Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Oznamovací okno plné reklam.

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
drobek1985
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 14 dub 2019 13:07

Oznamovací okno plné reklam.

#1 Příspěvek od drobek1985 »

Před nějakou dobou jsem nechtěně odklikl souhlas softu třetí strany a od té doby si užívám vytuněného :arcisit: prohlížeče. Stáhl jsem asi 7 top antimalware a přeinstaloval chrome, ale stejně někde něco zbylo, jelikož chrome sám o sobě už nezlobí jako klasický únosce, ale za to mě vyskakují v oznámení úžasné stránky na kde co od megaup.net.

Frst:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-05.2019
Ran by Viktor (administrator) on GRONUS (MSI MS-7850) (01-05-2019 15:48:14)
Running from A:\Users\Viktor\Downloads
Loaded Profiles: Viktor (Available Profiles: Viktor)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: Čeština (Česko)
Default browser: IE
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE
() [File not signed] C:\Program Files (x86)\Gaming Keyboard\OSD.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\Steam.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [193024 2019-02-13] (Microsoft Corporation) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-01-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.)
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [270336 2013-04-09] () [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\...\Run: [Steam] => "A:\Program Files (x86)\Steam\steam.exe" -silent
HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\...\Run: [Discord] => C:\Users\Viktor\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46506040 2019-04-09] (Google LLC -> )
HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\...\Run: [Gaijin.Net Updater] => C:\Users\Viktor\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2105416 2019-04-20] (Gaijin Network LTD -> Gaijin Entertainment)
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.108\Installer\chrmstp.exe [2019-04-25] (Google LLC -> Google Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1C37C83A-1082-4447-9C95-2861E7E270A4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648688 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2327AE85-ACFA-428E-90FA-EF3D619B846D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3729392 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {32FA7A9E-F958-4926-A395-D4F051AD2B52} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2408496 2019-04-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3C19D1E0-2F09-4789-A180-C654B929CF19} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3F3BD994-DB02-4FEE-B3C3-817E98F1F20A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {59C7141D-284D-4CAA-BE9F-EFB5C21005C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
Task: {5A0EA278-AF1A-4533-9549-B9C6EF8486AF} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5EBBE9E7-EBE6-48BB-811C-D525D0B5E7EA} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {638C7CF6-8E19-43EF-80D3-F64BEA19727A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [591344 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6390889A-6A6C-4B41-98B2-51D7ABD6B665} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6ADA3922-59B0-438D-8C52-6F309324F734} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
Task: {72B024C5-7984-4B7C-81CF-1B6854EADC02} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {75858300-5267-453C-9B9B-C039B3E2FAA7} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9534C801-1BED-4230-919A-6FE6CA8B560B} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1652536 2018-11-05] (Intel(R) Software -> Intel Corporation)
Task: {97570CEF-AFDC-4AD7-9ABA-AF2FDFA744A5} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9BCF1657-6DBC-4B2C-A2E3-198C649E515A} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
Task: {BDFFE908-BAC2-41EB-93F6-7E29B2B884EA} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [9037664 2019-02-28] (Reimage Ltd. -> Reimage®) <==== ATTENTION
Task: {BFBE4C0D-35F6-4DDA-B848-788CF7664F59} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BFE741A5-5854-4A06-B96F-164E976790A5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {CCCC5529-DCFB-475F-A1DB-695BF91F2D41} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D6AE993E-76D7-4501-A2BE-751AD9EEC365} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
Task: {DE1FE768-6AB8-486A-8EA7-9DB2B8796683} - System32\Tasks\RogueKiller Anti-Malware => C:\Program Files\RogueKiller\RogueKiller64.exe [33953848 2019-04-24] (Adlice -> )
Task: {FD7D8255-14C5-492F-8D35-D91310D5A98F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7C88A368-4F75-4C37-9469-2391468D556A}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.2\bin\jp2ssv.dll [2018-10-10] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\dtplugin\npDeployJava1.dll [2018-10-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\plugin2\npjp2.dll [2018-10-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2017-07-14] (Adobe Systems Incorporated -> )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.cz/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default [2019-05-01]
CHR Extension: (Prezentace) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-25]
CHR Extension: (Dokumenty) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-25]
CHR Extension: (Disk Google) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-25]
CHR Extension: (YouTube) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-25]
CHR Extension: (Tabulky) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-25]
CHR Extension: (AdBlock) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-25]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-04-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-25]
CHR Extension: (Gmail) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-25]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8361960 2019-01-25] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2019-01-24] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [9037664 2019-02-28] (Reimage Ltd. -> Reimage®)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\NisSrv.exe [4096976 2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
R2 XTU3SERVICE; C:\WINDOWS\SysWOW64\XtuService.exe [26200 2019-03-26] (Intel Corporation -> Intel(R) Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.)
S3 aswbIDSAgent; "C:\Program Files\AVAST Software\Avast\aswidsagent.exe" [X]
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-02-06] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249456 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-30] (Comodo Security Solutions, Inc. -> COMODO)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [114040 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_52ac7eb8f32780d5\nvlddmkm.sys [17211376 2018-08-01] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-02-26] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 qcfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [49208 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbnet; C:\WINDOWS\system32\DRIVERS\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46488 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [343032 2019-01-24] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [63480 2019-01-24] (Microsoft Windows -> Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [56024 2019-03-26] (Intel(R) Extreme Tuning Utility -> Intel Corporation)
R3 XTUComponent; C:\WINDOWS\System32\drivers\iocbios2.sys [38064 2019-03-26] (Intel Corporation -> Intel Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2019-04-25] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2019-04-25] (Zemana Ltd. -> Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-01 12:55 - 2019-05-01 12:55 - 000001339 ____C C:\Users\Viktor\Desktop\kenshi_x64.exe – zástupce.lnk
2019-05-01 12:54 - 2019-05-01 12:54 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-05-01 12:54 - 2019-05-01 12:54 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-05-01 12:54 - 2019-05-01 12:54 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-05-01 12:54 - 2019-05-01 12:54 - 000114040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-05-01 12:54 - 2019-05-01 12:54 - 000073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-05-01 12:31 - 2019-05-01 12:34 - 000000000 ____D C:\ProgramData\ReimageRepair
2019-05-01 12:31 - 2019-05-01 12:31 - 000004336 _____ C:\WINDOWS\System32\Tasks\ReimageUpdater
2019-05-01 12:31 - 2019-05-01 12:31 - 000001886 _____ C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2019-05-01 12:31 - 2019-05-01 12:31 - 000000000 ____D C:\rei
2019-05-01 12:31 - 2019-05-01 12:31 - 000000000 ____D C:\ProgramData\Reimage Protector
2019-05-01 12:31 - 2019-05-01 12:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2019-05-01 12:31 - 2019-05-01 12:31 - 000000000 ____D C:\Program Files\Reimage
2019-05-01 12:30 - 2019-05-01 12:31 - 000000150 _____ C:\WINDOWS\Reimage.ini
2019-05-01 09:59 - 2019-05-01 12:30 - 000000000 ____D C:\ProgramData\RogueKiller
2019-05-01 09:59 - 2019-05-01 09:59 - 000003136 _____ C:\WINDOWS\System32\Tasks\RogueKiller Anti-Malware
2019-05-01 09:59 - 2019-05-01 09:59 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2019-05-01 09:59 - 2019-05-01 09:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2019-05-01 09:59 - 2019-05-01 09:59 - 000000000 ____D C:\Program Files\RogueKiller
2019-04-29 03:08 - 2016-04-13 06:54 - 000000000 ___DC C:\Users\Viktor\Desktop\SKIDROW
2019-04-29 03:02 - 2019-04-29 10:36 - 000000000 ___DC C:\Users\Viktor\Documents\Assassin's Creed Syndicate
2019-04-29 02:34 - 2019-04-29 02:34 - 000001270 _____ C:\Users\Public\Desktop\Assassins Creed Syndicate - The Dreadful Crimes.lnk
2019-04-29 02:34 - 2019-04-29 02:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2019-04-27 10:28 - 2019-04-27 10:28 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignf1888b1774cd1e76
2019-04-27 09:30 - 2019-04-27 09:30 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign2a69c0a303261ade
2019-04-27 09:27 - 2019-04-27 09:27 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignfd44f93a0717b2ad
2019-04-27 09:27 - 2019-04-27 09:27 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignd86e65b5cd902c00
2019-04-26 14:01 - 2019-04-28 02:10 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\launcher-main
2019-04-26 14:01 - 2019-04-26 14:01 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Paradox Launcher
2019-04-26 14:01 - 2019-04-26 14:01 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Paradox Interactive
2019-04-26 12:51 - 2019-04-26 12:51 - 000000974 _____ C:\Users\Public\Desktop\Imperator - Rome.lnk
2019-04-26 12:51 - 2019-04-26 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imperator - Rome [GOG.com]
2019-04-25 09:42 - 2019-04-25 09:42 - 000000053 _____ C:\WINDOWS\WrpYGF74DrEm.ini
2019-04-25 06:15 - 2019-04-25 06:15 - 000003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-25 06:15 - 2019-04-25 06:15 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-25 06:15 - 2019-04-25 06:15 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-25 06:15 - 2019-04-25 06:15 - 000002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-25 03:23 - 2019-04-25 10:01 - 000002395 ____C C:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-25 03:06 - 2019-04-25 03:06 - 000101634 ____C C:\Users\Viktor\Documents\cc_20190425_030647.reg
2019-04-25 02:35 - 2019-05-01 15:48 - 000376961 _____ C:\WINDOWS\ZAM.krnl.trace
2019-04-25 02:35 - 2019-05-01 15:48 - 000356082 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2019-04-25 02:35 - 2019-04-25 03:16 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2019-04-25 02:35 - 2019-04-25 02:35 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2019-04-25 02:35 - 2019-04-25 02:35 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2019-04-25 02:35 - 2019-04-25 02:35 - 000001145 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2019-04-25 02:35 - 2019-04-25 02:35 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Zemana
2019-04-25 02:35 - 2019-04-25 02:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2019-04-25 02:00 - 2019-04-25 02:00 - 000001966 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2019-04-25 02:00 - 2019-04-25 02:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2019-04-25 02:00 - 2019-04-25 02:00 - 000000000 ____D C:\Program Files\HitmanPro
2019-04-25 01:50 - 2019-04-25 01:50 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-25 01:50 - 2019-04-25 01:50 - 000000000 ___DC C:\Users\Viktor\AppData\Local\mbamtray
