Pardon, tak tady je to:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-02-2017
Ran by ___ (administrator) on ___-PC (21-02-2017 21:43:38)
Running from C:\Users\___\Desktop
Loaded Profiles: ___ (Available Profiles: ___)
Platform: Microsoft Windows 10 Pro Version 1607 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IEC) C:\Config.Msi\471587.rbf
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_7b6e808b01435efc\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_7b6e808b01435efc\AEstSrv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Wondershare) C:\Program Files\Wondershare\WAF\2.1.6.0\WsAppService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x86__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.16122.10291.0_x86__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(forum.viry.cz) C:\Users\___\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-17] (IDT, Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [483840 2016-07-16] (Microsoft Corporation)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKU\S-1-5-21-2560992328-1218912883-2014096760-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6828448 2017-02-13] (SUPERAntiSpyware)
HKU\S-1-5-21-2560992328-1218912883-2014096760-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3777728 2016-12-22] (Disc Soft Ltd)
HKU\S-1-5-21-2560992328-1218912883-2014096760-1000\...\MountPoints2: {5deb70af-e564-11e6-a70a-0027133b9d6d} - "F:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-2560992328-1218912883-2014096760-1000\...\MountPoints2: {80a30735-4d02-11e6-a6ca-0027133b9d6d} - "G:\Autorun.exe"
HKLM\...\Providers\4npy9w9v: C:\Program Files\Vgaentqafik Cloud\local32spl.dll
ShellExecuteHooks: No Name - {17F3D7BA-DE42-11E6-B7E8-64006A5CFC23} - C:\Users\___\AppData\Roaming\Anarech\Migosavocult.dll -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ccb5779f-576b-4599-9771-04b6bcd1d09b}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: dsuxlskh.default
FF ProfilePath: C:\Users\___\AppData\Roaming\Mozilla\Firefox\Profiles\dsuxlskh.default [2017-02-21]
FF Homepage: Mozilla\Firefox\Profiles\dsuxlskh.default -> hxxps://
www.google.cz/
FF Extension: (Download Manager (S3)) - C:\Users\___\AppData\Roaming\Mozilla\Firefox\Profiles\dsuxlskh.default\Extensions\
s3download@statusbar.xpi [2017-01-28]
FF Extension: (Adblock Plus) - C:\Users\___\AppData\Roaming\Mozilla\Firefox\Profiles\dsuxlskh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\___\AppData\Roaming\Mozilla\Firefox\Profiles\dsuxlskh.default\features\{6481995f-66e6-4a40-b7b6-593a3f766455}\
disableSHA1rollout@mozilla.org.xpi [2017-02-17]
FF ProfilePath: C:\Users\___\AppData\Roaming\Firefox\Firefox\Profiles\dsuxlskh.default [2017-02-20]
FF Homepage: Firefox\Firefox\Profiles\dsuxlskh.default ->
www.google.com/
FF Extension: (Czech (CZ) Language Pack) - C:\Users\___\AppData\Roaming\Firefox\Firefox\Profiles\dsuxlskh.default\Extensions\
langpack-cs@firefox.mozilla.org.xpi [2017-02-20] [not signed]
FF Extension: (Download Manager (S3)) - C:\Users\___\AppData\Roaming\Firefox\Firefox\Profiles\dsuxlskh.default\Extensions\
s3download@statusbar.xpi [2017-01-28]
FF Extension: (Adblock Plus) - C:\Users\___\AppData\Roaming\Firefox\Firefox\Profiles\dsuxlskh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\___\AppData\Roaming\Firefox\Firefox\Profiles\dsuxlskh.default\features\{6481995f-66e6-4a40-b7b6-593a3f766455}\
