2016-09-24 21:10 - 00002420 _____ C:\WINDOWS\System32\Tasks\{FA59C3EB-B5C8-49EA-99E7-B29317B79F49}
2016-09-15 22:48 - 2016-09-16 06:18 - 00000000 ____D C:\Program Files\Plumbytes Software
2016-09-13 21:15 - 2016-09-13 21:15 - 00000000 ____D C:\Users\čunda\AppData\Local\Tejkys
2016-09-13 19:55 - 2016-09-24 07:54 - 00000000 ____D C:\Users\čunda\Downloads\SpaceWorld
2016-09-11 08:26 - 2016-07-19 09:54 - 05893272 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\GameMon.des
2016-09-11 08:26 - 2004-12-30 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\npptNT2.sys
2016-09-11 08:26 - 2003-07-15 23:17 - 00005174 _____ C:\WINDOWS\SysWOW64\nppt9x.vxd
2016-09-11 08:25 - 2016-09-11 08:25 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2016-09-11 00:55 - 2016-09-22 17:27 - 00000000 ____D C:\Users\�unda
2016-09-11 00:55 - 2016-09-17 18:00 - 00000000 ____D C:\Users\�unda\Downloads\Gameforge Live
2016-09-11 00:54 - 2016-09-17 18:42 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2016-09-11 00:53 - 2016-09-11 00:54 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup.exe
2016-09-10 20:44 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-09-10 20:31 - 2016-09-10 20:31 - 00000000 ____D C:\Users\Public\Documents\Arc
2016-09-10 20:29 - 2016-08-20 01:16 - 10828376 _____ (Perfect World Entertainment) C:\Users\čunda\Downloads\ArcInstall_NW_v20160818a.exe
2016-09-10 09:46 - 2016-09-10 09:46 - 00875472 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\msvcr110.dll
2016-09-10 09:42 - 2016-09-10 09:42 - 00000000 ____D C:\Users\čunda\Downloads\d3dx9_43
2016-09-10 09:42 - 2010-06-14 14:26 - 01998168 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\D3DX9_43.dll
2016-09-10 09:15 - 2016-09-10 09:18 - 849671643 _____ C:\Users\čunda\Downloads\MuLegend S6ep3.rar
2016-09-08 23:46 - 2016-09-09 15:38 - 00000000 __SHD C:\Users\čunda\AppData\Local\.#
2016-09-08 23:21 - 2016-09-08 23:21 - 730915713 _____ C:\Users\čunda\Downloads\Dragon Mu Season 6 v3.5 Sonido & Musica On.rar
2016-09-08 22:26 - 2016-09-08 22:30 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86 (1).exe
2016-09-08 18:24 - 2016-09-25 10:01 - 00000000 ____D C:\Program Files (x86)\TitanMu.net Season 10Ep3
2016-09-07 15:00 - 2016-09-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrimeMu
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73254359.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247734.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247562.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000378 _____ C:\WINDOWS\SysWOW64\data.bin
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223750.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223609.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73222312.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\en_73221375.html
2016-09-06 18:59 - 2016-09-06 20:03 - 775166660 _____ C:\Users\čunda\Downloads\Žena-v-kleci-(2013)-CZ-Dabing.avi
2016-09-06 18:25 - 2016-09-06 18:25 - 00000000 ____D C:\ProgramData\Sun
2016-09-06 18:24 - 2016-09-22 17:38 - 00000351 _____ C:\Users\Public\Documents\temp.dat
2016-09-06 16:33 - 2016-09-06 16:33 - 00889416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx40_Full_setup.exe
2016-09-06 16:20 - 2016-09-06 16:20 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86.exe
2016-09-06 12:35 - 2016-09-06 13:07 - 00000000 ____D C:\Users\čunda\Desktop\Dorty na facebook
2016-09-06 12:30 - 2016-09-07 20:41 - 00000000 _____ C:\WINDOWS\SysWOW64\last.dump
2016-09-05 18:07 - 2014-04-22 21:18 - 00000000 ____D C:\Users\čunda\Downloads\rome 1
2016-09-05 16:26 - 2016-09-05 17:33 - 1612176103 _____ C:\Users\čunda\Downloads\Rome-Total-War-CZ-(genrot).rar
2016-09-05 16:15 - 2016-09-05 16:15 - 00003200 _____ C:\WINDOWS\System32\Tasks\{3871AF8C-709B-4770-A3A4-E2BA52556370}
2016-09-05 15:37 - 2016-09-05 16:01 - 581629952 _____ C:\Users\čunda\Downloads\ROME-TOTAL-WAR-DISK-1.ISO
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-09-04 12:43 - 2016-09-04 12:43 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Foxit Software
2016-09-04 12:42 - 2016-09-04 12:42 - 00000000 ____D C:\ProgramData\IntelDLM
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\Downloads\Intel Components
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\AppData\Local\Intel
2016-09-04 12:38 - 2016-09-24 08:06 - 00001243 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.6.lnk
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-09-04 12:38 - 2015-06-04 13:33 - 00021984 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2016-09-04 12:37 - 2016-09-04 12:37 - 07491840 _____ (Intel) C:\Users\čunda\Downloads\Intel Driver Update Utility Installer.exe
2016-09-04 12:37 - 2016-09-04 12:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel
2016-09-03 12:36 - 2016-09-03 12:36 - 00121638 _____ C:\Users\čunda\Downloads\MicrosoftEasyFix20140.mini.diagcab
2016-09-03 11:19 - 2016-09-03 11:19 - 00000010 _____ C:\Users\čunda\Desktop\Nový textový dokument.txt
2016-09-03 09:59 - 2016-09-03 09:59 - 00000000 ____D C:\ProgramData\BlueStacks
2016-09-03 09:58 - 2016-09-03 09:58 - 00000000 ____D C:\Users\čunda\AppData\Roaming\WildTangent
2016-09-02 13:57 - 2016-09-02 15:06 - 855987284 _____ C:\Users\čunda\Downloads\Sicario---Nájemný-vrah---2015-CZ-dabing.avi
2016-09-02 12:30 - 2016-09-02 12:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\CareCenter
2016-09-02 12:28 - 2016-09-02 12:28 - 00000000 ____D C:\Users\čunda\AppData\Roaming\CareCenter
2016-09-01 18:07 - 2016-09-01 18:07 - 00000000 _____ C:\Recovery.txt
2016-09-01 17:05 - 2016-09-19 20:35 - 00000000 ___HD C:\$Windows.~BT
2016-09-01 15:55 - 2016-09-01 18:07 - 00000000 ___HD C:\$SysReset
2016-08-31 16:22 - 2016-09-12 16:10 - 00000000 ____D C:\Users\čunda\AppData\Local\ElevatedDiagnostics
2016-08-30 14:54 - 2016-08-30 14:54 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp0.html
2016-08-30 14:07 - 2016-08-30 14:07 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp2.html
2016-08-30 10:28 - 2016-08-30 10:28 - 00044640 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2016-08-30 10:24 - 2016-08-30 10:24 - 06306272 _____ (AVAST Software) C:\Users\čunda\Downloads\avast_premier_antivirus_setup_online_b0h.exe
2016-08-30 07:48 - 2016-08-30 07:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MUX Global Arkania Episode 3
2016-08-29 23:46 - 2016-08-30 06:22 - 594256970 _____ () C:\Users\čunda\Downloads\MUX Global Arkania Episode 3 (17.03.2016).exe
2016-08-29 15:46 - 2016-08-29 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G4Story_CZ
2016-08-29 15:39 - 2016-08-31 16:56 - 00000000 ____D C:\Program Files (x86)\G4Story_CZ
2016-08-29 15:28 - 2016-08-29 15:35 - 1327986213 _____ (G4Story Studio ) C:\Users\čunda\Downloads\G4Story_CZ.exe
2016-08-28 22:26 - 2016-08-28 22:27 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-08-28 22:19 - 2016-09-10 08:52 - 00000000 ____D C:\Program Files\P4StoryEN
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-25 11:08 - 2016-08-06 20:59 - 00000000 ____D C:\Users\čunda\AppData\Local\CrashDumps
2016-09-25 09:51 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-25 09:51 - 2015-08-10 23:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-25 09:51 - 2015-08-10 23:00 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildGames
2016-09-25 09:44 - 2016-08-17 15:03 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-09-25 09:34 - 2016-08-20 13:20 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Kingsoft
2016-09-25 08:59 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-25 08:41 - 2015-07-16 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-09-25 08:40 - 2016-08-06 08:31 - 00000000 ____D C:\Users\čunda\AppData\Local\clear.fi
2016-09-25 08:38 - 2016-08-17 15:03 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-25 08:38 - 2016-08-06 08:27 - 00000000 __SHD C:\Users\čunda\IntelGraphicsProfiles
2016-09-25 08:37 - 2016-04-27 08:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-25 08:36 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-09-25 08:35 - 2016-08-24 12:41 - 00000000 ____D C:\WINDOWS\system32\log
2016-09-25 08:34 - 2015-08-10 23:23 - 00000000 ____D C:\Program Files (x86)\Amazon
2016-09-25 08:26 - 2016-08-17 15:06 - 00000000 ____D C:\Users\čunda
2016-09-24 22:05 - 2016-08-20 13:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Seznam.cz
2016-09-24 08:07 - 2016-08-06 08:32 - 00002395 _____ C:\Users\čunda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-24 08:07 - 2015-10-30 09:18 - 00000853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2016-09-24 08:06 - 2016-08-24 12:43 - 00002542 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-24 08:06 - 2016-08-24 12:42 - 00002280 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-24 08:06 - 2016-08-11 12:56 - 00000896 _____ C:\Users\Public\Desktop\P4StoryEN.lnk
2016-09-24 08:06 - 2016-08-06 20:56 - 00001862 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-09-24 07:55 - 2016-04-27 08:43 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-23 23:16 - 2016-08-24 12:42 - 00002385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-23 23:16 - 2016-08-17 15:13 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk
2016-09-23 23:16 - 2015-10-30 09:18 - 00001590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
2016-09-23 23:16 - 2015-10-30 09:17 - 00002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk
2016-09-23 18:35 - 2016-08-20 13:43 - 00000000 ___HD C:\Program Files (x86)\ydp7C23
2016-09-23 12:41 - 2016-08-24 12:39 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-09-23 11:34 - 2016-04-27 08:54 - 01761358 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-23 11:34 - 2016-04-27 08:11 - 00744960 _____ C:\WINDOWS\system32\perfh005.dat
2016-09-23 11:34 - 2016-04-27 08:11 - 00147258 _____ C:\WINDOWS\system32\perfc005.dat
2016-09-23 08:00 - 2016-08-08 07:05 - 00000000 ____D C:\Users\čunda\AppData\Roaming\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files\AVAST Software
2016-09-22 22:41 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\Packages
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-22 22:38 - 2016-08-06 20:56 - 00000000 ____D C:\Users\čunda\AppData\Roaming\DAEMON Tools Lite
2016-09-22 21:29 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-22 17:31 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-09-22 17:31 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-09-22 17:27 - 2015-07-10 11:05 - 00000000 ____D C:\Users\Default.migrated
2016-09-22 15:51 - 2015-08-10 22:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-20 08:24 - 2015-07-16 05:31 - 00000000 ____D C:\Program Files (x86)\Acer
2016-09-19 20:36 - 2016-08-17 15:52 - 00000000 ____D C:\Windows.old
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-16 14:35 - 2016-08-09 13:29 - 00000000 ____D C:\Users\čunda\AppData\Local\Akamai
2016-09-16 13:22 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\WildTangent
2016-09-16 06:33 - 2016-08-13 07:48 - 00000000 ____D C:\Games
2016-09-13 13:34 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-13 13:34 - 2015-08-10 22:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-11 08:02 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\VirtualStore
2016-09-09 18:30 - 2016-08-15 07:28 - 00000000 ____D C:\Users\čunda\AppData\Local\RabanSoft
2016-09-08 21:29 - 2016-08-12 06:09 - 00140600 _____ (AhnLab, Inc.) C:\WINDOWS\system32\Drivers\EagleX64.sys
2016-09-07 03:00 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 03:00 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-04 12:59 - 2015-08-10 22:58 - 00000000 ____D C:\ProgramData\Intel
2016-09-04 12:48 - 2015-08-10 22:58 - 00000000 ____D C:\Program Files (x86)\Intel
2016-09-04 12:45 - 2016-08-17 15:02 - 00000000 ____D C:\Program Files\Intel
2016-09-04 12:24 - 2015-08-10 23:06 - 00000000 ___HD C:\Intel
2016-09-03 13:19 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-03 09:54 - 2015-08-10 23:30 - 00000000 ____D C:\ProgramData\CyberLink
2016-09-03 09:50 - 2016-08-06 21:04 - 00000000 ____D C:\Program Files\Flagship Studios
2016-09-02 12:26 - 2016-08-06 08:30 - 00000000 ____D C:\Users\čunda\AppData\Local\CareCenter
2016-09-01 21:07 - 2016-08-17 15:56 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-30 11:04 - 2016-08-17 15:23 - 00003508 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2016-08-30 11:04 - 2015-07-16 06:13 - 00000000 ___HD C:\OEM
2016-08-29 13:08 - 2016-08-17 15:23 - 00003060 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2016-08-29 11:49 - 2016-04-26 23:45 - 00194472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-28 22:26 - 2016-08-12 12:37 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2016-08-28 22:26 - 2016-08-11 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\P4StoryEN
2016-08-28 16:42 - 2016-08-24 12:39 - 00000495 _____ C:\Users\Public\Documents\report1.dat
==================== Files in the root of some directories =======
2016-09-23 09:39 - 2016-09-23 18:06 - 0007603 _____ () C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-08-17 15:02 - 2016-08-17 15:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-15 05:45 - 2016-08-15 05:45 - 0000016 _____ () C:\ProgramData\mntemp
2016-09-25 09:49 - 2014-04-17 00:08 - 0658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2942882.exe
2016-09-25 09:59 - 2014-04-17 00:08 - 0658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall3558290.exe
Files to move or delete:
====================
C:\ProgramData\uninstall2942882.exe
C:\ProgramData\uninstall3558290.exe
Some files in TEMP:
====================
C:\Users\čunda\AppData\Local\Temp\libeay32.dll
Ran by čunda (administrator) on LAPTOP-LCVD3MHM (25-09-2016 12:58:30)
Running from C:\Users\čunda\Downloads
Loaded Profiles: čunda & (Available Profiles: čunda)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\ProgramData\UvConverter\UvConverter.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Flexera Software LLC) C:\Users\UNDA~1\AppData\Local\Temp\{71BBB325-2EEC-491E-BC3F-DA3BBAC11BBD}\ISBEW64.exe
(Flexera Software LLC) C:\Users\UNDA~1\AppData\Local\Temp\{71BBB325-2EEC-491E-BC3F-DA3BBAC11BBD}\ISBEW64.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(WildTangent, Inc.) C:\Program Files (x86)\WildGames\Uninstall.exe
(WildTangent, Inc.) C:\ProgramData\uninstall3558290.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
Failed to access process -> metin2client.bin
Failed to access process -> GameMon.des
Failed to access process -> GameMon64.des
(Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: H - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {37fe60c3-5be5-11e6-9bd0-3065ec81dabc} - "E:\Setup.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {9b5c289d-66c4-11e6-b8d2-3065ec81dabc} - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: H - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {37fe60c3-5be5-11e6-9bd0-3065ec81dabc} - "E:\Setup.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9b5c289d-66c4-11e6-b8d2-3065ec81dabc} - "H:\setup\rsrc\Autorun.exe"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{4c05c3ce-f25a-4e64-82c1-5b3eca53fd9e}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{4c05c3ce-f25a-4e64-82c1-5b3eca53fd9e}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{eea7fe2d-21aa-4222-be63-103c86fec1db}: [DhcpNameServer] 82.163.143.171
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544401372&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544420656&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544482462&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544482462&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {1F4F7198-8B19-4F61-B21A-8DBCC5C114E1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {2349977B-D64A-4633-B5FA-7AD1802BE099} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {252FA411-AD31-4A29-918C-C21FC9D9D214} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {32673C6B-27F9-4E97-A68E-43D564E14C45} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {403F17D7-960C-4456-A2D3-E47AD1F43922} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {65F404CD-F576-4A92-927F-F454C5924183} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {C376FE94-E51D-4037-BFAB-34C798E6170F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {EC2C06C7-B9F2-4A54-9BCF-E9C89C6045AB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F154C596-75A9-4028-90E8-9752BD7CA05B} URL =
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F200769B-1323-4202-8BF1-DB7DC7F88909} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {1F4F7198-8B19-4F61-B21A-8DBCC5C114E1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {2349977B-D64A-4633-B5FA-7AD1802BE099} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {252FA411-AD31-4A29-918C-C21FC9D9D214} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {32673C6B-27F9-4E97-A68E-43D564E14C45} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {403F17D7-960C-4456-A2D3-E47AD1F43922} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {65F404CD-F576-4A92-927F-F454C5924183} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {C376FE94-E51D-4037-BFAB-34C798E6170F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {EC2C06C7-B9F2-4A54-9BCF-E9C89C6045AB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {F154C596-75A9-4028-90E8-9752BD7CA05B} URL =
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {F200769B-1323-4202-8BF1-DB7DC7F88909} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=147324502 ... PFH64PFH64
FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HomePage: qudachmupishplalily -> hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w
CHR StartupUrls: qudachmupishplalily -> "hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w"
CHR DefaultSearchURL: qudachmupishplalily -> hxxp://www.nicesearches.com/search.php?type=ds ... earchTerms}
CHR DefaultSearchKeyword: qudachmupishplalily -> nice
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default [2016-09-25]
CHR Extension: (Prezentace Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-20]
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-06]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-06]
CHR Extension: (Seznam Lištička - Email) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-06]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-06]
CHR Extension: (SiteAdvisor) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-08-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-06]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-20]
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily [2016-09-25] <==== ATTENTION
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-20]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-20]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-20]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-20]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
StartMenuInternet: Google Chrome - Chrome.exe
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-07-29] (Disc Soft Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [368552 2016-08-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] ()
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5893272 2016-07-19] (INCA Internet Co., Ltd.)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 UvConverter; C:\ProgramData\UvConverter\UvConverter.exe [336104 2016-09-23] ()
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-08-17] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2016-08-30] (The OpenVPN Project)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-06] (Disc Soft Ltd)
U3 dump_wmimmc; C:\Program Files (x86)\Metin2\GameGuard\dump_wmimmc.sys [196912 2016-09-25] ()
S3 EagleX64; C:\Windows\system32\drivers\EagleX64.sys [140600 2016-09-08] (AhnLab, Inc.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-09-22] ()
S3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [41984 2015-06-03] (Intel(R) Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [345872 2016-05-26] (Intel Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5759240 2016-08-06] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-25] (Malwarebytes)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3528976 2016-06-14] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [47784 2015-05-27] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [36904 2016-08-11] (Wellbia.com Co., Ltd.)