2019-04-25 01:50 - 2019-04-25 01:50 - 000000000 ___DC C:\Users\Viktor\AppData\Local\mbam
2019-04-25 01:50 - 2019-04-25 01:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-25 01:50 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-04-25 01:50 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-04-25 01:04 - 2019-05-01 05:02 - 000000000 ____D C:\ProgramData\{A9E6D5CC-C748-245C-30DA-DFA8303D86F9}
2019-04-25 01:04 - 2019-05-01 05:02 - 000000000 ____D C:\ProgramData\{981C4A17-5893-15A6-EB45-2599EBA27CC8}
2019-04-25 01:04 - 2019-04-25 01:55 - 000000000 ____D C:\Program Files (x86)\Fartouch
2019-04-25 01:04 - 2019-04-25 01:04 - 000000000 ____D C:\ProgramData\fb
2019-04-25 01:03 - 2019-04-25 01:03 - 000014710 ____C C:\Users\Viktor\Documents\kenshi-v1_0_25.torrent
2019-04-24 08:42 - 2019-04-24 08:42 - 000000894 ____C C:\Users\Viktor\Desktop\Steel Division Normandy 44 Back to Hell.lnk
2019-04-24 08:42 - 2019-04-24 08:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steel Division Normandy 44 Back to Hell
2019-04-22 01:28 - 2019-04-22 01:28 - 000000852 _____ C:\Users\Public\Desktop\Project Highrise.lnk
2019-04-22 01:28 - 2019-04-22 01:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project Highrise [GOG.com]
2019-04-21 04:29 - 2019-04-21 19:05 - 000000000 ____D C:\ProgramData\Intel
2019-04-21 04:25 - 2019-04-21 04:25 - 000002685 _____ C:\Users\Public\Desktop\Intel(R) Extreme Tuning Utility.lnk
2019-04-21 04:25 - 2019-04-21 04:25 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel
2019-04-21 04:25 - 2019-04-21 04:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-04-21 04:25 - 2019-04-21 04:25 - 000000000 ____D C:\Program Files (x86)\Intel
2019-04-21 04:22 - 2019-04-21 04:22 - 000000914 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2019-04-21 04:22 - 2019-04-21 04:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2019-04-21 04:22 - 2019-04-21 04:22 - 000000000 ____D C:\Program Files\CPUID
2019-04-20 02:18 - 2019-04-20 02:18 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2019-04-20 02:18 - 2019-04-20 02:18 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2019-04-19 04:49 - 2019-04-19 04:49 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Kaedrin Mod Manager
2019-04-18 07:24 - 2019-04-18 07:24 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignab9d47fd729f0e99
2019-04-18 07:19 - 2019-04-18 07:19 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign48192dfd30b81c22
2019-04-18 07:18 - 2019-04-18 07:18 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignee4b6bec070b6ef2
2019-04-18 07:18 - 2019-04-18 07:18 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignca22dc866afc2035
2019-04-18 07:18 - 2019-04-18 07:18 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign30991d3624d56e27
2019-04-17 06:43 - 2019-04-17 06:43 - 000000905 ____C C:\Users\Viktor\Desktop\blender.lnk
2019-04-17 06:43 - 2019-04-17 06:43 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2019-04-17 03:20 - 2019-04-17 03:22 - 000000000 ____D C:\Users\Viktor\New Unity Project
2019-04-17 03:20 - 2019-04-17 03:20 - 000000000 ___DC C:\Users\Viktor\AppData\LocalLow\DefaultCompany
2019-04-17 03:15 - 2019-04-17 03:15 - 000000000 ___DC C:\Users\Viktor\Documents\Visual Studio 2017
2019-04-17 03:15 - 2019-04-17 03:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2017 Tools for Unity
2019-04-17 03:15 - 2019-04-17 03:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
2019-04-17 03:13 - 2019-04-17 03:13 - 000000000 ____D C:\ProgramData\Windows App Certification Kit
2019-04-17 03:13 - 2019-04-17 03:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2019-04-17 03:13 - 2019-04-17 03:13 - 000000000 ____D C:\Program Files\Application Verifier
2019-04-17 03:13 - 2019-04-17 03:13 - 000000000 ____D C:\Program Files (x86)\Application Verifier
2019-04-17 03:07 - 2019-04-17 03:20 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Unity
2019-04-17 03:07 - 2019-04-17 03:20 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Unity
2019-04-17 03:03 - 2019-04-17 03:15 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2019-04-17 03:03 - 2019-04-17 03:13 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2019-04-17 03:03 - 2019-04-17 03:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
2019-04-17 03:02 - 2019-04-17 03:02 - 000001499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017.lnk
2019-04-17 03:01 - 2019-04-17 03:15 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Visual Studio Setup
2019-04-17 03:01 - 2019-04-17 03:01 - 000001359 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2019-04-17 03:01 - 2019-04-17 03:01 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\vstelemetry
2019-04-17 03:01 - 2019-04-17 03:01 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Microsoft Visual Studio
2019-04-17 03:01 - 2019-04-17 03:01 - 000000000 ___DC C:\Users\Viktor\AppData\Local\ServiceHub
2019-04-17 03:01 - 2019-04-17 03:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2019-04-17 03:00 - 2019-04-17 03:00 - 000001292 _____ C:\Users\Public\Desktop\Unity 2019.1.0f2 (64-bit).lnk
2019-04-17 03:00 - 2019-04-17 03:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2019.1.0f2 (64-bit)
2019-04-17 03:00 - 2019-04-17 03:00 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio
2019-04-17 02:59 - 2019-04-17 02:59 - 000000000 ____D C:\Program Files\Unity
2019-04-17 02:50 - 2019-04-17 02:50 - 000000000 ____D C:\ProgramData\Unity
2019-04-17 02:45 - 2019-04-21 04:26 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\UnityHub
2019-04-17 02:44 - 2019-04-17 02:45 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Unity Hub
2019-04-17 02:44 - 2019-04-17 02:44 - 000000963 _____ C:\Users\Public\Desktop\Unity Hub.lnk
2019-04-17 02:44 - 2019-04-17 02:44 - 000000963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity Hub.lnk
2019-04-14 17:30 - 2019-04-29 02:56 - 000001894 ____C C:\Users\Viktor\Desktop\RimWorldWin64.exe – zástupce (2).lnk
2019-04-14 17:14 - 2019-04-14 17:11 - 007025360 ____C (Malwarebytes) C:\Users\Viktor\Desktop\AdwCleaner.exe
2019-04-14 14:16 - 2019-05-01 15:48 - 000000000 ____D C:\FRST
2019-04-14 13:55 - 2019-04-14 13:57 - 000000000 ____D C:\AdwCleaner
2019-04-14 02:02 - 2019-04-14 02:02 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignf3ccd56604a6f1ce
2019-04-14 01:57 - 2019-04-14 01:57 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign689c36f6b586d2e3
2019-04-14 01:55 - 2019-04-14 01:55 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign003510523f393a63
2019-04-14 01:11 - 2019-04-14 01:11 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignd844b315cfb03a40
2019-04-14 01:03 - 2019-04-14 01:03 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignd05436b799aa4477
2019-04-14 00:38 - 2019-04-14 00:38 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign124104dc2ff97511
2019-04-14 00:37 - 2019-04-14 00:37 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignd492c9d4e8f9042a
2019-04-14 00:37 - 2019-04-14 00:37 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign325f5095b18056f1
2019-04-14 00:37 - 2019-04-14 00:37 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign23630efe59e689da
2019-04-13 13:54 - 2019-04-13 13:54 - 000001324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Repair.lnk
2019-04-13 13:54 - 2019-04-13 13:54 - 000001312 _____ C:\Users\Public\Desktop\Registry Repair.lnk
2019-04-13 13:54 - 2019-04-13 13:54 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\GlarySoft
2019-04-13 13:54 - 2019-04-13 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2019-04-13 13:54 - 2019-04-13 13:54 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2019-04-13 02:22 - 2019-04-13 02:22 - 000699824 ____C C:\Users\Viktor\Documents\cc_20190413_022209.reg
2019-04-13 01:54 - 2019-04-13 01:54 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign8b87c090ef903010
2019-04-13 01:41 - 2019-04-13 01:41 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign8d24925776db14e9
2019-04-13 01:08 - 2019-04-13 01:08 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignf92f806b41f021f8
2019-04-13 01:05 - 2019-04-13 01:05 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign29f568f672d5b4a7
2019-04-13 00:29 - 2019-04-13 00:29 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignb32499e6640af6ef
2019-04-13 00:29 - 2019-04-13 00:29 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign346aec6a6a76ad2d
2019-04-13 00:25 - 2019-04-13 00:25 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign110e15a64e51cfae
2019-04-12 23:30 - 2019-04-13 02:20 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2019-04-12 23:29 - 2019-04-13 02:20 - 000000000 ____D C:\ProgramData\NCH Software
2019-04-12 23:29 - 2019-04-13 02:18 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\NCH Software
2019-04-12 22:13 - 2019-04-12 22:13 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignf7e51400cfa6fa7d
2019-04-12 15:23 - 2019-04-12 15:23 - 000000814 _____ C:\Users\Public\Desktop\Frostpunk.lnk
2019-04-12 15:23 - 2019-04-12 15:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frostpunk [GOG.com]
2019-04-12 01:15 - 2019-04-12 01:15 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign0426d50f0d2e7d23
2019-04-12 00:52 - 2019-04-12 00:52 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign71dbd6bdf7a9f829
2019-04-11 23:49 - 2019-04-11 23:49 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign494651ddf307f466
2019-04-11 23:37 - 2019-04-11 23:40 - 000000000 ___DC C:\Users\Viktor\Desktop\svět po světě
2019-04-11 00:41 - 2019-04-11 00:41 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign084e453206e6c1f0
2019-04-11 00:38 - 2019-04-11 00:38 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignf06a5cd787eddea0
2019-04-11 00:38 - 2019-04-11 00:38 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign70793c8a3803f36f
2019-04-09 22:03 - 2019-04-09 22:03 - 000000782 ____C C:\Users\Viktor\Desktop\ЗапуститьAssassins Creed Odyssey.lnk
2019-04-08 20:04 - 2019-04-08 20:04 - 000001430 _____ C:\Users\Public\Desktop\Farming Simulator 19.lnk
2019-04-08 13:24 - 2019-04-08 13:24 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Targem
2019-04-08 12:17 - 2019-04-08 12:17 - 000000222 ____C C:\Users\Viktor\Desktop\Crossout.url
2019-04-08 12:17 - 2019-04-08 12:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossout
2019-04-06 22:58 - 2019-04-06 22:58 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\launcher
2019-04-05 03:03 - 2019-04-05 03:03 - 000000000 ____C C:\Users\Viktor\Desktop\Nový textový dokument (3).txt
2019-04-03 13:29 - 2019-04-03 13:29 - 000000000 _____ C:\WINDOWS\System32\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
2019-04-03 02:09 - 2019-04-25 01:23 - 000000000 ___HD C:\VTRoot
2019-04-03 01:59 - 2019-04-03 01:59 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2019-04-03 01:59 - 2019-04-03 01:59 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2019-04-03 01:54 - 2019-04-29 02:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2019-04-03 01:54 - 2019-04-29 02:57 - 000000000 ____D C:\Program Files (x86)\Comodo
2019-04-03 01:54 - 2019-01-29 10:42 - 000254440 _____ (COMODO) C:\WINDOWS\system32\iseguard64.dll
2019-04-03 01:54 - 2019-01-29 10:42 - 000205024 _____ (COMODO) C:\WINDOWS\SysWOW64\iseguard32.dll
2019-04-03 01:54 - 2018-08-30 00:55 - 000063256 _____ (COMODO) C:\WINDOWS\system32\Drivers\isedrv.sys
2019-04-03 01:52 - 2019-04-29 02:58 - 000000000 ____D C:\ProgramData\Comodo
2019-04-02 13:59 - 2019-04-02 13:59 - 000001059 _____ C:\Users\Public\Desktop\Shadow Tactics - Blades of the Shogun.lnk
2019-04-02 13:59 - 2019-04-02 13:59 - 000000000 ___DC C:\Users\Viktor\AppData\LocalLow\Daedalic Entertainment GmbH
2019-04-02 13:59 - 2019-04-02 13:59 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Daedalic Entertainment GmbH
2019-04-02 13:59 - 2019-04-02 13:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shadow Tactics - Blades of the Shogun [GOG.com]
2019-04-02 11:35 - 2019-04-02 11:35 - 000000895 _____ C:\Users\Public\Desktop\Project Hospital.lnk
2019-04-02 11:35 - 2019-04-02 11:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project Hospital [GOG.com]
2019-04-01 16:02 - 2019-04-01 16:03 - 000000000 ___DC C:\Users\Viktor\Desktop\game
2019-04-01 01:52 - 2019-04-01 01:52 - 000000837 ____C C:\Users\Viktor\Desktop\Europa Universalis IV Golden Century.lnk
2019-04-01 01:42 - 2019-04-01 01:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Europa Universalis IV Golden Century