disableSHA1rollout@mozilla.org.xpi [2017-02-17]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-22] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR StartupUrls: ChromeDefaultData -> "hxxp://
www.google.com/"
CHR Profile: C:\Users\___\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-02-07] <==== ATTENTION
CHR Extension: (Vyhledávání Google) - C:\Users\___\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-31]
CHR Extension: (Tabulky Google) - C:\Users\___\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\___\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-31]
CHR Extension: (Avast Online Security) - C:\Users\___\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-01-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\___\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-31]
CHR Extension: (Gmail) - C:\Users\___\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-31]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [143776 2017-02-13] (SUPERAntiSpyware.com)
R2 AESTFilters; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_x86_7b6e808b01435efc\aestsrv.exe [81920 2009-03-03] (Andrea Electronics Corporation)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation)
R2 Apple_Cfg; C:\ProgramData\Apple\Apple Application Support\Support.dll [111104 2017-02-17] () [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1142464 2016-12-22] (Disc Soft Ltd)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [1887272 2016-09-15] (Microsoft Corporation)
R2 STacSV; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_x86_7b6e808b01435efc\STacSV.exe [229458 2010-03-17] (IDT, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2016-07-16] (Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [File not signed]
S2 Prcule; C:\Program Files\Sipeied\PhehesyreefukMnt.dll [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [26168 2016-07-18] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [40504 2016-07-18] (Disc Soft Ltd)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R1 MpKslc2b53a44; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4E3911B9-42B7-438D-B415-9A723D97CE82}\MpKslc2b53a44.sys [39168 2017-02-20] (Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161280 2016-07-16] (Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x86.sys [242688 2016-07-16] (Marvell)
U0 aswVmm; no ImagePath
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-21 21:43 - 2017-02-21 21:44 - 00012571 _____ C:\Users\___\Desktop\FRST.txt
2017-02-21 21:43 - 2017-02-21 21:43 - 00000000 ____D C:\FRST
2017-02-21 21:41 - 2017-02-21 21:41 - 00112640 _____ (forum.viry.cz) C:\Users\___\Desktop\FRSTLauncher.exe
2017-02-21 21:40 - 2017-02-21 21:40 - 01764864 _____ (Farbar) C:\Users\___\Desktop\FRST.exe
2017-02-21 21:33 - 2017-02-21 21:34 - 00388608 _____ (Trend Micro Inc.) C:\Users\___\Downloads\hijackthis.exe
2017-02-21 20:19 - 2017-02-21 20:19 - 00000231 _____ C:\Users\___\Desktop\Žehlicí prkna od Méně než 1 000 Kč, Elektrické - Heureka.cz.URL
2017-02-21 20:11 - 2017-02-21 20:11 - 00000000 _____ C:\Users\___\Downloads\Az-na-vrchol-2015-Dokument-CZ.titulky(1).avi
2017-02-21 18:05 - 2017-02-21 19:27 - 1469417870 _____ C:\Users\___\Downloads\Noční-zvířata-Nocturnal-Animals-(2016)-CZ-titulky.mp4
2017-02-21 16:52 - 2017-02-21 19:20 - 2527205430 _____ C:\Users\___\Downloads\Captain-America_Obcanska-valka---Captain-America_Civil-War-2016_cz.avi
2017-02-21 16:10 - 2017-02-21 16:10 - 00000000 ___HD C:\OneDriveTemp
2017-02-20 21:18 - 2017-02-20 22:49 - 1629626354 _____ C:\Users\___\Downloads\Bridge-of-Spies---Most-spionu---2015(1).avi