U0 aswVmm; no ImagePath
S3 RTSUER; \SystemRoot\system32\Drivers\RtsUer.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-25 12:58 - 2016-09-25 12:58 - 00000000 ____D C:\Users\čunda\Downloads\FRST-OlderVersion
2016-09-25 09:59 - 2014-04-17 00:08 - 00658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall3558290.exe
2016-09-25 09:52 - 2016-09-25 09:52 - 00003294 _____ C:\WINDOWS\System32\Tasks\{AF6D9DA6-7772-4F89-9D63-08887B4C6B7B}
2016-09-25 09:49 - 2014-04-17 00:08 - 00658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2942882.exe
2016-09-25 08:41 - 2016-09-25 08:41 - 00003388 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2016-09-25 08:29 - 2016-09-25 08:36 - 00189502 _____ C:\WINDOWS\ntbtlog.txt
2016-09-25 08:29 - 2016-09-25 08:29 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-09-24 21:33 - 2016-09-24 21:34 - 03861056 _____ C:\Users\čunda\Downloads\adwcleaner_6.020.exe
2016-09-24 21:23 - 2016-09-24 21:29 - 00000000 ____D C:\WINDOWS\Minidump
2016-09-24 21:04 - 2016-09-24 21:04 - 00034154 _____ C:\Users\čunda\Documents\cc_20160924_210419.reg
2016-09-24 20:30 - 2016-09-24 20:30 - 00000952 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-24 20:29 - 2016-09-24 20:30 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-09-24 20:29 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-24 20:29 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-24 20:29 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-24 20:24 - 2016-09-25 08:36 - 00000000 ____D C:\AdwCleaner
2016-09-24 19:42 - 2016-09-24 19:42 - 00015600 _____ C:\Users\čunda\Documents\AdwCleaner[S1].txt
2016-09-24 19:41 - 2016-09-24 19:41 - 00025144 _____ C:\Users\čunda\Documents\AdwCleaner[S0].txt
2016-09-23 22:24 - 2016-09-23 22:24 - 00001137 _____ C:\Users\čunda\Desktop\tadik.txt
2016-09-23 21:31 - 2016-09-25 08:56 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-23 21:29 - 2016-09-23 21:29 - 00000020 ___SH C:\Users\čunda\ntuser.ini
2016-09-23 19:20 - 2016-09-23 19:22 - 00026097 _____ C:\Users\čunda\Downloads\Addition.txt
2016-09-23 19:17 - 2016-09-25 12:58 - 00026550 _____ C:\Users\čunda\Downloads\FRST.txt
2016-09-23 19:17 - 2016-09-25 12:58 - 00000000 ____D C:\FRST
2016-09-23 19:16 - 2016-09-25 12:58 - 02402816 _____ (Farbar) C:\Users\čunda\Downloads\FRST64.exe
2016-09-23 18:33 - 2016-09-24 21:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-23 18:33 - 2016-09-23 18:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-23 18:25 - 2016-09-23 18:32 - 22851472 _____ (Malwarebytes ) C:\Users\čunda\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-23 11:19 - 2016-07-27 21:25 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-09-23 10:45 - 2016-09-23 10:45 - 00000000 ____D C:\ProgramData\UvConverter
2016-09-23 10:12 - 2016-09-23 10:13 - 34739208 _____ C:\Users\čunda\Downloads\Nepotvrzeno 715697.crdownload
2016-09-23 09:39 - 2016-09-23 18:06 - 00007603 _____ C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-09-22 23:05 - 2016-09-22 23:06 - 03861056 _____ C:\Users\čunda\Downloads\adwcleaner.exe
2016-09-22 23:05 - 2015-03-09 12:26 - 00019768 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
2016-09-22 23:05 - 2011-04-21 11:31 - 00017240 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg.sys
2016-09-22 23:03 - 2016-09-22 23:04 - 34739208 _____ C:\Users\čunda\Downloads\se-setup.exe
2016-09-22 22:56 - 2008-06-11 16:16 - 00001287 _____ C:\Users\čunda\Downloads\Přečti si!.txt
2016-09-22 22:55 - 2016-09-22 22:55 - 00234343 _____ C:\Users\čunda\Downloads\SUPERAntiSpyware4151000cz.zip
2016-09-22 22:52 - 2016-09-22 22:52 - 00000282 _____ C:\Users\čunda\Documents\cc_20160922_225210.reg
2016-09-22 22:51 - 2016-09-22 22:51 - 00004846 _____ C:\Users\čunda\Documents\cc_20160922_225122.reg
2016-09-22 22:40 - 2016-09-22 22:40 - 00179682 _____ C:\Users\čunda\Documents\cc_20160922_224017.reg
2016-09-22 22:35 - 2016-09-24 08:06 - 00000911 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-22 22:35 - 2016-09-22 22:35 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\Program Files\CCleaner
2016-09-22 22:34 - 2016-09-22 22:35 - 08244656 _____ (Piriform Ltd) C:\Users\čunda\Downloads\ccsetup522.exe
2016-09-22 22:33 - 2016-09-22 22:36 - 00000000 ____D C:\ProgramData\Avg
2016-09-22 22:32 - 2016-09-22 22:36 - 00000000 ____D C:\Users\čunda\AppData\Local\AvgSetupLog
2016-09-22 22:32 - 2016-09-22 22:32 - 02945520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\čunda\Downloads\AVG_Antivirus_Free_1425.exe
2016-09-22 22:32 - 2016-09-22 22:32 - 00000000 ____D C:\Users\čunda\AppData\Local\Avg
2016-09-22 18:44 - 2016-09-22 22:30 - 00004020 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1474562663
2016-09-22 16:59 - 2016-09-22 17:11 - 00000000 ____D C:\Program Files (x86)\pack
2016-09-22 16:59 - 2016-09-22 16:59 - 00000000 ____D C:\Program Files (x86)\lib
2016-09-22 16:54 - 2016-09-22 16:54 - 00000118 _____ C:\Users\čunda\Downloads\startmetin2.bat
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\python22.dll
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\nastaveni.exe
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\clientversion.txt
2016-09-22 16:31 - 2016-09-22 16:31 - 00000000 _____ C:\autoexec.bat
2016-09-22 16:27 - 2016-09-22 16:27 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-09-22 16:26 - 2016-09-22 16:26 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\čunda\Downloads\SpyHunter-Installer.exe
2016-09-22 16:09 - 2016-09-25 09:48 - 00000000 ____D C:\Users\čunda\AppData\Local\kingsoft
2016-09-22 15:47 - 2016-09-22 15:48 - 02373640 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x64.exe
2016-09-22 15:25 - 2016-09-22 15:25 - 00000000 ____D C:\Program Files\Kazrog LLC
2016-09-22 13:53 - 2016-09-22 15:22 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\quadcorem2-instalator.exe
2016-09-20 23:32 - 2016-09-21 00:18 - 00000000 ____D C:\Users\čunda\Downloads\Nová složka
2016-09-20 23:29 - 2016-09-20 23:29 - 00009922 _____ C:\Users\čunda\Downloads\fishingbot_1.2.rar
2016-09-17 23:10 - 2016-09-24 08:06 - 00001056 _____ C:\Users\Public\Desktop\Metin2.lnk
2016-09-17 23:10 - 2016-09-17 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2
2016-09-17 23:08 - 2016-09-25 11:53 - 00000000 ____D C:\Program Files (x86)\Metin2
2016-09-17 22:51 - 2016-09-22 16:54 - 00000000 ____D C:\Users\čunda\Downloads\pack
2016-09-17 22:51 - 2016-09-17 22:51 - 00000000 ____D C:\Users\čunda\Downloads\lib
2016-09-17 22:44 - 2016-09-17 23:07 - 720572809 _____ (Gameforge 4D GmbH ) C:\Users\čunda\Downloads\Metin2_cz_20111216.exe
2016-09-17 22:44 - 2016-09-17 22:44 - 00339609 _____ (Gameforge 4D ) C:\Users\čunda\Downloads\Downloader_Metin2_cz.exe
2016-09-17 22:43 - 2016-09-17 22:43 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\MSBuild
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-17 22:39 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:31 - 2016-09-17 22:31 - 02869264 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx35setup.exe
2016-09-17 22:04 - 2016-09-22 13:23 - 00000000 ____D C:\Kazrog LLC
2016-09-17 22:03 - 2016-09-23 17:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Quadcore
2016-09-17 21:03 - 2016-09-17 22:02 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\QuadcoreM2_instalator.exe
2016-09-17 18:43 - 2016-09-24 08:06 - 00000961 _____ C:\Users\Public\Desktop\Gameforge Live.lnk
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Users\čunda\AppData\Local\Gameforge4d
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Program Files\GameforgeLive
2016-09-17 18:05 - 2016-09-17 18:06 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup (1).exe
2016-09-16 13:16 - 2016-09-24 21:10 - 00002420 _____ C:\WINDOWS\System32\Tasks\{FA59C3EB-B5C8-49EA-99E7-B29317B79F49}
2016-09-15 22:48 - 2016-09-16 06:18 - 00000000 ____D C:\Program Files\Plumbytes Software
2016-09-13 21:15 - 2016-09-13 21:15 - 00000000 ____D C:\Users\čunda\AppData\Local\Tejkys
2016-09-13 19:55 - 2016-09-24 07:54 - 00000000 ____D C:\Users\čunda\Downloads\SpaceWorld
2016-09-11 08:26 - 2016-07-19 09:54 - 05893272 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\GameMon.des
2016-09-11 08:26 - 2004-12-30 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\npptNT2.sys
2016-09-11 08:26 - 2003-07-15 23:17 - 00005174 _____ C:\WINDOWS\SysWOW64\nppt9x.vxd
2016-09-11 08:25 - 2016-09-11 08:25 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2016-09-11 00:55 - 2016-09-22 17:27 - 00000000 ____D C:\Users\�unda
2016-09-11 00:55 - 2016-09-17 18:00 - 00000000 ____D C:\Users\�unda\Downloads\Gameforge Live
2016-09-11 00:54 - 2016-09-17 18:42 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2016-09-11 00:53 - 2016-09-11 00:54 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup.exe
2016-09-10 20:44 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-09-10 20:31 - 2016-09-10 20:31 - 00000000 ____D C:\Users\Public\Documents\Arc
2016-09-10 20:29 - 2016-08-20 01:16 - 10828376 _____ (Perfect World Entertainment) C:\Users\čunda\Downloads\ArcInstall_NW_v20160818a.exe
2016-09-10 09:46 - 2016-09-10 09:46 - 00875472 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\msvcr110.dll
2016-09-10 09:42 - 2016-09-10 09:42 - 00000000 ____D C:\Users\čunda\Downloads\d3dx9_43
2016-09-10 09:42 - 2010-06-14 14:26 - 01998168 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\D3DX9_43.dll
2016-09-10 09:15 - 2016-09-10 09:18 - 849671643 _____ C:\Users\čunda\Downloads\MuLegend S6ep3.rar
2016-09-08 23:46 - 2016-09-09 15:38 - 00000000 __SHD C:\Users\čunda\AppData\Local\.#
2016-09-08 23:21 - 2016-09-08 23:21 - 730915713 _____ C:\Users\čunda\Downloads\Dragon Mu Season 6 v3.5 Sonido & Musica On.rar
2016-09-08 22:26 - 2016-09-08 22:30 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86 (1).exe
2016-09-08 18:24 - 2016-09-25 10:01 - 00000000 ____D C:\Program Files (x86)\TitanMu.net Season 10Ep3
2016-09-07 15:00 - 2016-09-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrimeMu
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73254359.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247734.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247562.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000378 _____ C:\WINDOWS\SysWOW64\data.bin
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223750.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223609.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73222312.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\en_73221375.html
2016-09-06 18:59 - 2016-09-06 20:03 - 775166660 _____ C:\Users\čunda\Downloads\Žena-v-kleci-(2013)-CZ-Dabing.avi
2016-09-06 18:25 - 2016-09-06 18:25 - 00000000 ____D C:\ProgramData\Sun
2016-09-06 18:24 - 2016-09-22 17:38 - 00000351 _____ C:\Users\Public\Documents\temp.dat
2016-09-06 16:33 - 2016-09-06 16:33 - 00889416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx40_Full_setup.exe
2016-09-06 16:20 - 2016-09-06 16:20 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86.exe
2016-09-06 12:35 - 2016-09-06 13:07 - 00000000 ____D C:\Users\čunda\Desktop\Dorty na facebook
2016-09-06 12:30 - 2016-09-07 20:41 - 00000000 _____ C:\WINDOWS\SysWOW64\last.dump
2016-09-05 18:07 - 2014-04-22 21:18 - 00000000 ____D C:\Users\čunda\Downloads\rome 1
2016-09-05 16:26 - 2016-09-05 17:33 - 1612176103 _____ C:\Users\čunda\Downloads\Rome-Total-War-CZ-(genrot).rar
2016-09-05 16:15 - 2016-09-05 16:15 - 00003200 _____ C:\WINDOWS\System32\Tasks\{3871AF8C-709B-4770-A3A4-E2BA52556370}
2016-09-05 15:37 - 2016-09-05 16:01 - 581629952 _____ C:\Users\čunda\Downloads\ROME-TOTAL-WAR-DISK-1.ISO
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-09-04 12:43 - 2016-09-04 12:43 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Foxit Software
2016-09-04 12:42 - 2016-09-04 12:42 - 00000000 ____D C:\ProgramData\IntelDLM
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\Downloads\Intel Components
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\AppData\Local\Intel
2016-09-04 12:38 - 2016-09-24 08:06 - 00001243 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.6.lnk
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-09-04 12:38 - 2015-06-04 13:33 - 00021984 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2016-09-04 12:37 - 2016-09-04 12:37 - 07491840 _____ (Intel) C:\Users\čunda\Downloads\Intel Driver Update Utility Installer.exe
2016-09-04 12:37 - 2016-09-04 12:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel
2016-09-03 12:36 - 2016-09-03 12:36 - 00121638 _____ C:\Users\čunda\Downloads\MicrosoftEasyFix20140.mini.diagcab
2016-09-03 11:19 - 2016-09-03 11:19 - 00000010 _____ C:\Users\čunda\Desktop\Nový textový dokument.txt
2016-09-03 09:59 - 2016-09-03 09:59 - 00000000 ____D C:\ProgramData\BlueStacks
2016-09-03 09:58 - 2016-09-03 09:58 - 00000000 ____D C:\Users\čunda\AppData\Roaming\WildTangent
2016-09-02 13:57 - 2016-09-02 15:06 - 855987284 _____ C:\Users\čunda\Downloads\Sicario---Nájemný-vrah---2015-CZ-dabing.avi
2016-09-02 12:30 - 2016-09-02 12:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\CareCenter
2016-09-02 12:28 - 2016-09-02 12:28 - 00000000 ____D C:\Users\čunda\AppData\Roaming\CareCenter
2016-09-01 18:07 - 2016-09-01 18:07 - 00000000 _____ C:\Recovery.txt
2016-09-01 17:05 - 2016-09-19 20:35 - 00000000 ___HD C:\$Windows.~BT
2016-09-01 15:55 - 2016-09-01 18:07 - 00000000 ___HD C:\$SysReset
2016-08-31 16:22 - 2016-09-12 16:10 - 00000000 ____D C:\Users\čunda\AppData\Local\ElevatedDiagnostics
2016-08-30 14:54 - 2016-08-30 14:54 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp0.html
2016-08-30 14:07 - 2016-08-30 14:07 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp2.html
2016-08-30 10:28 - 2016-08-30 10:28 - 00044640 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2016-08-30 10:24 - 2016-08-30 10:24 - 06306272 _____ (AVAST Software) C:\Users\čunda\Downloads\avast_premier_antivirus_setup_online_b0h.exe
2016-08-30 07:48 - 2016-08-30 07:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MUX Global Arkania Episode 3
2016-08-29 23:46 - 2016-08-30 06:22 - 594256970 _____ () C:\Users\čunda\Downloads\MUX Global Arkania Episode 3 (17.03.2016).exe
2016-08-29 15:46 - 2016-08-29 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G4Story_CZ
2016-08-29 15:39 - 2016-08-31 16:56 - 00000000 ____D C:\Program Files (x86)\G4Story_CZ
2016-08-29 15:28 - 2016-08-29 15:35 - 1327986213 _____ (G4Story Studio ) C:\Users\čunda\Downloads\G4Story_CZ.exe
2016-08-28 22:26 - 2016-08-28 22:27 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-08-28 22:19 - 2016-09-10 08:52 - 00000000 ____D C:\Program Files\P4StoryEN
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-25 11:08 - 2016-08-06 20:59 - 00000000 ____D C:\Users\čunda\AppData\Local\CrashDumps
2016-09-25 09:51 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-25 09:51 - 2015-08-10 23:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-25 09:51 - 2015-08-10 23:00 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildGames
2016-09-25 09:44 - 2016-08-17 15:03 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-09-25 09:34 - 2016-08-20 13:20 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Kingsoft
2016-09-25 08:59 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-25 08:41 - 2015-07-16 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-09-25 08:40 - 2016-08-06 08:31 - 00000000 ____D C:\Users\čunda\AppData\Local\clear.fi
2016-09-25 08:38 - 2016-08-17 15:03 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-25 08:38 - 2016-08-06 08:27 - 00000000 __SHD C:\Users\čunda\IntelGraphicsProfiles
2016-09-25 08:37 - 2016-04-27 08:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-25 08:36 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-09-25 08:35 - 2016-08-24 12:41 - 00000000 ____D C:\WINDOWS\system32\log
2016-09-25 08:34 - 2015-08-10 23:23 - 00000000 ____D C:\Program Files (x86)\Amazon
2016-09-25 08:26 - 2016-08-17 15:06 - 00000000 ____D C:\Users\čunda
2016-09-24 22:05 - 2016-08-20 13:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Seznam.cz
2016-09-24 08:07 - 2016-08-06 08:32 - 00002395 _____ C:\Users\čunda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-24 08:07 - 2015-10-30 09:18 - 00000853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2016-09-24 08:06 - 2016-08-24 12:43 - 00002542 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-24 08:06 - 2016-08-24 12:42 - 00002280 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-24 08:06 - 2016-08-11 12:56 - 00000896 _____ C:\Users\Public\Desktop\P4StoryEN.lnk
2016-09-24 08:06 - 2016-08-06 20:56 - 00001862 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-09-24 07:55 - 2016-04-27 08:43 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-23 23:16 - 2016-08-24 12:42 - 00002385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-23 23:16 - 2016-08-17 15:13 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk
2016-09-23 23:16 - 2015-10-30 09:18 - 00001590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
2016-09-23 23:16 - 2015-10-30 09:17 - 00002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk
2016-09-23 18:35 - 2016-08-20 13:43 - 00000000 ___HD C:\Program Files (x86)\ydp7C23
2016-09-23 12:41 - 2016-08-24 12:39 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-09-23 11:34 - 2016-04-27 08:54 - 01761358 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-23 11:34 - 2016-04-27 08:11 - 00744960 _____ C:\WINDOWS\system32\perfh005.dat
2016-09-23 11:34 - 2016-04-27 08:11 - 00147258 _____ C:\WINDOWS\system32\perfc005.dat
2016-09-23 08:00 - 2016-08-08 07:05 - 00000000 ____D C:\Users\čunda\AppData\Roaming\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files\AVAST Software
2016-09-22 22:41 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\Packages
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-22 22:38 - 2016-08-06 20:56 - 00000000 ____D C:\Users\čunda\AppData\Roaming\DAEMON Tools Lite
2016-09-22 21:29 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-22 17:31 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-09-22 17:31 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-09-22 17:27 - 2015-07-10 11:05 - 00000000 ____D C:\Users\Default.migrated
2016-09-22 15:51 - 2015-08-10 22:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-20 08:24 - 2015-07-16 05:31 - 00000000 ____D C:\Program Files (x86)\Acer
2016-09-19 20:36 - 2016-08-17 15:52 - 00000000 ____D C:\Windows.old
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-16 14:35 - 2016-08-09 13:29 - 00000000 ____D C:\Users\čunda\AppData\Local\Akamai
2016-09-16 13:22 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\WildTangent
2016-09-16 06:33 - 2016-08-13 07:48 - 00000000 ____D C:\Games
2016-09-13 13:34 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-13 13:34 - 2015-08-10 22:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-11 08:02 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\VirtualStore