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-01 15:46 - 2017-09-19 21:34 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\uTorrent
2019-05-01 15:46 - 2017-05-22 17:10 - 000000000 ___DC C:\Users\Viktor\AppData\Local\CrashDumps
2019-05-01 13:24 - 2018-05-14 17:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-01 12:42 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-05-01 12:25 - 2017-05-19 16:48 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-01 04:52 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-30 11:34 - 2018-05-14 17:13 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-30 11:34 - 2018-04-12 17:50 - 000715034 _____ C:\WINDOWS\system32\perfh005.dat
2019-04-30 11:34 - 2018-04-12 17:50 - 000144328 _____ C:\WINDOWS\system32\perfc005.dat
2019-04-30 11:34 - 2018-04-12 01:36 - 000000000 ___HD C:\WINDOWS\INF
2019-04-30 11:29 - 2019-02-26 21:34 - 000000000 ___RD C:\Users\Viktor\Disk Google
2019-04-30 11:28 - 2018-05-14 17:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-29 05:30 - 2018-05-14 17:06 - 000000000 ____D C:\Users\Viktor
2019-04-29 03:09 - 2018-05-15 23:22 - 000000000 ___DC C:\Users\Viktor\AppData\Local\D3DSCache
2019-04-29 03:08 - 2018-03-13 22:28 - 000000000 ___DC C:\Users\Viktor\Documents\SkidRow
2019-04-29 03:02 - 2017-12-02 21:12 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Ubisoft Game Launcher
2019-04-29 02:57 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-29 02:56 - 2018-10-31 12:05 - 000001801 ____C C:\Users\Viktor\Desktop\ProjectHospital.exe – zástupce.lnk
2019-04-29 02:56 - 2018-10-27 01:14 - 000001621 ____C C:\Users\Viktor\Desktop\RimWorldWin64.exe – zástupce.lnk
2019-04-29 02:56 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-27 02:20 - 2017-07-29 15:16 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\vlc
2019-04-26 14:01 - 2017-05-28 15:04 - 000000000 ___DC C:\Users\Viktor\Documents\Paradox Interactive
2019-04-25 06:15 - 2017-05-19 17:53 - 000000000 ____D C:\Program Files (x86)\Google
2019-04-25 03:23 - 2017-05-19 17:53 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Google
2019-04-25 02:40 - 2018-04-12 01:38 - 000000000 __SHD C:\Program Files\Windows Sidebar
2019-04-25 01:53 - 2017-10-23 01:04 - 000000000 ____D C:\ProgramData\HitmanPro
2019-04-25 01:50 - 2017-10-18 13:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-24 02:56 - 2019-02-06 14:55 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-04-22 10:13 - 2019-01-02 15:06 - 000000000 ___HD C:\WINDOWS\Minidump
2019-04-21 04:25 - 2017-05-20 01:41 - 000000000 ____D C:\ProgramData\Package Cache
2019-04-20 02:21 - 2019-02-26 21:29 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2019-04-20 02:21 - 2019-02-26 21:29 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2019-04-20 02:21 - 2019-02-26 21:29 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2019-04-20 02:21 - 2019-02-26 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-04-19 04:08 - 2018-05-14 17:10 - 000003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3348608579-3824376785-1914751379-1001
2019-04-19 04:08 - 2018-05-14 17:06 - 000002404 ____C C:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-19 04:08 - 2017-12-28 17:28 - 000000000 ___RD C:\Users\Viktor\OneDrive
2019-04-19 00:53 - 2018-05-14 15:58 - 000000000 __HDC C:\WINDOWS\Panther
2019-04-19 00:53 - 2017-05-19 16:59 - 000000000 ____D C:\ESD
2019-04-17 03:20 - 2017-09-16 17:04 - 000000000 ___DC C:\Users\Viktor\AppData\LocalLow\Unity
2019-04-17 03:14 - 2018-04-12 01:30 - 000000000 ___HD C:\WINDOWS\CbsTemp
2019-04-17 03:05 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-04-17 03:03 - 2018-05-14 18:00 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-04-15 12:58 - 2018-04-25 19:17 - 000000000 ___DC C:\Users\Viktor\AppData\LocalLow\Temp
2019-04-11 00:41 - 2018-12-21 23:17 - 000000000 ___DC C:\Users\Viktor\Desktop\Nová složka
2019-04-08 20:04 - 2019-01-04 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 19
2019-04-08 13:24 - 2018-07-14 21:08 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\EasyAntiCheat
2019-04-08 13:24 - 2017-05-21 00:34 - 000000000 ___DC C:\Users\Viktor\Documents\My Games
2019-04-08 12:17 - 2017-05-19 18:39 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-04-06 23:19 - 2017-05-22 19:25 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\TS3Client
2019-04-03 13:29 - 2019-02-26 21:34 - 000001965 ____C C:\Users\Viktor\Desktop\Disk Google.lnk
2019-04-03 13:29 - 2018-11-18 08:24 - 000002361 ____C C:\Users\Viktor\Desktop\WeMod.lnk
2019-04-03 13:29 - 2018-05-21 21:23 - 000002441 ____C C:\Users\Viktor\Desktop\Discord.lnk
2019-04-03 13:29 - 2017-09-19 21:34 - 000001196 ____C C:\Users\Viktor\Desktop\µTorrent.lnk
2019-04-03 13:29 - 2017-05-22 19:25 - 000001429 ____C C:\Users\Viktor\Desktop\TeamSpeak 3 Client.lnk
2019-04-03 01:58 - 2019-02-13 13:30 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2019-04-03 01:57 - 2017-05-19 16:48 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-04-03 01:56 - 2018-11-18 08:24 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\WeMod
2019-04-03 01:44 - 2019-03-29 17:43 - 000000000 ___DC C:\Users\Viktor\AppData\Local\WeMod
2019-04-03 01:44 - 2018-11-18 08:24 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2019-04-03 01:44 - 2018-05-21 21:23 - 000000000 ___DC C:\Users\Viktor\AppData\Local\SquirrelTemp
2019-04-01 18:02 - 2017-10-14 15:56 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\.minecraft
2019-04-01 16:02 - 2019-02-14 22:52 - 000000516 ____C C:\Users\Viktor\Desktop\updateLog.txt
2019-04-01 16:02 - 2018-09-08 19:37 - 000000843 ____C C:\Users\Viktor\Desktop\nativelog.txt
2019-04-01 16:02 - 2018-09-08 19:37 - 000000000 ___DC C:\Users\Viktor\Desktop\tmp
2019-04-01 16:02 - 2018-08-05 23:13 - 001526144 ____C (Mojang) C:\Users\Viktor\Desktop\Minecraft.exe