2017-02-20 21:17 - 2017-02-21 20:11 - 1677567641 _____ C:\Users\___\Downloads\Az-na-vrchol-2015-Dokument-CZ.titulky(1).avi.part
2017-02-20 20:30 - 2017-02-20 20:31 - 00000000 ____D C:\Users\___\Desktop\tisk doučko
2017-02-20 20:25 - 2017-02-20 21:14 - 876511232 _____ C:\Users\___\Downloads\Bridge-of-Spies---Most-spionu---2015.avi.part
2017-02-20 20:25 - 2017-02-20 20:25 - 00000000 _____ C:\Users\___\Downloads\Bridge-of-Spies---Most-spionu---2015.avi
2017-02-20 20:24 - 2017-02-20 21:14 - 885832313 _____ C:\Users\___\Downloads\Az-na-vrchol-2015-Dokument-CZ.titulky.avi.part
2017-02-20 20:24 - 2017-02-20 20:24 - 00000000 _____ C:\Users\___\Downloads\Az-na-vrchol-2015-Dokument-CZ.titulky.avi
2017-02-20 17:42 - 2017-02-20 22:32 - 00000000 ____D C:\Program Files\BikaQRssReader
2017-02-20 17:42 - 2017-02-20 17:42 - 00000000 ____D C:\Program Files\WinSnare(4.1.2)
2017-02-20 16:21 - 2017-02-20 17:42 - 1439502082 _____ C:\Users\___\Downloads\Spotlight_2015_CZ-tit_82csfd_SvetN_.avi
2017-02-20 16:18 - 2017-02-20 17:40 - 1468306025 _____ C:\Users\___\Downloads\ozark.sharks.2016.mp4
2017-02-20 15:48 - 2017-02-20 15:48 - 00000000 ____D C:\Users\___\Documents\aMule Downloads
2017-02-19 20:15 - 2017-02-19 20:15 - 00093710 _____ C:\Users\___\Downloads\Hacksaw.Ridge.2016.WEB-DL.XviD.AC3-FGT.srt
2017-02-17 09:54 - 2017-02-20 22:32 - 00000000 ____D C:\Users\___\AppData\Roaming\aMule
2017-02-17 09:54 - 2017-02-20 17:42 - 00000000 ____D C:\Program Files\WinSnare(4.1.1)
2017-02-17 08:54 - 2017-02-17 08:54 - 00000000 ____D C:\Users\___\AppData\Local\Firefox
2017-02-17 08:53 - 2017-02-17 08:53 - 00000000 ____D C:\Users\___\AppData\Roaming\Firefox
2017-02-17 08:53 - 2017-02-17 08:53 - 00000000 ____D C:\ProgramData\Apple
2017-02-17 08:50 - 2017-02-21 16:06 - 00000144 _____ C:\Users\Public\Documents\temp.dat
2017-02-17 08:50 - 2017-02-20 20:55 - 00000000 _____ C:\Users\Public\Documents\report.dat
2017-02-14 16:38 - 2017-02-14 16:38 - 00000224 _____ C:\Users\___\Desktop\Rezervace Ceník Sokol Zábřeh.URL
2017-02-13 15:13 - 2017-02-17 09:54 - 00000000 ____D C:\Program Files\WinSnare(4.1.0)
2017-02-09 15:40 - 2017-02-09 15:40 - 00002457 _____ C:\Users\___\Desktop\TimeGate.lnk
2017-02-09 15:39 - 2017-02-09 15:40 - 78394880 _____ C:\Users\___\Downloads\timegate.exe
2017-02-08 21:38 - 2017-02-20 17:38 - 00029160 _____ (Sysinternals -
www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2017-02-08 20:24 - 2017-02-13 15:13 - 00000000 ____D C:\Program Files\WinSnare(4.0.9)
2017-02-08 20:23 - 2017-02-20 17:38 - 00000000 ____D C:\Program Files\4npy9w9v
2017-02-07 20:28 - 2017-02-21 19:47 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-07 20:27 - 2017-02-08 22:05 - 00001133 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-02-07 20:27 - 2017-02-08 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-02-07 20:27 - 2017-02-08 22:05 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2017-02-07 20:27 - 2015-10-05 09:50 - 00094936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-02-07 20:27 - 2015-10-05 09:50 - 00051928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-07 20:27 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-07 20:25 - 2017-02-07 20:25 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\___\Downloads\mbam-setup-2.1.4.1018.exe
2017-01-29 10:05 - 2017-01-29 10:05 - 00001211 _____ C:\Users\___\Desktop\Return to Castle Wolfenstein (Single Player).lnk