2016-09-09 18:30 - 2016-08-15 07:28 - 00000000 ____D C:\Users\čunda\AppData\Local\RabanSoft
2016-09-08 21:29 - 2016-08-12 06:09 - 00140600 _____ (AhnLab, Inc.) C:\WINDOWS\system32\Drivers\EagleX64.sys
2016-09-07 03:00 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 03:00 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-04 12:59 - 2015-08-10 22:58 - 00000000 ____D C:\ProgramData\Intel
2016-09-04 12:48 - 2015-08-10 22:58 - 00000000 ____D C:\Program Files (x86)\Intel
2016-09-04 12:45 - 2016-08-17 15:02 - 00000000 ____D C:\Program Files\Intel
2016-09-04 12:24 - 2015-08-10 23:06 - 00000000 ___HD C:\Intel
2016-09-03 13:19 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-03 09:54 - 2015-08-10 23:30 - 00000000 ____D C:\ProgramData\CyberLink
2016-09-03 09:50 - 2016-08-06 21:04 - 00000000 ____D C:\Program Files\Flagship Studios
2016-09-02 12:26 - 2016-08-06 08:30 - 00000000 ____D C:\Users\čunda\AppData\Local\CareCenter
2016-09-01 21:07 - 2016-08-17 15:56 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-30 11:04 - 2016-08-17 15:23 - 00003508 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2016-08-30 11:04 - 2015-07-16 06:13 - 00000000 ___HD C:\OEM
2016-08-29 13:08 - 2016-08-17 15:23 - 00003060 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2016-08-29 11:49 - 2016-04-26 23:45 - 00194472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-28 22:26 - 2016-08-12 12:37 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2016-08-28 22:26 - 2016-08-11 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\P4StoryEN
2016-08-28 16:42 - 2016-08-24 12:39 - 00000495 _____ C:\Users\Public\Documents\report1.dat
==================== Files in the root of some directories =======
2016-09-23 09:39 - 2016-09-23 18:06 - 0007603 _____ () C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-08-17 15:02 - 2016-08-17 15:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-15 05:45 - 2016-08-15 05:45 - 0000016 _____ () C:\ProgramData\mntemp
2016-09-25 09:49 - 2014-04-17 00:08 - 0658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2942882.exe
2016-09-25 09:59 - 2014-04-17 00:08 - 0658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall3558290.exe
Files to move or delete:
====================
C:\ProgramData\uninstall2942882.exe
C:\ProgramData\uninstall3558290.exe
Some files in TEMP:
====================
C:\Users\čunda\AppData\Local\Temp\libeay32.dll
-
Rudy
- Site Admin
- Příspěvky: 118265
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Dns unlocker
Log není kompletní.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Dns unlocker
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-09-2016 02
Ran by čunda (administrator) on LAPTOP-LCVD3MHM (25-09-2016 13:42:42)
Running from C:\Users\čunda\Downloads
Loaded Profiles: čunda & (Available Profiles: čunda)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\ProgramData\UvConverter\UvConverter.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Flexera Software LLC) C:\Users\UNDA~1\AppData\Local\Temp\{71BBB325-2EEC-491E-BC3F-DA3BBAC11BBD}\ISBEW64.exe
(Flexera Software LLC) C:\Users\UNDA~1\AppData\Local\Temp\{71BBB325-2EEC-491E-BC3F-DA3BBAC11BBD}\ISBEW64.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(WildTangent, Inc.) C:\Program Files (x86)\WildGames\Uninstall.exe
(WildTangent, Inc.) C:\ProgramData\uninstall3558290.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin
(INCA Internet Co., Ltd.) C:\Program Files (x86)\Metin2\GameGuard\GameMon.des
(INCA Internet Co., Ltd.) C:\Program Files (x86)\Metin2\GameGuard\GameMon64.des
(Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: H - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {37fe60c3-5be5-11e6-9bd0-3065ec81dabc} - "E:\Setup.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {9b5c289d-66c4-11e6-b8d2-3065ec81dabc} - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: H - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {37fe60c3-5be5-11e6-9bd0-3065ec81dabc} - "E:\Setup.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9b5c289d-66c4-11e6-b8d2-3065ec81dabc} - "H:\setup\rsrc\Autorun.exe"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{4c05c3ce-f25a-4e64-82c1-5b3eca53fd9e}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{4c05c3ce-f25a-4e64-82c1-5b3eca53fd9e}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{eea7fe2d-21aa-4222-be63-103c86fec1db}: [DhcpNameServer] 82.163.143.171
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544401372&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544420656&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544482462&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544482462&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {1F4F7198-8B19-4F61-B21A-8DBCC5C114E1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {2349977B-D64A-4633-B5FA-7AD1802BE099} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {252FA411-AD31-4A29-918C-C21FC9D9D214} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {32673C6B-27F9-4E97-A68E-43D564E14C45} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {403F17D7-960C-4456-A2D3-E47AD1F43922} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {65F404CD-F576-4A92-927F-F454C5924183} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {C376FE94-E51D-4037-BFAB-34C798E6170F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {EC2C06C7-B9F2-4A54-9BCF-E9C89C6045AB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F154C596-75A9-4028-90E8-9752BD7CA05B} URL =
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F200769B-1323-4202-8BF1-DB7DC7F88909} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {1F4F7198-8B19-4F61-B21A-8DBCC5C114E1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {2349977B-D64A-4633-B5FA-7AD1802BE099} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {252FA411-AD31-4A29-918C-C21FC9D9D214} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {32673C6B-27F9-4E97-A68E-43D564E14C45} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {403F17D7-960C-4456-A2D3-E47AD1F43922} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {65F404CD-F576-4A92-927F-F454C5924183} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {C376FE94-E51D-4037-BFAB-34C798E6170F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {EC2C06C7-B9F2-4A54-9BCF-E9C89C6045AB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {F154C596-75A9-4028-90E8-9752BD7CA05B} URL =
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {F200769B-1323-4202-8BF1-DB7DC7F88909} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=147324502 ... PFH64PFH64
FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HomePage: qudachmupishplalily -> hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w
CHR StartupUrls: qudachmupishplalily -> "hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w"
CHR DefaultSearchURL: qudachmupishplalily -> hxxp://www.nicesearches.com/search.php?type=ds ... earchTerms}
CHR DefaultSearchKeyword: qudachmupishplalily -> nice
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default [2016-09-25]
CHR Extension: (Prezentace Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-20]
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-06]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-06]
CHR Extension: (Seznam Lištička - Email) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-06]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-06]
CHR Extension: (SiteAdvisor) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-08-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-06]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-20]
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily [2016-09-25] <==== ATTENTION
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-20]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-20]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-20]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-20]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
StartMenuInternet: Google Chrome - Chrome.exe
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-07-29] (Disc Soft Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [368552 2016-08-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] ()
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5893272 2016-07-19] (INCA Internet Co., Ltd.)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 UvConverter; C:\ProgramData\UvConverter\UvConverter.exe [336104 2016-09-23] ()
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-08-17] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2016-08-30] (The OpenVPN Project)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-06] (Disc Soft Ltd)
U3 dump_wmimmc; C:\Program Files (x86)\Metin2\GameGuard\dump_wmimmc.sys [196912 2016-09-25] ()
S3 EagleX64; C:\Windows\system32\drivers\EagleX64.sys [140600 2016-09-08] (AhnLab, Inc.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-09-22] ()
S3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [41984 2015-06-03] (Intel(R) Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [345872 2016-05-26] (Intel Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5759240 2016-08-06] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-25] (Malwarebytes)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3528976 2016-06-14] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [47784 2015-05-27] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [36904 2016-08-11] (Wellbia.com Co., Ltd.)
U0 aswVmm; no ImagePath
S3 RTSUER; \SystemRoot\system32\Drivers\RtsUer.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-25 12:58 - 2016-09-25 12:58 - 00000000 ____D C:\Users\čunda\Downloads\FRST-OlderVersion
2016-09-25 09:59 - 2014-04-17 00:08 - 00658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall3558290.exe
2016-09-25 09:52 - 2016-09-25 09:52 - 00003294 _____ C:\WINDOWS\System32\Tasks\{AF6D9DA6-7772-4F89-9D63-08887B4C6B7B}
2016-09-25 09:49 - 2014-04-17 00:08 - 00658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2942882.exe
2016-09-25 08:41 - 2016-09-25 08:41 - 00003388 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2016-09-25 08:29 - 2016-09-25 08:36 - 00189502 _____ C:\WINDOWS\ntbtlog.txt
2016-09-25 08:29 - 2016-09-25 08:29 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-09-24 21:33 - 2016-09-24 21:34 - 03861056 _____ C:\Users\čunda\Downloads\adwcleaner_6.020.exe
2016-09-24 21:23 - 2016-09-24 21:29 - 00000000 ____D C:\WINDOWS\Minidump
2016-09-24 21:04 - 2016-09-24 21:04 - 00034154 _____ C:\Users\čunda\Documents\cc_20160924_210419.reg
2016-09-24 20:30 - 2016-09-24 20:30 - 00000952 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-24 20:29 - 2016-09-24 20:30 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-09-24 20:29 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-24 20:29 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-24 20:29 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-24 20:24 - 2016-09-25 08:36 - 00000000 ____D C:\AdwCleaner
2016-09-24 19:42 - 2016-09-24 19:42 - 00015600 _____ C:\Users\čunda\Documents\AdwCleaner[S1].txt
2016-09-24 19:41 - 2016-09-24 19:41 - 00025144 _____ C:\Users\čunda\Documents\AdwCleaner[S0].txt
2016-09-23 22:24 - 2016-09-23 22:24 - 00001137 _____ C:\Users\čunda\Desktop\tadik.txt
2016-09-23 21:31 - 2016-09-25 08:56 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-23 21:29 - 2016-09-23 21:29 - 00000020 ___SH C:\Users\čunda\ntuser.ini
2016-09-23 19:20 - 2016-09-23 19:22 - 00026097 _____ C:\Users\čunda\Downloads\Addition.txt
2016-09-23 19:17 - 2016-09-25 13:42 - 00026763 _____ C:\Users\čunda\Downloads\FRST.txt
2016-09-23 19:17 - 2016-09-25 13:42 - 00000000 ____D C:\FRST
2016-09-23 19:16 - 2016-09-25 12:58 - 02402816 _____ (Farbar) C:\Users\čunda\Downloads\FRST64.exe
2016-09-23 18:33 - 2016-09-24 21:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-23 18:33 - 2016-09-23 18:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-23 18:25 - 2016-09-23 18:32 - 22851472 _____ (Malwarebytes ) C:\Users\čunda\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-23 11:19 - 2016-07-27 21:25 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-09-23 10:45 - 2016-09-23 10:45 - 00000000 ____D C:\ProgramData\UvConverter
2016-09-23 10:12 - 2016-09-23 10:13 - 34739208 _____ C:\Users\čunda\Downloads\Nepotvrzeno 715697.crdownload
2016-09-23 09:39 - 2016-09-23 18:06 - 00007603 _____ C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-09-22 23:05 - 2016-09-22 23:06 - 03861056 _____ C:\Users\čunda\Downloads\adwcleaner.exe
2016-09-22 23:05 - 2015-03-09 12:26 - 00019768 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
2016-09-22 23:05 - 2011-04-21 11:31 - 00017240 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg.sys
2016-09-22 23:03 - 2016-09-22 23:04 - 34739208 _____ C:\Users\čunda\Downloads\se-setup.exe
2016-09-22 22:56 - 2008-06-11 16:16 - 00001287 _____ C:\Users\čunda\Downloads\Přečti si!.txt
2016-09-22 22:55 - 2016-09-22 22:55 - 00234343 _____ C:\Users\čunda\Downloads\SUPERAntiSpyware4151000cz.zip
2016-09-22 22:52 - 2016-09-22 22:52 - 00000282 _____ C:\Users\čunda\Documents\cc_20160922_225210.reg
2016-09-22 22:51 - 2016-09-22 22:51 - 00004846 _____ C:\Users\čunda\Documents\cc_20160922_225122.reg
2016-09-22 22:40 - 2016-09-22 22:40 - 00179682 _____ C:\Users\čunda\Documents\cc_20160922_224017.reg
2016-09-22 22:35 - 2016-09-24 08:06 - 00000911 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-22 22:35 - 2016-09-22 22:35 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\Program Files\CCleaner
2016-09-22 22:34 - 2016-09-22 22:35 - 08244656 _____ (Piriform Ltd) C:\Users\čunda\Downloads\ccsetup522.exe
2016-09-22 22:33 - 2016-09-22 22:36 - 00000000 ____D C:\ProgramData\Avg
2016-09-22 22:32 - 2016-09-22 22:36 - 00000000 ____D C:\Users\čunda\AppData\Local\AvgSetupLog
2016-09-22 22:32 - 2016-09-22 22:32 - 02945520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\čunda\Downloads\AVG_Antivirus_Free_1425.exe
2016-09-22 22:32 - 2016-09-22 22:32 - 00000000 ____D C:\Users\čunda\AppData\Local\Avg
2016-09-22 18:44 - 2016-09-22 22:30 - 00004020 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1474562663
2016-09-22 16:59 - 2016-09-22 17:11 - 00000000 ____D C:\Program Files (x86)\pack
2016-09-22 16:59 - 2016-09-22 16:59 - 00000000 ____D C:\Program Files (x86)\lib
2016-09-22 16:54 - 2016-09-22 16:54 - 00000118 _____ C:\Users\čunda\Downloads\startmetin2.bat
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\python22.dll
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\nastaveni.exe
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\clientversion.txt
2016-09-22 16:31 - 2016-09-22 16:31 - 00000000 _____ C:\autoexec.bat
2016-09-22 16:27 - 2016-09-22 16:27 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-09-22 16:26 - 2016-09-22 16:26 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\čunda\Downloads\SpyHunter-Installer.exe
2016-09-22 16:09 - 2016-09-25 09:48 - 00000000 ____D C:\Users\čunda\AppData\Local\kingsoft
2016-09-22 15:47 - 2016-09-22 15:48 - 02373640 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x64.exe
2016-09-22 15:25 - 2016-09-22 15:25 - 00000000 ____D C:\Program Files\Kazrog LLC
2016-09-22 13:53 - 2016-09-22 15:22 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\quadcorem2-instalator.exe
2016-09-20 23:32 - 2016-09-21 00:18 - 00000000 ____D C:\Users\čunda\Downloads\Nová složka
2016-09-20 23:29 - 2016-09-20 23:29 - 00009922 _____ C:\Users\čunda\Downloads\fishingbot_1.2.rar
2016-09-17 23:10 - 2016-09-24 08:06 - 00001056 _____ C:\Users\Public\Desktop\Metin2.lnk
2016-09-17 23:10 - 2016-09-17 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2
2016-09-17 23:08 - 2016-09-25 11:53 - 00000000 ____D C:\Program Files (x86)\Metin2
2016-09-17 22:51 - 2016-09-22 16:54 - 00000000 ____D C:\Users\čunda\Downloads\pack
2016-09-17 22:51 - 2016-09-17 22:51 - 00000000 ____D C:\Users\čunda\Downloads\lib
2016-09-17 22:44 - 2016-09-17 23:07 - 720572809 _____ (Gameforge 4D GmbH ) C:\Users\čunda\Downloads\Metin2_cz_20111216.exe
2016-09-17 22:44 - 2016-09-17 22:44 - 00339609 _____ (Gameforge 4D ) C:\Users\čunda\Downloads\Downloader_Metin2_cz.exe
2016-09-17 22:43 - 2016-09-17 22:43 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\MSBuild
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-17 22:39 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:31 - 2016-09-17 22:31 - 02869264 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx35setup.exe
2016-09-17 22:04 - 2016-09-22 13:23 - 00000000 ____D C:\Kazrog LLC
2016-09-17 22:03 - 2016-09-23 17:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Quadcore
2016-09-17 21:03 - 2016-09-17 22:02 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\QuadcoreM2_instalator.exe
2016-09-17 18:43 - 2016-09-24 08:06 - 00000961 _____ C:\Users\Public\Desktop\Gameforge Live.lnk
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Users\čunda\AppData\Local\Gameforge4d
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Program Files\GameforgeLive
2016-09-17 18:05 - 2016-09-17 18:06 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup (1).exe
2016-09-16 13:16 - 2016-09-24 21:10 - 00002420 _____ C:\WINDOWS\System32\Tasks\{FA59C3EB-B5C8-49EA-99E7-B29317B79F49}
2016-09-15 22:48 - 2016-09-16 06:18 - 00000000 ____D C:\Program Files\Plumbytes Software
2016-09-13 21:15 - 2016-09-13 21:15 - 00000000 ____D C:\Users\čunda\AppData\Local\Tejkys
2016-09-13 19:55 - 2016-09-24 07:54 - 00000000 ____D C:\Users\čunda\Downloads\SpaceWorld
2016-09-11 08:26 - 2016-07-19 09:54 - 05893272 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\GameMon.des
2016-09-11 08:26 - 2004-12-30 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\npptNT2.sys
2016-09-11 08:26 - 2003-07-15 23:17 - 00005174 _____ C:\WINDOWS\SysWOW64\nppt9x.vxd
2016-09-11 08:25 - 2016-09-11 08:25 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2016-09-11 00:55 - 2016-09-22 17:27 - 00000000 ____D C:\Users\�unda
2016-09-11 00:55 - 2016-09-17 18:00 - 00000000 ____D C:\Users\�unda\Downloads\Gameforge Live
2016-09-11 00:54 - 2016-09-17 18:42 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2016-09-11 00:53 - 2016-09-11 00:54 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup.exe
2016-09-10 20:44 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-09-10 20:31 - 2016-09-10 20:31 - 00000000 ____D C:\Users\Public\Documents\Arc
2016-09-10 20:29 - 2016-08-20 01:16 - 10828376 _____ (Perfect World Entertainment) C:\Users\čunda\Downloads\ArcInstall_NW_v20160818a.exe
2016-09-10 09:46 - 2016-09-10 09:46 - 00875472 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\msvcr110.dll
2016-09-10 09:42 - 2016-09-10 09:42 - 00000000 ____D C:\Users\čunda\Downloads\d3dx9_43
2016-09-10 09:42 - 2010-06-14 14:26 - 01998168 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\D3DX9_43.dll
2016-09-10 09:15 - 2016-09-10 09:18 - 849671643 _____ C:\Users\čunda\Downloads\MuLegend S6ep3.rar