==================== Files in the root of some directories =======

2018-07-28 22:55 - 2018-07-28 22:55 - 000000112 ____C () C:\Users\Viktor\AppData\Roaming\Předvolby CS6 pro JP2K
2019-01-15 21:35 - 2019-01-16 11:35 - 000000600 ____C () C:\Users\Viktor\AppData\Roaming\winscp.rnd
2018-10-13 14:13 - 2018-10-13 14:18 - 000001480 ____C () C:\Users\Viktor\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2017-11-05 01:36 - 2017-11-05 01:38 - 000007605 ____C () C:\Users\Viktor\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================
Přílohy
Addition.rar
(14.91 KiB) Staženo 77 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Oznamovací okno plné reklam.

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

drobek1985
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 14 dub 2019 13:07

Re: Oznamovací okno plné reklam.

#3 Příspěvek od drobek1985 »

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-01-2019
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 33
# Failed: 0


***** [ Services ] *****

Deleted ReimageRealTimeProtector

***** [ Folders ] *****

Deleted C:\Program Files\Reimage
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
Deleted C:\ProgramData\Reimage Protector
Deleted C:\rei

***** [ Files ] *****

Deleted C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
Deleted C:\Windows\Reimage.ini
Deleted C:\Windows\Temp\reimage.log

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\REIMAGEUPDATER

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKCU\Software\Reimage
Deleted HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDFFE908-BAC2-41EB-93F6-7E29B2B884EA}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReimageUpdater
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe
Deleted HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine.1
Deleted HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
Deleted HKLM\Software\Reimage
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email
Deleted Seznam doplněk - Esko

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4732 octets] - [14/04/2019 13:56:26]
AdwCleaner[C00].txt - [4246 octets] - [14/04/2019 13:57:17]
AdwCleaner_Debug.log - [119715 octets] - [14/04/2019 17:14:57]
AdwCleaner[S01].txt - [1507 octets] - [14/04/2019 17:16:14]
AdwCleaner[C01].txt - [1656 octets] - [14/04/2019 17:17:00]
AdwCleaner[S02].txt - [1630 octets] - [14/04/2019 17:19:48]
AdwCleaner[S03].txt - [4181 octets] - [25/04/2019 01:34:37]
AdwCleaner[C03].txt - [3863 octets] - [25/04/2019 01:34:53]
AdwCleaner[S04].txt - [1838 octets] - [25/04/2019 01:36:39]
AdwCleaner[C04].txt - [1966 octets] - [25/04/2019 01:37:06]
AdwCleaner[S05].txt - [1960 octets] - [25/04/2019 01:38:27]
AdwCleaner[S06].txt - [2406 octets] - [25/04/2019 03:14:09]
AdwCleaner[C06].txt - [2500 octets] - [25/04/2019 03:15:43]
AdwCleaner[S07].txt - [2045 octets] - [25/04/2019 03:17:32]
AdwCleaner[S08].txt - [4870 octets] - [01/05/2019 17:39:12]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C08].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Oznamovací okno plné reklam.

#4 Příspěvek od Rudy »

Dejte nové lpgy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

drobek1985
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 14 dub 2019 13:07

Re: Oznamovací okno plné reklam.

#5 Příspěvek od drobek1985 »