2017-01-29 10:05 - 2017-01-29 10:05 - 00001211 _____ C:\Users\___\Desktop\Return to Castle Wolfenstein (Multiplayer).lnk
2017-01-29 10:04 - 2017-01-29 10:05 - 00000000 ____D C:\Program Files\Return to Castle Wolfenstein - Platinum Edition
2017-01-29 09:51 - 2017-01-29 10:05 - 00000000 ____D C:\Users\___\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein - Platinum Edition
2017-01-29 09:51 - 2017-01-29 09:51 - 00001097 _____ C:\Users\___\Desktop\Wolfenstein - Enemy Territory.lnk
2017-01-29 09:50 - 2017-01-29 09:57 - 00000000 ____D C:\Program Files\Wolfenstein - Enemy Territory
2017-01-29 09:43 - 2017-01-29 10:05 - 00001045 _____ C:\WINDOWS\Rtcwplat.INI
2017-01-29 09:41 - 2017-01-29 09:41 - 00000000 ____D C:\Users\___\Downloads\Return-to-Castle-Wolfenstein---Platinum-Edition-PC-iso-[ResourceRG-Games-by-KloWn]
2017-01-29 09:39 - 2017-01-29 09:39 - 00000000 ____D C:\ProgramData\Avira
2017-01-29 09:39 - 2017-01-29 09:39 - 00000000 ____D C:\ProgramData\Avg
2017-01-29 09:39 - 2017-01-29 09:39 - 00000000 ____D C:\ProgramData\AVAST Software
2017-01-29 09:38 - 2017-02-07 19:45 - 00000000 ____D C:\Users\___\AppData\Roaming\Anarech
2017-01-29 09:38 - 2017-01-29 09:38 - 00000000 ____D C:\Users\___\AppData\Local\Quncult
2017-01-29 09:37 - 2017-01-29 09:39 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2017-01-29 09:37 - 2017-01-29 09:37 - 00001999 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2017-01-29 09:37 - 2017-01-29 09:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2017-01-28 23:32 - 2017-01-29 00:30 - 1008856919 _____ C:\Users\___\Downloads\Return-to-Castle-Wolfenstein---Platinum-Edition-PC-iso-[ResourceRG-Games-by-KloWn].rar
2017-01-28 15:44 - 2017-01-28 15:44 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2017-01-28 15:44 - 2017-01-28 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2017-01-28 15:44 - 2017-01-28 15:44 - 00000000 ____D C:\ProgramData\Canon IJ Network Tool
2017-01-28 15:43 - 2017-01-28 15:43 - 00000000 ___HD C:\Program Files\CanonBJ
2017-01-28 15:43 - 2017-01-28 15:43 - 00000000 ____D C:\WINDOWS\system32\STRING
2017-01-28 15:43 - 2012-06-14 17:18 - 00366592 _____ (CANON INC.) C:\WINDOWS\system32\CNMNPPM.DLL
2017-01-28 15:43 - 2012-06-14 17:18 - 00035840 _____ (CANON INC.) C:\WINDOWS\system32\CNMNPUI.DLL
2017-01-28 15:41 - 2017-02-08 22:26 - 00000000 ____D C:\Program Files\Canon
2017-01-28 15:40 - 2017-01-28 15:40 - 22842528 _____ C:\Users\___\Downloads\mast-win-mg3100-1_1-ucd.exe
2017-01-28 15:40 - 2017-01-28 15:40 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-01-28 15:40 - 2011-04-27 11:00 - 00323584 _____ (CANON INC.) C:\WINDOWS\system32\CNC_ARL.dll
2017-01-28 15:40 - 2011-03-31 10:07 - 00114688 _____ (CANON INC.) C:\WINDOWS\system32\CNC_ARU.dll
2017-01-28 15:40 - 2011-03-31 10:05 - 00286720 _____ (CANON INC.) C:\WINDOWS\system32\CNC_ARC.dll
2017-01-28 15:40 - 2011-03-31 10:05 - 00114688 _____ (CANON INC.) C:\WINDOWS\system32\CNC_ARI.dll
2017-01-28 15:40 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA.dll
2017-01-28 15:26 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-21 21:34 - 2016-01-16 16:09 - 00000000 ____D C:\Users\___\AppData\Local\VirtualStore
2017-02-21 21:32 - 2016-09-28 17:47 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-21 21:32 - 2016-01-27 20:13 - 00000000 ____D C:\Users\___\AppData\Roaming\vlc
2017-02-21 18:12 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-21 16:31 - 2016-11-18 13:20 - 00000000 ____D C:\Users\___\AppData\LocalLow\Mozilla