2016-09-08 23:46 - 2016-09-09 15:38 - 00000000 __SHD C:\Users\čunda\AppData\Local\.#
2016-09-08 23:21 - 2016-09-08 23:21 - 730915713 _____ C:\Users\čunda\Downloads\Dragon Mu Season 6 v3.5 Sonido & Musica On.rar
2016-09-08 22:26 - 2016-09-08 22:30 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86 (1).exe
2016-09-08 18:24 - 2016-09-25 10:01 - 00000000 ____D C:\Program Files (x86)\TitanMu.net Season 10Ep3
2016-09-07 15:00 - 2016-09-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrimeMu
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73254359.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247734.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247562.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000378 _____ C:\WINDOWS\SysWOW64\data.bin
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223750.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223609.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73222312.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\en_73221375.html
2016-09-06 18:59 - 2016-09-06 20:03 - 775166660 _____ C:\Users\čunda\Downloads\Žena-v-kleci-(2013)-CZ-Dabing.avi
2016-09-06 18:25 - 2016-09-06 18:25 - 00000000 ____D C:\ProgramData\Sun
2016-09-06 18:24 - 2016-09-22 17:38 - 00000351 _____ C:\Users\Public\Documents\temp.dat
2016-09-06 16:33 - 2016-09-06 16:33 - 00889416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx40_Full_setup.exe
2016-09-06 16:20 - 2016-09-06 16:20 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86.exe
2016-09-06 12:35 - 2016-09-06 13:07 - 00000000 ____D C:\Users\čunda\Desktop\Dorty na facebook
2016-09-06 12:30 - 2016-09-07 20:41 - 00000000 _____ C:\WINDOWS\SysWOW64\last.dump
2016-09-05 18:07 - 2014-04-22 21:18 - 00000000 ____D C:\Users\čunda\Downloads\rome 1
2016-09-05 16:26 - 2016-09-05 17:33 - 1612176103 _____ C:\Users\čunda\Downloads\Rome-Total-War-CZ-(genrot).rar
2016-09-05 16:15 - 2016-09-05 16:15 - 00003200 _____ C:\WINDOWS\System32\Tasks\{3871AF8C-709B-4770-A3A4-E2BA52556370}
2016-09-05 15:37 - 2016-09-05 16:01 - 581629952 _____ C:\Users\čunda\Downloads\ROME-TOTAL-WAR-DISK-1.ISO
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-09-04 12:43 - 2016-09-04 12:43 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Foxit Software
2016-09-04 12:42 - 2016-09-04 12:42 - 00000000 ____D C:\ProgramData\IntelDLM
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\Downloads\Intel Components
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\AppData\Local\Intel
2016-09-04 12:38 - 2016-09-24 08:06 - 00001243 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.6.lnk
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-09-04 12:38 - 2015-06-04 13:33 - 00021984 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2016-09-04 12:37 - 2016-09-04 12:37 - 07491840 _____ (Intel) C:\Users\čunda\Downloads\Intel Driver Update Utility Installer.exe
2016-09-04 12:37 - 2016-09-04 12:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel
2016-09-03 12:36 - 2016-09-03 12:36 - 00121638 _____ C:\Users\čunda\Downloads\MicrosoftEasyFix20140.mini.diagcab
2016-09-03 11:19 - 2016-09-03 11:19 - 00000010 _____ C:\Users\čunda\Desktop\Nový textový dokument.txt
2016-09-03 09:59 - 2016-09-03 09:59 - 00000000 ____D C:\ProgramData\BlueStacks
2016-09-03 09:58 - 2016-09-03 09:58 - 00000000 ____D C:\Users\čunda\AppData\Roaming\WildTangent
2016-09-02 13:57 - 2016-09-02 15:06 - 855987284 _____ C:\Users\čunda\Downloads\Sicario---Nájemný-vrah---2015-CZ-dabing.avi
2016-09-02 12:30 - 2016-09-02 12:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\CareCenter
2016-09-02 12:28 - 2016-09-02 12:28 - 00000000 ____D C:\Users\čunda\AppData\Roaming\CareCenter
2016-09-01 18:07 - 2016-09-01 18:07 - 00000000 _____ C:\Recovery.txt
2016-09-01 17:05 - 2016-09-19 20:35 - 00000000 ___HD C:\$Windows.~BT
2016-09-01 15:55 - 2016-09-01 18:07 - 00000000 ___HD C:\$SysReset
2016-08-31 16:22 - 2016-09-12 16:10 - 00000000 ____D C:\Users\čunda\AppData\Local\ElevatedDiagnostics
2016-08-30 14:54 - 2016-08-30 14:54 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp0.html
2016-08-30 14:07 - 2016-08-30 14:07 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp2.html
2016-08-30 10:28 - 2016-08-30 10:28 - 00044640 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2016-08-30 10:24 - 2016-08-30 10:24 - 06306272 _____ (AVAST Software) C:\Users\čunda\Downloads\avast_premier_antivirus_setup_online_b0h.exe
2016-08-30 07:48 - 2016-08-30 07:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MUX Global Arkania Episode 3
2016-08-29 23:46 - 2016-08-30 06:22 - 594256970 _____ () C:\Users\čunda\Downloads\MUX Global Arkania Episode 3 (17.03.2016).exe
2016-08-29 15:46 - 2016-08-29 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G4Story_CZ
2016-08-29 15:39 - 2016-08-31 16:56 - 00000000 ____D C:\Program Files (x86)\G4Story_CZ
2016-08-29 15:28 - 2016-08-29 15:35 - 1327986213 _____ (G4Story Studio ) C:\Users\čunda\Downloads\G4Story_CZ.exe
2016-08-28 22:26 - 2016-08-28 22:27 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-08-28 22:19 - 2016-09-10 08:52 - 00000000 ____D C:\Program Files\P4StoryEN
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-25 11:08 - 2016-08-06 20:59 - 00000000 ____D C:\Users\čunda\AppData\Local\CrashDumps
2016-09-25 09:51 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-25 09:51 - 2015-08-10 23:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-25 09:51 - 2015-08-10 23:00 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildGames
2016-09-25 09:44 - 2016-08-17 15:03 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-09-25 09:34 - 2016-08-20 13:20 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Kingsoft
2016-09-25 08:59 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-25 08:41 - 2015-07-16 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-09-25 08:40 - 2016-08-06 08:31 - 00000000 ____D C:\Users\čunda\AppData\Local\clear.fi
2016-09-25 08:38 - 2016-08-17 15:03 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-25 08:38 - 2016-08-06 08:27 - 00000000 __SHD C:\Users\čunda\IntelGraphicsProfiles
2016-09-25 08:37 - 2016-04-27 08:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-25 08:36 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-09-25 08:35 - 2016-08-24 12:41 - 00000000 ____D C:\WINDOWS\system32\log
2016-09-25 08:34 - 2015-08-10 23:23 - 00000000 ____D C:\Program Files (x86)\Amazon
2016-09-25 08:26 - 2016-08-17 15:06 - 00000000 ____D C:\Users\čunda
2016-09-24 22:05 - 2016-08-20 13:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Seznam.cz
2016-09-24 08:07 - 2016-08-06 08:32 - 00002395 _____ C:\Users\čunda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-24 08:07 - 2015-10-30 09:18 - 00000853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2016-09-24 08:06 - 2016-08-24 12:43 - 00002542 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-24 08:06 - 2016-08-24 12:42 - 00002280 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-24 08:06 - 2016-08-11 12:56 - 00000896 _____ C:\Users\Public\Desktop\P4StoryEN.lnk
2016-09-24 08:06 - 2016-08-06 20:56 - 00001862 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-09-24 07:55 - 2016-04-27 08:43 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-23 23:16 - 2016-08-24 12:42 - 00002385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-23 23:16 - 2016-08-17 15:13 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk
2016-09-23 23:16 - 2015-10-30 09:18 - 00001590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
2016-09-23 23:16 - 2015-10-30 09:17 - 00002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk
2016-09-23 18:35 - 2016-08-20 13:43 - 00000000 ___HD C:\Program Files (x86)\ydp7C23
2016-09-23 12:41 - 2016-08-24 12:39 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-09-23 11:34 - 2016-04-27 08:54 - 01761358 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-23 11:34 - 2016-04-27 08:11 - 00744960 _____ C:\WINDOWS\system32\perfh005.dat
2016-09-23 11:34 - 2016-04-27 08:11 - 00147258 _____ C:\WINDOWS\system32\perfc005.dat
2016-09-23 08:00 - 2016-08-08 07:05 - 00000000 ____D C:\Users\čunda\AppData\Roaming\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files\AVAST Software
2016-09-22 22:41 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\Packages
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-22 22:38 - 2016-08-06 20:56 - 00000000 ____D C:\Users\čunda\AppData\Roaming\DAEMON Tools Lite
2016-09-22 21:29 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-22 17:31 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-09-22 17:31 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-09-22 17:27 - 2015-07-10 11:05 - 00000000 ____D C:\Users\Default.migrated
2016-09-22 15:51 - 2015-08-10 22:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-20 08:24 - 2015-07-16 05:31 - 00000000 ____D C:\Program Files (x86)\Acer
2016-09-19 20:36 - 2016-08-17 15:52 - 00000000 ____D C:\Windows.old
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-16 14:35 - 2016-08-09 13:29 - 00000000 ____D C:\Users\čunda\AppData\Local\Akamai
2016-09-16 13:22 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\WildTangent
2016-09-16 06:33 - 2016-08-13 07:48 - 00000000 ____D C:\Games
2016-09-13 13:34 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-13 13:34 - 2015-08-10 22:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-11 08:02 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\VirtualStore
2016-09-09 18:30 - 2016-08-15 07:28 - 00000000 ____D C:\Users\čunda\AppData\Local\RabanSoft
2016-09-08 21:29 - 2016-08-12 06:09 - 00140600 _____ (AhnLab, Inc.) C:\WINDOWS\system32\Drivers\EagleX64.sys
2016-09-07 03:00 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 03:00 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-04 12:59 - 2015-08-10 22:58 - 00000000 ____D C:\ProgramData\Intel
2016-09-04 12:48 - 2015-08-10 22:58 - 00000000 ____D C:\Program Files (x86)\Intel
2016-09-04 12:45 - 2016-08-17 15:02 - 00000000 ____D C:\Program Files\Intel
2016-09-04 12:24 - 2015-08-10 23:06 - 00000000 ___HD C:\Intel
2016-09-03 13:19 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-03 09:54 - 2015-08-10 23:30 - 00000000 ____D C:\ProgramData\CyberLink
2016-09-03 09:50 - 2016-08-06 21:04 - 00000000 ____D C:\Program Files\Flagship Studios
2016-09-02 12:26 - 2016-08-06 08:30 - 00000000 ____D C:\Users\čunda\AppData\Local\CareCenter
2016-09-01 21:07 - 2016-08-17 15:56 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-30 11:04 - 2016-08-17 15:23 - 00003508 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2016-08-30 11:04 - 2015-07-16 06:13 - 00000000 ___HD C:\OEM
2016-08-29 13:08 - 2016-08-17 15:23 - 00003060 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2016-08-29 11:49 - 2016-04-26 23:45 - 00194472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-28 22:26 - 2016-08-12 12:37 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2016-08-28 22:26 - 2016-08-11 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\P4StoryEN
2016-08-28 16:42 - 2016-08-24 12:39 - 00000495 _____ C:\Users\Public\Documents\report1.dat
==================== Files in the root of some directories =======
2016-09-23 09:39 - 2016-09-23 18:06 - 0007603 _____ () C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-08-17 15:02 - 2016-08-17 15:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-15 05:45 - 2016-08-15 05:45 - 0000016 _____ () C:\ProgramData\mntemp
2016-09-25 09:49 - 2014-04-17 00:08 - 0658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2942882.exe
2016-09-25 09:59 - 2014-04-17 00:08 - 0658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall3558290.exe
Files to move or delete:
====================
C:\ProgramData\uninstall2942882.exe
C:\ProgramData\uninstall3558290.exe
Some files in TEMP:
====================
C:\Users\čunda\AppData\Local\Temp\libeay32.dll
C:\Users\čunda\AppData\Local\Temp\msvcr120.dll
C:\Users\čunda\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-09-22 00:10
==================== End of FRST.txt ============================
Ran by čunda (administrator) on LAPTOP-LCVD3MHM (25-09-2016 13:42:42)
Running from C:\Users\čunda\Downloads
Loaded Profiles: čunda & (Available Profiles: čunda)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\ProgramData\UvConverter\UvConverter.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Flexera Software LLC) C:\Users\UNDA~1\AppData\Local\Temp\{71BBB325-2EEC-491E-BC3F-DA3BBAC11BBD}\ISBEW64.exe
(Flexera Software LLC) C:\Users\UNDA~1\AppData\Local\Temp\{71BBB325-2EEC-491E-BC3F-DA3BBAC11BBD}\ISBEW64.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(WildTangent, Inc.) C:\Program Files (x86)\WildGames\Uninstall.exe
(WildTangent, Inc.) C:\ProgramData\uninstall3558290.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin
(INCA Internet Co., Ltd.) C:\Program Files (x86)\Metin2\GameGuard\GameMon.des
(INCA Internet Co., Ltd.) C:\Program Files (x86)\Metin2\GameGuard\GameMon64.des
(Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: H - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {37fe60c3-5be5-11e6-9bd0-3065ec81dabc} - "E:\Setup.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {9b5c289d-66c4-11e6-b8d2-3065ec81dabc} - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: H - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {37fe60c3-5be5-11e6-9bd0-3065ec81dabc} - "E:\Setup.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9b5c289d-66c4-11e6-b8d2-3065ec81dabc} - "H:\setup\rsrc\Autorun.exe"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{4c05c3ce-f25a-4e64-82c1-5b3eca53fd9e}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{4c05c3ce-f25a-4e64-82c1-5b3eca53fd9e}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{eea7fe2d-21aa-4222-be63-103c86fec1db}: [DhcpNameServer] 82.163.143.171
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544401372&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544420656&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544482462&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544482462&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {1F4F7198-8B19-4F61-B21A-8DBCC5C114E1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {2349977B-D64A-4633-B5FA-7AD1802BE099} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {252FA411-AD31-4A29-918C-C21FC9D9D214} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {32673C6B-27F9-4E97-A68E-43D564E14C45} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {403F17D7-960C-4456-A2D3-E47AD1F43922} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {65F404CD-F576-4A92-927F-F454C5924183} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {C376FE94-E51D-4037-BFAB-34C798E6170F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {EC2C06C7-B9F2-4A54-9BCF-E9C89C6045AB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F154C596-75A9-4028-90E8-9752BD7CA05B} URL =
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F200769B-1323-4202-8BF1-DB7DC7F88909} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {1F4F7198-8B19-4F61-B21A-8DBCC5C114E1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {2349977B-D64A-4633-B5FA-7AD1802BE099} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {252FA411-AD31-4A29-918C-C21FC9D9D214} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {32673C6B-27F9-4E97-A68E-43D564E14C45} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {403F17D7-960C-4456-A2D3-E47AD1F43922} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {65F404CD-F576-4A92-927F-F454C5924183} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {C376FE94-E51D-4037-BFAB-34C798E6170F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {EC2C06C7-B9F2-4A54-9BCF-E9C89C6045AB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {F154C596-75A9-4028-90E8-9752BD7CA05B} URL =
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {F200769B-1323-4202-8BF1-DB7DC7F88909} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=147324502 ... PFH64PFH64
FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HomePage: qudachmupishplalily -> hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w
CHR StartupUrls: qudachmupishplalily -> "hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w"
CHR DefaultSearchURL: qudachmupishplalily -> hxxp://www.nicesearches.com/search.php?type=ds ... earchTerms}
CHR DefaultSearchKeyword: qudachmupishplalily -> nice
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default [2016-09-25]
CHR Extension: (Prezentace Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-20]
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-06]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-06]
CHR Extension: (Seznam Lištička - Email) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-06]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-06]
CHR Extension: (SiteAdvisor) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-08-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-06]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-20]
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily [2016-09-25] <==== ATTENTION
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-20]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-20]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-20]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-20]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
StartMenuInternet: Google Chrome - Chrome.exe
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-07-29] (Disc Soft Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [368552 2016-08-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] ()
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5893272 2016-07-19] (INCA Internet Co., Ltd.)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 UvConverter; C:\ProgramData\UvConverter\UvConverter.exe [336104 2016-09-23] ()
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-08-17] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2016-08-30] (The OpenVPN Project)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-06] (Disc Soft Ltd)
U3 dump_wmimmc; C:\Program Files (x86)\Metin2\GameGuard\dump_wmimmc.sys [196912 2016-09-25] ()
S3 EagleX64; C:\Windows\system32\drivers\EagleX64.sys [140600 2016-09-08] (AhnLab, Inc.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-09-22] ()
S3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [41984 2015-06-03] (Intel(R) Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [345872 2016-05-26] (Intel Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5759240 2016-08-06] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-25] (Malwarebytes)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3528976 2016-06-14] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [47784 2015-05-27] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [36904 2016-08-11] (Wellbia.com Co., Ltd.)
U0 aswVmm; no ImagePath
S3 RTSUER; \SystemRoot\system32\Drivers\RtsUer.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-25 12:58 - 2016-09-25 12:58 - 00000000 ____D C:\Users\čunda\Downloads\FRST-OlderVersion
2016-09-25 09:59 - 2014-04-17 00:08 - 00658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall3558290.exe
2016-09-25 09:52 - 2016-09-25 09:52 - 00003294 _____ C:\WINDOWS\System32\Tasks\{AF6D9DA6-7772-4F89-9D63-08887B4C6B7B}
2016-09-25 09:49 - 2014-04-17 00:08 - 00658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2942882.exe
2016-09-25 08:41 - 2016-09-25 08:41 - 00003388 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2016-09-25 08:29 - 2016-09-25 08:36 - 00189502 _____ C:\WINDOWS\ntbtlog.txt
2016-09-25 08:29 - 2016-09-25 08:29 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-09-24 21:33 - 2016-09-24 21:34 - 03861056 _____ C:\Users\čunda\Downloads\adwcleaner_6.020.exe
2016-09-24 21:23 - 2016-09-24 21:29 - 00000000 ____D C:\WINDOWS\Minidump
2016-09-24 21:04 - 2016-09-24 21:04 - 00034154 _____ C:\Users\čunda\Documents\cc_20160924_210419.reg
2016-09-24 20:30 - 2016-09-24 20:30 - 00000952 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-24 20:29 - 2016-09-24 20:30 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-09-24 20:29 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-24 20:29 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-24 20:29 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-24 20:24 - 2016-09-25 08:36 - 00000000 ____D C:\AdwCleaner
2016-09-24 19:42 - 2016-09-24 19:42 - 00015600 _____ C:\Users\čunda\Documents\AdwCleaner[S1].txt
2016-09-24 19:41 - 2016-09-24 19:41 - 00025144 _____ C:\Users\čunda\Documents\AdwCleaner[S0].txt
2016-09-23 22:24 - 2016-09-23 22:24 - 00001137 _____ C:\Users\čunda\Desktop\tadik.txt
2016-09-23 21:31 - 2016-09-25 08:56 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-23 21:29 - 2016-09-23 21:29 - 00000020 ___SH C:\Users\čunda\ntuser.ini
2016-09-23 19:20 - 2016-09-23 19:22 - 00026097 _____ C:\Users\čunda\Downloads\Addition.txt
2016-09-23 19:17 - 2016-09-25 13:42 - 00026763 _____ C:\Users\čunda\Downloads\FRST.txt
2016-09-23 19:17 - 2016-09-25 13:42 - 00000000 ____D C:\FRST
2016-09-23 19:16 - 2016-09-25 12:58 - 02402816 _____ (Farbar) C:\Users\čunda\Downloads\FRST64.exe
2016-09-23 18:33 - 2016-09-24 21:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-23 18:33 - 2016-09-23 18:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-23 18:25 - 2016-09-23 18:32 - 22851472 _____ (Malwarebytes ) C:\Users\čunda\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-23 11:19 - 2016-07-27 21:25 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-09-23 10:45 - 2016-09-23 10:45 - 00000000 ____D C:\ProgramData\UvConverter
2016-09-23 10:12 - 2016-09-23 10:13 - 34739208 _____ C:\Users\čunda\Downloads\Nepotvrzeno 715697.crdownload
2016-09-23 09:39 - 2016-09-23 18:06 - 00007603 _____ C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-09-22 23:05 - 2016-09-22 23:06 - 03861056 _____ C:\Users\čunda\Downloads\adwcleaner.exe
2016-09-22 23:05 - 2015-03-09 12:26 - 00019768 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
2016-09-22 23:05 - 2011-04-21 11:31 - 00017240 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg.sys
2016-09-22 23:03 - 2016-09-22 23:04 - 34739208 _____ C:\Users\čunda\Downloads\se-setup.exe
2016-09-22 22:56 - 2008-06-11 16:16 - 00001287 _____ C:\Users\čunda\Downloads\Přečti si!.txt
2016-09-22 22:55 - 2016-09-22 22:55 - 00234343 _____ C:\Users\čunda\Downloads\SUPERAntiSpyware4151000cz.zip
2016-09-22 22:52 - 2016-09-22 22:52 - 00000282 _____ C:\Users\čunda\Documents\cc_20160922_225210.reg
2016-09-22 22:51 - 2016-09-22 22:51 - 00004846 _____ C:\Users\čunda\Documents\cc_20160922_225122.reg
2016-09-22 22:40 - 2016-09-22 22:40 - 00179682 _____ C:\Users\čunda\Documents\cc_20160922_224017.reg
2016-09-22 22:35 - 2016-09-24 08:06 - 00000911 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-22 22:35 - 2016-09-22 22:35 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\Program Files\CCleaner
2016-09-22 22:34 - 2016-09-22 22:35 - 08244656 _____ (Piriform Ltd) C:\Users\čunda\Downloads\ccsetup522.exe
2016-09-22 22:33 - 2016-09-22 22:36 - 00000000 ____D C:\ProgramData\Avg
2016-09-22 22:32 - 2016-09-22 22:36 - 00000000 ____D C:\Users\čunda\AppData\Local\AvgSetupLog
2016-09-22 22:32 - 2016-09-22 22:32 - 02945520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\čunda\Downloads\AVG_Antivirus_Free_1425.exe
2016-09-22 22:32 - 2016-09-22 22:32 - 00000000 ____D C:\Users\čunda\AppData\Local\Avg
2016-09-22 18:44 - 2016-09-22 22:30 - 00004020 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1474562663
2016-09-22 16:59 - 2016-09-22 17:11 - 00000000 ____D C:\Program Files (x86)\pack
2016-09-22 16:59 - 2016-09-22 16:59 - 00000000 ____D C:\Program Files (x86)\lib
2016-09-22 16:54 - 2016-09-22 16:54 - 00000118 _____ C:\Users\čunda\Downloads\startmetin2.bat
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\python22.dll
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\nastaveni.exe
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\clientversion.txt
2016-09-22 16:31 - 2016-09-22 16:31 - 00000000 _____ C:\autoexec.bat
2016-09-22 16:27 - 2016-09-22 16:27 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-09-22 16:26 - 2016-09-22 16:26 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\čunda\Downloads\SpyHunter-Installer.exe
2016-09-22 16:09 - 2016-09-25 09:48 - 00000000 ____D C:\Users\čunda\AppData\Local\kingsoft
2016-09-22 15:47 - 2016-09-22 15:48 - 02373640 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x64.exe
2016-09-22 15:25 - 2016-09-22 15:25 - 00000000 ____D C:\Program Files\Kazrog LLC
2016-09-22 13:53 - 2016-09-22 15:22 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\quadcorem2-instalator.exe
2016-09-20 23:32 - 2016-09-21 00:18 - 00000000 ____D C:\Users\čunda\Downloads\Nová složka
2016-09-20 23:29 - 2016-09-20 23:29 - 00009922 _____ C:\Users\čunda\Downloads\fishingbot_1.2.rar
2016-09-17 23:10 - 2016-09-24 08:06 - 00001056 _____ C:\Users\Public\Desktop\Metin2.lnk
2016-09-17 23:10 - 2016-09-17 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2
2016-09-17 23:08 - 2016-09-25 11:53 - 00000000 ____D C:\Program Files (x86)\Metin2
2016-09-17 22:51 - 2016-09-22 16:54 - 00000000 ____D C:\Users\čunda\Downloads\pack
2016-09-17 22:51 - 2016-09-17 22:51 - 00000000 ____D C:\Users\čunda\Downloads\lib
2016-09-17 22:44 - 2016-09-17 23:07 - 720572809 _____ (Gameforge 4D GmbH ) C:\Users\čunda\Downloads\Metin2_cz_20111216.exe
2016-09-17 22:44 - 2016-09-17 22:44 - 00339609 _____ (Gameforge 4D ) C:\Users\čunda\Downloads\Downloader_Metin2_cz.exe
2016-09-17 22:43 - 2016-09-17 22:43 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\MSBuild
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-17 22:39 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:31 - 2016-09-17 22:31 - 02869264 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx35setup.exe
2016-09-17 22:04 - 2016-09-22 13:23 - 00000000 ____D C:\Kazrog LLC
2016-09-17 22:03 - 2016-09-23 17:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Quadcore
2016-09-17 21:03 - 2016-09-17 22:02 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\QuadcoreM2_instalator.exe
2016-09-17 18:43 - 2016-09-24 08:06 - 00000961 _____ C:\Users\Public\Desktop\Gameforge Live.lnk
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Users\čunda\AppData\Local\Gameforge4d
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Program Files\GameforgeLive
2016-09-17 18:05 - 2016-09-17 18:06 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup (1).exe
2016-09-16 13:16 - 2016-09-24 21:10 - 00002420 _____ C:\WINDOWS\System32\Tasks\{FA59C3EB-B5C8-49EA-99E7-B29317B79F49}
2016-09-15 22:48 - 2016-09-16 06:18 - 00000000 ____D C:\Program Files\Plumbytes Software
2016-09-13 21:15 - 2016-09-13 21:15 - 00000000 ____D C:\Users\čunda\AppData\Local\Tejkys
2016-09-13 19:55 - 2016-09-24 07:54 - 00000000 ____D C:\Users\čunda\Downloads\SpaceWorld
2016-09-11 08:26 - 2016-07-19 09:54 - 05893272 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\GameMon.des
2016-09-11 08:26 - 2004-12-30 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\npptNT2.sys
2016-09-11 08:26 - 2003-07-15 23:17 - 00005174 _____ C:\WINDOWS\SysWOW64\nppt9x.vxd
2016-09-11 08:25 - 2016-09-11 08:25 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2016-09-11 00:55 - 2016-09-22 17:27 - 00000000 ____D C:\Users\�unda
2016-09-11 00:55 - 2016-09-17 18:00 - 00000000 ____D C:\Users\�unda\Downloads\Gameforge Live
2016-09-11 00:54 - 2016-09-17 18:42 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2016-09-11 00:53 - 2016-09-11 00:54 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup.exe
2016-09-10 20:44 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-09-10 20:31 - 2016-09-10 20:31 - 00000000 ____D C:\Users\Public\Documents\Arc
2016-09-10 20:29 - 2016-08-20 01:16 - 10828376 _____ (Perfect World Entertainment) C:\Users\čunda\Downloads\ArcInstall_NW_v20160818a.exe
2016-09-10 09:46 - 2016-09-10 09:46 - 00875472 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\msvcr110.dll
2016-09-10 09:42 - 2016-09-10 09:42 - 00000000 ____D C:\Users\čunda\Downloads\d3dx9_43
2016-09-10 09:42 - 2010-06-14 14:26 - 01998168 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\D3DX9_43.dll
2016-09-10 09:15 - 2016-09-10 09:18 - 849671643 _____ C:\Users\čunda\Downloads\MuLegend S6ep3.rar
2016-09-08 23:46 - 2016-09-09 15:38 - 00000000 __SHD C:\Users\čunda\AppData\Local\.#
2016-09-08 23:21 - 2016-09-08 23:21 - 730915713 _____ C:\Users\čunda\Downloads\Dragon Mu Season 6 v3.5 Sonido & Musica On.rar
2016-09-08 22:26 - 2016-09-08 22:30 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86 (1).exe
2016-09-08 18:24 - 2016-09-25 10:01 - 00000000 ____D C:\Program Files (x86)\TitanMu.net Season 10Ep3
2016-09-07 15:00 - 2016-09-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrimeMu
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73254359.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247734.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247562.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000378 _____ C:\WINDOWS\SysWOW64\data.bin
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223750.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223609.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73222312.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\en_73221375.html
2016-09-06 18:59 - 2016-09-06 20:03 - 775166660 _____ C:\Users\čunda\Downloads\Žena-v-kleci-(2013)-CZ-Dabing.avi
2016-09-06 18:25 - 2016-09-06 18:25 - 00000000 ____D C:\ProgramData\Sun
2016-09-06 18:24 - 2016-09-22 17:38 - 00000351 _____ C:\Users\Public\Documents\temp.dat
2016-09-06 16:33 - 2016-09-06 16:33 - 00889416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx40_Full_setup.exe
2016-09-06 16:20 - 2016-09-06 16:20 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86.exe
2016-09-06 12:35 - 2016-09-06 13:07 - 00000000 ____D C:\Users\čunda\Desktop\Dorty na facebook
2016-09-06 12:30 - 2016-09-07 20:41 - 00000000 _____ C:\WINDOWS\SysWOW64\last.dump
2016-09-05 18:07 - 2014-04-22 21:18 - 00000000 ____D C:\Users\čunda\Downloads\rome 1
2016-09-05 16:26 - 2016-09-05 17:33 - 1612176103 _____ C:\Users\čunda\Downloads\Rome-Total-War-CZ-(genrot).rar
2016-09-05 16:15 - 2016-09-05 16:15 - 00003200 _____ C:\WINDOWS\System32\Tasks\{3871AF8C-709B-4770-A3A4-E2BA52556370}
2016-09-05 15:37 - 2016-09-05 16:01 - 581629952 _____ C:\Users\čunda\Downloads\ROME-TOTAL-WAR-DISK-1.ISO
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-09-04 12:43 - 2016-09-04 12:43 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Foxit Software
2016-09-04 12:42 - 2016-09-04 12:42 - 00000000 ____D C:\ProgramData\IntelDLM
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\Downloads\Intel Components
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\AppData\Local\Intel
2016-09-04 12:38 - 2016-09-24 08:06 - 00001243 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.6.lnk
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-09-04 12:38 - 2015-06-04 13:33 - 00021984 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2016-09-04 12:37 - 2016-09-04 12:37 - 07491840 _____ (Intel) C:\Users\čunda\Downloads\Intel Driver Update Utility Installer.exe
2016-09-04 12:37 - 2016-09-04 12:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel
2016-09-03 12:36 - 2016-09-03 12:36 - 00121638 _____ C:\Users\čunda\Downloads\MicrosoftEasyFix20140.mini.diagcab
2016-09-03 11:19 - 2016-09-03 11:19 - 00000010 _____ C:\Users\čunda\Desktop\Nový textový dokument.txt
2016-09-03 09:59 - 2016-09-03 09:59 - 00000000 ____D C:\ProgramData\BlueStacks
2016-09-03 09:58 - 2016-09-03 09:58 - 00000000 ____D C:\Users\čunda\AppData\Roaming\WildTangent
2016-09-02 13:57 - 2016-09-02 15:06 - 855987284 _____ C:\Users\čunda\Downloads\Sicario---Nájemný-vrah---2015-CZ-dabing.avi
2016-09-02 12:30 - 2016-09-02 12:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\CareCenter
2016-09-02 12:28 - 2016-09-02 12:28 - 00000000 ____D C:\Users\čunda\AppData\Roaming\CareCenter
2016-09-01 18:07 - 2016-09-01 18:07 - 00000000 _____ C:\Recovery.txt
2016-09-01 17:05 - 2016-09-19 20:35 - 00000000 ___HD C:\$Windows.~BT
2016-09-01 15:55 - 2016-09-01 18:07 - 00000000 ___HD C:\$SysReset
2016-08-31 16:22 - 2016-09-12 16:10 - 00000000 ____D C:\Users\čunda\AppData\Local\ElevatedDiagnostics
2016-08-30 14:54 - 2016-08-30 14:54 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp0.html
2016-08-30 14:07 - 2016-08-30 14:07 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp2.html
2016-08-30 10:28 - 2016-08-30 10:28 - 00044640 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2016-08-30 10:24 - 2016-08-30 10:24 - 06306272 _____ (AVAST Software) C:\Users\čunda\Downloads\avast_premier_antivirus_setup_online_b0h.exe
2016-08-30 07:48 - 2016-08-30 07:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MUX Global Arkania Episode 3
2016-08-29 23:46 - 2016-08-30 06:22 - 594256970 _____ () C:\Users\čunda\Downloads\MUX Global Arkania Episode 3 (17.03.2016).exe
2016-08-29 15:46 - 2016-08-29 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G4Story_CZ
2016-08-29 15:39 - 2016-08-31 16:56 - 00000000 ____D C:\Program Files (x86)\G4Story_CZ
2016-08-29 15:28 - 2016-08-29 15:35 - 1327986213 _____ (G4Story Studio ) C:\Users\čunda\Downloads\G4Story_CZ.exe
2016-08-28 22:26 - 2016-08-28 22:27 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-08-28 22:19 - 2016-09-10 08:52 - 00000000 ____D C:\Program Files\P4StoryEN
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-25 11:08 - 2016-08-06 20:59 - 00000000 ____D C:\Users\čunda\AppData\Local\CrashDumps
2016-09-25 09:51 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-25 09:51 - 2015-08-10 23:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-25 09:51 - 2015-08-10 23:00 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildGames
2016-09-25 09:44 - 2016-08-17 15:03 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-09-25 09:34 - 2016-08-20 13:20 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Kingsoft
2016-09-25 08:59 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-25 08:41 - 2015-07-16 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-09-25 08:40 - 2016-08-06 08:31 - 00000000 ____D C:\Users\čunda\AppData\Local\clear.fi
2016-09-25 08:38 - 2016-08-17 15:03 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-25 08:38 - 2016-08-06 08:27 - 00000000 __SHD C:\Users\čunda\IntelGraphicsProfiles
2016-09-25 08:37 - 2016-04-27 08:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-25 08:36 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-09-25 08:35 - 2016-08-24 12:41 - 00000000 ____D C:\WINDOWS\system32\log
2016-09-25 08:34 - 2015-08-10 23:23 - 00000000 ____D C:\Program Files (x86)\Amazon
2016-09-25 08:26 - 2016-08-17 15:06 - 00000000 ____D C:\Users\čunda
2016-09-24 22:05 - 2016-08-20 13:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Seznam.cz
2016-09-24 08:07 - 2016-08-06 08:32 - 00002395 _____ C:\Users\čunda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-24 08:07 - 2015-10-30 09:18 - 00000853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2016-09-24 08:06 - 2016-08-24 12:43 - 00002542 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-24 08:06 - 2016-08-24 12:42 - 00002280 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-24 08:06 - 2016-08-11 12:56 - 00000896 _____ C:\Users\Public\Desktop\P4StoryEN.lnk
2016-09-24 08:06 - 2016-08-06 20:56 - 00001862 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-09-24 07:55 - 2016-04-27 08:43 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-23 23:16 - 2016-08-24 12:42 - 00002385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-23 23:16 - 2016-08-17 15:13 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk
2016-09-23 23:16 - 2015-10-30 09:18 - 00001590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
2016-09-23 23:16 - 2015-10-30 09:17 - 00002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk
2016-09-23 18:35 - 2016-08-20 13:43 - 00000000 ___HD C:\Program Files (x86)\ydp7C23
2016-09-23 12:41 - 2016-08-24 12:39 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-09-23 11:34 - 2016-04-27 08:54 - 01761358 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-23 11:34 - 2016-04-27 08:11 - 00744960 _____ C:\WINDOWS\system32\perfh005.dat
2016-09-23 11:34 - 2016-04-27 08:11 - 00147258 _____ C:\WINDOWS\system32\perfc005.dat
2016-09-23 08:00 - 2016-08-08 07:05 - 00000000 ____D C:\Users\čunda\AppData\Roaming\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files\AVAST Software
2016-09-22 22:41 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\Packages
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-22 22:38 - 2016-08-06 20:56 - 00000000 ____D C:\Users\čunda\AppData\Roaming\DAEMON Tools Lite
2016-09-22 21:29 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-22 17:31 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-09-22 17:31 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-09-22 17:27 - 2015-07-10 11:05 - 00000000 ____D C:\Users\Default.migrated
2016-09-22 15:51 - 2015-08-10 22:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-20 08:24 - 2015-07-16 05:31 - 00000000 ____D C:\Program Files (x86)\Acer
2016-09-19 20:36 - 2016-08-17 15:52 - 00000000 ____D C:\Windows.old
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-16 14:35 - 2016-08-09 13:29 - 00000000 ____D C:\Users\čunda\AppData\Local\Akamai
2016-09-16 13:22 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\WildTangent
2016-09-16 06:33 - 2016-08-13 07:48 - 00000000 ____D C:\Games
2016-09-13 13:34 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-13 13:34 - 2015-08-10 22:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-11 08:02 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\VirtualStore
2016-09-09 18:30 - 2016-08-15 07:28 - 00000000 ____D C:\Users\čunda\AppData\Local\RabanSoft
2016-09-08 21:29 - 2016-08-12 06:09 - 00140600 _____ (AhnLab, Inc.) C:\WINDOWS\system32\Drivers\EagleX64.sys
2016-09-07 03:00 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 03:00 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-04 12:59 - 2015-08-10 22:58 - 00000000 ____D C:\ProgramData\Intel
2016-09-04 12:48 - 2015-08-10 22:58 - 00000000 ____D C:\Program Files (x86)\Intel
2016-09-04 12:45 - 2016-08-17 15:02 - 00000000 ____D C:\Program Files\Intel
2016-09-04 12:24 - 2015-08-10 23:06 - 00000000 ___HD C:\Intel
2016-09-03 13:19 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-03 09:54 - 2015-08-10 23:30 - 00000000 ____D C:\ProgramData\CyberLink
2016-09-03 09:50 - 2016-08-06 21:04 - 00000000 ____D C:\Program Files\Flagship Studios
2016-09-02 12:26 - 2016-08-06 08:30 - 00000000 ____D C:\Users\čunda\AppData\Local\CareCenter
2016-09-01 21:07 - 2016-08-17 15:56 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-30 11:04 - 2016-08-17 15:23 - 00003508 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2016-08-30 11:04 - 2015-07-16 06:13 - 00000000 ___HD C:\OEM
2016-08-29 13:08 - 2016-08-17 15:23 - 00003060 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2016-08-29 11:49 - 2016-04-26 23:45 - 00194472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-28 22:26 - 2016-08-12 12:37 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2016-08-28 22:26 - 2016-08-11 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\P4StoryEN
2016-08-28 16:42 - 2016-08-24 12:39 - 00000495 _____ C:\Users\Public\Documents\report1.dat
==================== Files in the root of some directories =======
2016-09-23 09:39 - 2016-09-23 18:06 - 0007603 _____ () C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-08-17 15:02 - 2016-08-17 15:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-15 05:45 - 2016-08-15 05:45 - 0000016 _____ () C:\ProgramData\mntemp
2016-09-25 09:49 - 2014-04-17 00:08 - 0658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2942882.exe
2016-09-25 09:59 - 2014-04-17 00:08 - 0658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall3558290.exe
Files to move or delete:
====================
C:\ProgramData\uninstall2942882.exe
C:\ProgramData\uninstall3558290.exe
Some files in TEMP:
====================
C:\Users\čunda\AppData\Local\Temp\libeay32.dll
C:\Users\čunda\AppData\Local\Temp\msvcr120.dll
C:\Users\čunda\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-09-22 00:10
==================== End of FRST.txt ============================
Re: Dns unlocker
Tak sem znovu vyčistil s ADW Cleaner tady je log
# AdwCleaner v6.020 - Log soubor vytvořen 25/09/2016 na 13:54:40
# Aktualizováno dne 14/09/2016 z ToolsLib
# Databáze : 2016-09-24.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : čunda - LAPTOP-LCVD3MHM
# Beží od : C:\Users\čunda\Downloads\adwcleaner_6.020.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
***** [ Adresáře ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [15920 Bajtů] - [25/09/2016 08:36:01]
C:\AdwCleaner\AdwCleaner[C2].txt - [866 Bajtů] - [25/09/2016 13:54:40]
C:\AdwCleaner\AdwCleaner[S0].txt - [15522 Bajtů] - [24/09/2016 21:42:10]
C:\AdwCleaner\AdwCleaner[S1].txt - [15599 Bajtů] - [25/09/2016 08:34:00]
C:\AdwCleaner\AdwCleaner[S2].txt - [1662 Bajtů] - [25/09/2016 13:53:25]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1163 Bajtů] ##########
# AdwCleaner v6.020 - Log soubor vytvořen 25/09/2016 na 13:54:40
# Aktualizováno dne 14/09/2016 z ToolsLib
# Databáze : 2016-09-24.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : čunda - LAPTOP-LCVD3MHM
# Beží od : C:\Users\čunda\Downloads\adwcleaner_6.020.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
***** [ Adresáře ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [15920 Bajtů] - [25/09/2016 08:36:01]
C:\AdwCleaner\AdwCleaner[C2].txt - [866 Bajtů] - [25/09/2016 13:54:40]
C:\AdwCleaner\AdwCleaner[S0].txt - [15522 Bajtů] - [24/09/2016 21:42:10]
C:\AdwCleaner\AdwCleaner[S1].txt - [15599 Bajtů] - [25/09/2016 08:34:00]
C:\AdwCleaner\AdwCleaner[S2].txt - [1662 Bajtů] - [25/09/2016 13:53:25]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1163 Bajtů] ##########
-
Rudy
- Site Admin
- Příspěvky: 118265
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Dns unlocker
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\čunda\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: H - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {37fe60c3-5be5-11e6-9bd0-3065ec81dabc} - "E:\Setup.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {9b5c289d-66c4-11e6-b8d2-3065ec81dabc} - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: H - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {37fe60c3-5be5-11e6-9bd0-3065ec81dabc} - "E:\Setup.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Edge HomeButtonPage: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=14 ... PFH64PFH64
CHR HomePage: qudachmupishplalily -> hxxp://www.nicesearches.com?type=hp&ts= ... 9cam7b8e3w
CHR StartupUrls: qudachmupishplalily -> "hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w"
CHR DefaultSearchURL: qudachmupishplalily -> hxxp://www.nicesearches.com/search.php? ... m7b8e3w&q={searchTerms}
CHR DefaultSearchKeyword: qudachmupishplalily -> nice
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily [2016-09-25] <==== ATTENTION
U0 aswVmm; no ImagePath
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
C:\ProgramData\uninstall2942882.exe
C:\ProgramData\uninstall3558290.exe
C:\Users\čunda\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Dns unlocker
Tady je log s FRST před kliknutim (po scanu ) na fix, po kliknutí na fix píse : No fixlist.txt found. The fixlist.txt should be in the same folder/directory the tool is located.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2016
Ran by čunda (administrator) on LAPTOP-LCVD3MHM (25-09-2016 20:11:05)
Running from C:\Users\čunda\Downloads
Loaded Profiles: čunda (Available Profiles: čunda)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\ProgramData\UvConverter\UvConverter.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: H - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {37fe60c3-5be5-11e6-9bd0-3065ec81dabc} - "E:\Setup.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {9b5c289d-66c4-11e6-b8d2-3065ec81dabc} - "G:\setup\rsrc\Autorun.exe"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{4c05c3ce-f25a-4e64-82c1-5b3eca53fd9e}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{4c05c3ce-f25a-4e64-82c1-5b3eca53fd9e}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{eea7fe2d-21aa-4222-be63-103c86fec1db}: [DhcpNameServer] 82.163.143.171
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544401372&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544420656&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544482462&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {1F4F7198-8B19-4F61-B21A-8DBCC5C114E1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {2349977B-D64A-4633-B5FA-7AD1802BE099} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {252FA411-AD31-4A29-918C-C21FC9D9D214} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {32673C6B-27F9-4E97-A68E-43D564E14C45} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {403F17D7-960C-4456-A2D3-E47AD1F43922} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {65F404CD-F576-4A92-927F-F454C5924183} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {C376FE94-E51D-4037-BFAB-34C798E6170F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {EC2C06C7-B9F2-4A54-9BCF-E9C89C6045AB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F154C596-75A9-4028-90E8-9752BD7CA05B} URL =
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F200769B-1323-4202-8BF1-DB7DC7F88909} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=147324502 ... PFH64PFH64
FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HomePage: qudachmupishplalily -> hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w
CHR StartupUrls: qudachmupishplalily -> "hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w"
CHR DefaultSearchURL: qudachmupishplalily -> hxxp://www.nicesearches.com/search.php?type=ds ... earchTerms}
CHR DefaultSearchKeyword: qudachmupishplalily -> nice
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default [2016-09-25]
CHR Extension: (Prezentace Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-20]
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-06]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-06]
CHR Extension: (Seznam Lištička - Email) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-06]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-06]
CHR Extension: (SiteAdvisor) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-08-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-06]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-20]
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily [2016-09-25] <==== ATTENTION
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-20]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-20]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-20]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-20]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
StartMenuInternet: Google Chrome - Chrome.exe
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-07-29] (Disc Soft Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [368552 2016-08-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] ()
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5893272 2016-07-19] (INCA Internet Co., Ltd.)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 UvConverter; C:\ProgramData\UvConverter\UvConverter.exe [336104 2016-09-23] ()
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-08-17] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2016-08-30] (The OpenVPN Project)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-06] (Disc Soft Ltd)
S3 EagleX64; C:\Windows\system32\drivers\EagleX64.sys [140600 2016-09-08] (AhnLab, Inc.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-09-22] ()
R3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [41976 2015-10-09] (Intel(R) Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [345872 2016-05-26] (Intel Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5759240 2016-08-06] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3528976 2016-06-14] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [936192 2016-08-25] (Realtek )
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [47784 2015-05-27] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [36904 2016-08-11] (Wellbia.com Co., Ltd.)
U0 aswVmm; no ImagePath
S3 RTSUER; \SystemRoot\system32\Drivers\RtsUer.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-25 20:06 - 2016-09-25 20:05 - 00002669 _____ C:\Users\�unda\Downloads\fixlist.txt
2016-09-25 14:00 - 2016-09-25 14:00 - 00003388 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2016-09-25 12:58 - 2016-09-25 19:59 - 00000000 ____D C:\Users\čunda\Downloads\FRST-OlderVersion
2016-09-25 09:52 - 2016-09-25 09:52 - 00003294 _____ C:\WINDOWS\System32\Tasks\{AF6D9DA6-7772-4F89-9D63-08887B4C6B7B}
2016-09-25 08:29 - 2016-09-25 08:36 - 00189502 _____ C:\WINDOWS\ntbtlog.txt
2016-09-25 08:29 - 2016-09-25 08:29 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-09-24 21:33 - 2016-09-24 21:34 - 03861056 _____ C:\Users\čunda\Downloads\adwcleaner_6.020.exe
2016-09-24 21:23 - 2016-09-24 21:29 - 00000000 ____D C:\WINDOWS\Minidump
2016-09-24 21:04 - 2016-09-24 21:04 - 00034154 _____ C:\Users\čunda\Documents\cc_20160924_210419.reg
2016-09-24 20:30 - 2016-09-24 20:30 - 00000952 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-24 20:29 - 2016-09-24 20:30 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-09-24 20:29 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-24 20:29 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-24 20:29 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-24 20:24 - 2016-09-25 14:04 - 00000000 ____D C:\AdwCleaner
2016-09-24 19:42 - 2016-09-24 19:42 - 00015600 _____ C:\Users\čunda\Documents\AdwCleaner[S1].txt
2016-09-24 19:41 - 2016-09-24 19:41 - 00025144 _____ C:\Users\čunda\Documents\AdwCleaner[S0].txt
2016-09-23 22:24 - 2016-09-23 22:24 - 00001137 _____ C:\Users\čunda\Desktop\tadik.txt
2016-09-23 21:31 - 2016-09-25 17:51 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-23 21:29 - 2016-09-23 21:29 - 00000020 ___SH C:\Users\čunda\ntuser.ini
2016-09-23 19:20 - 2016-09-23 19:22 - 00026097 _____ C:\Users\čunda\Downloads\Addition.txt
2016-09-23 19:17 - 2016-09-25 20:11 - 00021150 _____ C:\Users\čunda\Downloads\FRST.txt
2016-09-23 19:17 - 2016-09-25 20:11 - 00000000 ____D C:\FRST
2016-09-23 19:16 - 2016-09-25 19:59 - 02403328 _____ (Farbar) C:\Users\čunda\Downloads\FRST64.exe
2016-09-23 18:33 - 2016-09-24 21:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-23 18:33 - 2016-09-23 18:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-23 18:25 - 2016-09-23 18:32 - 22851472 _____ (Malwarebytes ) C:\Users\čunda\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-23 11:19 - 2016-07-27 21:25 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-09-23 10:45 - 2016-09-23 10:45 - 00000000 ____D C:\ProgramData\UvConverter
2016-09-23 10:12 - 2016-09-23 10:13 - 34739208 _____ C:\Users\čunda\Downloads\Nepotvrzeno 715697.crdownload
2016-09-23 09:39 - 2016-09-23 18:06 - 00007603 _____ C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-09-22 23:05 - 2016-09-22 23:06 - 03861056 _____ C:\Users\čunda\Downloads\adwcleaner.exe
2016-09-22 23:05 - 2015-03-09 12:26 - 00019768 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
2016-09-22 23:05 - 2011-04-21 11:31 - 00017240 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg.sys
2016-09-22 23:03 - 2016-09-22 23:04 - 34739208 _____ C:\Users\čunda\Downloads\se-setup.exe
2016-09-22 22:56 - 2008-06-11 16:16 - 00001287 _____ C:\Users\čunda\Downloads\Přečti si!.txt
2016-09-22 22:55 - 2016-09-22 22:55 - 00234343 _____ C:\Users\čunda\Downloads\SUPERAntiSpyware4151000cz.zip
2016-09-22 22:52 - 2016-09-22 22:52 - 00000282 _____ C:\Users\čunda\Documents\cc_20160922_225210.reg
2016-09-22 22:51 - 2016-09-22 22:51 - 00004846 _____ C:\Users\čunda\Documents\cc_20160922_225122.reg
2016-09-22 22:40 - 2016-09-22 22:40 - 00179682 _____ C:\Users\čunda\Documents\cc_20160922_224017.reg
2016-09-22 22:35 - 2016-09-24 08:06 - 00000911 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-22 22:35 - 2016-09-22 22:35 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\Program Files\CCleaner
2016-09-22 22:34 - 2016-09-22 22:35 - 08244656 _____ (Piriform Ltd) C:\Users\čunda\Downloads\ccsetup522.exe
2016-09-22 22:33 - 2016-09-22 22:36 - 00000000 ____D C:\ProgramData\Avg
2016-09-22 22:32 - 2016-09-22 22:36 - 00000000 ____D C:\Users\čunda\AppData\Local\AvgSetupLog
2016-09-22 22:32 - 2016-09-22 22:32 - 02945520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\čunda\Downloads\AVG_Antivirus_Free_1425.exe
2016-09-22 22:32 - 2016-09-22 22:32 - 00000000 ____D C:\Users\čunda\AppData\Local\Avg
2016-09-22 18:44 - 2016-09-22 22:30 - 00004020 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1474562663
2016-09-22 16:59 - 2016-09-22 17:11 - 00000000 ____D C:\Program Files (x86)\pack
2016-09-22 16:59 - 2016-09-22 16:59 - 00000000 ____D C:\Program Files (x86)\lib
2016-09-22 16:54 - 2016-09-22 16:54 - 00000118 _____ C:\Users\čunda\Downloads\startmetin2.bat
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\python22.dll
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\nastaveni.exe
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\clientversion.txt
2016-09-22 16:31 - 2016-09-22 16:31 - 00000000 _____ C:\autoexec.bat
2016-09-22 16:27 - 2016-09-22 16:27 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-09-22 16:26 - 2016-09-22 16:26 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\čunda\Downloads\SpyHunter-Installer.exe
2016-09-22 16:09 - 2016-09-25 09:48 - 00000000 ____D C:\Users\čunda\AppData\Local\kingsoft
2016-09-22 15:47 - 2016-09-22 15:48 - 02373640 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x64.exe
2016-09-22 15:25 - 2016-09-22 15:25 - 00000000 ____D C:\Program Files\Kazrog LLC
2016-09-22 13:53 - 2016-09-22 15:22 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\quadcorem2-instalator.exe
2016-09-20 23:32 - 2016-09-21 00:18 - 00000000 ____D C:\Users\čunda\Downloads\Nová složka
2016-09-20 23:29 - 2016-09-20 23:29 - 00009922 _____ C:\Users\čunda\Downloads\fishingbot_1.2.rar
2016-09-17 23:10 - 2016-09-24 08:06 - 00001056 _____ C:\Users\Public\Desktop\Metin2.lnk
2016-09-17 23:10 - 2016-09-17 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2
2016-09-17 23:08 - 2016-09-25 16:47 - 00000000 ____D C:\Program Files (x86)\Metin2
2016-09-17 22:51 - 2016-09-22 16:54 - 00000000 ____D C:\Users\čunda\Downloads\pack
2016-09-17 22:51 - 2016-09-17 22:51 - 00000000 ____D C:\Users\čunda\Downloads\lib
2016-09-17 22:44 - 2016-09-17 23:07 - 720572809 _____ (Gameforge 4D GmbH ) C:\Users\čunda\Downloads\Metin2_cz_20111216.exe
2016-09-17 22:44 - 2016-09-17 22:44 - 00339609 _____ (Gameforge 4D ) C:\Users\čunda\Downloads\Downloader_Metin2_cz.exe
2016-09-17 22:43 - 2016-09-17 22:43 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\MSBuild
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-17 22:39 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:31 - 2016-09-17 22:31 - 02869264 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx35setup.exe
2016-09-17 22:04 - 2016-09-22 13:23 - 00000000 ____D C:\Kazrog LLC
2016-09-17 22:03 - 2016-09-23 17:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Quadcore
2016-09-17 21:03 - 2016-09-17 22:02 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\QuadcoreM2_instalator.exe
2016-09-17 18:43 - 2016-09-24 08:06 - 00000961 _____ C:\Users\Public\Desktop\Gameforge Live.lnk
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Users\čunda\AppData\Local\Gameforge4d
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Program Files\GameforgeLive
2016-09-17 18:05 - 2016-09-17 18:06 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup (1).exe
2016-09-16 13:16 - 2016-09-24 21:10 - 00002420 _____ C:\WINDOWS\System32\Tasks\{FA59C3EB-B5C8-49EA-99E7-B29317B79F49}
2016-09-15 22:48 - 2016-09-16 06:18 - 00000000 ____D C:\Program Files\Plumbytes Software