Pardon..
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-05.2019
Ran by Viktor (administrator) on GRONUS (MSI MS-7850) (02-05-2019 06:30:44)
Running from A:\Users\Viktor\Downloads
Loaded Profiles: Viktor (Available Profiles: Viktor)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: Čeština (Česko)
Default browser: IE
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE
() [File not signed] C:\Program Files (x86)\Gaming Keyboard\OSD.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Gaijin Network LTD -> Gaijin Entertainment) C:\Users\Viktor\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Users\Viktor\Desktop\AdwCleaner.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) A:\Program Files (x86)\Steam\Steam.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [193024 2019-02-13] (Microsoft Corporation) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-01-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.)
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [270336 2013-04-09] () [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\...\Run: [Steam] => "A:\Program Files (x86)\Steam\steam.exe" -silent
HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\...\Run: [Discord] => C:\Users\Viktor\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46506040 2019-04-09] (Google LLC -> )
HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\...\Run: [Gaijin.Net Updater] => C:\Users\Viktor\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2105416 2019-04-20] (Gaijin Network LTD -> Gaijin Entertainment)
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.108\Installer\chrmstp.exe [2019-04-25] (Google LLC -> Google Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1C37C83A-1082-4447-9C95-2861E7E270A4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648688 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2327AE85-ACFA-428E-90FA-EF3D619B846D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3729392 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {32FA7A9E-F958-4926-A395-D4F051AD2B52} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2408496 2019-04-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3C19D1E0-2F09-4789-A180-C654B929CF19} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3F3BD994-DB02-4FEE-B3C3-817E98F1F20A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {59C7141D-284D-4CAA-BE9F-EFB5C21005C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
Task: {5A0EA278-AF1A-4533-9549-B9C6EF8486AF} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5EBBE9E7-EBE6-48BB-811C-D525D0B5E7EA} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {638C7CF6-8E19-43EF-80D3-F64BEA19727A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [591344 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6390889A-6A6C-4B41-98B2-51D7ABD6B665} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6ADA3922-59B0-438D-8C52-6F309324F734} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
Task: {72B024C5-7984-4B7C-81CF-1B6854EADC02} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {75858300-5267-453C-9B9B-C039B3E2FAA7} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9534C801-1BED-4230-919A-6FE6CA8B560B} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1652536 2018-11-05] (Intel(R) Software -> Intel Corporation)
Task: {97570CEF-AFDC-4AD7-9ABA-AF2FDFA744A5} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9BCF1657-6DBC-4B2C-A2E3-198C649E515A} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
Task: {BFBE4C0D-35F6-4DDA-B848-788CF7664F59} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BFE741A5-5854-4A06-B96F-164E976790A5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {CCCC5529-DCFB-475F-A1DB-695BF91F2D41} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D6AE993E-76D7-4501-A2BE-751AD9EEC365} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
Task: {DE1FE768-6AB8-486A-8EA7-9DB2B8796683} - System32\Tasks\RogueKiller Anti-Malware => C:\Program Files\RogueKiller\RogueKiller64.exe [33953848 2019-04-24] (Adlice -> )
Task: {FD7D8255-14C5-492F-8D35-D91310D5A98F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7C88A368-4F75-4C37-9469-2391468D556A}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.2\bin\jp2ssv.dll [2018-10-10] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\dtplugin\npDeployJava1.dll [2018-10-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\plugin2\npjp2.dll [2018-10-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2017-07-14] (Adobe Systems Incorporated -> )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.cz/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default [2019-05-02]
CHR Extension: (Prezentace) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-25]
CHR Extension: (Dokumenty) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-25]
CHR Extension: (Disk Google) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-25]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-05-01]
CHR Extension: (YouTube) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-25]
CHR Extension: (Tabulky) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-25]
CHR Extension: (AdBlock) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-25]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-04-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-25]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-05-01]
CHR Extension: (Gmail) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-25]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3348608579-3824376785-1914751379-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8361960 2019-01-25] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2019-01-24] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\NisSrv.exe [4096976 2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
R2 XTU3SERVICE; C:\WINDOWS\SysWOW64\XtuService.exe [26200 2019-03-26] (Intel Corporation -> Intel(R) Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.)
S3 aswbIDSAgent; "C:\Program Files\AVAST Software\Avast\aswidsagent.exe" [X]
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-02-06] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249456 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-30] (Comodo Security Solutions, Inc. -> COMODO)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [114040 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_52ac7eb8f32780d5\nvlddmkm.sys [17211376 2018-08-01] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-02-26] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 qcfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [49208 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbnet; C:\WINDOWS\system32\DRIVERS\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46488 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [343032 2019-01-24] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [63480 2019-01-24] (Microsoft Windows -> Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [56024 2019-03-26] (Intel(R) Extreme Tuning Utility -> Intel Corporation)
R3 XTUComponent; C:\WINDOWS\System32\drivers\iocbios2.sys [38064 2019-03-26] (Intel Corporation -> Intel Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2019-04-25] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2019-04-25] (Zemana Ltd. -> Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-01 17:40 - 2019-05-01 17:40 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-05-01 17:40 - 2019-05-01 17:40 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-05-01 17:40 - 2019-05-01 17:40 - 000114040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-05-01 17:40 - 2019-05-01 17:40 - 000073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-05-01 12:55 - 2019-05-01 12:55 - 000001339 ____C C:\Users\Viktor\Desktop\kenshi_x64.exe – zástupce.lnk
2019-05-01 12:54 - 2019-05-01 12:54 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-05-01 12:31 - 2019-05-01 12:34 - 000000000 ____D C:\ProgramData\ReimageRepair
2019-05-01 09:59 - 2019-05-01 12:30 - 000000000 ____D C:\ProgramData\RogueKiller
2019-05-01 09:59 - 2019-05-01 09:59 - 000003136 _____ C:\WINDOWS\System32\Tasks\RogueKiller Anti-Malware
2019-05-01 09:59 - 2019-05-01 09:59 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2019-05-01 09:59 - 2019-05-01 09:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2019-05-01 09:59 - 2019-05-01 09:59 - 000000000 ____D C:\Program Files\RogueKiller
2019-04-29 03:08 - 2016-04-13 06:54 - 000000000 ___DC C:\Users\Viktor\Desktop\SKIDROW
2019-04-29 03:02 - 2019-04-29 10:36 - 000000000 ___DC C:\Users\Viktor\Documents\Assassin's Creed Syndicate
2019-04-29 02:34 - 2019-04-29 02:34 - 000001270 _____ C:\Users\Public\Desktop\Assassins Creed Syndicate - The Dreadful Crimes.lnk
2019-04-29 02:34 - 2019-04-29 02:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2019-04-27 10:28 - 2019-04-27 10:28 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignf1888b1774cd1e76
2019-04-27 09:30 - 2019-04-27 09:30 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign2a69c0a303261ade
2019-04-27 09:27 - 2019-04-27 09:27 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignfd44f93a0717b2ad
2019-04-27 09:27 - 2019-04-27 09:27 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignd86e65b5cd902c00
2019-04-26 14:01 - 2019-04-28 02:10 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\launcher-main
2019-04-26 14:01 - 2019-04-26 14:01 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Paradox Launcher
2019-04-26 14:01 - 2019-04-26 14:01 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Paradox Interactive
2019-04-26 12:51 - 2019-04-26 12:51 - 000000974 _____ C:\Users\Public\Desktop\Imperator - Rome.lnk
2019-04-26 12:51 - 2019-04-26 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imperator - Rome [GOG.com]
2019-04-25 09:42 - 2019-04-25 09:42 - 000000053 _____ C:\WINDOWS\WrpYGF74DrEm.ini
2019-04-25 06:15 - 2019-04-25 06:15 - 000003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-25 06:15 - 2019-04-25 06:15 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-25 06:15 - 2019-04-25 06:15 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-25 06:15 - 2019-04-25 06:15 - 000002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-25 03:23 - 2019-04-25 10:01 - 000002395 ____C C:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-25 03:06 - 2019-04-25 03:06 - 000101634 ____C C:\Users\Viktor\Documents\cc_20190425_030647.reg
2019-04-25 02:35 - 2019-05-02 06:30 - 000145849 _____ C:\WINDOWS\ZAM.krnl.trace
2019-04-25 02:35 - 2019-05-02 06:30 - 000117362 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2019-04-25 02:35 - 2019-04-25 03:16 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2019-04-25 02:35 - 2019-04-25 02:35 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2019-04-25 02:35 - 2019-04-25 02:35 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2019-04-25 02:35 - 2019-04-25 02:35 - 000001145 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2019-04-25 02:35 - 2019-04-25 02:35 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Zemana
2019-04-25 02:35 - 2019-04-25 02:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2019-04-25 02:00 - 2019-04-25 02:00 - 000001966 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2019-04-25 02:00 - 2019-04-25 02:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2019-04-25 02:00 - 2019-04-25 02:00 - 000000000 ____D C:\Program Files\HitmanPro
2019-04-25 01:50 - 2019-04-25 01:50 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-25 01:50 - 2019-04-25 01:50 - 000000000 ___DC C:\Users\Viktor\AppData\Local\mbamtray
2019-04-25 01:50 - 2019-04-25 01:50 - 000000000 ___DC C:\Users\Viktor\AppData\Local\mbam
2019-04-25 01:50 - 2019-04-25 01:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-25 01:50 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-04-25 01:50 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-04-25 01:04 - 2019-05-01 05:02 - 000000000 ____D C:\ProgramData\{A9E6D5CC-C748-245C-30DA-DFA8303D86F9}