2017-02-21 16:10 - 2016-04-03 07:08 - 00000000 ___RD C:\Users\___\OneDrive
2017-02-20 21:15 - 2016-09-28 18:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-20 21:14 - 2016-07-16 03:22 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-02-20 21:13 - 2016-11-18 13:20 - 00001984 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-02-20 20:34 - 2016-03-01 18:31 - 00000000 ____D C:\Users\___\Documents\Soubory aplikace Outlook
2017-02-20 17:44 - 2016-01-16 16:23 - 00002030 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-20 16:09 - 2016-01-31 11:43 - 00000000 ____D C:\Users\___\AppData\Local\Google
2017-02-20 16:02 - 2016-07-16 18:04 - 00000000 ____D C:\WINDOWS\RemotePackages
2017-02-20 16:02 - 2016-07-16 09:29 - 00000000 ____D C:\Program Files\Common Files\Services
2017-02-20 15:37 - 2016-07-16 09:29 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-19 22:48 - 2016-01-19 16:22 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2017-02-07 20:53 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-01-29 11:40 - 2016-11-18 11:20 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-01-29 11:40 - 2016-05-29 10:35 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-29 11:40 - 2016-01-16 16:23 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-01-29 11:39 - 2016-09-28 17:53 - 00000000 ____D C:\Users\___
2017-01-29 09:42 - 2016-07-18 17:44 - 00000000 ____D C:\Users\___\AppData\Roaming\DAEMON Tools Lite
2017-01-29 09:39 - 2016-06-16 13:07 - 00000000 ____D C:\Sygic
2017-01-29 09:39 - 2016-04-28 21:08 - 00000000 ____D C:\Kontakty telefon - záloha
2017-01-29 09:39 - 2016-01-31 11:49 - 00000000 ___RD C:\Program Files\Skype
2017-01-29 09:39 - 2016-01-16 18:26 - 00000000 ____D C:\Pepča
2017-01-29 09:39 - 2016-01-16 16:28 - 00000000 ____D C:\c607b7d8a7ac65340e4282ec44b422
2017-01-28 23:34 - 2016-10-04 13:44 - 00000000 ____D C:\Users\___\Documents\My Games
2017-01-28 23:34 - 2016-01-16 19:00 - 00000000 ____D C:\Hry
2017-01-28 23:34 - 2016-01-16 16:11 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-01-28 23:31 - 2016-02-13 13:12 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-28 15:44 - 2016-07-16 09:28 - 00000000 ____D C:\WINDOWS\INF
2017-01-28 15:40 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\Media
2017-01-28 15:30 - 2016-07-16 09:19 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-24 20:16 - 2016-04-03 07:08 - 00002421 _____ C:\Users\___\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-22 14:14 - 2016-11-18 13:21 - 00000030 _____ C:\AVScanner.ini
2017-01-22 14:14 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-22 14:14 - 2016-01-19 16:13 - 00000000 ____D C:\Users\___\AppData\Local\Adobe
2017-01-22 11:24 - 2016-05-03 09:49 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories =======
2016-10-06 20:56 - 2016-10-06 20:56 - 0000040 _____ () C:\ProgramData\ra3.ini
Some files in TEMP:
====================
2017-01-29 09:36 - 2017-01-29 09:36 - 0692488 _____ (Disc Soft Ltd.) C:\Users\___\AppData\Local\Temp\DAEMON Tools Lite.exe
2017-01-28 15:41 - 2011-05-10 15:49 - 0852080 ____N (CANON INC.) C:\Users\___\AppData\Local\Temp\MSETUP4.EXE
2016-08-16 08:48 - 2016-08-16 08:48 - 0488960 _____ () C:\Users\___\AppData\Local\Temp\sqlite3.exe
2017-01-28 15:43 - 2011-03-23 13:48 - 0349592 _____ (CANON INC.) C:\Users\___\AppData\Local\Temp\uninstall.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\___\Desktop" je 22180 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================