2016-09-13 21:15 - 2016-09-13 21:15 - 00000000 ____D C:\Users\čunda\AppData\Local\Tejkys
2016-09-13 19:55 - 2016-09-24 07:54 - 00000000 ____D C:\Users\čunda\Downloads\SpaceWorld
2016-09-11 08:26 - 2016-07-19 09:54 - 05893272 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\GameMon.des
2016-09-11 08:26 - 2004-12-30 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\npptNT2.sys
2016-09-11 08:26 - 2003-07-15 23:17 - 00005174 _____ C:\WINDOWS\SysWOW64\nppt9x.vxd
2016-09-11 08:25 - 2016-09-11 08:25 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2016-09-11 00:55 - 2016-09-22 17:27 - 00000000 ____D C:\Users\�unda
2016-09-11 00:55 - 2016-09-17 18:00 - 00000000 ____D C:\Users\�unda\Downloads\Gameforge Live
2016-09-11 00:54 - 2016-09-17 18:42 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2016-09-11 00:53 - 2016-09-11 00:54 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup.exe
2016-09-10 20:44 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-09-10 20:31 - 2016-09-10 20:31 - 00000000 ____D C:\Users\Public\Documents\Arc
2016-09-10 20:29 - 2016-08-20 01:16 - 10828376 _____ (Perfect World Entertainment) C:\Users\čunda\Downloads\ArcInstall_NW_v20160818a.exe
2016-09-10 09:46 - 2016-09-10 09:46 - 00875472 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\msvcr110.dll
2016-09-10 09:42 - 2016-09-10 09:42 - 00000000 ____D C:\Users\čunda\Downloads\d3dx9_43
2016-09-10 09:42 - 2010-06-14 14:26 - 01998168 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\D3DX9_43.dll
2016-09-10 09:15 - 2016-09-10 09:18 - 849671643 _____ C:\Users\čunda\Downloads\MuLegend S6ep3.rar
2016-09-08 23:46 - 2016-09-09 15:38 - 00000000 __SHD C:\Users\čunda\AppData\Local\.#
2016-09-08 23:21 - 2016-09-08 23:21 - 730915713 _____ C:\Users\čunda\Downloads\Dragon Mu Season 6 v3.5 Sonido & Musica On.rar
2016-09-08 22:26 - 2016-09-08 22:30 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86 (1).exe
2016-09-08 18:24 - 2016-09-25 10:01 - 00000000 ____D C:\Program Files (x86)\TitanMu.net Season 10Ep3
2016-09-07 15:00 - 2016-09-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrimeMu
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73254359.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247734.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247562.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000378 _____ C:\WINDOWS\SysWOW64\data.bin
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223750.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223609.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73222312.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\en_73221375.html
2016-09-06 18:59 - 2016-09-06 20:03 - 775166660 _____ C:\Users\čunda\Downloads\Žena-v-kleci-(2013)-CZ-Dabing.avi
2016-09-06 18:25 - 2016-09-06 18:25 - 00000000 ____D C:\ProgramData\Sun
2016-09-06 18:24 - 2016-09-22 17:38 - 00000351 _____ C:\Users\Public\Documents\temp.dat
2016-09-06 16:33 - 2016-09-06 16:33 - 00889416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx40_Full_setup.exe
2016-09-06 16:20 - 2016-09-06 16:20 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86.exe
2016-09-06 12:35 - 2016-09-06 13:07 - 00000000 ____D C:\Users\čunda\Desktop\Dorty na facebook
2016-09-06 12:30 - 2016-09-07 20:41 - 00000000 _____ C:\WINDOWS\SysWOW64\last.dump
2016-09-05 18:07 - 2014-04-22 21:18 - 00000000 ____D C:\Users\čunda\Downloads\rome 1
2016-09-05 16:26 - 2016-09-05 17:33 - 1612176103 _____ C:\Users\čunda\Downloads\Rome-Total-War-CZ-(genrot).rar
2016-09-05 16:15 - 2016-09-05 16:15 - 00003200 _____ C:\WINDOWS\System32\Tasks\{3871AF8C-709B-4770-A3A4-E2BA52556370}
2016-09-05 15:37 - 2016-09-05 16:01 - 581629952 _____ C:\Users\čunda\Downloads\ROME-TOTAL-WAR-DISK-1.ISO
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-09-04 12:43 - 2016-09-04 12:43 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Foxit Software
2016-09-04 12:42 - 2016-09-04 12:42 - 00000000 ____D C:\ProgramData\IntelDLM
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\Downloads\Intel Components
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\AppData\Local\Intel
2016-09-04 12:38 - 2016-09-24 08:06 - 00001243 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.6.lnk
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-09-04 12:38 - 2015-06-04 13:33 - 00021984 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2016-09-04 12:37 - 2016-09-04 12:37 - 07491840 _____ (Intel) C:\Users\čunda\Downloads\Intel Driver Update Utility Installer.exe
2016-09-04 12:37 - 2016-09-04 12:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel
2016-09-03 12:36 - 2016-09-03 12:36 - 00121638 _____ C:\Users\čunda\Downloads\MicrosoftEasyFix20140.mini.diagcab
2016-09-03 11:19 - 2016-09-03 11:19 - 00000010 _____ C:\Users\čunda\Desktop\Nový textový dokument.txt
2016-09-03 09:59 - 2016-09-03 09:59 - 00000000 ____D C:\ProgramData\BlueStacks
2016-09-03 09:58 - 2016-09-03 09:58 - 00000000 ____D C:\Users\čunda\AppData\Roaming\WildTangent
2016-09-02 13:57 - 2016-09-02 15:06 - 855987284 _____ C:\Users\čunda\Downloads\Sicario---Nájemný-vrah---2015-CZ-dabing.avi
2016-09-02 12:30 - 2016-09-02 12:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\CareCenter
2016-09-02 12:28 - 2016-09-02 12:28 - 00000000 ____D C:\Users\čunda\AppData\Roaming\CareCenter
2016-09-01 18:07 - 2016-09-01 18:07 - 00000000 _____ C:\Recovery.txt
2016-09-01 17:05 - 2016-09-19 20:35 - 00000000 ____D C:\$Windows.~BT
2016-09-01 15:55 - 2016-09-01 18:07 - 00000000 ___HD C:\$SysReset
2016-08-31 16:22 - 2016-09-12 16:10 - 00000000 ____D C:\Users\čunda\AppData\Local\ElevatedDiagnostics
2016-08-30 14:54 - 2016-08-30 14:54 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp0.html
2016-08-30 14:07 - 2016-08-30 14:07 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp2.html
2016-08-30 10:28 - 2016-08-30 10:28 - 00044640 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2016-08-30 10:24 - 2016-08-30 10:24 - 06306272 _____ (AVAST Software) C:\Users\čunda\Downloads\avast_premier_antivirus_setup_online_b0h.exe
2016-08-30 07:48 - 2016-08-30 07:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MUX Global Arkania Episode 3
2016-08-29 23:46 - 2016-08-30 06:22 - 594256970 _____ () C:\Users\čunda\Downloads\MUX Global Arkania Episode 3 (17.03.2016).exe
2016-08-29 15:46 - 2016-08-29 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G4Story_CZ
2016-08-29 15:39 - 2016-08-31 16:56 - 00000000 ____D C:\Program Files (x86)\G4Story_CZ
2016-08-29 15:28 - 2016-08-29 15:35 - 1327986213 _____ (G4Story Studio ) C:\Users\čunda\Downloads\G4Story_CZ.exe
2016-08-28 22:26 - 2016-08-28 22:27 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-08-28 22:19 - 2016-09-10 08:52 - 00000000 ____D C:\Program Files\P4StoryEN
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-25 17:45 - 2016-08-06 20:59 - 00000000 ____D C:\Users\čunda\AppData\Local\CrashDumps
2016-09-25 17:42 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-25 16:15 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-25 16:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-25 16:07 - 2016-08-06 12:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-25 16:03 - 2016-08-06 12:01 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-25 16:03 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-25 14:06 - 2016-08-20 13:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Seznam.cz
2016-09-25 14:00 - 2015-07-16 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-09-25 13:58 - 2016-08-06 08:31 - 00000000 ____D C:\Users\čunda\AppData\Local\clear.fi
2016-09-25 13:57 - 2016-08-06 08:27 - 00000000 __SHD C:\Users\čunda\IntelGraphicsProfiles
2016-09-25 13:56 - 2016-08-17 15:03 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-25 13:55 - 2016-04-27 08:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-25 13:55 - 2016-04-26 23:45 - 00194448 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-25 13:55 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-09-25 13:55 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildGames
2016-09-25 09:51 - 2015-08-10 23:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-25 09:51 - 2015-08-10 23:00 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-09-25 09:44 - 2016-08-17 15:03 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-09-25 09:34 - 2016-08-20 13:20 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Kingsoft
2016-09-25 08:35 - 2016-08-24 12:41 - 00000000 ____D C:\WINDOWS\system32\log
2016-09-25 08:34 - 2015-08-10 23:23 - 00000000 ____D C:\Program Files (x86)\Amazon
2016-09-25 08:26 - 2016-08-17 15:06 - 00000000 ____D C:\Users\čunda
2016-09-24 08:07 - 2016-08-06 08:32 - 00002395 _____ C:\Users\čunda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-24 08:07 - 2015-10-30 09:18 - 00000853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2016-09-24 08:06 - 2016-08-24 12:43 - 00002542 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-24 08:06 - 2016-08-24 12:42 - 00002280 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-24 08:06 - 2016-08-11 12:56 - 00000896 _____ C:\Users\Public\Desktop\P4StoryEN.lnk
2016-09-24 08:06 - 2016-08-06 20:56 - 00001862 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-09-24 07:55 - 2016-04-27 08:43 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-23 23:16 - 2016-08-24 12:42 - 00002385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-23 23:16 - 2016-08-17 15:13 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk
2016-09-23 23:16 - 2015-10-30 09:18 - 00001590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
2016-09-23 23:16 - 2015-10-30 09:17 - 00002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk
2016-09-23 18:35 - 2016-08-20 13:43 - 00000000 ___HD C:\Program Files (x86)\ydp7C23
2016-09-23 12:41 - 2016-08-24 12:39 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-09-23 11:34 - 2016-04-27 08:54 - 01761358 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-23 11:34 - 2016-04-27 08:11 - 00744960 _____ C:\WINDOWS\system32\perfh005.dat
2016-09-23 11:34 - 2016-04-27 08:11 - 00147258 _____ C:\WINDOWS\system32\perfc005.dat
2016-09-23 08:00 - 2016-08-08 07:05 - 00000000 ____D C:\Users\čunda\AppData\Roaming\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files\AVAST Software
2016-09-22 22:41 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\Packages
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-22 22:38 - 2016-08-06 20:56 - 00000000 ____D C:\Users\čunda\AppData\Roaming\DAEMON Tools Lite
2016-09-22 17:31 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-09-22 17:31 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-09-22 17:27 - 2015-07-10 11:05 - 00000000 ____D C:\Users\Default.migrated
2016-09-22 15:51 - 2015-08-10 22:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-20 08:24 - 2015-07-16 05:31 - 00000000 ____D C:\Program Files (x86)\Acer
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-16 14:35 - 2016-08-09 13:29 - 00000000 ____D C:\Users\čunda\AppData\Local\Akamai
2016-09-16 13:22 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\WildTangent
2016-09-16 06:33 - 2016-08-13 07:48 - 00000000 ____D C:\Games
2016-09-13 13:34 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-13 13:34 - 2015-08-10 22:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-11 08:02 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\VirtualStore
2016-09-09 18:30 - 2016-08-15 07:28 - 00000000 ____D C:\Users\čunda\AppData\Local\RabanSoft
2016-09-08 21:29 - 2016-08-12 06:09 - 00140600 _____ (AhnLab, Inc.) C:\WINDOWS\system32\Drivers\EagleX64.sys
2016-09-07 03:00 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 03:00 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-04 12:59 - 2015-08-10 22:58 - 00000000 ____D C:\ProgramData\Intel
2016-09-04 12:48 - 2015-08-10 22:58 - 00000000 ____D C:\Program Files (x86)\Intel
2016-09-04 12:45 - 2016-08-17 15:02 - 00000000 ____D C:\Program Files\Intel
2016-09-04 12:24 - 2015-08-10 23:06 - 00000000 ___HD C:\Intel
2016-09-03 09:54 - 2015-08-10 23:30 - 00000000 ____D C:\ProgramData\CyberLink
2016-09-03 09:50 - 2016-08-06 21:04 - 00000000 ____D C:\Program Files\Flagship Studios
2016-09-02 12:26 - 2016-08-06 08:30 - 00000000 ____D C:\Users\čunda\AppData\Local\CareCenter
2016-09-01 21:07 - 2016-08-17 15:56 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-30 11:04 - 2016-08-17 15:23 - 00003508 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2016-08-30 11:04 - 2015-07-16 06:13 - 00000000 ___HD C:\OEM
2016-08-29 13:08 - 2016-08-17 15:23 - 00003060 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2016-08-28 22:26 - 2016-08-12 12:37 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2016-08-28 22:26 - 2016-08-11 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\P4StoryEN
2016-08-28 16:42 - 2016-08-24 12:39 - 00000495 _____ C:\Users\Public\Documents\report1.dat
==================== Files in the root of some directories =======
2016-09-23 09:39 - 2016-09-23 18:06 - 0007603 _____ () C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-08-17 15:02 - 2016-08-17 15:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-15 05:45 - 2016-08-15 05:45 - 0000016 _____ () C:\ProgramData\mntemp
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-09-22 00:10
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2016
Ran by čunda (administrator) on LAPTOP-LCVD3MHM (25-09-2016 20:11:05)
Running from C:\Users\čunda\Downloads
Loaded Profiles: čunda (Available Profiles: čunda)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\ProgramData\UvConverter\UvConverter.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: H - "H:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {37fe60c3-5be5-11e6-9bd0-3065ec81dabc} - "E:\Setup.exe"
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\...\MountPoints2: {9b5c289d-66c4-11e6-b8d2-3065ec81dabc} - "G:\setup\rsrc\Autorun.exe"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{4c05c3ce-f25a-4e64-82c1-5b3eca53fd9e}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{4c05c3ce-f25a-4e64-82c1-5b3eca53fd9e}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{eea7fe2d-21aa-4222-be63-103c86fec1db}: [DhcpNameServer] 82.163.143.171
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544401372&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544420656&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131191064544482462&GUID=56165FEA-6FD9-44A0-9E3B-0AFFFCE5CB2B
HKU\S-1-5-21-2707501228-4093202152-1413403342-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {1F4F7198-8B19-4F61-B21A-8DBCC5C114E1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {2349977B-D64A-4633-B5FA-7AD1802BE099} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {252FA411-AD31-4A29-918C-C21FC9D9D214} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {32673C6B-27F9-4E97-A68E-43D564E14C45} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {403F17D7-960C-4456-A2D3-E47AD1F43922} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {65F404CD-F576-4A92-927F-F454C5924183} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {C376FE94-E51D-4037-BFAB-34C798E6170F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {EC2C06C7-B9F2-4A54-9BCF-E9C89C6045AB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F154C596-75A9-4028-90E8-9752BD7CA05B} URL =
SearchScopes: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> {F200769B-1323-4202-8BF1-DB7DC7F88909} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2707501228-4093202152-1413403342-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=147324502 ... PFH64PFH64
FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HomePage: qudachmupishplalily -> hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w
CHR StartupUrls: qudachmupishplalily -> "hxxp://www.nicesearches.com?type=hp&ts=1472537 ... 9cam7b8e3w"
CHR DefaultSearchURL: qudachmupishplalily -> hxxp://www.nicesearches.com/search.php?type=ds ... earchTerms}
CHR DefaultSearchKeyword: qudachmupishplalily -> nice
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default [2016-09-25]
CHR Extension: (Prezentace Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-20]
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-06]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-06]
CHR Extension: (Seznam Lištička - Email) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-06]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-06]
CHR Extension: (SiteAdvisor) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-08-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-06]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-20]
CHR Profile: C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily [2016-09-25] <==== ATTENTION
CHR Extension: (Dokumenty Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-20]
CHR Extension: (Disk Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-20]
CHR Extension: (YouTube) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-20]
CHR Extension: (Tabulky Google) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-20]
CHR Extension: (Gmail) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-20]
CHR Extension: (Chrome Media Router) - C:\Users\čunda\AppData\Local\Google\Chrome\User Data\qudachmupishplalily\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
StartMenuInternet: Google Chrome - Chrome.exe
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-07-29] (Disc Soft Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [368552 2016-08-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] ()
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5893272 2016-07-19] (INCA Internet Co., Ltd.)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 UvConverter; C:\ProgramData\UvConverter\UvConverter.exe [336104 2016-09-23] ()
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-08-17] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2016-08-30] (The OpenVPN Project)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-06] (Disc Soft Ltd)
S3 EagleX64; C:\Windows\system32\drivers\EagleX64.sys [140600 2016-09-08] (AhnLab, Inc.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-09-22] ()
R3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [41976 2015-10-09] (Intel(R) Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [345872 2016-05-26] (Intel Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5759240 2016-08-06] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3528976 2016-06-14] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [936192 2016-08-25] (Realtek )
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [47784 2015-05-27] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [36904 2016-08-11] (Wellbia.com Co., Ltd.)
U0 aswVmm; no ImagePath
S3 RTSUER; \SystemRoot\system32\Drivers\RtsUer.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-25 20:06 - 2016-09-25 20:05 - 00002669 _____ C:\Users\�unda\Downloads\fixlist.txt
2016-09-25 14:00 - 2016-09-25 14:00 - 00003388 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2016-09-25 12:58 - 2016-09-25 19:59 - 00000000 ____D C:\Users\čunda\Downloads\FRST-OlderVersion
2016-09-25 09:52 - 2016-09-25 09:52 - 00003294 _____ C:\WINDOWS\System32\Tasks\{AF6D9DA6-7772-4F89-9D63-08887B4C6B7B}
2016-09-25 08:29 - 2016-09-25 08:36 - 00189502 _____ C:\WINDOWS\ntbtlog.txt
2016-09-25 08:29 - 2016-09-25 08:29 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-09-24 21:33 - 2016-09-24 21:34 - 03861056 _____ C:\Users\čunda\Downloads\adwcleaner_6.020.exe
2016-09-24 21:23 - 2016-09-24 21:29 - 00000000 ____D C:\WINDOWS\Minidump
2016-09-24 21:04 - 2016-09-24 21:04 - 00034154 _____ C:\Users\čunda\Documents\cc_20160924_210419.reg
2016-09-24 20:30 - 2016-09-24 20:30 - 00000952 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-24 20:29 - 2016-09-24 20:30 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-09-24 20:29 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-24 20:29 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-24 20:29 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-24 20:24 - 2016-09-25 14:04 - 00000000 ____D C:\AdwCleaner
2016-09-24 19:42 - 2016-09-24 19:42 - 00015600 _____ C:\Users\čunda\Documents\AdwCleaner[S1].txt
2016-09-24 19:41 - 2016-09-24 19:41 - 00025144 _____ C:\Users\čunda\Documents\AdwCleaner[S0].txt
2016-09-23 22:24 - 2016-09-23 22:24 - 00001137 _____ C:\Users\čunda\Desktop\tadik.txt
2016-09-23 21:31 - 2016-09-25 17:51 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-23 21:29 - 2016-09-23 21:29 - 00000020 ___SH C:\Users\čunda\ntuser.ini
2016-09-23 19:20 - 2016-09-23 19:22 - 00026097 _____ C:\Users\čunda\Downloads\Addition.txt
2016-09-23 19:17 - 2016-09-25 20:11 - 00021150 _____ C:\Users\čunda\Downloads\FRST.txt
2016-09-23 19:17 - 2016-09-25 20:11 - 00000000 ____D C:\FRST
2016-09-23 19:16 - 2016-09-25 19:59 - 02403328 _____ (Farbar) C:\Users\čunda\Downloads\FRST64.exe
2016-09-23 18:33 - 2016-09-24 21:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-23 18:33 - 2016-09-23 18:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-23 18:25 - 2016-09-23 18:32 - 22851472 _____ (Malwarebytes ) C:\Users\čunda\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-23 11:19 - 2016-07-27 21:25 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-09-23 10:45 - 2016-09-23 10:45 - 00000000 ____D C:\ProgramData\UvConverter
2016-09-23 10:12 - 2016-09-23 10:13 - 34739208 _____ C:\Users\čunda\Downloads\Nepotvrzeno 715697.crdownload
2016-09-23 09:39 - 2016-09-23 18:06 - 00007603 _____ C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-09-22 23:05 - 2016-09-22 23:06 - 03861056 _____ C:\Users\čunda\Downloads\adwcleaner.exe
2016-09-22 23:05 - 2015-03-09 12:26 - 00019768 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
2016-09-22 23:05 - 2011-04-21 11:31 - 00017240 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg.sys
2016-09-22 23:03 - 2016-09-22 23:04 - 34739208 _____ C:\Users\čunda\Downloads\se-setup.exe
2016-09-22 22:56 - 2008-06-11 16:16 - 00001287 _____ C:\Users\čunda\Downloads\Přečti si!.txt
2016-09-22 22:55 - 2016-09-22 22:55 - 00234343 _____ C:\Users\čunda\Downloads\SUPERAntiSpyware4151000cz.zip
2016-09-22 22:52 - 2016-09-22 22:52 - 00000282 _____ C:\Users\čunda\Documents\cc_20160922_225210.reg
2016-09-22 22:51 - 2016-09-22 22:51 - 00004846 _____ C:\Users\čunda\Documents\cc_20160922_225122.reg
2016-09-22 22:40 - 2016-09-22 22:40 - 00179682 _____ C:\Users\čunda\Documents\cc_20160922_224017.reg
2016-09-22 22:35 - 2016-09-24 08:06 - 00000911 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-22 22:35 - 2016-09-22 22:35 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-22 22:35 - 2016-09-22 22:35 - 00000000 ____D C:\Program Files\CCleaner
2016-09-22 22:34 - 2016-09-22 22:35 - 08244656 _____ (Piriform Ltd) C:\Users\čunda\Downloads\ccsetup522.exe
2016-09-22 22:33 - 2016-09-22 22:36 - 00000000 ____D C:\ProgramData\Avg
2016-09-22 22:32 - 2016-09-22 22:36 - 00000000 ____D C:\Users\čunda\AppData\Local\AvgSetupLog
2016-09-22 22:32 - 2016-09-22 22:32 - 02945520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\čunda\Downloads\AVG_Antivirus_Free_1425.exe
2016-09-22 22:32 - 2016-09-22 22:32 - 00000000 ____D C:\Users\čunda\AppData\Local\Avg
2016-09-22 18:44 - 2016-09-22 22:30 - 00004020 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1474562663
2016-09-22 16:59 - 2016-09-22 17:11 - 00000000 ____D C:\Program Files (x86)\pack
2016-09-22 16:59 - 2016-09-22 16:59 - 00000000 ____D C:\Program Files (x86)\lib
2016-09-22 16:54 - 2016-09-22 16:54 - 00000118 _____ C:\Users\čunda\Downloads\startmetin2.bat
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\python22.dll
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\nastaveni.exe
2016-09-22 16:39 - 2016-09-22 16:39 - 00000000 _____ C:\Users\čunda\Downloads\clientversion.txt
2016-09-22 16:31 - 2016-09-22 16:31 - 00000000 _____ C:\autoexec.bat
2016-09-22 16:27 - 2016-09-22 16:27 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-09-22 16:26 - 2016-09-22 16:26 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\čunda\Downloads\SpyHunter-Installer.exe
2016-09-22 16:09 - 2016-09-25 09:48 - 00000000 ____D C:\Users\čunda\AppData\Local\kingsoft
2016-09-22 15:47 - 2016-09-22 15:48 - 02373640 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x64.exe
2016-09-22 15:25 - 2016-09-22 15:25 - 00000000 ____D C:\Program Files\Kazrog LLC
2016-09-22 13:53 - 2016-09-22 15:22 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\quadcorem2-instalator.exe
2016-09-20 23:32 - 2016-09-21 00:18 - 00000000 ____D C:\Users\čunda\Downloads\Nová složka
2016-09-20 23:29 - 2016-09-20 23:29 - 00009922 _____ C:\Users\čunda\Downloads\fishingbot_1.2.rar
2016-09-17 23:10 - 2016-09-24 08:06 - 00001056 _____ C:\Users\Public\Desktop\Metin2.lnk
2016-09-17 23:10 - 2016-09-17 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2
2016-09-17 23:08 - 2016-09-25 16:47 - 00000000 ____D C:\Program Files (x86)\Metin2
2016-09-17 22:51 - 2016-09-22 16:54 - 00000000 ____D C:\Users\čunda\Downloads\pack
2016-09-17 22:51 - 2016-09-17 22:51 - 00000000 ____D C:\Users\čunda\Downloads\lib
2016-09-17 22:44 - 2016-09-17 23:07 - 720572809 _____ (Gameforge 4D GmbH ) C:\Users\čunda\Downloads\Metin2_cz_20111216.exe
2016-09-17 22:44 - 2016-09-17 22:44 - 00339609 _____ (Gameforge 4D ) C:\Users\čunda\Downloads\Downloader_Metin2_cz.exe
2016-09-17 22:43 - 2016-09-17 22:43 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files\MSBuild
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-17 22:42 - 2016-09-17 22:42 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-17 22:39 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-17 22:39 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-17 22:39 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-17 22:31 - 2016-09-17 22:31 - 02869264 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx35setup.exe
2016-09-17 22:04 - 2016-09-22 13:23 - 00000000 ____D C:\Kazrog LLC
2016-09-17 22:03 - 2016-09-23 17:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Quadcore
2016-09-17 21:03 - 2016-09-17 22:02 - 1059922446 _____ (Quadcore) C:\Users\čunda\Downloads\QuadcoreM2_instalator.exe
2016-09-17 18:43 - 2016-09-24 08:06 - 00000961 _____ C:\Users\Public\Desktop\Gameforge Live.lnk
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Users\čunda\AppData\Local\Gameforge4d
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-09-17 18:43 - 2016-09-17 18:43 - 00000000 ____D C:\Program Files\GameforgeLive
2016-09-17 18:05 - 2016-09-17 18:06 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup (1).exe
2016-09-16 13:16 - 2016-09-24 21:10 - 00002420 _____ C:\WINDOWS\System32\Tasks\{FA59C3EB-B5C8-49EA-99E7-B29317B79F49}
2016-09-15 22:48 - 2016-09-16 06:18 - 00000000 ____D C:\Program Files\Plumbytes Software
2016-09-13 21:15 - 2016-09-13 21:15 - 00000000 ____D C:\Users\čunda\AppData\Local\Tejkys
2016-09-13 19:55 - 2016-09-24 07:54 - 00000000 ____D C:\Users\čunda\Downloads\SpaceWorld
2016-09-11 08:26 - 2016-07-19 09:54 - 05893272 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\GameMon.des
2016-09-11 08:26 - 2004-12-30 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\npptNT2.sys
2016-09-11 08:26 - 2003-07-15 23:17 - 00005174 _____ C:\WINDOWS\SysWOW64\nppt9x.vxd
2016-09-11 08:25 - 2016-09-11 08:25 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2016-09-11 00:55 - 2016-09-22 17:27 - 00000000 ____D C:\Users\�unda
2016-09-11 00:55 - 2016-09-17 18:00 - 00000000 ____D C:\Users\�unda\Downloads\Gameforge Live
2016-09-11 00:54 - 2016-09-17 18:42 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2016-09-11 00:53 - 2016-09-11 00:54 - 20297272 _____ (Gameforge ) C:\Users\čunda\Downloads\Metin2_GameforgeLiveSetup.exe
2016-09-10 20:44 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-09-10 20:44 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-09-10 20:31 - 2016-09-10 20:31 - 00000000 ____D C:\Users\Public\Documents\Arc
2016-09-10 20:29 - 2016-08-20 01:16 - 10828376 _____ (Perfect World Entertainment) C:\Users\čunda\Downloads\ArcInstall_NW_v20160818a.exe
2016-09-10 09:46 - 2016-09-10 09:46 - 00875472 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\msvcr110.dll
2016-09-10 09:42 - 2016-09-10 09:42 - 00000000 ____D C:\Users\čunda\Downloads\d3dx9_43
2016-09-10 09:42 - 2010-06-14 14:26 - 01998168 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\D3DX9_43.dll
2016-09-10 09:15 - 2016-09-10 09:18 - 849671643 _____ C:\Users\čunda\Downloads\MuLegend S6ep3.rar
2016-09-08 23:46 - 2016-09-09 15:38 - 00000000 __SHD C:\Users\čunda\AppData\Local\.#
2016-09-08 23:21 - 2016-09-08 23:21 - 730915713 _____ C:\Users\čunda\Downloads\Dragon Mu Season 6 v3.5 Sonido & Musica On.rar
2016-09-08 22:26 - 2016-09-08 22:30 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86 (1).exe
2016-09-08 18:24 - 2016-09-25 10:01 - 00000000 ____D C:\Program Files (x86)\TitanMu.net Season 10Ep3
2016-09-07 15:00 - 2016-09-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrimeMu
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73254359.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247734.html
2016-09-07 12:44 - 2016-09-07 12:44 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73247562.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000378 _____ C:\WINDOWS\SysWOW64\data.bin
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223750.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73223609.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_73222312.html
2016-09-07 12:43 - 2016-09-07 12:43 - 00000003 _____ C:\WINDOWS\SysWOW64\en_73221375.html
2016-09-06 18:59 - 2016-09-06 20:03 - 775166660 _____ C:\Users\čunda\Downloads\Žena-v-kleci-(2013)-CZ-Dabing.avi
2016-09-06 18:25 - 2016-09-06 18:25 - 00000000 ____D C:\ProgramData\Sun
2016-09-06 18:24 - 2016-09-22 17:38 - 00000351 _____ C:\Users\Public\Documents\temp.dat
2016-09-06 16:33 - 2016-09-06 16:33 - 00889416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\dotNetFx40_Full_setup.exe
2016-09-06 16:20 - 2016-09-06 16:20 - 04995416 _____ (Microsoft Corporation) C:\Users\čunda\Downloads\vcredist_x86.exe
2016-09-06 12:35 - 2016-09-06 13:07 - 00000000 ____D C:\Users\čunda\Desktop\Dorty na facebook
2016-09-06 12:30 - 2016-09-07 20:41 - 00000000 _____ C:\WINDOWS\SysWOW64\last.dump
2016-09-05 18:07 - 2014-04-22 21:18 - 00000000 ____D C:\Users\čunda\Downloads\rome 1
2016-09-05 16:26 - 2016-09-05 17:33 - 1612176103 _____ C:\Users\čunda\Downloads\Rome-Total-War-CZ-(genrot).rar
2016-09-05 16:15 - 2016-09-05 16:15 - 00003200 _____ C:\WINDOWS\System32\Tasks\{3871AF8C-709B-4770-A3A4-E2BA52556370}
2016-09-05 15:37 - 2016-09-05 16:01 - 581629952 _____ C:\Users\čunda\Downloads\ROME-TOTAL-WAR-DISK-1.ISO
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-09-04 12:48 - 2016-09-04 12:48 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-09-04 12:43 - 2016-09-04 12:43 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Foxit Software
2016-09-04 12:42 - 2016-09-04 12:42 - 00000000 ____D C:\ProgramData\IntelDLM
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\Downloads\Intel Components
2016-09-04 12:39 - 2016-09-04 12:39 - 00000000 ____D C:\Users\čunda\AppData\Local\Intel
2016-09-04 12:38 - 2016-09-24 08:06 - 00001243 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.6.lnk
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-09-04 12:38 - 2016-09-04 12:38 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-09-04 12:38 - 2015-06-04 13:33 - 00021984 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2016-09-04 12:37 - 2016-09-04 12:37 - 07491840 _____ (Intel) C:\Users\čunda\Downloads\Intel Driver Update Utility Installer.exe
2016-09-04 12:37 - 2016-09-04 12:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel
2016-09-03 12:36 - 2016-09-03 12:36 - 00121638 _____ C:\Users\čunda\Downloads\MicrosoftEasyFix20140.mini.diagcab
2016-09-03 11:19 - 2016-09-03 11:19 - 00000010 _____ C:\Users\čunda\Desktop\Nový textový dokument.txt
2016-09-03 09:59 - 2016-09-03 09:59 - 00000000 ____D C:\ProgramData\BlueStacks
2016-09-03 09:58 - 2016-09-03 09:58 - 00000000 ____D C:\Users\čunda\AppData\Roaming\WildTangent
2016-09-02 13:57 - 2016-09-02 15:06 - 855987284 _____ C:\Users\čunda\Downloads\Sicario---Nájemný-vrah---2015-CZ-dabing.avi
2016-09-02 12:30 - 2016-09-02 12:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\CareCenter
2016-09-02 12:28 - 2016-09-02 12:28 - 00000000 ____D C:\Users\čunda\AppData\Roaming\CareCenter
2016-09-01 18:07 - 2016-09-01 18:07 - 00000000 _____ C:\Recovery.txt
2016-09-01 17:05 - 2016-09-19 20:35 - 00000000 ____D C:\$Windows.~BT
2016-09-01 15:55 - 2016-09-01 18:07 - 00000000 ___HD C:\$SysReset
2016-08-31 16:22 - 2016-09-12 16:10 - 00000000 ____D C:\Users\čunda\AppData\Local\ElevatedDiagnostics
2016-08-30 14:54 - 2016-08-30 14:54 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp0.html
2016-08-30 14:07 - 2016-08-30 14:07 - 00000000 _____ C:\WINDOWS\SysWOW64\tmp2.html
2016-08-30 10:28 - 2016-08-30 10:28 - 00044640 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2016-08-30 10:24 - 2016-08-30 10:24 - 06306272 _____ (AVAST Software) C:\Users\čunda\Downloads\avast_premier_antivirus_setup_online_b0h.exe
2016-08-30 07:48 - 2016-08-30 07:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MUX Global Arkania Episode 3
2016-08-29 23:46 - 2016-08-30 06:22 - 594256970 _____ () C:\Users\čunda\Downloads\MUX Global Arkania Episode 3 (17.03.2016).exe
2016-08-29 15:46 - 2016-08-29 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G4Story_CZ
2016-08-29 15:39 - 2016-08-31 16:56 - 00000000 ____D C:\Program Files (x86)\G4Story_CZ
2016-08-29 15:28 - 2016-08-29 15:35 - 1327986213 _____ (G4Story Studio ) C:\Users\čunda\Downloads\G4Story_CZ.exe
2016-08-28 22:26 - 2016-08-28 22:27 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-08-28 22:19 - 2016-09-10 08:52 - 00000000 ____D C:\Program Files\P4StoryEN
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-25 17:45 - 2016-08-06 20:59 - 00000000 ____D C:\Users\čunda\AppData\Local\CrashDumps
2016-09-25 17:42 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-25 16:15 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-25 16:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-25 16:07 - 2016-08-06 12:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-25 16:03 - 2016-08-06 12:01 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-25 16:03 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-25 14:06 - 2016-08-20 13:50 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Seznam.cz
2016-09-25 14:00 - 2015-07-16 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-09-25 13:58 - 2016-08-06 08:31 - 00000000 ____D C:\Users\čunda\AppData\Local\clear.fi
2016-09-25 13:57 - 2016-08-06 08:27 - 00000000 __SHD C:\Users\čunda\IntelGraphicsProfiles
2016-09-25 13:56 - 2016-08-17 15:03 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-25 13:55 - 2016-04-27 08:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-25 13:55 - 2016-04-26 23:45 - 00194448 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-25 13:55 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-09-25 13:55 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildGames
2016-09-25 09:51 - 2015-08-10 23:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-25 09:51 - 2015-08-10 23:00 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-25 09:49 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-09-25 09:44 - 2016-08-17 15:03 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-09-25 09:34 - 2016-08-20 13:20 - 00000000 ____D C:\Users\čunda\AppData\Roaming\Kingsoft
2016-09-25 08:35 - 2016-08-24 12:41 - 00000000 ____D C:\WINDOWS\system32\log
2016-09-25 08:34 - 2015-08-10 23:23 - 00000000 ____D C:\Program Files (x86)\Amazon
2016-09-25 08:26 - 2016-08-17 15:06 - 00000000 ____D C:\Users\čunda
2016-09-24 08:07 - 2016-08-06 08:32 - 00002395 _____ C:\Users\čunda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-24 08:07 - 2015-10-30 09:18 - 00000853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2016-09-24 08:06 - 2016-08-24 12:43 - 00002542 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-24 08:06 - 2016-08-24 12:42 - 00002280 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-24 08:06 - 2016-08-11 12:56 - 00000896 _____ C:\Users\Public\Desktop\P4StoryEN.lnk
2016-09-24 08:06 - 2016-08-06 20:56 - 00001862 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-09-24 07:55 - 2016-04-27 08:43 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-23 23:16 - 2016-08-24 12:42 - 00002385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-23 23:16 - 2016-08-17 15:13 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
2016-09-23 23:16 - 2015-10-30 09:19 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk
2016-09-23 23:16 - 2015-10-30 09:18 - 00001590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
2016-09-23 23:16 - 2015-10-30 09:17 - 00002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk
2016-09-23 18:35 - 2016-08-20 13:43 - 00000000 ___HD C:\Program Files (x86)\ydp7C23
2016-09-23 12:41 - 2016-08-24 12:39 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-09-23 11:34 - 2016-04-27 08:54 - 01761358 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-23 11:34 - 2016-04-27 08:11 - 00744960 _____ C:\WINDOWS\system32\perfh005.dat
2016-09-23 11:34 - 2016-04-27 08:11 - 00147258 _____ C:\WINDOWS\system32\perfc005.dat
2016-09-23 08:00 - 2016-08-08 07:05 - 00000000 ____D C:\Users\čunda\AppData\Roaming\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-23 08:00 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files\AVAST Software
2016-09-22 22:41 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\Packages
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-22 22:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-22 22:38 - 2016-08-06 20:56 - 00000000 ____D C:\Users\čunda\AppData\Roaming\DAEMON Tools Lite
2016-09-22 17:31 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-09-22 17:31 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-09-22 17:27 - 2015-07-10 11:05 - 00000000 ____D C:\Users\Default.migrated
2016-09-22 15:51 - 2015-08-10 22:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-20 08:24 - 2015-07-16 05:31 - 00000000 ____D C:\Program Files (x86)\Acer
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-17 22:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-16 14:35 - 2016-08-09 13:29 - 00000000 ____D C:\Users\čunda\AppData\Local\Akamai
2016-09-16 13:22 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\WildTangent
2016-09-16 06:33 - 2016-08-13 07:48 - 00000000 ____D C:\Games
2016-09-13 13:34 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-13 13:34 - 2015-08-10 22:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-11 08:02 - 2016-08-06 08:27 - 00000000 ____D C:\Users\čunda\AppData\Local\VirtualStore
2016-09-09 18:30 - 2016-08-15 07:28 - 00000000 ____D C:\Users\čunda\AppData\Local\RabanSoft
2016-09-08 21:29 - 2016-08-12 06:09 - 00140600 _____ (AhnLab, Inc.) C:\WINDOWS\system32\Drivers\EagleX64.sys
2016-09-07 03:00 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 03:00 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-04 12:59 - 2015-08-10 22:58 - 00000000 ____D C:\ProgramData\Intel
2016-09-04 12:48 - 2015-08-10 22:58 - 00000000 ____D C:\Program Files (x86)\Intel
2016-09-04 12:45 - 2016-08-17 15:02 - 00000000 ____D C:\Program Files\Intel
2016-09-04 12:24 - 2015-08-10 23:06 - 00000000 ___HD C:\Intel
2016-09-03 09:54 - 2015-08-10 23:30 - 00000000 ____D C:\ProgramData\CyberLink
2016-09-03 09:50 - 2016-08-06 21:04 - 00000000 ____D C:\Program Files\Flagship Studios
2016-09-02 12:26 - 2016-08-06 08:30 - 00000000 ____D C:\Users\čunda\AppData\Local\CareCenter
2016-09-01 21:07 - 2016-08-17 15:56 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-30 11:04 - 2016-08-17 15:23 - 00003508 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2016-08-30 11:04 - 2015-07-16 06:13 - 00000000 ___HD C:\OEM
2016-08-29 13:08 - 2016-08-17 15:23 - 00003060 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2016-08-28 22:26 - 2016-08-12 12:37 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2016-08-28 22:26 - 2016-08-11 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\P4StoryEN
2016-08-28 16:42 - 2016-08-24 12:39 - 00000495 _____ C:\Users\Public\Documents\report1.dat
==================== Files in the root of some directories =======
2016-09-23 09:39 - 2016-09-23 18:06 - 0007603 _____ () C:\Users\čunda\AppData\Local\Resmon.ResmonCfg
2016-08-17 15:02 - 2016-08-17 15:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-15 05:45 - 2016-08-15 05:45 - 0000016 _____ () C:\ProgramData\mntemp
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-09-22 00:10
==================== End of FRST.txt ============================
Přispějete na provoz fóra?