2019-04-25 01:04 - 2019-05-01 05:02 - 000000000 ____D C:\ProgramData\{981C4A17-5893-15A6-EB45-2599EBA27CC8}
2019-04-25 01:04 - 2019-04-25 01:55 - 000000000 ____D C:\Program Files (x86)\Fartouch
2019-04-25 01:04 - 2019-04-25 01:04 - 000000000 ____D C:\ProgramData\fb
2019-04-25 01:03 - 2019-04-25 01:03 - 000014710 ____C C:\Users\Viktor\Documents\kenshi-v1_0_25.torrent
2019-04-24 08:42 - 2019-04-24 08:42 - 000000894 ____C C:\Users\Viktor\Desktop\Steel Division Normandy 44 Back to Hell.lnk
2019-04-24 08:42 - 2019-04-24 08:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steel Division Normandy 44 Back to Hell
2019-04-22 01:28 - 2019-04-22 01:28 - 000000852 _____ C:\Users\Public\Desktop\Project Highrise.lnk
2019-04-22 01:28 - 2019-04-22 01:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project Highrise [GOG.com]
2019-04-21 04:29 - 2019-04-21 19:05 - 000000000 ____D C:\ProgramData\Intel
2019-04-21 04:25 - 2019-04-21 04:25 - 000002685 _____ C:\Users\Public\Desktop\Intel(R) Extreme Tuning Utility.lnk
2019-04-21 04:25 - 2019-04-21 04:25 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel
2019-04-21 04:25 - 2019-04-21 04:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-04-21 04:25 - 2019-04-21 04:25 - 000000000 ____D C:\Program Files (x86)\Intel
2019-04-21 04:22 - 2019-04-21 04:22 - 000000914 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2019-04-21 04:22 - 2019-04-21 04:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2019-04-21 04:22 - 2019-04-21 04:22 - 000000000 ____D C:\Program Files\CPUID
2019-04-20 02:18 - 2019-04-20 02:18 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2019-04-20 02:18 - 2019-04-20 02:18 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2019-04-19 04:49 - 2019-04-19 04:49 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Kaedrin Mod Manager
2019-04-18 07:24 - 2019-04-18 07:24 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignab9d47fd729f0e99
2019-04-18 07:19 - 2019-04-18 07:19 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign48192dfd30b81c22
2019-04-18 07:18 - 2019-04-18 07:18 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignee4b6bec070b6ef2
2019-04-18 07:18 - 2019-04-18 07:18 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignca22dc866afc2035
2019-04-18 07:18 - 2019-04-18 07:18 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign30991d3624d56e27
2019-04-17 06:43 - 2019-04-17 06:43 - 000000905 ____C C:\Users\Viktor\Desktop\blender.lnk
2019-04-17 06:43 - 2019-04-17 06:43 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2019-04-17 03:20 - 2019-04-17 03:22 - 000000000 ____D C:\Users\Viktor\New Unity Project
2019-04-17 03:20 - 2019-04-17 03:20 - 000000000 ___DC C:\Users\Viktor\AppData\LocalLow\DefaultCompany
2019-04-17 03:15 - 2019-04-17 03:15 - 000000000 ___DC C:\Users\Viktor\Documents\Visual Studio 2017
2019-04-17 03:15 - 2019-04-17 03:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2017 Tools for Unity
2019-04-17 03:15 - 2019-04-17 03:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
2019-04-17 03:13 - 2019-04-17 03:13 - 000000000 ____D C:\ProgramData\Windows App Certification Kit
2019-04-17 03:13 - 2019-04-17 03:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2019-04-17 03:13 - 2019-04-17 03:13 - 000000000 ____D C:\Program Files\Application Verifier
2019-04-17 03:13 - 2019-04-17 03:13 - 000000000 ____D C:\Program Files (x86)\Application Verifier
2019-04-17 03:07 - 2019-04-17 03:20 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Unity
2019-04-17 03:07 - 2019-04-17 03:20 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Unity
2019-04-17 03:03 - 2019-04-17 03:15 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2019-04-17 03:03 - 2019-04-17 03:13 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2019-04-17 03:03 - 2019-04-17 03:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
2019-04-17 03:02 - 2019-04-17 03:02 - 000001499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017.lnk
2019-04-17 03:01 - 2019-04-17 03:15 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Visual Studio Setup
2019-04-17 03:01 - 2019-04-17 03:01 - 000001359 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2019-04-17 03:01 - 2019-04-17 03:01 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\vstelemetry
2019-04-17 03:01 - 2019-04-17 03:01 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Microsoft Visual Studio
2019-04-17 03:01 - 2019-04-17 03:01 - 000000000 ___DC C:\Users\Viktor\AppData\Local\ServiceHub
2019-04-17 03:01 - 2019-04-17 03:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2019-04-17 03:00 - 2019-04-17 03:00 - 000001292 _____ C:\Users\Public\Desktop\Unity 2019.1.0f2 (64-bit).lnk
2019-04-17 03:00 - 2019-04-17 03:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2019.1.0f2 (64-bit)
2019-04-17 03:00 - 2019-04-17 03:00 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio
2019-04-17 02:59 - 2019-04-17 02:59 - 000000000 ____D C:\Program Files\Unity
2019-04-17 02:50 - 2019-04-17 02:50 - 000000000 ____D C:\ProgramData\Unity
2019-04-17 02:45 - 2019-04-21 04:26 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\UnityHub
2019-04-17 02:44 - 2019-04-17 02:45 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Unity Hub
2019-04-17 02:44 - 2019-04-17 02:44 - 000000963 _____ C:\Users\Public\Desktop\Unity Hub.lnk
2019-04-17 02:44 - 2019-04-17 02:44 - 000000963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity Hub.lnk
2019-04-14 17:30 - 2019-04-29 02:56 - 000001894 ____C C:\Users\Viktor\Desktop\RimWorldWin64.exe – zástupce (2).lnk
2019-04-14 17:14 - 2019-04-14 17:11 - 007025360 ____C (Malwarebytes) C:\Users\Viktor\Desktop\AdwCleaner.exe
2019-04-14 14:16 - 2019-05-02 06:30 - 000000000 ____D C:\FRST
2019-04-14 13:55 - 2019-04-14 13:57 - 000000000 ____D C:\AdwCleaner
2019-04-14 02:02 - 2019-04-14 02:02 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignf3ccd56604a6f1ce
2019-04-14 01:57 - 2019-04-14 01:57 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign689c36f6b586d2e3
2019-04-14 01:55 - 2019-04-14 01:55 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign003510523f393a63
2019-04-14 01:11 - 2019-04-14 01:11 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignd844b315cfb03a40
2019-04-14 01:03 - 2019-04-14 01:03 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignd05436b799aa4477
2019-04-14 00:38 - 2019-04-14 00:38 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign124104dc2ff97511
2019-04-14 00:37 - 2019-04-14 00:37 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignd492c9d4e8f9042a
2019-04-14 00:37 - 2019-04-14 00:37 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign325f5095b18056f1
2019-04-14 00:37 - 2019-04-14 00:37 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign23630efe59e689da
2019-04-13 13:54 - 2019-04-13 13:54 - 000001324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Repair.lnk
2019-04-13 13:54 - 2019-04-13 13:54 - 000001312 _____ C:\Users\Public\Desktop\Registry Repair.lnk
2019-04-13 13:54 - 2019-04-13 13:54 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\GlarySoft
2019-04-13 13:54 - 2019-04-13 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2019-04-13 13:54 - 2019-04-13 13:54 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2019-04-13 02:22 - 2019-04-13 02:22 - 000699824 ____C C:\Users\Viktor\Documents\cc_20190413_022209.reg
2019-04-13 01:54 - 2019-04-13 01:54 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign8b87c090ef903010
2019-04-13 01:41 - 2019-04-13 01:41 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign8d24925776db14e9
2019-04-13 01:08 - 2019-04-13 01:08 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignf92f806b41f021f8
2019-04-13 01:05 - 2019-04-13 01:05 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign29f568f672d5b4a7
2019-04-13 00:29 - 2019-04-13 00:29 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignb32499e6640af6ef
2019-04-13 00:29 - 2019-04-13 00:29 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign346aec6a6a76ad2d
2019-04-13 00:25 - 2019-04-13 00:25 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign110e15a64e51cfae
2019-04-12 23:30 - 2019-04-13 02:20 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2019-04-12 23:29 - 2019-04-13 02:20 - 000000000 ____D C:\ProgramData\NCH Software
2019-04-12 23:29 - 2019-04-13 02:18 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\NCH Software
2019-04-12 22:13 - 2019-04-12 22:13 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignf7e51400cfa6fa7d
2019-04-12 15:23 - 2019-04-12 15:23 - 000000814 _____ C:\Users\Public\Desktop\Frostpunk.lnk
2019-04-12 15:23 - 2019-04-12 15:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frostpunk [GOG.com]
2019-04-12 01:15 - 2019-04-12 01:15 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign0426d50f0d2e7d23
2019-04-12 00:52 - 2019-04-12 00:52 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign71dbd6bdf7a9f829
2019-04-11 23:49 - 2019-04-11 23:49 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign494651ddf307f466
2019-04-11 23:37 - 2019-04-11 23:40 - 000000000 ___DC C:\Users\Viktor\Desktop\svět po světě
2019-04-11 00:41 - 2019-04-11 00:41 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign084e453206e6c1f0
2019-04-11 00:38 - 2019-04-11 00:38 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsignf06a5cd787eddea0
2019-04-11 00:38 - 2019-04-11 00:38 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Tempzxpsign70793c8a3803f36f
2019-04-09 22:03 - 2019-04-09 22:03 - 000000782 ____C C:\Users\Viktor\Desktop\ЗапуститьAssassins Creed Odyssey.lnk
2019-04-08 20:04 - 2019-04-08 20:04 - 000001430 _____ C:\Users\Public\Desktop\Farming Simulator 19.lnk
2019-04-08 13:24 - 2019-04-08 13:24 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Targem
2019-04-08 12:17 - 2019-04-08 12:17 - 000000222 ____C C:\Users\Viktor\Desktop\Crossout.url
2019-04-08 12:17 - 2019-04-08 12:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossout
2019-04-06 22:58 - 2019-04-06 22:58 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\launcher
2019-04-05 03:03 - 2019-04-05 03:03 - 000000000 ____C C:\Users\Viktor\Desktop\Nový textový dokument (3).txt
2019-04-03 13:29 - 2019-04-03 13:29 - 000000000 _____ C:\WINDOWS\System32\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
2019-04-03 02:09 - 2019-04-25 01:23 - 000000000 ___HD C:\VTRoot
2019-04-03 01:59 - 2019-04-03 01:59 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2019-04-03 01:59 - 2019-04-03 01:59 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2019-04-03 01:54 - 2019-04-29 02:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2019-04-03 01:54 - 2019-04-29 02:57 - 000000000 ____D C:\Program Files (x86)\Comodo
2019-04-03 01:54 - 2019-01-29 10:42 - 000254440 _____ (COMODO) C:\WINDOWS\system32\iseguard64.dll
2019-04-03 01:54 - 2019-01-29 10:42 - 000205024 _____ (COMODO) C:\WINDOWS\SysWOW64\iseguard32.dll
2019-04-03 01:54 - 2018-08-30 00:55 - 000063256 _____ (COMODO) C:\WINDOWS\system32\Drivers\isedrv.sys
2019-04-03 01:52 - 2019-04-29 02:58 - 000000000 ____D C:\ProgramData\Comodo
2019-04-02 13:59 - 2019-04-02 13:59 - 000001059 _____ C:\Users\Public\Desktop\Shadow Tactics - Blades of the Shogun.lnk
2019-04-02 13:59 - 2019-04-02 13:59 - 000000000 ___DC C:\Users\Viktor\AppData\LocalLow\Daedalic Entertainment GmbH
2019-04-02 13:59 - 2019-04-02 13:59 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Daedalic Entertainment GmbH
2019-04-02 13:59 - 2019-04-02 13:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shadow Tactics - Blades of the Shogun [GOG.com]
2019-04-02 11:35 - 2019-04-02 11:35 - 000000895 _____ C:\Users\Public\Desktop\Project Hospital.lnk
2019-04-02 11:35 - 2019-04-02 11:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project Hospital [GOG.com]

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-01 18:46 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-01 18:43 - 2017-05-22 17:10 - 000000000 ___DC C:\Users\Viktor\AppData\Local\CrashDumps
2019-05-01 17:53 - 2017-05-19 16:48 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-01 17:46 - 2018-05-14 17:13 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-01 17:46 - 2018-04-12 17:50 - 000715034 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-01 17:46 - 2018-04-12 17:50 - 000144328 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-01 17:46 - 2018-04-12 01:36 - 000000000 ___HD C:\WINDOWS\INF
2019-05-01 17:40 - 2019-02-26 21:34 - 000000000 ___RD C:\Users\Viktor\Disk Google
2019-05-01 17:40 - 2018-05-14 17:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-01 17:39 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-05-01 15:54 - 2018-05-14 17:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-01 15:46 - 2017-09-19 21:34 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\uTorrent
2019-05-01 12:42 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-04-29 05:30 - 2018-05-14 17:06 - 000000000 ____D C:\Users\Viktor
2019-04-29 03:09 - 2018-05-15 23:22 - 000000000 ___DC C:\Users\Viktor\AppData\Local\D3DSCache
2019-04-29 03:08 - 2018-03-13 22:28 - 000000000 ___DC C:\Users\Viktor\Documents\SkidRow
2019-04-29 03:02 - 2017-12-02 21:12 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Ubisoft Game Launcher
2019-04-29 02:56 - 2018-10-31 12:05 - 000001801 ____C C:\Users\Viktor\Desktop\ProjectHospital.exe – zástupce.lnk
2019-04-29 02:56 - 2018-10-27 01:14 - 000001621 ____C C:\Users\Viktor\Desktop\RimWorldWin64.exe – zástupce.lnk
2019-04-29 02:56 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-27 02:20 - 2017-07-29 15:16 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\vlc
2019-04-26 14:01 - 2017-05-28 15:04 - 000000000 ___DC C:\Users\Viktor\Documents\Paradox Interactive
2019-04-25 06:15 - 2017-05-19 17:53 - 000000000 ____D C:\Program Files (x86)\Google
2019-04-25 03:23 - 2017-05-19 17:53 - 000000000 ___DC C:\Users\Viktor\AppData\Local\Google
2019-04-25 02:40 - 2018-04-12 01:38 - 000000000 __SHD C:\Program Files\Windows Sidebar
2019-04-25 01:53 - 2017-10-23 01:04 - 000000000 ____D C:\ProgramData\HitmanPro
2019-04-25 01:50 - 2017-10-18 13:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-24 02:56 - 2019-02-06 14:55 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-04-22 10:13 - 2019-01-02 15:06 - 000000000 ___HD C:\WINDOWS\Minidump
2019-04-21 04:25 - 2017-05-20 01:41 - 000000000 ____D C:\ProgramData\Package Cache
2019-04-20 02:21 - 2019-02-26 21:29 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2019-04-20 02:21 - 2019-02-26 21:29 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2019-04-20 02:21 - 2019-02-26 21:29 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2019-04-20 02:21 - 2019-02-26 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-04-19 04:08 - 2018-05-14 17:10 - 000003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3348608579-3824376785-1914751379-1001
2019-04-19 04:08 - 2018-05-14 17:06 - 000002404 ____C C:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-19 04:08 - 2017-12-28 17:28 - 000000000 ___RD C:\Users\Viktor\OneDrive
2019-04-19 00:53 - 2018-05-14 15:58 - 000000000 __HDC C:\WINDOWS\Panther
2019-04-19 00:53 - 2017-05-19 16:59 - 000000000 ____D C:\ESD
2019-04-17 03:20 - 2017-09-16 17:04 - 000000000 ___DC C:\Users\Viktor\AppData\LocalLow\Unity
2019-04-17 03:14 - 2018-04-12 01:30 - 000000000 ___HD C:\WINDOWS\CbsTemp
2019-04-17 03:05 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-04-17 03:03 - 2018-05-14 18:00 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-04-15 12:58 - 2018-04-25 19:17 - 000000000 ___DC C:\Users\Viktor\AppData\LocalLow\Temp
2019-04-11 00:41 - 2018-12-21 23:17 - 000000000 ___DC C:\Users\Viktor\Desktop\Nová složka
2019-04-08 20:04 - 2019-01-04 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 19
2019-04-08 13:24 - 2018-07-14 21:08 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\EasyAntiCheat
2019-04-08 13:24 - 2017-05-21 00:34 - 000000000 ___DC C:\Users\Viktor\Documents\My Games
2019-04-08 12:17 - 2017-05-19 18:39 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-04-06 23:19 - 2017-05-22 19:25 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\TS3Client
2019-04-03 13:29 - 2019-02-26 21:34 - 000001965 ____C C:\Users\Viktor\Desktop\Disk Google.lnk
2019-04-03 13:29 - 2018-11-18 08:24 - 000002361 ____C C:\Users\Viktor\Desktop\WeMod.lnk
2019-04-03 13:29 - 2018-05-21 21:23 - 000002441 ____C C:\Users\Viktor\Desktop\Discord.lnk
2019-04-03 13:29 - 2017-09-19 21:34 - 000001196 ____C C:\Users\Viktor\Desktop\µTorrent.lnk
2019-04-03 13:29 - 2017-05-22 19:25 - 000001429 ____C C:\Users\Viktor\Desktop\TeamSpeak 3 Client.lnk
2019-04-03 01:58 - 2019-02-13 13:30 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2019-04-03 01:57 - 2017-05-19 16:48 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-04-03 01:56 - 2018-11-18 08:24 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\WeMod
2019-04-03 01:44 - 2019-03-29 17:43 - 000000000 ___DC C:\Users\Viktor\AppData\Local\WeMod
2019-04-03 01:44 - 2018-11-18 08:24 - 000000000 ___DC C:\Users\Viktor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2019-04-03 01:44 - 2018-05-21 21:23 - 000000000 ___DC C:\Users\Viktor\AppData\Local\SquirrelTemp

==================== Files in the root of some directories =======

2018-07-28 22:55 - 2018-07-28 22:55 - 000000112 ____C () C:\Users\Viktor\AppData\Roaming\Předvolby CS6 pro JP2K
2019-01-15 21:35 - 2019-01-16 11:35 - 000000600 ____C () C:\Users\Viktor\AppData\Roaming\winscp.rnd
2018-10-13 14:13 - 2018-10-13 14:18 - 000001480 ____C () C:\Users\Viktor\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2017-11-05 01:36 - 2017-11-05 01:38 - 000007605 ____C () C:\Users\Viktor\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================
Přílohy
Addition.rar
(14.85 KiB) Staženo 71 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Oznamovací okno plné reklam.

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.)
C:\Program Files (x86)\Zemana AntiMalware
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {59C7141D-284D-4CAA-BE9F-EFB5C21005C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
Task: {9BCF1657-6DBC-4B2C-A2E3-198C649E515A} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
Task: {D6AE993E-76D7-4501-A2BE-751AD9EEC365} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2019-04-25] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2019-04-25] (Zemana Ltd. -> Zemana Ltd.)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi -> Copyright 2017.)
C:\ProgramData\{A9E6D5CC-C748-245C-30DA-DFA8303D86F9}
C:\ProgramData\{981C4A17-5893-15A6-EB45-2599EBA27CC8}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
FirewallRules: [TCP Query User{D1971988-79C7-4330-B627-01DBE4289D76}A:\games\kenshi v1.0.25\kenshi_x64.exe] => (Allow) A:\games\kenshi v1.0.25\kenshi_x64.exe No File
FirewallRules: [UDP Query User{0BBF82C8-C133-45BC-8906-8EB17A2870D2}A:\games\kenshi v1.0.25\kenshi_x64.exe] => (Allow) A:\games\kenshi v1.0.25\kenshi_x64.exe No File

EmptyTemp:
Hosts:
End
Uložte do A:\Users\Viktor\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

drobek1985
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 14 dub 2019 13:07

Re: Oznamovací okno plné reklam.

#7 Příspěvek od drobek1985 »

Prosím zde fixlog:
Fix result of Farbar Recovery Scan Tool (x64) Version: 01-05.2019
Ran by Viktor (02-05-2019 11:49:36) Run:2
Running from A:\Users\Viktor\Downloads
Loaded Profiles: Viktor (Available Profiles: Viktor)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Zemana Bili�im Teknolojileri Sanayi Ticaret Limited �irketi -> Copyright 2017.)
C:\Program Files (x86)\Zemana AntiMalware
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {59C7141D-284D-4CAA-BE9F-EFB5C21005C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
Task: {9BCF1657-6DBC-4B2C-A2E3-198C649E515A} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
Task: {D6AE993E-76D7-4501-A2BE-751AD9EEC365} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2019-04-25] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2019-04-25] (Zemana Ltd. -> Zemana Ltd.)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Zemana Bili�im Teknolojileri Sanayi Ticaret Limited �irketi -> Copyright 2017.)
C:\ProgramData\{A9E6D5CC-C748-245C-30DA-DFA8303D86F9}
C:\ProgramData\{981C4A17-5893-15A6-EB45-2599EBA27CC8}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
FirewallRules: [TCP Query User{D1971988-79C7-4330-B627-01DBE4289D76}A:\games\kenshi v1.0.25\kenshi_x64.exe] => (Allow) A:\games\kenshi v1.0.25\kenshi_x64.exe No File
FirewallRules: [UDP Query User{0BBF82C8-C133-45BC-8906-8EB17A2870D2}A:\games\kenshi v1.0.25\kenshi_x64.exe] => (Allow) A:\games\kenshi v1.0.25\kenshi_x64.exe No File

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ZAM" => removed successfully
C:\Program Files (x86)\Zemana AntiMalware => moved successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{59C7141D-284D-4CAA-BE9F-EFB5C21005C3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59C7141D-284D-4CAA-BE9F-EFB5C21005C3}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9BCF1657-6DBC-4B2C-A2E3-198C649E515A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BCF1657-6DBC-4B2C-A2E3-198C649E515A}" => removed successfully
C:\WINDOWS\System32\Tasks\JavaUpdateSched => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\JavaUpdateSched" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D6AE993E-76D7-4501-A2BE-751AD9EEC365}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6AE993E-76D7-4501-A2BE-751AD9EEC365}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
ZAM => Unable to stop service.
HKLM\System\CurrentControlSet\Services\ZAM => removed successfully
ZAM => service removed successfully
ZAM_Guard => Unable to stop service.
HKLM\System\CurrentControlSet\Services\ZAM_Guard => removed successfully
ZAM_Guard => service removed successfully
HKLM\System\CurrentControlSet\Services\ZAMSvc => removed successfully
ZAMSvc => service removed successfully
C:\ProgramData\{A9E6D5CC-C748-245C-30DA-DFA8303D86F9} => moved successfully
C:\ProgramData\{981C4A17-5893-15A6-EB45-2599EBA27CC8} => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D1971988-79C7-4330-B627-01DBE4289D76}A:\games\kenshi v1.0.25\kenshi_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0BBF82C8-C133-45BC-8906-8EB17A2870D2}A:\games\kenshi v1.0.25\kenshi_x64.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 165359969 B
Java, Flash, Steam htmlcache => 188911323 B
Windows/system/drivers => 18772 B
Edge => 1086989 B
Chrome => 374251145 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 18042 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Viktor => 450605194 B

RecycleBin => 125676633 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:50:07 ====

drobek1985
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 14 dub 2019 13:07

Re: Oznamovací okno plné reklam.

#8 Příspěvek od drobek1985 »

Stále to otravuje...
edit:jako ne že bych nepotřeboval shodit pár kilo... :oops:
Přílohy
bordel.png
bordel.png (125.93 KiB) Zobrazeno 2285 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Oznamovací okno plné reklam.

#9 Příspěvek od Rudy »

OK, ještě vyčistíme samotné prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

drobek1985
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 14 dub 2019 13:07

Re: Oznamovací okno plné reklam.

#10 Příspěvek od drobek1985 »

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Viktor on źt 02. 05. 2019 at 17:15:11,72.
Microsoft Windows 10 Home 10.0.17134 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Viktor\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

2. 5. 2019 17:18:20 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Viktor\AppData\Roaming\1337 deleted successfully
C:\Users\Viktor\AppData\Roaming\Crusader.Kings.II.v2.7.Incl.Monks.and.Mystics.DLC deleted successfully
C:\Users\Viktor\AppData\Roaming\Easeware deleted successfully
C:\Users\Viktor\AppData\Roaming\Europa.Universalis.IV.Extreme.Edition.v1.21.1.0.Repack deleted successfully
C:\Users\Viktor\AppData\Roaming\FlashgetSetup deleted successfully
C:\Users\Viktor\AppData\Roaming\QuickScan deleted successfully
C:\Users\Viktor\AppData\Roaming\Sid.Meiers.Civilization.VI.Deluxe.Edition.v1.0.0.167.Incl.8DLC.Repack deleted successfully
C:\Users\Viktor\AppData\Local\DBG deleted successfully
C:\Users\Viktor\AppData\Local\EmieSiteList deleted successfully
C:\Users\Viktor\AppData\Local\EmieUserList deleted successfully
C:\Users\Viktor\AppData\Local\FluxSoftware deleted successfully
C:\Users\Viktor\AppData\Local\GHISLER deleted successfully
C:\Users\Viktor\AppData\Local\Notepad++ deleted successfully
C:\Users\Viktor\AppData\Local\WMTools Downloaded Files deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\DBG deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3348608579-3824376785-1914751379-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B851AF-A4B9-43EF-97D3-28E1B4A5DB9B} deleted successfully
HKEY_USERS\S-1-5-21-3348608579-3824376785-1914751379-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} deleted successfully
HKEY_USERS\S-1-5-21-3348608579-3824376785-1914751379-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Viktor\AppData\Roaming\7DaysToDie deleted
C:\Users\Viktor\AppData\Roaming\discord deleted
C:\Users\Viktor\AppData\Roaming\Factorio deleted
C:\Users\Viktor\AppData\Roaming\UnityHub deleted
C:\Users\Viktor\AppData\Roaming\Visual Studio Setup deleted
C:\PROGRA~3\ReimageRepair deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Viktor\AppData\Local\Unity deleted
C:\Users\Viktor\AppData\Local\AVAST Software deleted
C:\Users\Viktor\AppData\Local\CrashRpt deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google deleted
C:\Users\Viktor\AppData\LocalLow\Unity deleted
C:\Users\Viktor\Desktop\4K Video Downloader.lnk deleted
"C:\Users\Viktor\AppData\Roaming\Předvolby CS6 pro JP2K" deleted

==== Chromium Look ======================

Google Chrome Version: 74.0.3729.108


HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
bgjpfhpjcgdppjbgnpnjllokbmcdllig - No path found[]
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]
olfeabkoenfaoljndfecamgilllcpiak - No path found[]

Seznam doplněk - Email - Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Google Drive App Launcher - Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
Seznam doplněk - Esko - Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
Chrome Media Router - Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02

==== Reset Google Chrome ======================

C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Viktor\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Viktor\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4346 folders=867 5744963247 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Viktor\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Viktor\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on źt 02. 05. 2019 at 18:00:20,07 ======================

a JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by Viktor (Administrator) on źt 02. 05. 2019 at 18:02:42,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2

Successfully deleted: C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Folder)
Successfully deleted: C:\Users\Viktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Folder)



Registry: 2

Successfully deleted: HKCU\Software\Google\Chrome\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Registry Key)
Successfully deleted: HKCU\Software\Google\Chrome\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 02. 05. 2019 at 18:04:32,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Oznamovací okno plné reklam.

#11 Příspěvek od Rudy »

Změnilo se něco nyní?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

drobek1985
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 14 dub 2019 13:07

Re: Oznamovací okno plné reklam.

#12 Příspěvek od drobek1985 »

Nechám to chvilku běžet a uvidí se, jen by mě zajímalo jak moc je problém když synchronizuji prohlížeč s google účtem?

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Oznamovací okno plné reklam.

#13 Příspěvek od Rudy »

Problé by být neměl, je to regulérní. Nic přesnějšího ale nevím, neprovozuji to.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět