Dobrý den,
prosím o kontrolu mého PC. V prohlížeči mi stále vyskakují reklamy a mění se nastavená domovská stránka.
Děkuji.
Vkládám log:
info.txt logfile of random's system information tool 1.15 2017-02-26 16:29:56
====== MBR ======
0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9AAF25B025000080002102070EDEF90008000000A00F00000EDFF9070FFFFF00A80F0000B0283A000000000000000000000000000000000000000000000000000000000000000055AA
====== Uninstall list ======
Adobe Flash Player 24 NPAPI [2016/12/24 01:14:27]-->C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_186_Plugin.exe -maintain plugin
AIO Ultimate Patch v9.0.0 [20160627]-->"C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\unins000.exe"
Akamai NetSession Interface [2016/09/25 06:37:35]-->"C:\Users\lukykos\AppData\Local\Akamai\uninstall.exe"
Combat Arms EU [2016/09/25 06:39:57]-->"C:\Nexon\Combat Arms EU\uninstall.exe"
Counter-Strike Global Offensive WaRzOnE [2016/09/25 06:37:35]-->C:\Games\Counter-Strike Global Offensive\uninstall.exe
Don't Starve Together [2016/12/02 19:46:38]-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/322330
Factorio [2017/02/11 10:11:42]-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/427520
Fraps [2016/09/25 06:39:57]-->"C:\Fraps\uninstall.exe"
Frontier Launchpad version 1.0.2 [20161118]-->"C:\Users\lukykos\AppData\Local\Frontier Developments\Frontier Launchpad\unins000.exe"
Gaming Keyboard Driver [20160625]-->C:\Program Files (x86)\InstallShield Installation Information\{B3CDED64-7DC2-429D-A325-BBC3CF793AA6}\setup.exe -runfromtemp -l0x0009 -removeonly
gBurner [2016/12/12 15:25:03]-->"C:\Program Files (x86)\gBurner\uninstall.exe"
Google Chrome [20160705]-->"C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\Installer\setup.exe" --uninstall --system-level
Google Update Helper [20161223]-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Grand Theft Auto V [20160615]-->"C:\Program Files (x86)\InstallShield Installation Information\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}\Setup.exe" -runfromtemp -l0x0409 -removeonly
Cheat Engine 6.5.1 [20160719]-->"C:\Program Files (x86)\Cheat Engine 6.5.1\unins000.exe"
Intel Security True Key [2016/09/25 06:39:50]-->C:\Program Files\TrueKey\Mcafee.TrueKey.Uninstaller.Exe
Intel(R) Biometric and Context Agent [20160711]-->MsiExec.exe /X{C1424923-74F7-4399-B9D9-5F72FB1B9481}
Intel(R) Biometric and Context Agent Redistributables [20160711]-->MsiExec.exe /X{C3F24413-3E29-4979-A195-DEEB56F29B2A}
Intel® RealSense™ SDK 2014 Runtime (x64): Core [20160711]-->MsiExec.exe /X{37D41A97-6B02-4C30-8753-85107BE1D674}
Java 8 Update 91 [20160618]-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218091F0}
League of Legends [2017/02/24 12:34:16]-->msiexec.exe /x {6FEDADF5-40EC-4E18-A376-0FDBACE65338}
League of Legends [20170117]-->MsiExec.exe /X{6FEDADF5-40EC-4E18-A376-0FDBACE65338}
LogMeIn Hamachi [2016/12/25 17:42:31]-->C:\WINDOWS\SysWOW64\\msiexec.exe /i {91B5DF26-717A-4A5F-AB10-CD450FAD428C} REMOVE=ALL
LogMeIn Hamachi [20161225]-->MsiExec.exe /I{91B5DF26-717A-4A5F-AB10-CD450FAD428C}
McAfee Security Scan Plus [2016/09/25 06:39:57]-->"C:\Program Files (x86)\McAfee Security Scan\uninstall.exe"
Microsoft OneDrive [2017/01/27 15:16:46]-->C:\Users\lukykos\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\OneDriveSetup.exe /uninstall
Microsoft Visual C++ 2005 Redistributable (x64) [20160814]-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable [20160814]-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 [20160924]-->MsiExec.exe /X{02A39130-2CF3-30CA-8623-30F6071A4221}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [20160902]-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [20160902]-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [20160615]-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [20160814]-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [20160814]-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 [2016/11/18 21:47:58]-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 [2016/11/18 21:47:35]-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 [20161118]-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 [20161118]-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 [20161118]-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 [20161118]-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 [2016/09/25 06:39:58]-->"C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 [2016/09/25 06:39:59]-->"C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 [20160615]-->MsiExec.exe /X{929FBD26-9020-399B-9A7A-751D61F0B942}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 [20160615]-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 [20160615]-->MsiExec.exe /X{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 [20160615]-->MsiExec.exe /X{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 [2016/11/18 21:50:21]-->"C:\ProgramData\Package Cache\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}\VC_redist.x64.exe" /uninstall
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 [2016/11/18 21:49:11]-->"C:\ProgramData\Package Cache\{23daf363-3020-4059-b3ae-dc4ad39fed19}\VC_redist.x86.exe" /uninstall
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23506 [20161118]-->MsiExec.exe /X{B0B194F8-E0CE-33FE-AA11-636428A4B73D}
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23506 [20161118]-->MsiExec.exe /X{A1C31BA5-5438-3A07-9EEE-A5FB2D0FDE36}
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23506 [20161118]-->MsiExec.exe /X{1045AB6F-6151-3634-8C2C-EE308AA1A6A7}
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23506 [20161118]-->MsiExec.exe /X{65AD78AD-D23D-3A1E-9305-3AE65CD522C2}
Microsoft XNA Framework Redistributable 4.0 Refresh [20160627]-->MsiExec.exe /I{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}
Minecraft [20160805]-->MsiExec.exe /X{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}
Mine-imator version 1.0.6 [20161004]-->"C:\Users\lukykos\Mine-imator\unins000.exe"
Mozilla Firefox 51.0.1 (x86 cs) [2017/02/06 20:13:04]-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service [2017/01/28 20:26:25]-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MPC-HC 1.7.10 [20160711]-->"C:\Program Files (x86)\MPC-HC\unins000.exe"
MyPC Backup [2016/09/25 06:39:50]-->C:\Program Files (x86)\OLBPre\uninst.exe
Notepad++ [2016/09/25 06:39:57]-->C:\Program Files (x86)\Notepad++\uninstall.exe
Nox APP Player [2016/10/26 12:16:29]-->C:\Users\lukykos\AppData\Roaming\Nox\bin\Nox_unload.exe
NVIDIA GeForce Experience 2.5.15.54 [20160615]-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Ovladač 3D Vision 376.53 [20170210]-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovladač HD audia 1.3.34.17 [20170210]-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladač řídící jednotky 3D Vision 364.44 [20160615]-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA Ovladače grafiky 376.53 [20170210]-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Stereoscopic 3D Driver [2017/02/11 10:11:42]-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Systémový software PhysX 9.16.0318 [20160615]-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
Open Broadcaster Software [2016/09/25 06:39:57]-->C:\Program Files (x86)\OBS\uninstall.exe
Pixelmon Launcher (Beta) [2016/11/13 17:52:37]-->C:\ProgramData\Caphyon\Advanced Installer\{796E1EEB-FEFA-4638-9EBB-0B1BD393C057}\PixelmonLauncherBeta-2.0.26.exe /x {796E1EEB-FEFA-4638-9EBB-0B1BD393C057}
Pixelmon Launcher (Beta) [20161113]-->MsiExec.exe /I{796E1EEB-FEFA-4638-9EBB-0B1BD393C057}
PokeCraft_GameTeam_1.7.10 [2016/09/25 06:39:57]-->C:\GameTeamPokeCraft\Uninstal.exe
PSPad editor [20161004]-->"C:\Program Files (x86)\PSPad editor\Uninst\unins000.exe"
ROBLOX Player for lukykos [20170221]-->"C:\Users\lukykos\AppData\Local\Roblox\Versions\version-d31f23e3f760404e\RobloxPlayerLauncher.exe" -uninstall
Rocket League [2017/02/24 12:34:16]-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/252950
Rockstar Games Social Club [2016/12/23 16:06:21]-->C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe
Rust [2017/02/24 12:34:16]-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/252490
Seznam Software [2016/09/25 06:37:35]-->"C:\Users\lukykos\AppData\Roaming\Seznam.cz\szninstall.exe" -X
Skype™ 7.31 [20170206]-->MsiExec.exe /X{FC965A47-4839-40CA-B618-18F486F042C6}
Slime Rancher [2016/12/12 20:07:00]-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/433340
Steam [2016/12/27 19:15:57]-->C:\Program Files (x86)\Steam\uninstall.exe
Team Fortress 2 [2016/12/02 19:46:38]-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/440
Terraria [20160627]-->"C:\GOG Games\Terraria\unins000.exe"
Unity Web Player [2016/09/25 06:37:35]-->C:\Users\lukykos\AppData\Local\Unity\WebPlayer\Uninstall.exe /CurrentUser
VLC media player [2016/09/25 06:39:58]-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Vulkan Run Time Libraries 1.0.26.0 [2017/02/10 17:48:33]-->C:\Program Files (x86)\VulkanRT\1.0.26.0\UninstallVulkanRT.exe
WarThunder [2016/09/25 06:39:58]-->cmd /c start /wait wscript "C:\Users\lukykos\AppData\Roaming\WarThunder\osutils.vbs" /df:"C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder" /df:"C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk" /dt:"WarThunder0" /dt:"WarThunder1" /dt:"WarThunder2" /dt:"WarThunder3" /item:"C:\Users\lukykos\Desktop\WarThunder.lnk" /loc:"all" /path:"C:\Users\lukykos\AppData\Roaming\" /prod:"WarThunder" /run:"second"
Windows Driver Package - BigNox Corporation XQHDrv System (05/27/2016 4.3.12) [2016/10/26 12:15:55]-->C:\PROGRA~1\DIFX\1E5F57120B769A13\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\xqhdrv_F424A6671D4229C7B509653EF4E55CCBA8C240FC\xqhdrv.inf
Windows Driver Package - Oracle Corporation VBoxUSBMon System (05/27/2016 4.3.12) [2016/10/26 12:16:03]-->C:\PROGRA~1\DIFX\1E5F57120B769A13\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\vboxusbmon_6559BFE21C50916CAADBF1715348141A74B281A8\vboxusbmon.inf
WinRAR 5.31 (32-bit) [2016/09/25 06:39:58]-->C:\Program Files (x86)\WinRAR\uninstall.exe
XAMPP [1472844021]-->C:\xampp\uninstall.exe
====== System event log" ======
Computer Name: DESKTOP-98BA3HQ
Event Code: 27
Message: Typ spuštění byl 0x0.
Record Number: 5
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20160925052759.644320-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: DESKTOP-98BA3HQ
Event Code: 153
Message: Zabezpečení založené na virtualizaci (zásady: 0) je zakázáno se stavem STATUS_SUCCESS.
Record Number: 4
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20160925052759.643952-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: DESKTOP-98BA3HQ
Event Code: 6005
Message: Služba Event Log byla spuštěna.
Record Number: 3
Source Name: EventLog
Time Written: 20160925052931.564454-000
Event Type: Informace
User:
Computer Name: DESKTOP-98BA3HQ
Event Code: 6009
Message: Microsoft (R) Windows (R) 10.00. 14393 Multiprocessor Free.
Record Number: 2
Source Name: EventLog
Time Written: 20160925052931.564454-000
Event Type: Informace
User:
Computer Name: DESKTOP-98BA3HQ
Event Code: 12
Message: Operační systém se spustil v systémovém čase 2016-09-25T05:27:59.497329600Z.
Record Number: 1
Source Name: Microsoft-Windows-Kernel-General
Time Written: 20160925052759.643864-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
===== Application event log" =====
Computer Name: DESKTOP-98BA3HQ
Event Code: 5
Message: Služba Windows Search úspěšně vytvořila výchozí konfiguraci pro nového uživatele DESKTOP-98BA3HQ\lukykos.
Record Number: 5
Source Name: Microsoft-Windows-Search-ProfileNotify
Time Written: 20160925053556.826692-000
Event Type: Informace
User:
Computer Name: DESKTOP-98BA3HQ
Event Code: 5617
Message: Subsystémy služby WMI (Windows Management Instrumentation) byly úspěšně inicializovány.
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20160925053043.725257-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: DESKTOP-98BA3HQ
Event Code: 5615
Message: Služba WMI (Windows Management Instrumentation) byla úspěšně spuštěna.
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20160925052938.829457-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: DESKTOP-98BA3HQ
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.
Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20160925052932.624619-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: DESKTOP-98BA3HQ
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20160925052931.970699-000
Event Type: Informace
User:
===== Security event log" =====
Computer Name: DESKTOP-98BA3HQ
Event Code: 4907
Message: Nastavení auditu objektu se změnila.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DESKTOP-98BA3HQ$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7
Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: \Device\HarddiskVolume1\Boot\ko-KR\memtest.exe.mui
ID popisovače: 0x2b0
Informace o procesu:
ID procesu: 0x710
Název procesu: C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe
Nastavení auditu:
Původní popisovač zabezpečení: S:AINO_ACCESS_CONTROL
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 29897
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20161212184520.153267-000
Event Type: Úspěšný audit
User:
Computer Name: DESKTOP-98BA3HQ
Event Code: 4907
Message: Nastavení auditu objektu se změnila.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DESKTOP-98BA3HQ$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7
Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: \Device\HarddiskVolume1\Boot\ko-KR\bootmgr.exe.mui
ID popisovače: 0x2b0
Informace o procesu:
ID procesu: 0x710
Název procesu: C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe
Nastavení auditu:
Původní popisovač zabezpečení: S:AINO_ACCESS_CONTROL
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 29896
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20161212184520.151237-000
Event Type: Úspěšný audit
User:
Computer Name: DESKTOP-98BA3HQ
Event Code: 4907
Message: Nastavení auditu objektu se změnila.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DESKTOP-98BA3HQ$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7
Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: \Device\HarddiskVolume1\Boot\ja-JP\memtest.exe.mui
ID popisovače: 0x2b0
Informace o procesu:
ID procesu: 0x710
Název procesu: C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe
Nastavení auditu:
Původní popisovač zabezpečení: S:AINO_ACCESS_CONTROL
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 29895
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20161212184520.148392-000
Event Type: Úspěšný audit
User:
Computer Name: DESKTOP-98BA3HQ
Event Code: 4907
Message: Nastavení auditu objektu se změnila.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DESKTOP-98BA3HQ$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7
Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: \Device\HarddiskVolume1\Boot\ja-JP\bootmgr.exe.mui
ID popisovače: 0x364
Informace o procesu:
ID procesu: 0x710
Název procesu: C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe
Nastavení auditu:
Původní popisovač zabezpečení: S:AINO_ACCESS_CONTROL
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 29894
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20161212184520.146103-000
Event Type: Úspěšný audit
User:
Computer Name: DESKTOP-98BA3HQ
Event Code: 4907
Message: Nastavení auditu objektu se změnila.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DESKTOP-98BA3HQ$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7
Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: \Device\HarddiskVolume1\Boot\it-IT\memtest.exe.mui
ID popisovače: 0x364
Informace o procesu:
ID procesu: 0x710
Název procesu: C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe
Nastavení auditu:
Původní popisovač zabezpečení: S:AINO_ACCESS_CONTROL
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 29893
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20161212184520.143244-000
Event Type: Úspěšný audit
User:
====== Environment variables ======
"ComSpec" = %SystemRoot%\system32\cmd.exe
"OS" = Windows_NT
"PATHEXT" = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE" = AMD64
"PSModulePath" = %ProgramFiles%\WindowsPowerShell\Modules;%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules
"TEMP" = %SystemRoot%\TEMP
"TMP" = %SystemRoot%\TEMP
"USERNAME" = SYSTEM
"windir" = %SystemRoot%
"NUMBER_OF_PROCESSORS" = 4
"PROCESSOR_LEVEL" = 16
"PROCESSOR_IDENTIFIER" = AMD64 Family 16 Model 5 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION" = 0503
"Path" = C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Skype\Phone\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
vyskakují reklamy,nezůstává domovská stránka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vyskakují reklamy,nezůstává domovská stránka
Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vyskakují reklamy,nezůstává domovská stránka
zde je FRSL log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-02-2017 01
Ran by lukykos (administrator) on DESKTOP-98BA3HQ (28-02-2017 14:05:39)
Running from C:\Users\lukykos\Desktop
Loaded Profiles: lukykos (Available Profiles: lukykos)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files\BitTorrent\BitTorrent.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
() C:\ProgramData\ocep\ocep.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
() C:\ProgramData\{128CAFAC-A527-1807-895D-56B88DD8F484}\6C620C46-DBC9-BBED-EDA0-939A678119B4.exe
() C:\ProgramData\{BBAF9586-0C04-222D-733A-C310C6F6AB0F}\276A3E54-90C1-89FF-A65E-EFAA5D7892ED.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(forum.viry.cz) C:\Users\lukykos\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-11-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-25] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [270336 2013-04-09] ()
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\lukykos\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\lukykos\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [Akamai NetSession Interface] => C:\Users\lukykos\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
AppInit_DLLs: C:\ProgramData\ocep\Trantex.dll => C:\ProgramData\ocep\Trantex.dll [358912 2017-01-15] ()
AppInit_DLLs-x32: C:\ProgramData\ocep\KeyWarm.dll => C:\ProgramData\ocep\KeyWarm.dll [248320 2017-01-15] ()
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellExecuteHooks: No Name - {6710C780-E20E-4C49-A87D-321850ED3D7C} - -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-07-11]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2017-02-23]
ShortcutTarget: Curse.lnk -> C:\Users\lukykos\AppData\Roaming\Curse Client\Bin\Curse.exe (No File)
Startup: C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2016-07-19]
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\OLBPre\OLBPre.exe ()
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{268870a5-d72e-46ad-8646-40f514dcefd0}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{268870a5-d72e-46ad-8646-40f514dcefd0}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{a4d891ec-b6ae-476b-9915-a8a0e537697b}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{a4d891ec-b6ae-476b-9915-a8a0e537697b}: [DhcpNameServer] 82.163.143.157
Internet Explorer:
==================
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0U9XY2Go0EZ0x6hLZLpslt-GsFnxvtxQq5FYNu70jX-JHDraMEIj5KFFt6bAtqMd4rxfc,&q={searchTerms}
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQ0NfCDSlzGblGQ1kgbwEZHdqo0ZGNK1TqBa5fhrSwmj49W-G8bA771SjpqjRLaYMQ7d7wTxSLI_0xP0rncl3hemkuj7mtU,
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0U9XY2Go0EZ0x6hLZLpslt-GsFnxvtxQq5FYNu70jX-JHDraMEIj5KFFt6bAtqMd4rxfc,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001 -> DefaultScope {ielnksrch} URL = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0U9XY2Go0EZ0x6hLZLpslt-GsFnxvtxQq5FYNu70jX-JHDraMEIj5KFFt6bAtqMd4rxfc,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001 -> {46DAFD89-E4E4-4037-5507-D2F982BAF333} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-TqszdEi2xwXHjQ6yX-e7dGBZMOnOdf5apBcbX5hcmn8RaIYm_MFJXWe2Dz8hT1gSp0UR61lY3DsH0drHm1_Ht3sAi5-Ubs9xuGyEZUG80xW12jWVVolZ6nB8NjLfGwfhniVnQu2pswHOFGT-FaM2V98fhWHwk6&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001 -> {ielnksrch} URL = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0U9XY2Go0EZ0x6hLZLpslt-GsFnxvtxQq5FYNu70jX-JHDraMEIj5KFFt6bAtqMd4rxfc,&q={searchTerms}
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-06-28] (Intel Security)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-18] (Oracle Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-06-28] (Intel Security)
FireFox:
========
FF DefaultProfile: acezlehe.default-1470335100542
FF ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542 [2017-02-28]
FF NewTab: Mozilla\Firefox\Profiles\acezlehe.default-1470335100542 ->
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\acezlehe.default-1470335100542 ->
FF Keyword.URL: Mozilla\Firefox\Profiles\acezlehe.default-1470335100542 -> hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=Unknown
FF Extension: (MEGA) - C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542\Extensions\firefox@mega.co.nz.xpi [2017-02-17]
FF Extension: (Seznam lištička) - C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-25]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542\features\{3599c2eb-191d-4a09-8bb5-099cb79d1e38}\disableSHA1rollout@mozilla.org.xpi [2017-02-25]
FF ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144 [2016-12-18]
FF Extension: (Firefox Hotfix) - C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144\Extensions\firefox-hotfix@mozilla.org.xpi [2016-12-18]
FF Extension: (Seznam lištička) - C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-12-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-24] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-24] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-18] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-23] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-2668155180-1392316393-2198943076-1001: @nsroblox.roblox.com/launcher -> C:\Users\lukykos\AppData\Local\Roblox\Versions\version-d31f23e3f760404e\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2668155180-1392316393-2198943076-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\lukykos\AppData\Local\Roblox\Versions\version-d31f23e3f760404e\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2668155180-1392316393-2198943076-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\lukykos\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
Chrome:
=======
CHR HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFFk7_hyQrEptAC3t41oi3O9IN2aA4fIN0RlcFHRnacz70_bsjcjDLoc2Hk1NwqVvH0z2BCxckCNMrb7QPXyfKUz_GpDb8,
CHR StartupUrls: Default -> "hxxp://www-searching.com/?pid=s&s=Unknown"
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=Unknown
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Profile: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default [2017-02-08]
CHR Extension: (Prezentace Google) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-05]
CHR Extension: (Dokumenty Google) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-05]
CHR Extension: (Disk Google) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-05]
CHR Extension: (Torrent Search) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bceciholkmjngdohanojikiiccgnmpdj [2016-07-11]
CHR Extension: (Seznam Lištička - Email) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-02-08]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-02-08]
CHR Extension: (YouTube) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-05]
CHR Extension: (Tabulky Google) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-06]
CHR Extension: (Slither.io Mods, Zoom, Create Skins SLITHERE) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkfpaolkkchfafkhdleklbddpcolkdea [2017-02-08]
CHR Extension: (SlitherX Sidebar Mods & Skins) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpnncaegjbbljnidgkfhgmhnmpiclplp [2017-02-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-08]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-02-08]
CHR Extension: (Gmail) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-05]
CHR Extension: (Chrome Media Router) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 BitTorrent; C:\Program Files\BitTorrent\BitTorrent.exe [383488 2016-07-03] () [File not signed] <==== ATTENTION
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [227104 2016-12-15] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-11-05] (NVIDIA Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel(R) Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.11.266\McCHSvc.exe [235696 2015-12-02] (McAfee, Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-11-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-11-05] (NVIDIA Corporation)
R2 ocep; C:\ProgramData\\ocep\\ocep.exe [982016 2017-01-15] () [File not signed]
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [905672 2016-06-22] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-06-22] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-06-22] (McAfee, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-06-07] (LogMeIn Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-11-05] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50472 2015-11-05] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 RTL8023x64; C:\WINDOWS\System32\drivers\Rtnic64.sys [51712 2016-07-16] (Realtek Semiconductor Corporation )
R3 SMUpdd; C:\Program Files\Common Files\Noobzo\GNUpdate\smw.sys [52992 2016-07-16] ()
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [133064 2016-05-28] (BigNox Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [281544 2016-05-28] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [281544 2016-05-28] (BigNox Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-28 14:05 - 2017-02-28 14:06 - 00021526 _____ C:\Users\lukykos\Desktop\FRST.txt
2017-02-28 14:04 - 2017-02-28 14:05 - 00000000 ____D C:\FRST
2017-02-28 14:02 - 2017-02-28 14:02 - 00112640 _____ (forum.viry.cz) C:\Users\lukykos\Downloads\FRSTLauncher.exe
2017-02-28 14:02 - 2017-02-28 14:02 - 00112640 _____ (forum.viry.cz) C:\Users\lukykos\Desktop\FRSTLauncher.exe
2017-02-28 14:00 - 2017-02-28 14:00 - 02423296 _____ (Farbar) C:\Users\lukykos\Desktop\FRST64.exe
2017-02-27 16:11 - 2017-02-27 16:11 - 04734784 _____ () C:\Users\lukykos\Downloads\TechnicLauncher.exe
2017-02-26 16:29 - 2017-02-26 16:29 - 00000000 ____D C:\rsit
2017-02-26 16:29 - 2017-02-26 16:29 - 00000000 ____D C:\Program Files\trend micro
2017-02-26 16:27 - 2017-02-26 16:28 - 01324032 _____ C:\Users\lukykos\Downloads\RSITx64.exe
2017-02-23 21:05 - 2017-02-23 21:05 - 00003976 _____ C:\WINDOWS\System32\Tasks\{CDA5889D-7A0E-3F36-0DAC-C1F834128FC7}
2017-02-23 21:05 - 2017-02-23 21:05 - 00003976 _____ C:\WINDOWS\System32\Tasks\{62D58402-D57E-33A9-866B-427B8F3261E7}
2017-02-23 21:05 - 2017-02-23 21:05 - 00000000 ____D C:\ProgramData\{BBAF9586-0C04-222D-733A-C310C6F6AB0F}
2017-02-23 21:05 - 2017-02-23 21:05 - 00000000 ____D C:\ProgramData\{128CAFAC-A527-1807-895D-56B88DD8F484}
2017-02-23 21:04 - 2017-02-23 21:05 - 00000000 ____D C:\ProgramData\b3c2f272-67e5-1
2017-02-23 21:04 - 2017-02-23 21:05 - 00000000 ____D C:\ProgramData\b3c2f272-10e3-0
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{770f7b1a-612c-1}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{76b71c6a-612c-1}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{52d43031-312c-0}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{52b67931-512c-1}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{4a0a4a28-112c-0}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{46c916a1-512c-0}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{3e7c419c-212c-1}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{355f313b-212c-1}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{337468e0-412c-1}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{254c7f40-112c-0}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{235d7e85-212c-1}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{21e3134a-412c-0}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{19337090-512c-0}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{126547df-012c-0}
2017-02-18 16:15 - 2017-02-18 16:15 - 00000000 _____ C:\hamachi-2-0541-20170218-161552.dmp
2017-02-17 21:38 - 2017-02-17 21:38 - 00000000 ____D C:\Users\lukykos\Downloads\Automaticke_Vypnuti_PC
2017-02-17 21:29 - 2017-02-17 21:29 - 00615434 _____ C:\Users\lukykos\Downloads\Automaticke_Vypnuti_PC.zip
2017-02-11 12:26 - 2017-02-11 12:26 - 03103454 _____ C:\Users\lukykos\Downloads\SkyBlock_v2.1.zip
2017-02-11 12:05 - 2017-02-11 12:05 - 00000000 ____D C:\Users\lukykos\Documents\Curse
2017-02-11 12:01 - 2017-02-23 21:09 - 00000000 ____D C:\Users\lukykos\AppData\Roaming\Curse Client
2017-02-11 11:57 - 2017-02-11 11:57 - 84707568 _____ (Curse) C:\Users\lukykos\Downloads\CurseClientSetup.exe
2017-02-11 10:42 - 2017-02-11 10:42 - 00000222 _____ C:\Users\lukykos\Desktop\Rocket League.url
2017-02-10 23:38 - 2017-02-10 23:38 - 00000222 _____ C:\Users\lukykos\Desktop\Factorio.url
2017-02-10 18:20 - 2017-02-28 14:01 - 00000000 ____D C:\Users\lukykos\AppData\Local\CrashDumps
2017-02-10 17:48 - 2017-02-10 17:48 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-10 17:48 - 2016-12-29 13:43 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-10 17:48 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-10 17:48 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-10 17:48 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-10 17:48 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-02-10 17:47 - 2017-01-04 15:24 - 00222648 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-02-10 17:47 - 2017-01-04 15:24 - 00210360 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-02-10 17:47 - 2016-12-29 14:06 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-03 13:51 - 2017-02-03 13:51 - 00003314 _____ C:\WINDOWS\System32\Tasks\psv_Doublenix
2017-02-03 10:52 - 2017-01-12 19:32 - 00000000 ____D C:\Users\lukykos\Downloads\Raft Miracle Hack x64
2017-02-03 10:52 - 2017-01-12 19:31 - 00000000 ____D C:\Users\lukykos\Downloads\Raft Miracle Hack x32
2017-02-03 10:51 - 2017-02-03 10:51 - 00314094 _____ C:\Users\lukykos\Downloads\Miracle Hack Raft.rar
2017-02-03 10:37 - 2017-02-03 10:41 - 00000000 ____D C:\_logs
2017-02-03 10:26 - 2017-02-03 10:26 - 00000000 ____D C:\Users\lukykos\Downloads\V1.05_Raft_Win64 (2)
2017-02-03 10:23 - 2017-02-03 10:24 - 122828082 _____ C:\Users\lukykos\Downloads\V1.05_Raft_Win64 (2).zip
2017-02-03 10:18 - 2017-02-03 10:18 - 00000000 _____ C:\Users\lukykos\Downloads\V1.05_Raft_Win64.zip
2017-02-03 09:01 - 2017-02-23 19:18 - 00000000 ____D C:\ProgramData\b3c2f272-7711-0
2017-02-03 09:01 - 2017-02-23 19:18 - 00000000 ____D C:\ProgramData\b3c2f272-6525-1
2017-02-02 20:40 - 2017-02-02 20:40 - 00000237 _____ C:\Users\lukykos\Desktop\Search.URL
2017-02-02 20:39 - 2017-02-02 20:39 - 00000000 ____D C:\Users\lukykos\Downloads\Demp(v1.02c) for Raft v1.05
2017-02-02 20:32 - 2017-02-02 20:32 - 03175923 _____ C:\Users\lukykos\Downloads\Demp(v1.02c) for Raft v1.05.rar
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-28 14:03 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-28 14:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-28 14:00 - 2016-12-27 19:15 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-28 14:00 - 2016-09-25 06:35 - 00000000 ____D C:\Users\lukykos
2017-02-28 13:59 - 2017-01-14 09:24 - 00001410 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-02-28 13:59 - 2017-01-01 21:29 - 00001422 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-28 13:59 - 2016-12-05 17:31 - 00001485 _____ C:\Users\lukykos\Desktop\Google Chrome.lnk
2017-02-28 13:59 - 2016-07-05 20:23 - 00002466 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-28 13:56 - 2016-11-19 15:41 - 00000000 ____D C:\Users\lukykos\AppData\LocalLow\Mozilla
2017-02-28 13:56 - 2016-06-30 11:13 - 00000000 ____D C:\Users\lukykos\AppData\Roaming\Skype
2017-02-27 18:46 - 2016-12-23 17:30 - 00000000 ____D C:\ProgramData\ocep
2017-02-27 14:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-26 20:01 - 2016-09-25 06:29 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-24 12:37 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-24 12:37 - 2016-06-15 19:09 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 12:33 - 2016-06-15 19:09 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{CD503F7A-7AFB-88D1-AA8E-102E9839FDA5}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{ADD8EF3D-1A73-5896-55D6-B502330BC0F3}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{929FBDE2-2534-0A49-79A6-CACDFF061ACD}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{651044B9-D2BB-F312-1649-060647157667}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{3E793E0D-89D2-89A6-F277-5C011EE8D9F5}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{299D261F-9E36-91B4-2894-5AEC8BBDC518}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{1B9B808D-AC30-3726-4572-439BB44CE605}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{1B4DEA7D-ACE6-5DD6-CBA3-B3B4D74E8A05}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{F2182982-45B3-9E29-6B47-8FF10B170B89}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{777C0CDB-C0D7-BB70-F62C-F5128F43849A}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{7171A84A-C6DA-1FE1-DE7E-25EF12E5148E}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{38DABB64-8F71-0CCF-6B89-B4C454A5CE64}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{36A0494C-810B-FEE7-A6D0-7D892DB0D54B}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{1B34E018-AC9F-57B3-BEFF-09E1444B4084}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{F1D4198B-467F-AE20-BC63-B9B2285515BA}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{EBBA2EEE-5C11-9945-1863-D4C8D31D98CF}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{E583F77F-5228-40D4-D736-3EA835065C39}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{D8352E8F-6F9E-9924-D8FF-0FC342F896DE}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{CDFF537B-7A54-E4D0-00C0-02409DC9BB48}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{C9D6FE21-7E7D-498A-4CB9-ABA6C0E196EF}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{B0829170-0729-26DB-FDF1-2DABE31D0DDF}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{9E07956E-29AC-22C5-7122-3D9FDA6CE6CC}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{96B3BAC8-2118-0D63-5BE7-9CCB109F92BC}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{9409E97A-23A2-5ED1-54EA-BBB602BAD5ED}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{8ECC1717-3967-A0BC-643D-BA01EF252B19}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{8518E7D3-32B3-5078-4743-BFD97374671A}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{7D7D6ED9-CAD6-D972-FB13-5CFD086A93D1}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{7A973D83-CD3C-8A28-0C29-4F7B0B3672E6}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{5C9A3476-EB31-83DD-4693-BA29EEC61C78}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{59F5DF12-EE5E-68B9-6872-914D9A6165A7}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{56A4B67C-E10F-01D7-6311-668609A07EFC}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{55B99A20-E212-2D8B-E4A1-DBFAFE24F06E}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{4D54E968-FAFF-5EC3-C645-6AA024054E11}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{38CC076F-8F67-B0C4-0352-3AF4BB22EE65}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{35273A61-828C-8DCA-8CE5-5FB97D27D681}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{203989DE-9792-3E75-F5F2-EE02D3FF55FC}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{1576FBDC-A2DD-4C77-F202-40FE6E2E42D1}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{0ECE888E-B965-3F25-E484-8F4AF6B6173D}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{09AEFE6E-BE05-49C5-94C4-AE7D72040EBD}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{E4BD55FC-5316-E257-1306-477553B1FB7F}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{CFFAF2F5-7851-455E-B16A-8B78BF5860E2}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{B6787064-01D3-C7CF-6807-1A7566D841C7}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{A4E94271-1342-F5DA-2F16-92354430913D}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{899158A1-3E3A-EF0A-7721-10C392E1973A}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{7CDC623D-CB77-D596-FFE8-E06031F08A5A}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{7144E9FE-C6EF-5E55-39D8-ABD1A487FD5B}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{31127FF7-86B9-C85C-89CE-361276409D1A}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{2264E049-95CF-57E2-3E2A-CDBC05E73188}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{119D5BEB-A636-EC40-3FA1-78CCFB144D2F}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{0899AFC8-BF32-1863-6CC9-78336B4279EE}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{06E7CD0A-B14C-7AA1-E5EA-47530BC945F0}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{05D80F2B-B273-B880-933E-FA517BE9A2CE}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{7CBF93FB-CB14-2450-D3AE-BCBC7827387B}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{7C995788-CB32-E023-1768-C28EDB73E9C5}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{70170708-C7BC-B0A3-1DD0-20BDAAE9769D}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{6C6C1653-DBC7-A1F8-2D30-E211E824C758}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{6B97C952-DC3C-7EF9-3AE8-FE66D6143677}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{11597869-A6F2-CFC2-221F-D20D334FE5B6}
2017-02-23 19:23 - 2016-07-03 18:56 - 00002395 _____ C:\WINDOWS\SysWOW64\findit.xml
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{7f6b5029-512c-1}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{7796511f-712c-1}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{6c324018-312c-0}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{67b60929-212c-1}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{5f60222b-012c-0}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{5bf927a3-712c-1}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{52127da0-012c-1}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{4bbf5fb2-712c-0}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{4a7a26ed-412c-0}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{4a2b5fee-312c-0}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{446e6b3e-412c-0}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{23bd64d2-612c-1}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{13004dcb-512c-1}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{06fb45e1-212c-0}
2017-02-21 18:11 - 2016-09-04 18:09 - 00001435 _____ C:\Users\lukykos\Desktop\ROBLOX Player.lnk
2017-02-21 18:11 - 2016-09-04 18:09 - 00001250 _____ C:\Users\lukykos\Desktop\ROBLOX Studio.lnk
2017-02-21 18:11 - 2016-09-04 18:09 - 00000000 ____D C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-02-19 17:11 - 2016-09-25 06:51 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-19 17:11 - 2016-09-25 06:31 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-18 22:01 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-18 16:15 - 2016-09-25 06:42 - 00000476 _____ C:\WINDOWS\Tasks\SMW_UpdateTask_Time_323238343538353637382d3437415a556c2a3223346c41.job
2017-02-17 17:45 - 2016-12-11 16:45 - 00542760 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-02-10 17:49 - 2016-09-25 06:31 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-10 17:49 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-10 17:49 - 2016-06-15 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-10 17:47 - 2016-09-25 06:30 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-10 17:47 - 2016-09-25 06:30 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-06 14:27 - 2016-06-30 11:12 - 00000000 ____D C:\ProgramData\Skype
2017-01-30 16:28 - 2017-01-01 21:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-30 16:28 - 2016-11-18 21:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-29 09:55 - 2016-06-30 13:04 - 00000000 ____D C:\Users\lukykos\AppData\Roaming\Seznam.cz
==================== Files in the root of some directories =======
2016-11-04 17:57 - 2016-11-04 17:57 - 2924848 _____ () C:\Program Files\Common Files\00idalsa.exe
2016-11-20 19:29 - 2016-11-20 19:29 - 2942100 _____ () C:\Program Files\Common Files\04nspnbe.exe
2016-12-06 13:41 - 2016-12-06 13:41 - 2938894 _____ () C:\Program Files\Common Files\04qwdu25.exe
2016-10-04 16:58 - 2016-10-04 16:58 - 2944529 _____ () C:\Program Files\Common Files\05oefwsf.exe
2016-10-27 16:57 - 2016-10-27 16:57 - 2921590 _____ () C:\Program Files\Common Files\0eg00edc.exe
2016-10-02 16:57 - 2016-10-02 16:57 - 2954707 _____ () C:\Program Files\Common Files\0en0e3sg.exe
2016-12-29 20:59 - 2016-12-29 20:59 - 3021703 _____ () C:\Program Files\Common Files\0exsbrkr.exe
2016-11-30 15:49 - 2016-11-30 15:49 - 2940140 _____ () C:\Program Files\Common Files\0g1dgsbu.exe
2016-11-26 20:59 - 2016-11-26 20:59 - 2943148 _____ () C:\Program Files\Common Files\0l12ipt1.exe
2016-07-12 19:59 - 2016-07-12 19:59 - 2920467 _____ () C:\Program Files\Common Files\0oorw430.exe
2016-11-23 15:13 - 2016-11-23 15:13 - 2932717 _____ () C:\Program Files\Common Files\0py4bdua.exe
2016-12-22 12:52 - 2016-12-22 12:53 - 3021667 _____ () C:\Program Files\Common Files\0vzqz3ha.exe
2016-10-25 20:00 - 2016-10-25 20:00 - 2915659 _____ () C:\Program Files\Common Files\11hlxcdr.exe
2016-11-13 17:57 - 2016-11-13 17:57 - 2934450 _____ () C:\Program Files\Common Files\1513ml3w.exe
2016-07-08 16:57 - 2016-07-08 16:57 - 2782549 _____ () C:\Program Files\Common Files\1ddqp54b.exe
2016-11-25 19:38 - 2016-11-25 19:38 - 2943148 _____ () C:\Program Files\Common Files\1hmb0u3j.exe
2016-11-01 13:11 - 2016-11-01 13:11 - 2950363 _____ () C:\Program Files\Common Files\1kqprawj.exe
2016-12-11 15:28 - 2016-12-11 15:28 - 2935391 _____ () C:\Program Files\Common Files\1zrqceuc.exe
2017-01-01 20:59 - 2017-01-01 20:59 - 3021732 _____ () C:\Program Files\Common Files\25rort0e.exe
2016-10-09 18:30 - 2016-10-09 18:30 - 2955293 _____ () C:\Program Files\Common Files\2cxyqc3s.exe
2016-10-03 17:11 - 2016-10-03 17:11 - 2956230 _____ () C:\Program Files\Common Files\2demmik5.exe
2016-11-25 14:59 - 2016-11-25 14:59 - 2943148 _____ () C:\Program Files\Common Files\2mvyv5jg.exe
2016-11-06 14:55 - 2016-11-06 14:55 - 2945240 _____ () C:\Program Files\Common Files\2nyysd1k.exe
2016-11-04 15:04 - 2016-11-04 15:04 - 2923820 _____ () C:\Program Files\Common Files\2sj4satr.exe
2017-01-06 17:57 - 2017-01-06 17:57 - 2790706 _____ () C:\Program Files\Common Files\34fhjrfl.exe
2016-11-03 20:15 - 2016-11-03 20:15 - 2935835 _____ () C:\Program Files\Common Files\35saldnh.exe
2016-07-18 18:04 - 2016-07-18 18:04 - 2944051 _____ () C:\Program Files\Common Files\3czrm32s.exe
2016-12-04 15:29 - 2016-12-04 15:29 - 2946417 _____ () C:\Program Files\Common Files\3pygfqz2.exe
2016-11-10 19:54 - 2016-11-10 19:54 - 2934450 _____ () C:\Program Files\Common Files\43gtalhj.exe
2016-10-23 16:57 - 2016-10-23 16:57 - 2914405 _____ () C:\Program Files\Common Files\4nmjvmnq.exe
2016-10-31 17:57 - 2016-10-31 17:57 - 2950363 _____ () C:\Program Files\Common Files\4qvpor1y.exe
2016-10-20 16:17 - 2016-10-20 16:17 - 2905522 _____ () C:\Program Files\Common Files\4qxmimad.exe
2016-09-28 19:39 - 2016-09-28 19:39 - 2946944 _____ () C:\Program Files\Common Files\4rt1jhl0.exe
2016-08-06 16:57 - 2016-08-06 16:57 - 2935236 _____ () C:\Program Files\Common Files\51seazmq.exe
2016-10-29 16:57 - 2016-10-29 16:57 - 2921590 _____ () C:\Program Files\Common Files\55kmvsar.exe
2016-12-28 17:57 - 2016-12-28 17:57 - 3021730 _____ () C:\Program Files\Common Files\55wqanx1.exe
2016-07-14 15:08 - 2016-07-14 15:08 - 2932283 _____ () C:\Program Files\Common Files\5a5icbj1.exe
2016-10-10 17:36 - 2016-10-10 17:36 - 2912949 _____ () C:\Program Files\Common Files\5b21lv0u.exe
2017-01-04 15:36 - 2017-01-04 15:36 - 2825117 _____ () C:\Program Files\Common Files\5emoij5s.exe
2016-10-16 18:16 - 2016-10-16 18:16 - 2899580 _____ () C:\Program Files\Common Files\5vbqgvei.exe
2017-01-03 19:33 - 2017-01-03 19:33 - 3021780 _____ () C:\Program Files\Common Files\5xpjcjyy.exe
2016-11-03 20:15 - 2016-11-03 20:15 - 2935835 _____ () C:\Program Files\Common Files\a40qd1hl.exe
2016-07-11 19:59 - 2016-07-11 19:59 - 2782549 _____ () C:\Program Files\Common Files\amnzgeh5.exe
2016-10-03 19:59 - 2016-10-03 19:59 - 2930886 _____ () C:\Program Files\Common Files\bauhbmft.exe
2016-10-22 13:41 - 2016-10-22 13:41 - 2927797 _____ () C:\Program Files\Common Files\beykqiqq.exe
2016-11-11 17:57 - 2016-11-11 17:57 - 2934450 _____ () C:\Program Files\Common Files\bocciwdm.exe
2016-11-07 18:08 - 2016-11-07 18:08 - 2933671 _____ () C:\Program Files\Common Files\c12vnv5o.exe
2016-12-22 12:52 - 2016-12-22 12:53 - 3021667 _____ () C:\Program Files\Common Files\cerubweq.exe
2016-10-26 16:57 - 2016-10-26 16:57 - 2921590 _____ () C:\Program Files\Common Files\cjgiw3p2.exe
2016-12-04 15:29 - 2016-12-04 15:29 - 2946417 _____ () C:\Program Files\Common Files\couiw1uy.exe
2016-08-08 09:09 - 2016-08-08 09:09 - 2938647 _____ () C:\Program Files\Common Files\csuzaoe1.exe
2016-10-22 13:41 - 2016-10-22 13:41 - 2927797 _____ () C:\Program Files\Common Files\cyvuxdtg.exe
2016-12-12 17:57 - 2016-12-12 17:57 - 2932101 _____ () C:\Program Files\Common Files\cz1r2jom.exe
2017-01-10 14:28 - 2017-01-10 14:28 - 2822570 _____ () C:\Program Files\Common Files\d4xuhuyz.exe
2016-10-16 18:16 - 2016-10-16 18:16 - 2899580 _____ () C:\Program Files\Common Files\drczz3tq.exe
2016-12-05 17:30 - 2016-12-05 17:30 - 2953209 _____ () C:\Program Files\Common Files\drm512ed.exe
2017-01-14 09:27 - 2017-01-14 09:27 - 2943656 _____ () C:\Program Files\Common Files\ds1jnbli.exe
2016-12-02 14:26 - 2016-12-02 14:26 - 2929716 _____ () C:\Program Files\Common Files\ebnrmo5w.exe
2017-01-11 14:54 - 2017-01-11 14:54 - 2793393 _____ () C:\Program Files\Common Files\eck1a2a5.exe
2016-07-16 11:21 - 2016-07-16 11:21 - 2939768 _____ () C:\Program Files\Common Files\edpms1kt.exe
2016-11-12 20:59 - 2016-11-12 20:59 - 2934450 _____ () C:\Program Files\Common Files\ehmunlei.exe
2016-10-06 16:22 - 2016-10-06 16:22 - 2930361 _____ () C:\Program Files\Common Files\ei2e3myr.exe
2016-11-21 17:57 - 2016-11-21 17:57 - 2934898 _____ () C:\Program Files\Common Files\elhvr21v.exe
2016-11-08 19:37 - 2016-11-08 19:37 - 2943601 _____ () C:\Program Files\Common Files\erw0x2t4.exe
2016-12-22 20:20 - 2016-12-22 20:20 - 3021753 _____ () C:\Program Files\Common Files\estffh1a.exe
2016-09-29 17:14 - 2016-09-29 17:14 - 2939150 _____ () C:\Program Files\Common Files\eydxk5dx.exe
2016-10-15 13:27 - 2016-10-15 13:27 - 2912360 _____ () C:\Program Files\Common Files\f2hq1oo5.exe
2016-10-30 21:00 - 2016-10-30 21:00 - 2937121 _____ () C:\Program Files\Common Files\faqrpddn.exe
2017-01-07 16:59 - 2017-01-07 16:59 - 2824832 _____ () C:\Program Files\Common Files\fdt4iqyr.exe
2016-12-26 21:06 - 2016-12-26 21:06 - 3021675 _____ () C:\Program Files\Common Files\fl0jptaf.exe
2016-11-23 20:31 - 2016-11-23 20:31 - 2951694 _____ () C:\Program Files\Common Files\fmbzwqv5.exe
2016-12-31 10:15 - 2016-12-31 10:15 - 3021725 _____ () C:\Program Files\Common Files\fq05k4uv.exe
2016-07-18 18:04 - 2016-07-18 18:04 - 2944051 _____ () C:\Program Files\Common Files\fupdol1g.exe
2016-11-15 14:17 - 2016-11-15 14:17 - 2932047 _____ () C:\Program Files\Common Files\fzcpmz2f.exe
2016-12-01 17:57 - 2016-12-01 17:57 - 2948294 _____ () C:\Program Files\Common Files\g2ogkbjk.exe
2016-09-30 19:15 - 2016-09-30 19:15 - 2951025 _____ () C:\Program Files\Common Files\gc0ct2ic.exe
2016-10-15 13:27 - 2016-10-15 13:27 - 2912360 _____ () C:\Program Files\Common Files\ggn1cfcf.exe
2016-12-21 14:54 - 2016-12-21 14:55 - 3021671 _____ () C:\Program Files\Common Files\giz25buw.exe
2016-11-18 19:58 - 2016-11-18 19:58 - 2929738 _____ () C:\Program Files\Common Files\gzu42hjw.exe
2016-10-29 19:59 - 2016-10-29 19:59 - 2921590 _____ () C:\Program Files\Common Files\h3ldt4iw.exe
2016-12-26 21:06 - 2016-12-26 21:06 - 3021675 _____ () C:\Program Files\Common Files\hbufyaxp.exe
2016-11-18 20:59 - 2016-11-18 20:59 - 2933637 _____ () C:\Program Files\Common Files\hokxdgia.exe
2016-10-13 17:15 - 2016-10-13 17:15 - 2905641 _____ () C:\Program Files\Common Files\hp1d0yhk.exe
2016-07-18 19:59 - 2016-07-18 19:59 - 2941163 _____ () C:\Program Files\Common Files\hsdaaor0.exe
2016-10-16 19:59 - 2016-10-16 19:59 - 2918173 _____ () C:\Program Files\Common Files\htu5opdz.exe
2016-10-28 19:59 - 2016-10-28 19:59 - 2921590 _____ () C:\Program Files\Common Files\hx3xvvq0.exe
2017-01-02 19:06 - 2017-01-02 19:06 - 3021787 _____ () C:\Program Files\Common Files\i0xrlyta.exe
2016-11-23 20:59 - 2016-11-23 20:59 - 2929242 _____ () C:\Program Files\Common Files\ibadiuoq.exe
2016-12-22 20:59 - 2016-12-22 20:59 - 3021665 _____ () C:\Program Files\Common Files\iia2bvha.exe
2016-11-14 18:06 - 2016-11-14 18:06 - 2934450 _____ () C:\Program Files\Common Files\inmjytrw.exe
2016-07-08 19:59 - 2016-07-08 19:59 - 2782549 _____ () C:\Program Files\Common Files\invpfu0b.exe
2016-12-10 09:11 - 2016-12-10 09:11 - 2956128 _____ () C:\Program Files\Common Files\ioz0y3vw.exe
2016-10-27 19:59 - 2016-10-27 19:59 - 2921590 _____ () C:\Program Files\Common Files\j0a2lxdk.exe
2016-12-01 16:55 - 2016-12-01 16:55 - 2949285 _____ () C:\Program Files\Common Files\j3avvwpf.exe
2016-11-27 19:37 - 2016-11-27 19:37 - 2946256 _____ () C:\Program Files\Common Files\j3w54hai.exe
2016-07-19 16:57 - 2016-07-19 16:57 - 2921548 _____ () C:\Program Files\Common Files\j5zwfmc5.exe
2016-10-28 16:57 - 2016-10-28 16:57 - 2921590 _____ () C:\Program Files\Common Files\jfdmwnxf.exe
2016-07-09 16:57 - 2016-07-09 16:57 - 2782549 _____ () C:\Program Files\Common Files\jgd5slbd.exe
2016-11-16 15:17 - 2016-11-16 15:17 - 2938944 _____ () C:\Program Files\Common Files\jlskobxi.exe
2016-10-08 17:02 - 2016-10-08 17:02 - 2935036 _____ () C:\Program Files\Common Files\jousgfve.exe
2016-11-26 17:57 - 2016-11-26 17:57 - 2943148 _____ () C:\Program Files\Common Files\jwnsekcc.exe
2016-10-06 16:57 - 2016-10-06 16:57 - 2955516 _____ () C:\Program Files\Common Files\jxdhicfl.exe
2016-07-11 08:22 - 2016-07-11 08:22 - 2782549 _____ () C:\Program Files\Common Files\jzy3jrbp.exe
2016-10-06 16:22 - 2016-10-06 16:22 - 2930361 _____ () C:\Program Files\Common Files\k15yq0dv.exe
2016-11-20 19:28 - 2016-11-20 19:28 - 2942100 _____ () C:\Program Files\Common Files\k2fczvw1.exe
2016-12-27 17:57 - 2016-12-27 17:57 - 3021779 _____ () C:\Program Files\Common Files\kcasrqjk.exe
2016-12-18 18:00 - 2016-12-18 18:00 - 3021114 _____ () C:\Program Files\Common Files\kcmu1hjy.exe
2016-10-22 19:59 - 2016-10-22 19:59 - 2921572 _____ () C:\Program Files\Common Files\kddozdaw.exe
2016-07-10 16:57 - 2016-07-10 16:57 - 2782549 _____ () C:\Program Files\Common Files\kojkkksw.exe
2016-10-20 16:57 - 2016-10-20 16:57 - 2901670 _____ () C:\Program Files\Common Files\kqzavkf1.exe
2016-09-30 11:08 - 2016-09-30 11:08 - 2942067 _____ () C:\Program Files\Common Files\kym0fmv2.exe
2016-07-17 09:20 - 2016-07-17 09:20 - 2920600 _____ () C:\Program Files\Common Files\kzqjbomh.exe
2016-11-04 20:59 - 2016-11-04 20:59 - 2946612 _____ () C:\Program Files\Common Files\lihu4y5m.exe
2016-11-30 15:49 - 2016-11-30 15:49 - 2940140 _____ () C:\Program Files\Common Files\lksgpha4.exe
2017-01-01 17:57 - 2017-01-01 17:57 - 3021732 _____ () C:\Program Files\Common Files\lmkizp1g.exe
2016-12-09 17:59 - 2016-12-09 17:59 - 2956128 _____ () C:\Program Files\Common Files\lnbwitw4.exe
2016-07-05 19:59 - 2016-07-05 19:59 - 2782549 _____ () C:\Program Files\Common Files\loceak34.exe
2016-10-20 16:17 - 2016-10-20 16:17 - 2905522 _____ () C:\Program Files\Common Files\lt2nwekn.exe
2016-07-12 16:57 - 2016-07-12 16:57 - 2938043 _____ () C:\Program Files\Common Files\lteolrn2.exe
2016-10-02 08:32 - 2016-10-02 08:32 - 2951389 _____ () C:\Program Files\Common Files\m5mnqkpb.exe
2016-07-14 19:59 - 2016-07-14 19:59 - 2939331 _____ () C:\Program Files\Common Files\mabb30u2.exe
2016-07-04 19:59 - 2016-07-04 19:59 - 2782549 _____ () C:\Program Files\Common Files\mb3hbxpr.exe
2016-10-09 19:59 - 2016-10-09 19:59 - 2932069 _____ () C:\Program Files\Common Files\mjm1iijh.exe
2016-07-11 16:57 - 2016-07-11 16:57 - 2782549 _____ () C:\Program Files\Common Files\mjyfzx2u.exe
2016-07-14 15:08 - 2016-07-14 15:08 - 2932283 _____ () C:\Program Files\Common Files\mkoe4tkw.exe
2016-12-02 17:57 - 2016-12-02 17:57 - 2951041 _____ () C:\Program Files\Common Files\mxurj5np.exe
2016-09-21 13:52 - 2016-09-21 13:52 - 2919632 _____ () C:\Program Files\Common Files\n0ffhyal.exe
2016-12-02 21:00 - 2016-12-02 21:00 - 2934012 _____ () C:\Program Files\Common Files\n0vc25wh.exe
2016-07-14 16:57 - 2016-07-14 16:57 - 2927864 _____ () C:\Program Files\Common Files\n3wxpty5.exe
2016-07-16 16:57 - 2016-07-16 16:57 - 2936439 _____ () C:\Program Files\Common Files\n41mxg1i.exe
2016-08-08 09:09 - 2016-08-08 09:09 - 2938647 _____ () C:\Program Files\Common Files\n455teom.exe
2016-12-16 17:57 - 2016-12-16 17:57 - 3020737 _____ () C:\Program Files\Common Files\nfwgznb1.exe
2016-10-07 13:42 - 2016-10-07 13:42 - 2929811 _____ () C:\Program Files\Common Files\nigl4eoo.exe
2017-01-09 17:25 - 2017-01-09 17:25 - 2817199 _____ () C:\Program Files\Common Files\nod3lbvs.exe
2016-12-04 17:57 - 2016-12-04 17:57 - 2932227 _____ () C:\Program Files\Common Files\nwdekrup.exe
2016-12-29 19:41 - 2016-12-29 19:41 - 3021696 _____ () C:\Program Files\Common Files\o54eapdx.exe
2016-07-07 18:29 - 2016-07-07 18:29 - 2782549 _____ () C:\Program Files\Common Files\oayeqwmu.exe
2016-12-15 20:08 - 2016-12-15 20:08 - 3020700 _____ () C:\Program Files\Common Files\ob01ljjm.exe
2016-12-19 15:13 - 2016-12-19 15:13 - 3021071 _____ () C:\Program Files\Common Files\oksocrum.exe
2016-10-17 19:59 - 2016-10-17 19:59 - 2918600 _____ () C:\Program Files\Common Files\ozv1vdjg.exe
2016-11-26 08:59 - 2016-11-26 08:59 - 2943148 _____ () C:\Program Files\Common Files\p1fvv3db.exe
2016-12-11 17:57 - 2016-12-11 17:57 - 2931631 _____ () C:\Program Files\Common Files\p3ojh45m.exe
2016-11-14 18:06 - 2016-11-14 18:06 - 2934450 _____ () C:\Program Files\Common Files\palguvvs.exe
2016-12-28 20:59 - 2016-12-28 20:59 - 3021716 _____ () C:\Program Files\Common Files\pcd2ombm.exe
2016-10-18 16:57 - 2016-10-18 16:57 - 2922291 _____ () C:\Program Files\Common Files\pjii3qxu.exe
2016-11-20 20:59 - 2016-11-20 20:59 - 2933300 _____ () C:\Program Files\Common Files\pmmuqhgv.exe
2016-07-09 19:59 - 2016-07-09 19:59 - 2782549 _____ () C:\Program Files\Common Files\q2a3gd0a.exe
2016-11-08 14:25 - 2016-11-08 14:25 - 2940624 _____ () C:\Program Files\Common Files\qbgroqgg.exe
2016-09-28 19:39 - 2016-09-28 19:39 - 2946944 _____ () C:\Program Files\Common Files\qfpr1zwt.exe
2016-08-17 19:13 - 2016-08-17 19:13 - 2946352 _____ () C:\Program Files\Common Files\qh4urva5.exe
2016-11-11 17:35 - 2016-11-11 17:35 - 2934450 _____ () C:\Program Files\Common Files\qqcyi2gx.exe
2016-12-18 18:00 - 2016-12-18 18:00 - 3021114 _____ () C:\Program Files\Common Files\qqxofseg.exe
2016-11-12 15:55 - 2016-11-12 15:55 - 2934450 _____ () C:\Program Files\Common Files\r0ftsvbl.exe
2016-12-17 13:19 - 2016-12-17 13:19 - 3020680 _____ () C:\Program Files\Common Files\r2olm24z.exe
2017-01-14 09:27 - 2017-01-14 09:27 - 2943656 _____ () C:\Program Files\Common Files\r4q5mbqc.exe
2017-01-09 17:57 - 2017-01-09 17:57 - 2820549 _____ () C:\Program Files\Common Files\r5g0io0g.exe
2016-10-21 13:19 - 2016-10-21 13:19 - 2927316 _____ () C:\Program Files\Common Files\r5olko2w.exe
2016-07-03 19:59 - 2016-07-03 19:59 - 2782549 _____ () C:\Program Files\Common Files\ri5x4fgk.exe
2017-01-05 15:45 - 2017-01-05 15:45 - 2821184 _____ () C:\Program Files\Common Files\rif5o2jt.exe
2016-12-19 17:57 - 2016-12-19 17:57 - 3021770 _____ () C:\Program Files\Common Files\rxqpuygp.exe
2016-12-27 20:59 - 2016-12-27 20:59 - 3021724 _____ () C:\Program Files\Common Files\s5wtazjc.exe
2016-11-19 17:57 - 2016-11-19 17:57 - 2945069 _____ () C:\Program Files\Common Files\sl2d3zpl.exe
2017-01-03 14:44 - 2017-01-03 14:44 - 3021709 _____ () C:\Program Files\Common Files\smxueyuc.exe
2016-10-25 12:12 - 2016-10-25 12:13 - 2903248 _____ () C:\Program Files\Common Files\sycms1br.exe
2016-07-06 19:59 - 2016-07-06 19:59 - 2782549 _____ () C:\Program Files\Common Files\t0n5ss3c.exe
2016-07-05 19:58 - 2016-07-05 19:58 - 2782549 _____ () C:\Program Files\Common Files\tje4ytpi.exe
2016-12-15 20:08 - 2016-12-15 20:08 - 3020700 _____ () C:\Program Files\Common Files\tnwtjvk2.exe
2017-01-01 14:00 - 2017-01-01 14:00 - 3021732 _____ () C:\Program Files\Common Files\tqfs03wv.exe
2016-12-21 14:54 - 2016-12-21 14:55 - 3021671 _____ () C:\Program Files\Common Files\tvs414ga.exe
2016-12-05 17:57 - 2016-12-05 17:57 - 2927990 _____ () C:\Program Files\Common Files\twe11t2e.exe
2016-10-17 16:57 - 2016-10-17 16:57 - 2925323 _____ () C:\Program Files\Common Files\tyi1nqr2.exe
2016-07-15 16:57 - 2016-07-15 16:57 - 2942508 _____ () C:\Program Files\Common Files\u5dy0prb.exe
2016-12-11 15:28 - 2016-12-11 15:28 - 2935391 _____ () C:\Program Files\Common Files\udhysuxk.exe
2016-11-06 17:57 - 2016-11-06 17:57 - 2938085 _____ () C:\Program Files\Common Files\ugxhryqz.exe
2016-11-06 14:55 - 2016-11-06 14:55 - 2945240 _____ () C:\Program Files\Common Files\uuozoc05.exe
2016-10-25 16:57 - 2016-10-25 16:57 - 2904199 _____ () C:\Program Files\Common Files\uxbuzdja.exe
2016-11-16 15:17 - 2016-11-16 15:17 - 2938944 _____ () C:\Program Files\Common Files\uxsh02ar.exe
2016-09-28 20:01 - 2016-09-28 20:01 - 2943114 _____ () C:\Program Files\Common Files\v4aqxnwd.exe
2016-12-20 14:10 - 2016-12-20 14:10 - 3021670 _____ () C:\Program Files\Common Files\vk0wkvcr.exe
2016-12-31 10:15 - 2016-12-31 10:15 - 3021725 _____ () C:\Program Files\Common Files\vlxzsivq.exe
2016-11-07 18:08 - 2016-11-07 18:08 - 2933671 _____ () C:\Program Files\Common Files\vs0zp3ks.exe
2016-11-23 15:14 - 2016-11-23 15:14 - 2932717 _____ () C:\Program Files\Common Files\vtuzsmei.exe
2016-10-08 19:59 - 2016-10-08 19:59 - 2927877 _____ () C:\Program Files\Common Files\vwjjrjvt.exe
2016-11-24 19:54 - 2016-11-24 19:54 - 2943148 _____ () C:\Program Files\Common Files\w4yo24kb.exe
2016-10-22 16:57 - 2016-10-22 16:57 - 2918021 _____ () C:\Program Files\Common Files\wdadnedb.exe
2016-11-18 19:58 - 2016-11-18 19:58 - 2929738 _____ () C:\Program Files\Common Files\wf51afsz.exe
2016-12-12 15:14 - 2016-12-12 15:14 - 2935878 _____ () C:\Program Files\Common Files\wknlgrk1.exe
2017-01-07 17:57 - 2017-01-07 17:57 - 2793669 _____ () C:\Program Files\Common Files\wphttjzc.exe
2016-10-11 14:07 - 2016-10-11 14:07 - 2908906 _____ () C:\Program Files\Common Files\wrdyohnj.exe
2016-07-04 16:57 - 2016-07-04 16:57 - 2782549 _____ () C:\Program Files\Common Files\wwvmuezm.exe
2016-10-02 08:32 - 2016-10-02 08:32 - 2951389 _____ () C:\Program Files\Common Files\x0riyolp.exe
2016-09-30 19:59 - 2016-09-30 19:59 - 2928684 _____ () C:\Program Files\Common Files\xcp5ic0i.exe
2017-01-07 20:59 - 2017-01-07 20:59 - 2824183 _____ () C:\Program Files\Common Files\xcr1h0jy.exe
2016-11-10 19:54 - 2016-11-10 19:54 - 2934450 _____ () C:\Program Files\Common Files\xjczwvpu.exe
2017-01-01 14:00 - 2017-01-01 14:00 - 3021732 _____ () C:\Program Files\Common Files\xliupj2u.exe
2016-10-30 17:57 - 2016-10-30 17:57 - 2936204 _____ () C:\Program Files\Common Files\xuw3hhm2.exe
2016-10-08 17:02 - 2016-10-08 17:02 - 2935036 _____ () C:\Program Files\Common Files\xxyaq1ht.exe
2016-07-07 19:59 - 2016-07-07 19:59 - 2782549 _____ () C:\Program Files\Common Files\y3l0nk3r.exe
2016-10-03 17:11 - 2016-10-03 17:11 - 2956230 _____ () C:\Program Files\Common Files\yd0rt05x.exe
2016-10-15 17:18 - 2016-10-15 17:18 - 2907559 _____ () C:\Program Files\Common Files\ygm5w2au.exe
2016-12-09 15:55 - 2016-12-09 15:55 - 2956128 _____ () C:\Program Files\Common Files\yqsq0cbg.exe
2016-12-15 20:59 - 2016-12-15 20:59 - 3020706 _____ () C:\Program Files\Common Files\yshmwokf.exe
2016-10-13 17:15 - 2016-10-13 17:15 - 2905641 _____ () C:\Program Files\Common Files\z1qbrjtb.exe
2016-12-01 16:55 - 2016-12-01 16:55 - 2949285 _____ () C:\Program Files\Common Files\z4clxxqv.exe
2016-12-09 15:55 - 2016-12-09 15:55 - 2956128 _____ () C:\Program Files\Common Files\zfa2n2yt.exe
2016-11-22 13:54 - 2016-11-22 13:54 - 2927502 _____ () C:\Program Files\Common Files\zhwghrnp.exe
2016-07-06 16:57 - 2016-07-06 16:57 - 2782549 _____ () C:\Program Files\Common Files\zqs102rv.exe
2016-11-12 17:57 - 2016-11-12 17:57 - 2934450 _____ () C:\Program Files\Common Files\zutt2rov.exe
2016-10-25 12:12 - 2016-10-25 12:13 - 2903248 _____ () C:\Program Files\Common Files\zz5r55he.exe
2016-07-03 18:56 - 2016-07-03 18:56 - 6870016 _____ () C:\Users\lukykos\AppData\Roaming\agent.dat
2016-07-03 18:56 - 2016-07-03 18:56 - 2279413 _____ () C:\Users\lukykos\AppData\Roaming\Anplus.bin
2016-07-03 18:56 - 2016-07-03 18:56 - 0054272 _____ () C:\Users\lukykos\AppData\Roaming\ApplicationHosting.dat
2016-07-03 18:56 - 2016-07-03 18:56 - 0069024 _____ () C:\Users\lukykos\AppData\Roaming\Config.xml
2016-07-03 18:56 - 2016-07-03 18:56 - 0692736 _____ () C:\Users\lukykos\AppData\Roaming\Consoft.exe
2016-07-03 18:56 - 2016-07-03 18:56 - 1761214 _____ () C:\Users\lukykos\AppData\Roaming\Consoft.tst
2016-06-28 02:12 - 2016-06-28 02:12 - 0314434 _____ () C:\Users\lukykos\AppData\Roaming\EYapp.apk
2016-07-03 18:56 - 2016-07-03 18:56 - 0692736 _____ () C:\Users\lukykos\AppData\Roaming\Good-Hold.exe
2016-07-03 18:56 - 2016-07-03 18:56 - 0072704 _____ () C:\Users\lukykos\AppData\Roaming\Good-Hold.tst
2016-07-03 18:56 - 2016-07-03 18:56 - 0019584 _____ () C:\Users\lukykos\AppData\Roaming\InstallationConfiguration.xml
2016-07-03 18:56 - 2016-07-03 18:56 - 0128512 _____ () C:\Users\lukykos\AppData\Roaming\Installer.dat
2016-07-03 18:56 - 2016-07-03 18:56 - 0126464 _____ () C:\Users\lukykos\AppData\Roaming\lobby.dat
2016-07-03 18:56 - 2016-07-03 18:56 - 0018432 _____ () C:\Users\lukykos\AppData\Roaming\Main.dat
2016-07-03 18:56 - 2016-07-03 18:56 - 0005568 _____ () C:\Users\lukykos\AppData\Roaming\md.xml
2016-07-03 18:56 - 2016-07-03 18:56 - 0126464 _____ () C:\Users\lukykos\AppData\Roaming\noah.dat
2016-07-15 14:11 - 2016-07-15 14:56 - 7616340 _____ () C:\Users\lukykos\AppData\Roaming\setup.apk
2016-07-03 18:57 - 2016-07-03 18:57 - 0001150 _____ () C:\Users\lukykos\AppData\Roaming\uninstall_temp.ico
2016-07-15 14:11 - 2016-07-15 14:56 - 0732869 _____ () C:\Users\lukykos\AppData\Roaming\xdo.zip
2016-07-03 18:56 - 2016-07-03 18:56 - 0189635 _____ () C:\Users\lukykos\AppData\Roaming\Y-phase.bin
2016-07-03 18:56 - 2016-07-03 18:56 - 0848437 _____ () C:\Users\lukykos\AppData\Roaming\Zonegoit.bin
2016-08-04 13:39 - 2016-08-04 13:39 - 0000000 ___SH () C:\Users\lukykos\AppData\Local\LumaEmu
2016-07-03 18:57 - 2016-07-03 18:57 - 0041472 _____ () C:\Users\lukykos\AppData\Local\statstrip.dat
2016-07-03 18:57 - 2016-07-03 18:57 - 0000187 _____ () C:\Users\lukykos\AppData\Local\statstrip.exe.config
2016-07-16 11:18 - 2016-07-16 11:18 - 0512000 _____ () C:\ProgramData\smp2.exe
Files to move or delete:
====================
C:\ProgramData\smp2.exe
Some files in TEMP:
====================
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\103322779.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\110708445.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\119984832.t.exe
2017-01-22 19:22 - 2017-01-22 19:22 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\133089149.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\1912568.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\21876516.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\27543046.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\29083994.t.exe
2017-02-23 19:18 - 2017-02-23 19:18 - 1433088 _____ () C:\Users\lukykos\AppData\Local\Temp\29837922.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\34111101.t.exe
2017-02-23 19:18 - 2017-02-23 19:18 - 1433088 _____ () C:\Users\lukykos\AppData\Local\Temp\43152943.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\45483728.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\46522839.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\47682761.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\48985246.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\4931755.t.exe
2017-01-22 19:22 - 2017-01-22 19:22 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\49925678.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\50814912.t.exe
2017-01-22 19:22 - 2017-01-22 19:22 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\53068435.t.exe
2017-02-23 19:18 - 2017-02-23 19:18 - 1433088 _____ () C:\Users\lukykos\AppData\Local\Temp\55446261.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\55962992.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\57536350.t.exe
2017-02-23 19:18 - 2017-02-23 19:18 - 1433088 _____ () C:\Users\lukykos\AppData\Local\Temp\61051531.t.exe
2016-10-01 08:28 - 2016-10-01 08:28 - 1184256 _____ () C:\Users\lukykos\AppData\Local\Temp\61392092.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\63336490.t.exe
2017-02-23 19:18 - 2017-02-23 19:18 - 1433088 _____ () C:\Users\lukykos\AppData\Local\Temp\67203703.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\83655997.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\84898033.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\87793770.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\91546016.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\91738252.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\98522940.t.exe
2016-10-04 16:45 - 2016-08-03 05:28 - 0962072 _____ (BlueStack Systems, Inc.) C:\Users\lukykos\AppData\Local\Temp\BluestacksUninstaller.exe
2016-12-04 19:32 - 2016-12-04 19:51 - 0208896 _____ (Sony DADC Austria AG) C:\Users\lukykos\AppData\Local\Temp\drm_dyndata_7370012.dll
2016-10-04 16:45 - 2016-08-03 05:27 - 0187416 _____ (BlueStack Systems) C:\Users\lukykos\AppData\Local\Temp\HD-LibraryHandler.dll
2016-10-04 16:45 - 2016-08-03 05:25 - 0246808 _____ (BlueStack Systems) C:\Users\lukykos\AppData\Local\Temp\HD-Logger-Native.dll
2016-12-25 17:36 - 2016-12-25 17:36 - 7349520 _____ () C:\Users\lukykos\AppData\Local\Temp\~E49E.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
ShortcutWithArgument: C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=1508&aff_id=1034&source=3&click_id=c658950df00f975f1e1e43269e9571343154bca8 --app-window-size=1440,900
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\SMW_UpdateTask_Time_323238343538353637382d3437415a556c2a3223346c41.job => Wscript.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\lukykos\Desktop" je 19451 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-02-2017 01
Ran by lukykos (administrator) on DESKTOP-98BA3HQ (28-02-2017 14:05:39)
Running from C:\Users\lukykos\Desktop
Loaded Profiles: lukykos (Available Profiles: lukykos)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files\BitTorrent\BitTorrent.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
() C:\ProgramData\ocep\ocep.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
() C:\ProgramData\{128CAFAC-A527-1807-895D-56B88DD8F484}\6C620C46-DBC9-BBED-EDA0-939A678119B4.exe
() C:\ProgramData\{BBAF9586-0C04-222D-733A-C310C6F6AB0F}\276A3E54-90C1-89FF-A65E-EFAA5D7892ED.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(forum.viry.cz) C:\Users\lukykos\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-11-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-25] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [270336 2013-04-09] ()
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\lukykos\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\lukykos\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [Akamai NetSession Interface] => C:\Users\lukykos\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
AppInit_DLLs: C:\ProgramData\ocep\Trantex.dll => C:\ProgramData\ocep\Trantex.dll [358912 2017-01-15] ()
AppInit_DLLs-x32: C:\ProgramData\ocep\KeyWarm.dll => C:\ProgramData\ocep\KeyWarm.dll [248320 2017-01-15] ()
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellExecuteHooks: No Name - {6710C780-E20E-4C49-A87D-321850ED3D7C} - -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-07-11]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2017-02-23]
ShortcutTarget: Curse.lnk -> C:\Users\lukykos\AppData\Roaming\Curse Client\Bin\Curse.exe (No File)
Startup: C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2016-07-19]
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\OLBPre\OLBPre.exe ()
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{268870a5-d72e-46ad-8646-40f514dcefd0}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{268870a5-d72e-46ad-8646-40f514dcefd0}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{a4d891ec-b6ae-476b-9915-a8a0e537697b}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{a4d891ec-b6ae-476b-9915-a8a0e537697b}: [DhcpNameServer] 82.163.143.157
Internet Explorer:
==================
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0U9XY2Go0EZ0x6hLZLpslt-GsFnxvtxQq5FYNu70jX-JHDraMEIj5KFFt6bAtqMd4rxfc,&q={searchTerms}
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQ0NfCDSlzGblGQ1kgbwEZHdqo0ZGNK1TqBa5fhrSwmj49W-G8bA771SjpqjRLaYMQ7d7wTxSLI_0xP0rncl3hemkuj7mtU,
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0U9XY2Go0EZ0x6hLZLpslt-GsFnxvtxQq5FYNu70jX-JHDraMEIj5KFFt6bAtqMd4rxfc,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001 -> DefaultScope {ielnksrch} URL = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0U9XY2Go0EZ0x6hLZLpslt-GsFnxvtxQq5FYNu70jX-JHDraMEIj5KFFt6bAtqMd4rxfc,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001 -> {46DAFD89-E4E4-4037-5507-D2F982BAF333} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-TqszdEi2xwXHjQ6yX-e7dGBZMOnOdf5apBcbX5hcmn8RaIYm_MFJXWe2Dz8hT1gSp0UR61lY3DsH0drHm1_Ht3sAi5-Ubs9xuGyEZUG80xW12jWVVolZ6nB8NjLfGwfhniVnQu2pswHOFGT-FaM2V98fhWHwk6&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001 -> {ielnksrch} URL = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0U9XY2Go0EZ0x6hLZLpslt-GsFnxvtxQq5FYNu70jX-JHDraMEIj5KFFt6bAtqMd4rxfc,&q={searchTerms}
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-06-28] (Intel Security)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-18] (Oracle Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-06-28] (Intel Security)
FireFox:
========
FF DefaultProfile: acezlehe.default-1470335100542
FF ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542 [2017-02-28]
FF NewTab: Mozilla\Firefox\Profiles\acezlehe.default-1470335100542 ->
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\acezlehe.default-1470335100542 ->
FF Keyword.URL: Mozilla\Firefox\Profiles\acezlehe.default-1470335100542 -> hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=Unknown
FF Extension: (MEGA) - C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542\Extensions\firefox@mega.co.nz.xpi [2017-02-17]
FF Extension: (Seznam lištička) - C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-25]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542\features\{3599c2eb-191d-4a09-8bb5-099cb79d1e38}\disableSHA1rollout@mozilla.org.xpi [2017-02-25]
FF ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144 [2016-12-18]
FF Extension: (Firefox Hotfix) - C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144\Extensions\firefox-hotfix@mozilla.org.xpi [2016-12-18]
FF Extension: (Seznam lištička) - C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-12-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-24] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-24] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-18] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-23] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-2668155180-1392316393-2198943076-1001: @nsroblox.roblox.com/launcher -> C:\Users\lukykos\AppData\Local\Roblox\Versions\version-d31f23e3f760404e\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2668155180-1392316393-2198943076-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\lukykos\AppData\Local\Roblox\Versions\version-d31f23e3f760404e\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2668155180-1392316393-2198943076-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\lukykos\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
Chrome:
=======
CHR HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFFk7_hyQrEptAC3t41oi3O9IN2aA4fIN0RlcFHRnacz70_bsjcjDLoc2Hk1NwqVvH0z2BCxckCNMrb7QPXyfKUz_GpDb8,
CHR StartupUrls: Default -> "hxxp://www-searching.com/?pid=s&s=Unknown"
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=Unknown
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Profile: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default [2017-02-08]
CHR Extension: (Prezentace Google) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-05]
CHR Extension: (Dokumenty Google) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-05]
CHR Extension: (Disk Google) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-05]
CHR Extension: (Torrent Search) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bceciholkmjngdohanojikiiccgnmpdj [2016-07-11]
CHR Extension: (Seznam Lištička - Email) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-02-08]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-02-08]
CHR Extension: (YouTube) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-05]
CHR Extension: (Tabulky Google) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-06]
CHR Extension: (Slither.io Mods, Zoom, Create Skins SLITHERE) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkfpaolkkchfafkhdleklbddpcolkdea [2017-02-08]
CHR Extension: (SlitherX Sidebar Mods & Skins) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpnncaegjbbljnidgkfhgmhnmpiclplp [2017-02-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-08]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-02-08]
CHR Extension: (Gmail) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-05]
CHR Extension: (Chrome Media Router) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 BitTorrent; C:\Program Files\BitTorrent\BitTorrent.exe [383488 2016-07-03] () [File not signed] <==== ATTENTION
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [227104 2016-12-15] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-11-05] (NVIDIA Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel(R) Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.11.266\McCHSvc.exe [235696 2015-12-02] (McAfee, Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-11-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-11-05] (NVIDIA Corporation)
R2 ocep; C:\ProgramData\\ocep\\ocep.exe [982016 2017-01-15] () [File not signed]
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [905672 2016-06-22] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-06-22] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-06-22] (McAfee, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-06-07] (LogMeIn Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-11-05] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50472 2015-11-05] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 RTL8023x64; C:\WINDOWS\System32\drivers\Rtnic64.sys [51712 2016-07-16] (Realtek Semiconductor Corporation )
R3 SMUpdd; C:\Program Files\Common Files\Noobzo\GNUpdate\smw.sys [52992 2016-07-16] ()
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [133064 2016-05-28] (BigNox Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [281544 2016-05-28] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [281544 2016-05-28] (BigNox Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-28 14:05 - 2017-02-28 14:06 - 00021526 _____ C:\Users\lukykos\Desktop\FRST.txt
2017-02-28 14:04 - 2017-02-28 14:05 - 00000000 ____D C:\FRST
2017-02-28 14:02 - 2017-02-28 14:02 - 00112640 _____ (forum.viry.cz) C:\Users\lukykos\Downloads\FRSTLauncher.exe
2017-02-28 14:02 - 2017-02-28 14:02 - 00112640 _____ (forum.viry.cz) C:\Users\lukykos\Desktop\FRSTLauncher.exe
2017-02-28 14:00 - 2017-02-28 14:00 - 02423296 _____ (Farbar) C:\Users\lukykos\Desktop\FRST64.exe
2017-02-27 16:11 - 2017-02-27 16:11 - 04734784 _____ () C:\Users\lukykos\Downloads\TechnicLauncher.exe
2017-02-26 16:29 - 2017-02-26 16:29 - 00000000 ____D C:\rsit
2017-02-26 16:29 - 2017-02-26 16:29 - 00000000 ____D C:\Program Files\trend micro
2017-02-26 16:27 - 2017-02-26 16:28 - 01324032 _____ C:\Users\lukykos\Downloads\RSITx64.exe
2017-02-23 21:05 - 2017-02-23 21:05 - 00003976 _____ C:\WINDOWS\System32\Tasks\{CDA5889D-7A0E-3F36-0DAC-C1F834128FC7}
2017-02-23 21:05 - 2017-02-23 21:05 - 00003976 _____ C:\WINDOWS\System32\Tasks\{62D58402-D57E-33A9-866B-427B8F3261E7}
2017-02-23 21:05 - 2017-02-23 21:05 - 00000000 ____D C:\ProgramData\{BBAF9586-0C04-222D-733A-C310C6F6AB0F}
2017-02-23 21:05 - 2017-02-23 21:05 - 00000000 ____D C:\ProgramData\{128CAFAC-A527-1807-895D-56B88DD8F484}
2017-02-23 21:04 - 2017-02-23 21:05 - 00000000 ____D C:\ProgramData\b3c2f272-67e5-1
2017-02-23 21:04 - 2017-02-23 21:05 - 00000000 ____D C:\ProgramData\b3c2f272-10e3-0
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{770f7b1a-612c-1}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{76b71c6a-612c-1}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{52d43031-312c-0}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{52b67931-512c-1}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{4a0a4a28-112c-0}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{46c916a1-512c-0}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{3e7c419c-212c-1}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{355f313b-212c-1}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{337468e0-412c-1}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{254c7f40-112c-0}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{235d7e85-212c-1}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{21e3134a-412c-0}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{19337090-512c-0}
2017-02-23 19:17 - 2017-02-23 19:17 - 00000000 ____D C:\ProgramData\{126547df-012c-0}
2017-02-18 16:15 - 2017-02-18 16:15 - 00000000 _____ C:\hamachi-2-0541-20170218-161552.dmp
2017-02-17 21:38 - 2017-02-17 21:38 - 00000000 ____D C:\Users\lukykos\Downloads\Automaticke_Vypnuti_PC
2017-02-17 21:29 - 2017-02-17 21:29 - 00615434 _____ C:\Users\lukykos\Downloads\Automaticke_Vypnuti_PC.zip
2017-02-11 12:26 - 2017-02-11 12:26 - 03103454 _____ C:\Users\lukykos\Downloads\SkyBlock_v2.1.zip
2017-02-11 12:05 - 2017-02-11 12:05 - 00000000 ____D C:\Users\lukykos\Documents\Curse
2017-02-11 12:01 - 2017-02-23 21:09 - 00000000 ____D C:\Users\lukykos\AppData\Roaming\Curse Client
2017-02-11 11:57 - 2017-02-11 11:57 - 84707568 _____ (Curse) C:\Users\lukykos\Downloads\CurseClientSetup.exe
2017-02-11 10:42 - 2017-02-11 10:42 - 00000222 _____ C:\Users\lukykos\Desktop\Rocket League.url
2017-02-10 23:38 - 2017-02-10 23:38 - 00000222 _____ C:\Users\lukykos\Desktop\Factorio.url
2017-02-10 18:20 - 2017-02-28 14:01 - 00000000 ____D C:\Users\lukykos\AppData\Local\CrashDumps
2017-02-10 17:48 - 2017-02-10 17:48 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-10 17:48 - 2016-12-29 13:43 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-10 17:48 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-10 17:48 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-10 17:48 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-10 17:48 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-02-10 17:47 - 2017-01-04 15:24 - 00222648 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-02-10 17:47 - 2017-01-04 15:24 - 00210360 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-02-10 17:47 - 2016-12-29 14:06 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-03 13:51 - 2017-02-03 13:51 - 00003314 _____ C:\WINDOWS\System32\Tasks\psv_Doublenix
2017-02-03 10:52 - 2017-01-12 19:32 - 00000000 ____D C:\Users\lukykos\Downloads\Raft Miracle Hack x64
2017-02-03 10:52 - 2017-01-12 19:31 - 00000000 ____D C:\Users\lukykos\Downloads\Raft Miracle Hack x32
2017-02-03 10:51 - 2017-02-03 10:51 - 00314094 _____ C:\Users\lukykos\Downloads\Miracle Hack Raft.rar
2017-02-03 10:37 - 2017-02-03 10:41 - 00000000 ____D C:\_logs
2017-02-03 10:26 - 2017-02-03 10:26 - 00000000 ____D C:\Users\lukykos\Downloads\V1.05_Raft_Win64 (2)
2017-02-03 10:23 - 2017-02-03 10:24 - 122828082 _____ C:\Users\lukykos\Downloads\V1.05_Raft_Win64 (2).zip
2017-02-03 10:18 - 2017-02-03 10:18 - 00000000 _____ C:\Users\lukykos\Downloads\V1.05_Raft_Win64.zip
2017-02-03 09:01 - 2017-02-23 19:18 - 00000000 ____D C:\ProgramData\b3c2f272-7711-0
2017-02-03 09:01 - 2017-02-23 19:18 - 00000000 ____D C:\ProgramData\b3c2f272-6525-1
2017-02-02 20:40 - 2017-02-02 20:40 - 00000237 _____ C:\Users\lukykos\Desktop\Search.URL
2017-02-02 20:39 - 2017-02-02 20:39 - 00000000 ____D C:\Users\lukykos\Downloads\Demp(v1.02c) for Raft v1.05
2017-02-02 20:32 - 2017-02-02 20:32 - 03175923 _____ C:\Users\lukykos\Downloads\Demp(v1.02c) for Raft v1.05.rar
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-28 14:03 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-28 14:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-28 14:00 - 2016-12-27 19:15 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-28 14:00 - 2016-09-25 06:35 - 00000000 ____D C:\Users\lukykos
2017-02-28 13:59 - 2017-01-14 09:24 - 00001410 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-02-28 13:59 - 2017-01-01 21:29 - 00001422 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-28 13:59 - 2016-12-05 17:31 - 00001485 _____ C:\Users\lukykos\Desktop\Google Chrome.lnk
2017-02-28 13:59 - 2016-07-05 20:23 - 00002466 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-28 13:56 - 2016-11-19 15:41 - 00000000 ____D C:\Users\lukykos\AppData\LocalLow\Mozilla
2017-02-28 13:56 - 2016-06-30 11:13 - 00000000 ____D C:\Users\lukykos\AppData\Roaming\Skype
2017-02-27 18:46 - 2016-12-23 17:30 - 00000000 ____D C:\ProgramData\ocep
2017-02-27 14:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-26 20:01 - 2016-09-25 06:29 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-24 12:37 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-24 12:37 - 2016-06-15 19:09 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 12:33 - 2016-06-15 19:09 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{CD503F7A-7AFB-88D1-AA8E-102E9839FDA5}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{ADD8EF3D-1A73-5896-55D6-B502330BC0F3}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{929FBDE2-2534-0A49-79A6-CACDFF061ACD}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{651044B9-D2BB-F312-1649-060647157667}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{3E793E0D-89D2-89A6-F277-5C011EE8D9F5}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{299D261F-9E36-91B4-2894-5AEC8BBDC518}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{1B9B808D-AC30-3726-4572-439BB44CE605}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{1B4DEA7D-ACE6-5DD6-CBA3-B3B4D74E8A05}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{F2182982-45B3-9E29-6B47-8FF10B170B89}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{777C0CDB-C0D7-BB70-F62C-F5128F43849A}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{7171A84A-C6DA-1FE1-DE7E-25EF12E5148E}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{38DABB64-8F71-0CCF-6B89-B4C454A5CE64}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{36A0494C-810B-FEE7-A6D0-7D892DB0D54B}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{1B34E018-AC9F-57B3-BEFF-09E1444B4084}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{F1D4198B-467F-AE20-BC63-B9B2285515BA}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{EBBA2EEE-5C11-9945-1863-D4C8D31D98CF}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{E583F77F-5228-40D4-D736-3EA835065C39}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{D8352E8F-6F9E-9924-D8FF-0FC342F896DE}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{CDFF537B-7A54-E4D0-00C0-02409DC9BB48}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{C9D6FE21-7E7D-498A-4CB9-ABA6C0E196EF}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{B0829170-0729-26DB-FDF1-2DABE31D0DDF}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{9E07956E-29AC-22C5-7122-3D9FDA6CE6CC}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{96B3BAC8-2118-0D63-5BE7-9CCB109F92BC}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{9409E97A-23A2-5ED1-54EA-BBB602BAD5ED}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{8ECC1717-3967-A0BC-643D-BA01EF252B19}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{8518E7D3-32B3-5078-4743-BFD97374671A}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{7D7D6ED9-CAD6-D972-FB13-5CFD086A93D1}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{7A973D83-CD3C-8A28-0C29-4F7B0B3672E6}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{5C9A3476-EB31-83DD-4693-BA29EEC61C78}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{59F5DF12-EE5E-68B9-6872-914D9A6165A7}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{56A4B67C-E10F-01D7-6311-668609A07EFC}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{55B99A20-E212-2D8B-E4A1-DBFAFE24F06E}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{4D54E968-FAFF-5EC3-C645-6AA024054E11}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{38CC076F-8F67-B0C4-0352-3AF4BB22EE65}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{35273A61-828C-8DCA-8CE5-5FB97D27D681}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{203989DE-9792-3E75-F5F2-EE02D3FF55FC}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{1576FBDC-A2DD-4C77-F202-40FE6E2E42D1}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{0ECE888E-B965-3F25-E484-8F4AF6B6173D}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{09AEFE6E-BE05-49C5-94C4-AE7D72040EBD}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{E4BD55FC-5316-E257-1306-477553B1FB7F}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{CFFAF2F5-7851-455E-B16A-8B78BF5860E2}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{B6787064-01D3-C7CF-6807-1A7566D841C7}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{A4E94271-1342-F5DA-2F16-92354430913D}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{899158A1-3E3A-EF0A-7721-10C392E1973A}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{7CDC623D-CB77-D596-FFE8-E06031F08A5A}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{7144E9FE-C6EF-5E55-39D8-ABD1A487FD5B}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{31127FF7-86B9-C85C-89CE-361276409D1A}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{2264E049-95CF-57E2-3E2A-CDBC05E73188}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{119D5BEB-A636-EC40-3FA1-78CCFB144D2F}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{0899AFC8-BF32-1863-6CC9-78336B4279EE}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{06E7CD0A-B14C-7AA1-E5EA-47530BC945F0}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{05D80F2B-B273-B880-933E-FA517BE9A2CE}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{7CBF93FB-CB14-2450-D3AE-BCBC7827387B}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{7C995788-CB32-E023-1768-C28EDB73E9C5}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{70170708-C7BC-B0A3-1DD0-20BDAAE9769D}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{6C6C1653-DBC7-A1F8-2D30-E211E824C758}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{6B97C952-DC3C-7EF9-3AE8-FE66D6143677}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{11597869-A6F2-CFC2-221F-D20D334FE5B6}
2017-02-23 19:23 - 2016-07-03 18:56 - 00002395 _____ C:\WINDOWS\SysWOW64\findit.xml
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{7f6b5029-512c-1}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{7796511f-712c-1}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{6c324018-312c-0}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{67b60929-212c-1}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{5f60222b-012c-0}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{5bf927a3-712c-1}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{52127da0-012c-1}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{4bbf5fb2-712c-0}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{4a7a26ed-412c-0}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{4a2b5fee-312c-0}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{446e6b3e-412c-0}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{23bd64d2-612c-1}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{13004dcb-512c-1}
2017-02-23 19:18 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{06fb45e1-212c-0}
2017-02-21 18:11 - 2016-09-04 18:09 - 00001435 _____ C:\Users\lukykos\Desktop\ROBLOX Player.lnk
2017-02-21 18:11 - 2016-09-04 18:09 - 00001250 _____ C:\Users\lukykos\Desktop\ROBLOX Studio.lnk
2017-02-21 18:11 - 2016-09-04 18:09 - 00000000 ____D C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-02-19 17:11 - 2016-09-25 06:51 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-19 17:11 - 2016-09-25 06:31 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-18 22:01 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-18 16:15 - 2016-09-25 06:42 - 00000476 _____ C:\WINDOWS\Tasks\SMW_UpdateTask_Time_323238343538353637382d3437415a556c2a3223346c41.job
2017-02-17 17:45 - 2016-12-11 16:45 - 00542760 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-02-10 17:49 - 2016-09-25 06:31 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-10 17:49 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-10 17:49 - 2016-06-15 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-10 17:47 - 2016-09-25 06:30 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-10 17:47 - 2016-09-25 06:30 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-06 14:27 - 2016-06-30 11:12 - 00000000 ____D C:\ProgramData\Skype
2017-01-30 16:28 - 2017-01-01 21:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-30 16:28 - 2016-11-18 21:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-29 09:55 - 2016-06-30 13:04 - 00000000 ____D C:\Users\lukykos\AppData\Roaming\Seznam.cz
==================== Files in the root of some directories =======
2016-11-04 17:57 - 2016-11-04 17:57 - 2924848 _____ () C:\Program Files\Common Files\00idalsa.exe
2016-11-20 19:29 - 2016-11-20 19:29 - 2942100 _____ () C:\Program Files\Common Files\04nspnbe.exe
2016-12-06 13:41 - 2016-12-06 13:41 - 2938894 _____ () C:\Program Files\Common Files\04qwdu25.exe
2016-10-04 16:58 - 2016-10-04 16:58 - 2944529 _____ () C:\Program Files\Common Files\05oefwsf.exe
2016-10-27 16:57 - 2016-10-27 16:57 - 2921590 _____ () C:\Program Files\Common Files\0eg00edc.exe
2016-10-02 16:57 - 2016-10-02 16:57 - 2954707 _____ () C:\Program Files\Common Files\0en0e3sg.exe
2016-12-29 20:59 - 2016-12-29 20:59 - 3021703 _____ () C:\Program Files\Common Files\0exsbrkr.exe
2016-11-30 15:49 - 2016-11-30 15:49 - 2940140 _____ () C:\Program Files\Common Files\0g1dgsbu.exe
2016-11-26 20:59 - 2016-11-26 20:59 - 2943148 _____ () C:\Program Files\Common Files\0l12ipt1.exe
2016-07-12 19:59 - 2016-07-12 19:59 - 2920467 _____ () C:\Program Files\Common Files\0oorw430.exe
2016-11-23 15:13 - 2016-11-23 15:13 - 2932717 _____ () C:\Program Files\Common Files\0py4bdua.exe
2016-12-22 12:52 - 2016-12-22 12:53 - 3021667 _____ () C:\Program Files\Common Files\0vzqz3ha.exe
2016-10-25 20:00 - 2016-10-25 20:00 - 2915659 _____ () C:\Program Files\Common Files\11hlxcdr.exe
2016-11-13 17:57 - 2016-11-13 17:57 - 2934450 _____ () C:\Program Files\Common Files\1513ml3w.exe
2016-07-08 16:57 - 2016-07-08 16:57 - 2782549 _____ () C:\Program Files\Common Files\1ddqp54b.exe
2016-11-25 19:38 - 2016-11-25 19:38 - 2943148 _____ () C:\Program Files\Common Files\1hmb0u3j.exe
2016-11-01 13:11 - 2016-11-01 13:11 - 2950363 _____ () C:\Program Files\Common Files\1kqprawj.exe
2016-12-11 15:28 - 2016-12-11 15:28 - 2935391 _____ () C:\Program Files\Common Files\1zrqceuc.exe
2017-01-01 20:59 - 2017-01-01 20:59 - 3021732 _____ () C:\Program Files\Common Files\25rort0e.exe
2016-10-09 18:30 - 2016-10-09 18:30 - 2955293 _____ () C:\Program Files\Common Files\2cxyqc3s.exe
2016-10-03 17:11 - 2016-10-03 17:11 - 2956230 _____ () C:\Program Files\Common Files\2demmik5.exe
2016-11-25 14:59 - 2016-11-25 14:59 - 2943148 _____ () C:\Program Files\Common Files\2mvyv5jg.exe
2016-11-06 14:55 - 2016-11-06 14:55 - 2945240 _____ () C:\Program Files\Common Files\2nyysd1k.exe
2016-11-04 15:04 - 2016-11-04 15:04 - 2923820 _____ () C:\Program Files\Common Files\2sj4satr.exe
2017-01-06 17:57 - 2017-01-06 17:57 - 2790706 _____ () C:\Program Files\Common Files\34fhjrfl.exe
2016-11-03 20:15 - 2016-11-03 20:15 - 2935835 _____ () C:\Program Files\Common Files\35saldnh.exe
2016-07-18 18:04 - 2016-07-18 18:04 - 2944051 _____ () C:\Program Files\Common Files\3czrm32s.exe
2016-12-04 15:29 - 2016-12-04 15:29 - 2946417 _____ () C:\Program Files\Common Files\3pygfqz2.exe
2016-11-10 19:54 - 2016-11-10 19:54 - 2934450 _____ () C:\Program Files\Common Files\43gtalhj.exe
2016-10-23 16:57 - 2016-10-23 16:57 - 2914405 _____ () C:\Program Files\Common Files\4nmjvmnq.exe
2016-10-31 17:57 - 2016-10-31 17:57 - 2950363 _____ () C:\Program Files\Common Files\4qvpor1y.exe
2016-10-20 16:17 - 2016-10-20 16:17 - 2905522 _____ () C:\Program Files\Common Files\4qxmimad.exe
2016-09-28 19:39 - 2016-09-28 19:39 - 2946944 _____ () C:\Program Files\Common Files\4rt1jhl0.exe
2016-08-06 16:57 - 2016-08-06 16:57 - 2935236 _____ () C:\Program Files\Common Files\51seazmq.exe
2016-10-29 16:57 - 2016-10-29 16:57 - 2921590 _____ () C:\Program Files\Common Files\55kmvsar.exe
2016-12-28 17:57 - 2016-12-28 17:57 - 3021730 _____ () C:\Program Files\Common Files\55wqanx1.exe
2016-07-14 15:08 - 2016-07-14 15:08 - 2932283 _____ () C:\Program Files\Common Files\5a5icbj1.exe
2016-10-10 17:36 - 2016-10-10 17:36 - 2912949 _____ () C:\Program Files\Common Files\5b21lv0u.exe
2017-01-04 15:36 - 2017-01-04 15:36 - 2825117 _____ () C:\Program Files\Common Files\5emoij5s.exe
2016-10-16 18:16 - 2016-10-16 18:16 - 2899580 _____ () C:\Program Files\Common Files\5vbqgvei.exe
2017-01-03 19:33 - 2017-01-03 19:33 - 3021780 _____ () C:\Program Files\Common Files\5xpjcjyy.exe
2016-11-03 20:15 - 2016-11-03 20:15 - 2935835 _____ () C:\Program Files\Common Files\a40qd1hl.exe
2016-07-11 19:59 - 2016-07-11 19:59 - 2782549 _____ () C:\Program Files\Common Files\amnzgeh5.exe
2016-10-03 19:59 - 2016-10-03 19:59 - 2930886 _____ () C:\Program Files\Common Files\bauhbmft.exe
2016-10-22 13:41 - 2016-10-22 13:41 - 2927797 _____ () C:\Program Files\Common Files\beykqiqq.exe
2016-11-11 17:57 - 2016-11-11 17:57 - 2934450 _____ () C:\Program Files\Common Files\bocciwdm.exe
2016-11-07 18:08 - 2016-11-07 18:08 - 2933671 _____ () C:\Program Files\Common Files\c12vnv5o.exe
2016-12-22 12:52 - 2016-12-22 12:53 - 3021667 _____ () C:\Program Files\Common Files\cerubweq.exe
2016-10-26 16:57 - 2016-10-26 16:57 - 2921590 _____ () C:\Program Files\Common Files\cjgiw3p2.exe
2016-12-04 15:29 - 2016-12-04 15:29 - 2946417 _____ () C:\Program Files\Common Files\couiw1uy.exe
2016-08-08 09:09 - 2016-08-08 09:09 - 2938647 _____ () C:\Program Files\Common Files\csuzaoe1.exe
2016-10-22 13:41 - 2016-10-22 13:41 - 2927797 _____ () C:\Program Files\Common Files\cyvuxdtg.exe
2016-12-12 17:57 - 2016-12-12 17:57 - 2932101 _____ () C:\Program Files\Common Files\cz1r2jom.exe
2017-01-10 14:28 - 2017-01-10 14:28 - 2822570 _____ () C:\Program Files\Common Files\d4xuhuyz.exe
2016-10-16 18:16 - 2016-10-16 18:16 - 2899580 _____ () C:\Program Files\Common Files\drczz3tq.exe
2016-12-05 17:30 - 2016-12-05 17:30 - 2953209 _____ () C:\Program Files\Common Files\drm512ed.exe
2017-01-14 09:27 - 2017-01-14 09:27 - 2943656 _____ () C:\Program Files\Common Files\ds1jnbli.exe
2016-12-02 14:26 - 2016-12-02 14:26 - 2929716 _____ () C:\Program Files\Common Files\ebnrmo5w.exe
2017-01-11 14:54 - 2017-01-11 14:54 - 2793393 _____ () C:\Program Files\Common Files\eck1a2a5.exe
2016-07-16 11:21 - 2016-07-16 11:21 - 2939768 _____ () C:\Program Files\Common Files\edpms1kt.exe
2016-11-12 20:59 - 2016-11-12 20:59 - 2934450 _____ () C:\Program Files\Common Files\ehmunlei.exe
2016-10-06 16:22 - 2016-10-06 16:22 - 2930361 _____ () C:\Program Files\Common Files\ei2e3myr.exe
2016-11-21 17:57 - 2016-11-21 17:57 - 2934898 _____ () C:\Program Files\Common Files\elhvr21v.exe
2016-11-08 19:37 - 2016-11-08 19:37 - 2943601 _____ () C:\Program Files\Common Files\erw0x2t4.exe
2016-12-22 20:20 - 2016-12-22 20:20 - 3021753 _____ () C:\Program Files\Common Files\estffh1a.exe
2016-09-29 17:14 - 2016-09-29 17:14 - 2939150 _____ () C:\Program Files\Common Files\eydxk5dx.exe
2016-10-15 13:27 - 2016-10-15 13:27 - 2912360 _____ () C:\Program Files\Common Files\f2hq1oo5.exe
2016-10-30 21:00 - 2016-10-30 21:00 - 2937121 _____ () C:\Program Files\Common Files\faqrpddn.exe
2017-01-07 16:59 - 2017-01-07 16:59 - 2824832 _____ () C:\Program Files\Common Files\fdt4iqyr.exe
2016-12-26 21:06 - 2016-12-26 21:06 - 3021675 _____ () C:\Program Files\Common Files\fl0jptaf.exe
2016-11-23 20:31 - 2016-11-23 20:31 - 2951694 _____ () C:\Program Files\Common Files\fmbzwqv5.exe
2016-12-31 10:15 - 2016-12-31 10:15 - 3021725 _____ () C:\Program Files\Common Files\fq05k4uv.exe
2016-07-18 18:04 - 2016-07-18 18:04 - 2944051 _____ () C:\Program Files\Common Files\fupdol1g.exe
2016-11-15 14:17 - 2016-11-15 14:17 - 2932047 _____ () C:\Program Files\Common Files\fzcpmz2f.exe
2016-12-01 17:57 - 2016-12-01 17:57 - 2948294 _____ () C:\Program Files\Common Files\g2ogkbjk.exe
2016-09-30 19:15 - 2016-09-30 19:15 - 2951025 _____ () C:\Program Files\Common Files\gc0ct2ic.exe
2016-10-15 13:27 - 2016-10-15 13:27 - 2912360 _____ () C:\Program Files\Common Files\ggn1cfcf.exe
2016-12-21 14:54 - 2016-12-21 14:55 - 3021671 _____ () C:\Program Files\Common Files\giz25buw.exe
2016-11-18 19:58 - 2016-11-18 19:58 - 2929738 _____ () C:\Program Files\Common Files\gzu42hjw.exe
2016-10-29 19:59 - 2016-10-29 19:59 - 2921590 _____ () C:\Program Files\Common Files\h3ldt4iw.exe
2016-12-26 21:06 - 2016-12-26 21:06 - 3021675 _____ () C:\Program Files\Common Files\hbufyaxp.exe
2016-11-18 20:59 - 2016-11-18 20:59 - 2933637 _____ () C:\Program Files\Common Files\hokxdgia.exe
2016-10-13 17:15 - 2016-10-13 17:15 - 2905641 _____ () C:\Program Files\Common Files\hp1d0yhk.exe
2016-07-18 19:59 - 2016-07-18 19:59 - 2941163 _____ () C:\Program Files\Common Files\hsdaaor0.exe
2016-10-16 19:59 - 2016-10-16 19:59 - 2918173 _____ () C:\Program Files\Common Files\htu5opdz.exe
2016-10-28 19:59 - 2016-10-28 19:59 - 2921590 _____ () C:\Program Files\Common Files\hx3xvvq0.exe
2017-01-02 19:06 - 2017-01-02 19:06 - 3021787 _____ () C:\Program Files\Common Files\i0xrlyta.exe
2016-11-23 20:59 - 2016-11-23 20:59 - 2929242 _____ () C:\Program Files\Common Files\ibadiuoq.exe
2016-12-22 20:59 - 2016-12-22 20:59 - 3021665 _____ () C:\Program Files\Common Files\iia2bvha.exe
2016-11-14 18:06 - 2016-11-14 18:06 - 2934450 _____ () C:\Program Files\Common Files\inmjytrw.exe
2016-07-08 19:59 - 2016-07-08 19:59 - 2782549 _____ () C:\Program Files\Common Files\invpfu0b.exe
2016-12-10 09:11 - 2016-12-10 09:11 - 2956128 _____ () C:\Program Files\Common Files\ioz0y3vw.exe
2016-10-27 19:59 - 2016-10-27 19:59 - 2921590 _____ () C:\Program Files\Common Files\j0a2lxdk.exe
2016-12-01 16:55 - 2016-12-01 16:55 - 2949285 _____ () C:\Program Files\Common Files\j3avvwpf.exe
2016-11-27 19:37 - 2016-11-27 19:37 - 2946256 _____ () C:\Program Files\Common Files\j3w54hai.exe
2016-07-19 16:57 - 2016-07-19 16:57 - 2921548 _____ () C:\Program Files\Common Files\j5zwfmc5.exe
2016-10-28 16:57 - 2016-10-28 16:57 - 2921590 _____ () C:\Program Files\Common Files\jfdmwnxf.exe
2016-07-09 16:57 - 2016-07-09 16:57 - 2782549 _____ () C:\Program Files\Common Files\jgd5slbd.exe
2016-11-16 15:17 - 2016-11-16 15:17 - 2938944 _____ () C:\Program Files\Common Files\jlskobxi.exe
2016-10-08 17:02 - 2016-10-08 17:02 - 2935036 _____ () C:\Program Files\Common Files\jousgfve.exe
2016-11-26 17:57 - 2016-11-26 17:57 - 2943148 _____ () C:\Program Files\Common Files\jwnsekcc.exe
2016-10-06 16:57 - 2016-10-06 16:57 - 2955516 _____ () C:\Program Files\Common Files\jxdhicfl.exe
2016-07-11 08:22 - 2016-07-11 08:22 - 2782549 _____ () C:\Program Files\Common Files\jzy3jrbp.exe
2016-10-06 16:22 - 2016-10-06 16:22 - 2930361 _____ () C:\Program Files\Common Files\k15yq0dv.exe
2016-11-20 19:28 - 2016-11-20 19:28 - 2942100 _____ () C:\Program Files\Common Files\k2fczvw1.exe
2016-12-27 17:57 - 2016-12-27 17:57 - 3021779 _____ () C:\Program Files\Common Files\kcasrqjk.exe
2016-12-18 18:00 - 2016-12-18 18:00 - 3021114 _____ () C:\Program Files\Common Files\kcmu1hjy.exe
2016-10-22 19:59 - 2016-10-22 19:59 - 2921572 _____ () C:\Program Files\Common Files\kddozdaw.exe
2016-07-10 16:57 - 2016-07-10 16:57 - 2782549 _____ () C:\Program Files\Common Files\kojkkksw.exe
2016-10-20 16:57 - 2016-10-20 16:57 - 2901670 _____ () C:\Program Files\Common Files\kqzavkf1.exe
2016-09-30 11:08 - 2016-09-30 11:08 - 2942067 _____ () C:\Program Files\Common Files\kym0fmv2.exe
2016-07-17 09:20 - 2016-07-17 09:20 - 2920600 _____ () C:\Program Files\Common Files\kzqjbomh.exe
2016-11-04 20:59 - 2016-11-04 20:59 - 2946612 _____ () C:\Program Files\Common Files\lihu4y5m.exe
2016-11-30 15:49 - 2016-11-30 15:49 - 2940140 _____ () C:\Program Files\Common Files\lksgpha4.exe
2017-01-01 17:57 - 2017-01-01 17:57 - 3021732 _____ () C:\Program Files\Common Files\lmkizp1g.exe
2016-12-09 17:59 - 2016-12-09 17:59 - 2956128 _____ () C:\Program Files\Common Files\lnbwitw4.exe
2016-07-05 19:59 - 2016-07-05 19:59 - 2782549 _____ () C:\Program Files\Common Files\loceak34.exe
2016-10-20 16:17 - 2016-10-20 16:17 - 2905522 _____ () C:\Program Files\Common Files\lt2nwekn.exe
2016-07-12 16:57 - 2016-07-12 16:57 - 2938043 _____ () C:\Program Files\Common Files\lteolrn2.exe
2016-10-02 08:32 - 2016-10-02 08:32 - 2951389 _____ () C:\Program Files\Common Files\m5mnqkpb.exe
2016-07-14 19:59 - 2016-07-14 19:59 - 2939331 _____ () C:\Program Files\Common Files\mabb30u2.exe
2016-07-04 19:59 - 2016-07-04 19:59 - 2782549 _____ () C:\Program Files\Common Files\mb3hbxpr.exe
2016-10-09 19:59 - 2016-10-09 19:59 - 2932069 _____ () C:\Program Files\Common Files\mjm1iijh.exe
2016-07-11 16:57 - 2016-07-11 16:57 - 2782549 _____ () C:\Program Files\Common Files\mjyfzx2u.exe
2016-07-14 15:08 - 2016-07-14 15:08 - 2932283 _____ () C:\Program Files\Common Files\mkoe4tkw.exe
2016-12-02 17:57 - 2016-12-02 17:57 - 2951041 _____ () C:\Program Files\Common Files\mxurj5np.exe
2016-09-21 13:52 - 2016-09-21 13:52 - 2919632 _____ () C:\Program Files\Common Files\n0ffhyal.exe
2016-12-02 21:00 - 2016-12-02 21:00 - 2934012 _____ () C:\Program Files\Common Files\n0vc25wh.exe
2016-07-14 16:57 - 2016-07-14 16:57 - 2927864 _____ () C:\Program Files\Common Files\n3wxpty5.exe
2016-07-16 16:57 - 2016-07-16 16:57 - 2936439 _____ () C:\Program Files\Common Files\n41mxg1i.exe
2016-08-08 09:09 - 2016-08-08 09:09 - 2938647 _____ () C:\Program Files\Common Files\n455teom.exe
2016-12-16 17:57 - 2016-12-16 17:57 - 3020737 _____ () C:\Program Files\Common Files\nfwgznb1.exe
2016-10-07 13:42 - 2016-10-07 13:42 - 2929811 _____ () C:\Program Files\Common Files\nigl4eoo.exe
2017-01-09 17:25 - 2017-01-09 17:25 - 2817199 _____ () C:\Program Files\Common Files\nod3lbvs.exe
2016-12-04 17:57 - 2016-12-04 17:57 - 2932227 _____ () C:\Program Files\Common Files\nwdekrup.exe
2016-12-29 19:41 - 2016-12-29 19:41 - 3021696 _____ () C:\Program Files\Common Files\o54eapdx.exe
2016-07-07 18:29 - 2016-07-07 18:29 - 2782549 _____ () C:\Program Files\Common Files\oayeqwmu.exe
2016-12-15 20:08 - 2016-12-15 20:08 - 3020700 _____ () C:\Program Files\Common Files\ob01ljjm.exe
2016-12-19 15:13 - 2016-12-19 15:13 - 3021071 _____ () C:\Program Files\Common Files\oksocrum.exe
2016-10-17 19:59 - 2016-10-17 19:59 - 2918600 _____ () C:\Program Files\Common Files\ozv1vdjg.exe
2016-11-26 08:59 - 2016-11-26 08:59 - 2943148 _____ () C:\Program Files\Common Files\p1fvv3db.exe
2016-12-11 17:57 - 2016-12-11 17:57 - 2931631 _____ () C:\Program Files\Common Files\p3ojh45m.exe
2016-11-14 18:06 - 2016-11-14 18:06 - 2934450 _____ () C:\Program Files\Common Files\palguvvs.exe
2016-12-28 20:59 - 2016-12-28 20:59 - 3021716 _____ () C:\Program Files\Common Files\pcd2ombm.exe
2016-10-18 16:57 - 2016-10-18 16:57 - 2922291 _____ () C:\Program Files\Common Files\pjii3qxu.exe
2016-11-20 20:59 - 2016-11-20 20:59 - 2933300 _____ () C:\Program Files\Common Files\pmmuqhgv.exe
2016-07-09 19:59 - 2016-07-09 19:59 - 2782549 _____ () C:\Program Files\Common Files\q2a3gd0a.exe
2016-11-08 14:25 - 2016-11-08 14:25 - 2940624 _____ () C:\Program Files\Common Files\qbgroqgg.exe
2016-09-28 19:39 - 2016-09-28 19:39 - 2946944 _____ () C:\Program Files\Common Files\qfpr1zwt.exe
2016-08-17 19:13 - 2016-08-17 19:13 - 2946352 _____ () C:\Program Files\Common Files\qh4urva5.exe
2016-11-11 17:35 - 2016-11-11 17:35 - 2934450 _____ () C:\Program Files\Common Files\qqcyi2gx.exe
2016-12-18 18:00 - 2016-12-18 18:00 - 3021114 _____ () C:\Program Files\Common Files\qqxofseg.exe
2016-11-12 15:55 - 2016-11-12 15:55 - 2934450 _____ () C:\Program Files\Common Files\r0ftsvbl.exe
2016-12-17 13:19 - 2016-12-17 13:19 - 3020680 _____ () C:\Program Files\Common Files\r2olm24z.exe
2017-01-14 09:27 - 2017-01-14 09:27 - 2943656 _____ () C:\Program Files\Common Files\r4q5mbqc.exe
2017-01-09 17:57 - 2017-01-09 17:57 - 2820549 _____ () C:\Program Files\Common Files\r5g0io0g.exe
2016-10-21 13:19 - 2016-10-21 13:19 - 2927316 _____ () C:\Program Files\Common Files\r5olko2w.exe
2016-07-03 19:59 - 2016-07-03 19:59 - 2782549 _____ () C:\Program Files\Common Files\ri5x4fgk.exe
2017-01-05 15:45 - 2017-01-05 15:45 - 2821184 _____ () C:\Program Files\Common Files\rif5o2jt.exe
2016-12-19 17:57 - 2016-12-19 17:57 - 3021770 _____ () C:\Program Files\Common Files\rxqpuygp.exe
2016-12-27 20:59 - 2016-12-27 20:59 - 3021724 _____ () C:\Program Files\Common Files\s5wtazjc.exe
2016-11-19 17:57 - 2016-11-19 17:57 - 2945069 _____ () C:\Program Files\Common Files\sl2d3zpl.exe
2017-01-03 14:44 - 2017-01-03 14:44 - 3021709 _____ () C:\Program Files\Common Files\smxueyuc.exe
2016-10-25 12:12 - 2016-10-25 12:13 - 2903248 _____ () C:\Program Files\Common Files\sycms1br.exe
2016-07-06 19:59 - 2016-07-06 19:59 - 2782549 _____ () C:\Program Files\Common Files\t0n5ss3c.exe
2016-07-05 19:58 - 2016-07-05 19:58 - 2782549 _____ () C:\Program Files\Common Files\tje4ytpi.exe
2016-12-15 20:08 - 2016-12-15 20:08 - 3020700 _____ () C:\Program Files\Common Files\tnwtjvk2.exe
2017-01-01 14:00 - 2017-01-01 14:00 - 3021732 _____ () C:\Program Files\Common Files\tqfs03wv.exe
2016-12-21 14:54 - 2016-12-21 14:55 - 3021671 _____ () C:\Program Files\Common Files\tvs414ga.exe
2016-12-05 17:57 - 2016-12-05 17:57 - 2927990 _____ () C:\Program Files\Common Files\twe11t2e.exe
2016-10-17 16:57 - 2016-10-17 16:57 - 2925323 _____ () C:\Program Files\Common Files\tyi1nqr2.exe
2016-07-15 16:57 - 2016-07-15 16:57 - 2942508 _____ () C:\Program Files\Common Files\u5dy0prb.exe
2016-12-11 15:28 - 2016-12-11 15:28 - 2935391 _____ () C:\Program Files\Common Files\udhysuxk.exe
2016-11-06 17:57 - 2016-11-06 17:57 - 2938085 _____ () C:\Program Files\Common Files\ugxhryqz.exe
2016-11-06 14:55 - 2016-11-06 14:55 - 2945240 _____ () C:\Program Files\Common Files\uuozoc05.exe
2016-10-25 16:57 - 2016-10-25 16:57 - 2904199 _____ () C:\Program Files\Common Files\uxbuzdja.exe
2016-11-16 15:17 - 2016-11-16 15:17 - 2938944 _____ () C:\Program Files\Common Files\uxsh02ar.exe
2016-09-28 20:01 - 2016-09-28 20:01 - 2943114 _____ () C:\Program Files\Common Files\v4aqxnwd.exe
2016-12-20 14:10 - 2016-12-20 14:10 - 3021670 _____ () C:\Program Files\Common Files\vk0wkvcr.exe
2016-12-31 10:15 - 2016-12-31 10:15 - 3021725 _____ () C:\Program Files\Common Files\vlxzsivq.exe
2016-11-07 18:08 - 2016-11-07 18:08 - 2933671 _____ () C:\Program Files\Common Files\vs0zp3ks.exe
2016-11-23 15:14 - 2016-11-23 15:14 - 2932717 _____ () C:\Program Files\Common Files\vtuzsmei.exe
2016-10-08 19:59 - 2016-10-08 19:59 - 2927877 _____ () C:\Program Files\Common Files\vwjjrjvt.exe
2016-11-24 19:54 - 2016-11-24 19:54 - 2943148 _____ () C:\Program Files\Common Files\w4yo24kb.exe
2016-10-22 16:57 - 2016-10-22 16:57 - 2918021 _____ () C:\Program Files\Common Files\wdadnedb.exe
2016-11-18 19:58 - 2016-11-18 19:58 - 2929738 _____ () C:\Program Files\Common Files\wf51afsz.exe
2016-12-12 15:14 - 2016-12-12 15:14 - 2935878 _____ () C:\Program Files\Common Files\wknlgrk1.exe
2017-01-07 17:57 - 2017-01-07 17:57 - 2793669 _____ () C:\Program Files\Common Files\wphttjzc.exe
2016-10-11 14:07 - 2016-10-11 14:07 - 2908906 _____ () C:\Program Files\Common Files\wrdyohnj.exe
2016-07-04 16:57 - 2016-07-04 16:57 - 2782549 _____ () C:\Program Files\Common Files\wwvmuezm.exe
2016-10-02 08:32 - 2016-10-02 08:32 - 2951389 _____ () C:\Program Files\Common Files\x0riyolp.exe
2016-09-30 19:59 - 2016-09-30 19:59 - 2928684 _____ () C:\Program Files\Common Files\xcp5ic0i.exe
2017-01-07 20:59 - 2017-01-07 20:59 - 2824183 _____ () C:\Program Files\Common Files\xcr1h0jy.exe
2016-11-10 19:54 - 2016-11-10 19:54 - 2934450 _____ () C:\Program Files\Common Files\xjczwvpu.exe
2017-01-01 14:00 - 2017-01-01 14:00 - 3021732 _____ () C:\Program Files\Common Files\xliupj2u.exe
2016-10-30 17:57 - 2016-10-30 17:57 - 2936204 _____ () C:\Program Files\Common Files\xuw3hhm2.exe
2016-10-08 17:02 - 2016-10-08 17:02 - 2935036 _____ () C:\Program Files\Common Files\xxyaq1ht.exe
2016-07-07 19:59 - 2016-07-07 19:59 - 2782549 _____ () C:\Program Files\Common Files\y3l0nk3r.exe
2016-10-03 17:11 - 2016-10-03 17:11 - 2956230 _____ () C:\Program Files\Common Files\yd0rt05x.exe
2016-10-15 17:18 - 2016-10-15 17:18 - 2907559 _____ () C:\Program Files\Common Files\ygm5w2au.exe
2016-12-09 15:55 - 2016-12-09 15:55 - 2956128 _____ () C:\Program Files\Common Files\yqsq0cbg.exe
2016-12-15 20:59 - 2016-12-15 20:59 - 3020706 _____ () C:\Program Files\Common Files\yshmwokf.exe
2016-10-13 17:15 - 2016-10-13 17:15 - 2905641 _____ () C:\Program Files\Common Files\z1qbrjtb.exe
2016-12-01 16:55 - 2016-12-01 16:55 - 2949285 _____ () C:\Program Files\Common Files\z4clxxqv.exe
2016-12-09 15:55 - 2016-12-09 15:55 - 2956128 _____ () C:\Program Files\Common Files\zfa2n2yt.exe
2016-11-22 13:54 - 2016-11-22 13:54 - 2927502 _____ () C:\Program Files\Common Files\zhwghrnp.exe
2016-07-06 16:57 - 2016-07-06 16:57 - 2782549 _____ () C:\Program Files\Common Files\zqs102rv.exe
2016-11-12 17:57 - 2016-11-12 17:57 - 2934450 _____ () C:\Program Files\Common Files\zutt2rov.exe
2016-10-25 12:12 - 2016-10-25 12:13 - 2903248 _____ () C:\Program Files\Common Files\zz5r55he.exe
2016-07-03 18:56 - 2016-07-03 18:56 - 6870016 _____ () C:\Users\lukykos\AppData\Roaming\agent.dat
2016-07-03 18:56 - 2016-07-03 18:56 - 2279413 _____ () C:\Users\lukykos\AppData\Roaming\Anplus.bin
2016-07-03 18:56 - 2016-07-03 18:56 - 0054272 _____ () C:\Users\lukykos\AppData\Roaming\ApplicationHosting.dat
2016-07-03 18:56 - 2016-07-03 18:56 - 0069024 _____ () C:\Users\lukykos\AppData\Roaming\Config.xml
2016-07-03 18:56 - 2016-07-03 18:56 - 0692736 _____ () C:\Users\lukykos\AppData\Roaming\Consoft.exe
2016-07-03 18:56 - 2016-07-03 18:56 - 1761214 _____ () C:\Users\lukykos\AppData\Roaming\Consoft.tst
2016-06-28 02:12 - 2016-06-28 02:12 - 0314434 _____ () C:\Users\lukykos\AppData\Roaming\EYapp.apk
2016-07-03 18:56 - 2016-07-03 18:56 - 0692736 _____ () C:\Users\lukykos\AppData\Roaming\Good-Hold.exe
2016-07-03 18:56 - 2016-07-03 18:56 - 0072704 _____ () C:\Users\lukykos\AppData\Roaming\Good-Hold.tst
2016-07-03 18:56 - 2016-07-03 18:56 - 0019584 _____ () C:\Users\lukykos\AppData\Roaming\InstallationConfiguration.xml
2016-07-03 18:56 - 2016-07-03 18:56 - 0128512 _____ () C:\Users\lukykos\AppData\Roaming\Installer.dat
2016-07-03 18:56 - 2016-07-03 18:56 - 0126464 _____ () C:\Users\lukykos\AppData\Roaming\lobby.dat
2016-07-03 18:56 - 2016-07-03 18:56 - 0018432 _____ () C:\Users\lukykos\AppData\Roaming\Main.dat
2016-07-03 18:56 - 2016-07-03 18:56 - 0005568 _____ () C:\Users\lukykos\AppData\Roaming\md.xml
2016-07-03 18:56 - 2016-07-03 18:56 - 0126464 _____ () C:\Users\lukykos\AppData\Roaming\noah.dat
2016-07-15 14:11 - 2016-07-15 14:56 - 7616340 _____ () C:\Users\lukykos\AppData\Roaming\setup.apk
2016-07-03 18:57 - 2016-07-03 18:57 - 0001150 _____ () C:\Users\lukykos\AppData\Roaming\uninstall_temp.ico
2016-07-15 14:11 - 2016-07-15 14:56 - 0732869 _____ () C:\Users\lukykos\AppData\Roaming\xdo.zip
2016-07-03 18:56 - 2016-07-03 18:56 - 0189635 _____ () C:\Users\lukykos\AppData\Roaming\Y-phase.bin
2016-07-03 18:56 - 2016-07-03 18:56 - 0848437 _____ () C:\Users\lukykos\AppData\Roaming\Zonegoit.bin
2016-08-04 13:39 - 2016-08-04 13:39 - 0000000 ___SH () C:\Users\lukykos\AppData\Local\LumaEmu
2016-07-03 18:57 - 2016-07-03 18:57 - 0041472 _____ () C:\Users\lukykos\AppData\Local\statstrip.dat
2016-07-03 18:57 - 2016-07-03 18:57 - 0000187 _____ () C:\Users\lukykos\AppData\Local\statstrip.exe.config
2016-07-16 11:18 - 2016-07-16 11:18 - 0512000 _____ () C:\ProgramData\smp2.exe
Files to move or delete:
====================
C:\ProgramData\smp2.exe
Some files in TEMP:
====================
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\103322779.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\110708445.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\119984832.t.exe
2017-01-22 19:22 - 2017-01-22 19:22 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\133089149.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\1912568.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\21876516.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\27543046.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\29083994.t.exe
2017-02-23 19:18 - 2017-02-23 19:18 - 1433088 _____ () C:\Users\lukykos\AppData\Local\Temp\29837922.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\34111101.t.exe
2017-02-23 19:18 - 2017-02-23 19:18 - 1433088 _____ () C:\Users\lukykos\AppData\Local\Temp\43152943.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\45483728.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\46522839.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\47682761.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\48985246.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\4931755.t.exe
2017-01-22 19:22 - 2017-01-22 19:22 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\49925678.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\50814912.t.exe
2017-01-22 19:22 - 2017-01-22 19:22 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\53068435.t.exe
2017-02-23 19:18 - 2017-02-23 19:18 - 1433088 _____ () C:\Users\lukykos\AppData\Local\Temp\55446261.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\55962992.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\57536350.t.exe
2017-02-23 19:18 - 2017-02-23 19:18 - 1433088 _____ () C:\Users\lukykos\AppData\Local\Temp\61051531.t.exe
2016-10-01 08:28 - 2016-10-01 08:28 - 1184256 _____ () C:\Users\lukykos\AppData\Local\Temp\61392092.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\63336490.t.exe
2017-02-23 19:18 - 2017-02-23 19:18 - 1433088 _____ () C:\Users\lukykos\AppData\Local\Temp\67203703.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\83655997.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\84898033.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\87793770.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\91546016.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\91738252.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\98522940.t.exe
2016-10-04 16:45 - 2016-08-03 05:28 - 0962072 _____ (BlueStack Systems, Inc.) C:\Users\lukykos\AppData\Local\Temp\BluestacksUninstaller.exe
2016-12-04 19:32 - 2016-12-04 19:51 - 0208896 _____ (Sony DADC Austria AG) C:\Users\lukykos\AppData\Local\Temp\drm_dyndata_7370012.dll
2016-10-04 16:45 - 2016-08-03 05:27 - 0187416 _____ (BlueStack Systems) C:\Users\lukykos\AppData\Local\Temp\HD-LibraryHandler.dll
2016-10-04 16:45 - 2016-08-03 05:25 - 0246808 _____ (BlueStack Systems) C:\Users\lukykos\AppData\Local\Temp\HD-Logger-Native.dll
2016-12-25 17:36 - 2016-12-25 17:36 - 7349520 _____ () C:\Users\lukykos\AppData\Local\Temp\~E49E.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
ShortcutWithArgument: C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=1508&aff_id=1034&source=3&click_id=c658950df00f975f1e1e43269e9571343154bca8 --app-window-size=1440,900
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\SMW_UpdateTask_Time_323238343538353637382d3437415a556c2a3223346c41.job => Wscript.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\lukykos\Desktop" je 19451 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vyskakují reklamy,nezůstává domovská stránka
Teď spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vyskakují reklamy,nezůstává domovská stránka
# AdwCleaner v6.044 - Log vytvořen 07/03/2017 v 17:09:21
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-07.1 [Místní]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : lukykos - DESKTOP-98BA3HQ
# Spuštěno z : C:\Users\lukykos\Desktop\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služba smazána: ocep
***** [ Složky ] *****
[-] Složka smazána: C:\Users\lukykos\AppData\Roaming\eCyber
[-] Složka smazána: C:\Users\lukykos\AppData\Roaming\TSv
[-] Složka smazána: C:\Users\lukykos\AppData\Roaming\qksee
[-] Složka smazána: C:\Users\lukykos\AppData\Roaming\WinZiper
[-] Složka smazána: C:\Users\lukykos\AppData\Roaming\UPUpdata
[-] Složka smazána: C:\Users\lukykos\AppData\Roaming\MCorp
[-] Složka smazána: C:\Users\lukykos\AppData\Roaming\Kuaizip
[-] Složka smazána: C:\Users\lukykos\AppData\Roaming\Softlink
[-] Složka smazána: C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器
[-] Složka smazána: C:\Program Files\ziptool
[#] Složka smazána po restartu: C:\Program Files\ZipTool
[-] Složka smazána: C:\Program Files\Common Files\Noobzo
[-] Složka smazána: C:\ProgramData\SearchModule
[-] Složka smazána: C:\ProgramData\CloudPrinter
[-] Složka smazána: C:\ProgramData\Ronzap
[-] Složka smazána: C:\ProgramData\Airtostrong
[-] Složka smazána: C:\ProgramData\xifss
[-] Složka smazána: C:\ProgramData\Ronzaps
[-] Složka smazána: C:\ProgramData\Airtostrongs
[-] Složka smazána: C:\ProgramData\oceps
[-] Složka smazána: C:\ProgramData\ocep
[-] Složka smazána: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
[-] Složka smazána: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Compress
[-] Složka smazána: C:\Program Files (x86)\MPC Cleaner
[-] Složka smazána: C:\Program Files (x86)\OLBPre
[-] Složka smazána: C:\Program Files (x86)\WeatherChickn
[-] Složka smazána: C:\Program Files (x86)\badu
[-] Složka smazána: C:\Program Files (x86)\ContentPush
[-] Složka smazána: C:\Program Files (x86)\TXQQBrowser
[-] Složka smazána: C:\Program Files (x86)\USBBoxLite
[#] Složka smazána po restartu: C:\Program Files (x86)\usbboxlite
[-] Složka smazána: C:\Program Files (x86)\GreatMaker
[-] Složka smazána: C:\Users\lukykos\AppData\Local\app
[#] Složka smazána po restartu: C:\Users\lukykos\AppData\Roaming\MCorp
***** [ Soubory ] *****
[-] Soubor smazán: C:\Users\lukykos\AppData\Roaming\xdo.zip
[-] Soubor smazán: C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[-] Soubor smazán: C:\WINDOWS\SysNative\bi3.exe
[-] Soubor smazán: C:\ProgramData\smp2.exe
[#] Soubor smazán: C:\ProgramData\smp2.exe
[-] Soubor smazán: C:\WINDOWS\SysWoW64\findit.xml
[-] Soubor smazán: C:\WINDOWS\rsrcs.dll
[-] Soubor smazán: C:\Users\lukykos\AppData\Roaming\md.xml
[-] Soubor smazán: C:\Users\lukykos\AppData\Roaming\Config.xml
[-] Soubor smazán: C:\Users\lukykos\AppData\Roaming\noah.dat
[-] Soubor smazán: C:\Users\lukykos\AppData\Roaming\Installer.dat
[-] Soubor smazán: C:\Users\lukykos\AppData\Roaming\InstallationConfiguration.xml
[-] Soubor smazán: C:\Users\lukykos\AppData\Roaming\Main.dat
[-] Soubor smazán: C:\Users\lukykos\AppData\Roaming\agent.dat
[-] Soubor smazán: C:\Users\lukykos\AppData\Roaming\uninstall_temp.ico
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
[-] Úloha smazána: Browser Updater Task(Core)
[-] Úloha smazána: LaunchPreSignup
[-] Úloha smazána: IBUpd2
[-] Úloha smazána: Browser Updater Task(Core)
[-] Úloha smazána: SMW_P
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.001
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.7z
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.arj
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.bz2
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.bzip2
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.cab
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.cpio
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.deb
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.dmg
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.fat
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.gz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.gzip
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.hfs
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.iso
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.lha
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.lzh
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.lzma
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.ntfs
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.rar
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.rpm
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.squashfs
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.swm
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.tar
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.taz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.tbz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.tbz2
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.tgz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.tpz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.txz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.vhd
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.wim
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.xar
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.xz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.z
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.zip
[-] Klíč smazán: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[#] Klíč smazán po restartu: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[-] Klíč smazán: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Application Hosting
[#] Klíč smazán po restartu: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Application Hosting
[-] Klíč smazán: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[#] Klíč smazán po restartu: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\SOFTWARE\Classes\CLSID\{03AE1B7B-A9E7-4D5A-9D34-89999C31B659}
[-] Klíč smazán: HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Klíč smazán: HKU\.DEFAULT\Software\xvb`lj
[-] Klíč smazán: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\PRODUCTSETUP
[-] Klíč smazán: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\System Healer
[-] Klíč smazán: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\csastats
[-] Klíč smazán: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\INSTALLPATH\STATUS
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\xvb`lj
[#] Klíč smazán po restartu: HKCU\Software\PRODUCTSETUP
[#] Klíč smazán po restartu: HKCU\Software\System Healer
[#] Klíč smazán po restartu: HKCU\Software\csastats
[#] Klíč smazán po restartu: HKCU\Software\INSTALLPATH\STATUS
[-] Klíč smazán: HKLM\SOFTWARE\BrowserAir
[-] Klíč smazán: HKLM\SOFTWARE\hdcode
[-] Klíč smazán: HKLM\SOFTWARE\SearchModule
[-] Klíč smazán: HKLM\SOFTWARE\qkseeSvc
[-] Klíč smazán: HKLM\SOFTWARE\qksee
[-] Klíč smazán: HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Klíč smazán: HKLM\SOFTWARE\mtRonzap
[-] Klíč smazán: HKLM\SOFTWARE\mtAirtostrong
[-] Klíč smazán: HKLM\SOFTWARE\mtxifs
[-] Klíč smazán: HKLM\SOFTWARE\youndooSoftware
[-] Klíč smazán: HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Klíč smazán: HKLM\SOFTWARE\mtocep
[-] Klíč smazán: HKLM\SOFTWARE\WinZiper
[-] Klíč smazán: HKLM\SOFTWARE\xvb`lj
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[#] Klíč smazán po restartu: [x64] HKCU\Software\PRODUCTSETUP
[#] Klíč smazán po restartu: [x64] HKCU\Software\System Healer
[#] Klíč smazán po restartu: [x64] HKCU\Software\csastats
[#] Klíč smazán po restartu: [x64] HKCU\Software\INSTALLPATH\STATUS
[-] Klíč smazán: [x64] HKLM\SOFTWARE\SearchModule
[-] Klíč smazán: [x64] HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\xvb`lj
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OLBPre
[-] Data obnovena: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Data obnovena: [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Data obnovena: HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{268870a5-d72e-46ad-8646-40f514dcefd0} [NameServer]
[-] Data obnovena: HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{a4d891ec-b6ae-476b-9915-a8a0e537697b} [NameServer]
[-] Data obnovena: [x64] HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{268870a5-d72e-46ad-8646-40f514dcefd0} [NameServer]
[-] Data obnovena: [x64] HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{a4d891ec-b6ae-476b-9915-a8a0e537697b} [NameServer]
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Internet Explorer\SEARCHSCOPES\IELNKSRCH
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\smu.exe
[-] Klíč smazán: HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
[-] Klíč smazán: HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[-] Hodnota smazána: HKCU\Environment [SNF]
[-] Hodnota smazána: HKCU\Environment [SNP]
[-] Klíč smazán: HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klíč smazán: HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klíč smazán: HKLM\SYSTEM\CurrentControlSet\Control\Class\{0C95ABFE-4FB6-49DB-B22F-0E1F5FC4BEEC}
[-] Klíč smazán: HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEEFACB3-729F-4484-B66D-E7A7917BBFC1}
[#] Klíč smazán po restartu: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting
[-] Klíč smazán: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RONZAP.EXE
[-] Klíč smazán: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AIRTOSTRONG.EXE
[-] Klíč smazán: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\XIFS.EXE
[#] Klíč smazán po restartu: HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SilentProcessExit\ocep.exe
[#] Klíč smazán po restartu: HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[#] Klíč smazán po restartu: HKCU\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [11607 Bajty] - [07/03/2017 17:09:21]
C:\AdwCleaner\AdwCleaner[S0].txt - [18051 Bajty] - [07/03/2017 14:33:55]
C:\AdwCleaner\AdwCleaner[S1].txt - [11462 Bajty] - [07/03/2017 17:07:08]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [11829 Bajty] ##########
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-07.1 [Místní]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : lukykos - DESKTOP-98BA3HQ
# Spuštěno z : C:\Users\lukykos\Desktop\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služba smazána: ocep
***** [ Složky ] *****
[-] Složka smazána: C:\Users\lukykos\AppData\Roaming\eCyber
[-] Složka smazána: C:\Users\lukykos\AppData\Roaming\TSv
[-] Složka smazána: C:\Users\lukykos\AppData\Roaming\qksee
[-] Složka smazána: C:\Users\lukykos\AppData\Roaming\WinZiper
[-] Složka smazána: C:\Users\lukykos\AppData\Roaming\UPUpdata
[-] Složka smazána: C:\Users\lukykos\AppData\Roaming\MCorp
[-] Složka smazána: C:\Users\lukykos\AppData\Roaming\Kuaizip
[-] Složka smazána: C:\Users\lukykos\AppData\Roaming\Softlink
[-] Složka smazána: C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器
[-] Složka smazána: C:\Program Files\ziptool
[#] Složka smazána po restartu: C:\Program Files\ZipTool
[-] Složka smazána: C:\Program Files\Common Files\Noobzo
[-] Složka smazána: C:\ProgramData\SearchModule
[-] Složka smazána: C:\ProgramData\CloudPrinter
[-] Složka smazána: C:\ProgramData\Ronzap
[-] Složka smazána: C:\ProgramData\Airtostrong
[-] Složka smazána: C:\ProgramData\xifss
[-] Složka smazána: C:\ProgramData\Ronzaps
[-] Složka smazána: C:\ProgramData\Airtostrongs
[-] Složka smazána: C:\ProgramData\oceps
[-] Složka smazána: C:\ProgramData\ocep
[-] Složka smazána: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
[-] Složka smazána: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Compress
[-] Složka smazána: C:\Program Files (x86)\MPC Cleaner
[-] Složka smazána: C:\Program Files (x86)\OLBPre
[-] Složka smazána: C:\Program Files (x86)\WeatherChickn
[-] Složka smazána: C:\Program Files (x86)\badu
[-] Složka smazána: C:\Program Files (x86)\ContentPush
[-] Složka smazána: C:\Program Files (x86)\TXQQBrowser
[-] Složka smazána: C:\Program Files (x86)\USBBoxLite
[#] Složka smazána po restartu: C:\Program Files (x86)\usbboxlite
[-] Složka smazána: C:\Program Files (x86)\GreatMaker
[-] Složka smazána: C:\Users\lukykos\AppData\Local\app
[#] Složka smazána po restartu: C:\Users\lukykos\AppData\Roaming\MCorp
***** [ Soubory ] *****
[-] Soubor smazán: C:\Users\lukykos\AppData\Roaming\xdo.zip
[-] Soubor smazán: C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[-] Soubor smazán: C:\WINDOWS\SysNative\bi3.exe
[-] Soubor smazán: C:\ProgramData\smp2.exe
[#] Soubor smazán: C:\ProgramData\smp2.exe
[-] Soubor smazán: C:\WINDOWS\SysWoW64\findit.xml
[-] Soubor smazán: C:\WINDOWS\rsrcs.dll
[-] Soubor smazán: C:\Users\lukykos\AppData\Roaming\md.xml
[-] Soubor smazán: C:\Users\lukykos\AppData\Roaming\Config.xml
[-] Soubor smazán: C:\Users\lukykos\AppData\Roaming\noah.dat
[-] Soubor smazán: C:\Users\lukykos\AppData\Roaming\Installer.dat
[-] Soubor smazán: C:\Users\lukykos\AppData\Roaming\InstallationConfiguration.xml
[-] Soubor smazán: C:\Users\lukykos\AppData\Roaming\Main.dat
[-] Soubor smazán: C:\Users\lukykos\AppData\Roaming\agent.dat
[-] Soubor smazán: C:\Users\lukykos\AppData\Roaming\uninstall_temp.ico
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
[-] Úloha smazána: Browser Updater Task(Core)
[-] Úloha smazána: LaunchPreSignup
[-] Úloha smazána: IBUpd2
[-] Úloha smazána: Browser Updater Task(Core)
[-] Úloha smazána: SMW_P
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.001
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.7z
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.arj
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.bz2
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.bzip2
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.cab
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.cpio
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.deb
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.dmg
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.fat
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.gz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.gzip
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.hfs
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.iso
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.lha
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.lzh
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.lzma
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.ntfs
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.rar
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.rpm
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.squashfs
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.swm
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.tar
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.taz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.tbz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.tbz2
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.tgz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.tpz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.txz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.vhd
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.wim
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.xar
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.xz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.z
[-] Klíč smazán: HKLM\SOFTWARE\Classes\WinZippers.zip
[-] Klíč smazán: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[#] Klíč smazán po restartu: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[-] Klíč smazán: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Application Hosting
[#] Klíč smazán po restartu: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Application Hosting
[-] Klíč smazán: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[#] Klíč smazán po restartu: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\SOFTWARE\Classes\CLSID\{03AE1B7B-A9E7-4D5A-9D34-89999C31B659}
[-] Klíč smazán: HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Klíč smazán: HKU\.DEFAULT\Software\xvb`lj
[-] Klíč smazán: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\PRODUCTSETUP
[-] Klíč smazán: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\System Healer
[-] Klíč smazán: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\csastats
[-] Klíč smazán: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\INSTALLPATH\STATUS
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\xvb`lj
[#] Klíč smazán po restartu: HKCU\Software\PRODUCTSETUP
[#] Klíč smazán po restartu: HKCU\Software\System Healer
[#] Klíč smazán po restartu: HKCU\Software\csastats
[#] Klíč smazán po restartu: HKCU\Software\INSTALLPATH\STATUS
[-] Klíč smazán: HKLM\SOFTWARE\BrowserAir
[-] Klíč smazán: HKLM\SOFTWARE\hdcode
[-] Klíč smazán: HKLM\SOFTWARE\SearchModule
[-] Klíč smazán: HKLM\SOFTWARE\qkseeSvc
[-] Klíč smazán: HKLM\SOFTWARE\qksee
[-] Klíč smazán: HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Klíč smazán: HKLM\SOFTWARE\mtRonzap
[-] Klíč smazán: HKLM\SOFTWARE\mtAirtostrong
[-] Klíč smazán: HKLM\SOFTWARE\mtxifs
[-] Klíč smazán: HKLM\SOFTWARE\youndooSoftware
[-] Klíč smazán: HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Klíč smazán: HKLM\SOFTWARE\mtocep
[-] Klíč smazán: HKLM\SOFTWARE\WinZiper
[-] Klíč smazán: HKLM\SOFTWARE\xvb`lj
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[#] Klíč smazán po restartu: [x64] HKCU\Software\PRODUCTSETUP
[#] Klíč smazán po restartu: [x64] HKCU\Software\System Healer
[#] Klíč smazán po restartu: [x64] HKCU\Software\csastats
[#] Klíč smazán po restartu: [x64] HKCU\Software\INSTALLPATH\STATUS
[-] Klíč smazán: [x64] HKLM\SOFTWARE\SearchModule
[-] Klíč smazán: [x64] HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\xvb`lj
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OLBPre
[-] Data obnovena: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Data obnovena: [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Data obnovena: HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{268870a5-d72e-46ad-8646-40f514dcefd0} [NameServer]
[-] Data obnovena: HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{a4d891ec-b6ae-476b-9915-a8a0e537697b} [NameServer]
[-] Data obnovena: [x64] HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{268870a5-d72e-46ad-8646-40f514dcefd0} [NameServer]
[-] Data obnovena: [x64] HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{a4d891ec-b6ae-476b-9915-a8a0e537697b} [NameServer]
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Internet Explorer\SEARCHSCOPES\IELNKSRCH
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\smu.exe
[-] Klíč smazán: HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
[-] Klíč smazán: HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[-] Hodnota smazána: HKCU\Environment [SNF]
[-] Hodnota smazána: HKCU\Environment [SNP]
[-] Klíč smazán: HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klíč smazán: HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klíč smazán: HKLM\SYSTEM\CurrentControlSet\Control\Class\{0C95ABFE-4FB6-49DB-B22F-0E1F5FC4BEEC}
[-] Klíč smazán: HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEEFACB3-729F-4484-B66D-E7A7917BBFC1}
[#] Klíč smazán po restartu: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting
[-] Klíč smazán: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RONZAP.EXE
[-] Klíč smazán: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AIRTOSTRONG.EXE
[-] Klíč smazán: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\XIFS.EXE
[#] Klíč smazán po restartu: HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SilentProcessExit\ocep.exe
[#] Klíč smazán po restartu: HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[#] Klíč smazán po restartu: HKCU\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [11607 Bajty] - [07/03/2017 17:09:21]
C:\AdwCleaner\AdwCleaner[S0].txt - [18051 Bajty] - [07/03/2017 14:33:55]
C:\AdwCleaner\AdwCleaner[S1].txt - [11462 Bajty] - [07/03/2017 17:07:08]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [11829 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vyskakují reklamy,nezůstává domovská stránka
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vyskakují reklamy,nezůstává domovská stránka
Loaded Profiles: lukykos (Available Profiles: lukykos)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files\BitTorrent\BitTorrent.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-11-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-25] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [270336 2013-04-09] ()
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5883912 2017-03-02] (LogMeIn Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\lukykos\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\lukykos\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [Akamai NetSession Interface] => C:\Users\lukykos\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-03-09] (Valve Corporation)
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545056 2017-02-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\RunOnce: [Uninstall C:\Users\lukykos\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\lukykos\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellExecuteHooks: No Name - {6710C780-E20E-4C49-A87D-321850ED3D7C} - -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-07-11]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2017-02-23]
ShortcutTarget: Curse.lnk -> C:\Users\lukykos\AppData\Roaming\Curse Client\Bin\Curse.exe (No File)
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{268870a5-d72e-46ad-8646-40f514dcefd0}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{a4d891ec-b6ae-476b-9915-a8a0e537697b}: [DhcpNameServer] 82.163.143.157
Internet Explorer:
==================
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hXJxhvOlVRNKH9N5AP-Ck-DKz4chcM0RNwUEYAiUIKDS2wgKOmoZ-PqcYIaT-hR4r6k2bHNn5s,&q={searchTerms}
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQ0NfCDSlzGblGQ1kgbwEZCDXtA2bA5S7Mwywp45uWVNa241Ymowj-24U1Aq8EdVg7xPemPDAGkGt3vsilaiAY72fPrKT7M,
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001 -> {46DAFD89-E4E4-4037-5507-D2F982BAF333} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-TqszdEi2xwXHjQ6yX-e7dGBZMOnOdf5apBcbX5hcmn8RaIYm_MFJXWe2Dz8hT1gSp0UR61lY3DsH0drHm1_Ht3sAi5-Ubs9xuGyEZUG80xW12jWVVolZ6nB8NjLfGwfhniVnQu2pswHOFGT-FaM2V98fhWHwk6&q={searchTerms}
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-06-28] (Intel Security)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-18] (Oracle Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-06-28] (Intel Security)
FireFox:
========
FF DefaultProfile: acezlehe.default-1470335100542
FF ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542 [2017-03-12]
FF NewTab: Mozilla\Firefox\Profiles\acezlehe.default-1470335100542 -> C:\\ProgramData\\oceps\\ff.NT
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\acezlehe.default-1470335100542 ->
FF Homepage: Mozilla\Firefox\Profiles\acezlehe.default-1470335100542 -> hxxps://www.seznam.cz/
FF Keyword.URL: Mozilla\Firefox\Profiles\acezlehe.default-1470335100542 -> hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=Unknown
FF Extension: (MEGA) - C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542\Extensions\firefox@mega.co.nz.xpi [2017-03-11]
FF Extension: (Seznam lištička) - C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-25]
FF ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144 [2016-12-18]
FF Extension: (Firefox Hotfix) - C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144\Extensions\firefox-hotfix@mozilla.org.xpi [2016-12-18]
FF Extension: (Seznam lištička) - C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-12-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-24] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-24] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-18] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-23] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-2668155180-1392316393-2198943076-1001: @nsroblox.roblox.com/launcher -> C:\Users\lukykos\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2668155180-1392316393-2198943076-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\lukykos\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2668155180-1392316393-2198943076-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\lukykos\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
Chrome:
=======
CHR HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFFk7_hyQrEptAC3t41oi3O9IN2aA4fIN0RlcFHRnacz70_bsjcjDLoc2Hk1NwqVvH0z2BCxckCNMrb7QPXyfKUz_GpDb8,
CHR StartupUrls: Default -> "hxxp://www-searching.com/?pid=s&s=Unknown"
CHR NewTab: Default -> "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=Unknown
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Profile: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default [2017-02-08]
CHR Extension: (Prezentace Google) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-05]
CHR Extension: (Dokumenty Google) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-05]
CHR Extension: (Disk Google) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-05]
CHR Extension: (Torrent Search) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bceciholkmjngdohanojikiiccgnmpdj [2016-07-11]
CHR Extension: (Seznam Lištička - Email) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-02-08]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-02-08]
CHR Extension: (YouTube) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-05]
CHR Extension: (Tabulky Google) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-06]
CHR Extension: (Slither.io Mods, Zoom, Create Skins SLITHERE) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkfpaolkkchfafkhdleklbddpcolkdea [2017-02-08]
CHR Extension: (SlitherX Sidebar Mods & Skins) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpnncaegjbbljnidgkfhgmhnmpiclplp [2017-02-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-08]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-02-08]
CHR Extension: (Gmail) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-05]
CHR Extension: (Chrome Media Router) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 BitTorrent; C:\Program Files\BitTorrent\BitTorrent.exe [383488 2016-07-03] () [File not signed] <==== ATTENTION
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [227104 2016-12-15] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-11-05] (NVIDIA Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3416584 2017-03-02] (LogMeIn Inc.)
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel(R) Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2017-02-27] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.11.266\McCHSvc.exe [235696 2015-12-02] (McAfee, Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-11-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-11-05] (NVIDIA Corporation)
S2 ocep; C:\ProgramData\\ocep\\ocep.exe [1120768 2017-03-07] () [File not signed]
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [905672 2016-06-22] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-06-22] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-06-22] (McAfee, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-06-07] (LogMeIn Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-11-05] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50472 2015-11-05] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 RTL8023x64; C:\WINDOWS\System32\drivers\Rtnic64.sys [51712 2016-07-16] (Realtek Semiconductor Corporation )
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [133064 2016-05-28] (BigNox Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [281544 2016-05-28] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [281544 2016-05-28] (BigNox Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-12 16:34 - 2017-03-12 16:35 - 00019678 _____ C:\Users\lukykos\Desktop\FRST.txt
2017-03-12 16:34 - 2017-03-12 16:34 - 00000000 ____D C:\Users\lukykos\Desktop\FRST-OlderVersion
2017-03-11 08:42 - 2017-03-11 08:42 - 00000000 ____D C:\ProgramData\TrueKey
2017-03-07 20:01 - 2017-03-07 20:01 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-03-07 20:01 - 2017-03-07 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-07 17:22 - 2017-03-07 17:22 - 02211944 _____ (Easeware ) C:\Users\lukykos\Downloads\DriverNavigator_Setup(1).exe
2017-03-07 17:18 - 2017-03-07 17:18 - 02211944 _____ (Easeware ) C:\Users\lukykos\Downloads\DriverNavigator_Setup.exe
2017-03-07 17:12 - 2017-03-07 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-03-07 17:12 - 2017-03-07 17:12 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2017-03-07 17:08 - 2017-03-07 17:08 - 00000000 ____D C:\ProgramData\oceps
2017-03-07 17:08 - 2017-03-07 17:08 - 00000000 ____D C:\ProgramData\ocep
2017-03-07 14:31 - 2017-03-07 17:09 - 00000000 ____D C:\AdwCleaner
2017-03-07 14:30 - 2017-03-07 14:31 - 04031440 _____ C:\Users\lukykos\Desktop\adwcleaner_6.044.exe
2017-03-04 18:17 - 2017-03-04 18:17 - 00000219 _____ C:\Users\lukykos\Desktop\Team Fortress 2.url
2017-02-28 14:04 - 2017-02-28 14:05 - 00000000 ____D C:\FRST
2017-02-28 14:02 - 2017-02-28 14:02 - 00112640 _____ (forum.viry.cz) C:\Users\lukykos\Downloads\FRSTLauncher.exe
2017-02-28 14:00 - 2017-03-12 16:34 - 02424832 _____ (Farbar) C:\Users\lukykos\Desktop\FRST64.exe
2017-02-27 16:11 - 2017-02-27 16:11 - 04734784 _____ () C:\Users\lukykos\Downloads\TechnicLauncher.exe
2017-02-26 16:29 - 2017-02-26 16:29 - 00000000 ____D C:\rsit
2017-02-26 16:29 - 2017-02-26 16:29 - 00000000 ____D C:\Program Files\trend micro
2017-02-26 16:27 - 2017-02-26 16:28 - 01324032 _____ C:\Users\lukykos\Downloads\RSITx64.exe
2017-02-23 21:05 - 2017-02-23 21:05 - 00003976 _____ C:\WINDOWS\System32\Tasks\{CDA5889D-7A0E-3F36-0DAC-C1F834128FC7}
2017-02-23 21:05 - 2017-02-23 21:05 - 00003976 _____ C:\WINDOWS\System32\Tasks\{62D58402-D57E-33A9-866B-427B8F3261E7}
2017-02-23 21:05 - 2017-02-23 21:05 - 00000000 ____D C:\ProgramData\{BBAF9586-0C04-222D-733A-C310C6F6AB0F}
2017-02-23 21:05 - 2017-02-23 21:05 - 00000000 ____D C:\ProgramData\{128CAFAC-A527-1807-895D-56B88DD8F484}
2017-02-18 16:15 - 2017-02-18 16:15 - 00000000 _____ C:\hamachi-2-0541-20170218-161552.dmp
2017-02-17 21:38 - 2017-02-17 21:38 - 00000000 ____D C:\Users\lukykos\Downloads\Automaticke_Vypnuti_PC
2017-02-17 21:29 - 2017-02-17 21:29 - 00615434 _____ C:\Users\lukykos\Downloads\Automaticke_Vypnuti_PC.zip
2017-02-11 12:26 - 2017-02-11 12:26 - 03103454 _____ C:\Users\lukykos\Downloads\SkyBlock_v2.1.zip
2017-02-11 12:05 - 2017-02-11 12:05 - 00000000 ____D C:\Users\lukykos\Documents\Curse
2017-02-11 12:01 - 2017-02-23 21:09 - 00000000 ____D C:\Users\lukykos\AppData\Roaming\Curse Client
2017-02-11 11:57 - 2017-02-11 11:57 - 84707568 _____ (Curse) C:\Users\lukykos\Downloads\CurseClientSetup.exe
2017-02-11 10:42 - 2017-02-11 10:42 - 00000222 _____ C:\Users\lukykos\Desktop\Rocket League.url
2017-02-10 23:38 - 2017-02-10 23:38 - 00000222 _____ C:\Users\lukykos\Desktop\Factorio.url
2017-02-10 18:20 - 2017-03-07 14:37 - 00000000 ____D C:\Users\lukykos\AppData\Local\CrashDumps
2017-02-10 17:48 - 2017-02-10 17:48 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-10 17:48 - 2016-12-29 13:43 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-10 17:48 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-10 17:48 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-10 17:48 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-10 17:48 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-02-10 17:47 - 2017-01-04 15:24 - 00222648 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-02-10 17:47 - 2017-01-04 15:24 - 00210360 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-02-10 17:47 - 2016-12-29 14:06 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-12 16:31 - 2016-11-19 15:41 - 00000000 ____D C:\Users\lukykos\AppData\LocalLow\Mozilla
2017-03-12 16:31 - 2016-09-02 14:07 - 00000000 ____D C:\Users\lukykos\Desktop\Nová složka (3)
2017-03-12 16:24 - 2016-06-30 11:13 - 00000000 ____D C:\Users\lukykos\AppData\Roaming\Skype
2017-03-12 16:03 - 2016-12-27 19:15 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-12 15:19 - 2016-09-25 06:35 - 00000000 ____D C:\Users\lukykos
2017-03-12 15:17 - 2016-09-25 06:40 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2017-03-12 15:17 - 2016-09-25 06:40 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2017-03-11 21:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-10 20:40 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-07 21:05 - 2016-09-25 06:29 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-07 20:01 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-07 20:01 - 2016-06-30 11:12 - 00002658 _____ C:\Users\Public\Desktop\Skype.lnk
2017-03-07 20:01 - 2016-06-30 11:12 - 00000000 ____D C:\ProgramData\Skype
2017-03-07 20:00 - 2016-06-15 16:34 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-07 17:17 - 2017-01-27 15:13 - 00003294 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-03-07 17:17 - 2016-06-15 16:23 - 00002397 _____ C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-07 17:17 - 2016-06-15 16:23 - 00000000 ___RD C:\Users\lukykos\OneDrive
2017-03-07 17:11 - 2016-09-25 06:51 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-07 17:11 - 2016-09-25 06:31 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-07 17:10 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-07 17:08 - 2017-01-14 09:24 - 00001232 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-03-07 17:08 - 2017-01-01 21:29 - 00001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-03-07 17:08 - 2016-12-05 17:31 - 00001303 _____ C:\Users\lukykos\Desktop\Google Chrome.lnk
2017-03-07 17:08 - 2016-07-05 20:23 - 00002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-04 22:30 - 2016-09-04 18:09 - 00001435 _____ C:\Users\lukykos\Desktop\ROBLOX Player.lnk
2017-03-04 22:30 - 2016-09-04 18:09 - 00001250 _____ C:\Users\lukykos\Desktop\ROBLOX Studio.lnk
2017-03-04 22:30 - 2016-09-04 18:09 - 00000000 ____D C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-02-24 12:37 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-24 12:37 - 2016-06-15 19:09 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 12:33 - 2016-06-15 19:09 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{CD503F7A-7AFB-88D1-AA8E-102E9839FDA5}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{ADD8EF3D-1A73-5896-55D6-B502330BC0F3}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{929FBDE2-2534-0A49-79A6-CACDFF061ACD}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{651044B9-D2BB-F312-1649-060647157667}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{3E793E0D-89D2-89A6-F277-5C011EE8D9F5}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{299D261F-9E36-91B4-2894-5AEC8BBDC518}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{1B9B808D-AC30-3726-4572-439BB44CE605}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{1B4DEA7D-ACE6-5DD6-CBA3-B3B4D74E8A05}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{F2182982-45B3-9E29-6B47-8FF10B170B89}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{777C0CDB-C0D7-BB70-F62C-F5128F43849A}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{7171A84A-C6DA-1FE1-DE7E-25EF12E5148E}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{38DABB64-8F71-0CCF-6B89-B4C454A5CE64}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{36A0494C-810B-FEE7-A6D0-7D892DB0D54B}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{1B34E018-AC9F-57B3-BEFF-09E1444B4084}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{F1D4198B-467F-AE20-BC63-B9B2285515BA}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{EBBA2EEE-5C11-9945-1863-D4C8D31D98CF}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{E583F77F-5228-40D4-D736-3EA835065C39}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{D8352E8F-6F9E-9924-D8FF-0FC342F896DE}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{CDFF537B-7A54-E4D0-00C0-02409DC9BB48}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{C9D6FE21-7E7D-498A-4CB9-ABA6C0E196EF}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{B0829170-0729-26DB-FDF1-2DABE31D0DDF}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{9E07956E-29AC-22C5-7122-3D9FDA6CE6CC}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{96B3BAC8-2118-0D63-5BE7-9CCB109F92BC}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{9409E97A-23A2-5ED1-54EA-BBB602BAD5ED}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{8ECC1717-3967-A0BC-643D-BA01EF252B19}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{8518E7D3-32B3-5078-4743-BFD97374671A}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{7D7D6ED9-CAD6-D972-FB13-5CFD086A93D1}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{7A973D83-CD3C-8A28-0C29-4F7B0B3672E6}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{5C9A3476-EB31-83DD-4693-BA29EEC61C78}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{59F5DF12-EE5E-68B9-6872-914D9A6165A7}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{56A4B67C-E10F-01D7-6311-668609A07EFC}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{55B99A20-E212-2D8B-E4A1-DBFAFE24F06E}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{4D54E968-FAFF-5EC3-C645-6AA024054E11}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{38CC076F-8F67-B0C4-0352-3AF4BB22EE65}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{35273A61-828C-8DCA-8CE5-5FB97D27D681}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{203989DE-9792-3E75-F5F2-EE02D3FF55FC}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{1576FBDC-A2DD-4C77-F202-40FE6E2E42D1}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{0ECE888E-B965-3F25-E484-8F4AF6B6173D}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{09AEFE6E-BE05-49C5-94C4-AE7D72040EBD}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{E4BD55FC-5316-E257-1306-477553B1FB7F}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{CFFAF2F5-7851-455E-B16A-8B78BF5860E2}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{B6787064-01D3-C7CF-6807-1A7566D841C7}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{A4E94271-1342-F5DA-2F16-92354430913D}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{899158A1-3E3A-EF0A-7721-10C392E1973A}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{7CDC623D-CB77-D596-FFE8-E06031F08A5A}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{7144E9FE-C6EF-5E55-39D8-ABD1A487FD5B}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{31127FF7-86B9-C85C-89CE-361276409D1A}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{2264E049-95CF-57E2-3E2A-CDBC05E73188}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{119D5BEB-A636-EC40-3FA1-78CCFB144D2F}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{0899AFC8-BF32-1863-6CC9-78336B4279EE}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{06E7CD0A-B14C-7AA1-E5EA-47530BC945F0}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{05D80F2B-B273-B880-933E-FA517BE9A2CE}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{7CBF93FB-CB14-2450-D3AE-BCBC7827387B}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{7C995788-CB32-E023-1768-C28EDB73E9C5}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{70170708-C7BC-B0A3-1DD0-20BDAAE9769D}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{6C6C1653-DBC7-A1F8-2D30-E211E824C758}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{6B97C952-DC3C-7EF9-3AE8-FE66D6143677}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{11597869-A6F2-CFC2-221F-D20D334FE5B6}
2017-02-18 16:15 - 2016-09-25 06:42 - 00000476 _____ C:\WINDOWS\Tasks\SMW_UpdateTask_Time_323238343538353637382d3437415a556c2a3223346c41.job
2017-02-17 17:45 - 2016-12-11 16:45 - 00542760 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-02-10 17:49 - 2016-09-25 06:31 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-10 17:49 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-10 17:49 - 2016-06-15 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-10 17:47 - 2016-09-25 06:30 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-10 17:47 - 2016-09-25 06:30 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
==================== Files in the root of some directories =======
2016-11-04 17:57 - 2016-11-04 17:57 - 2924848 _____ () C:\Program Files\Common Files\00idalsa.exe
2016-11-20 19:29 - 2016-11-20 19:29 - 2942100 _____ () C:\Program Files\Common Files\04nspnbe.exe
2016-12-06 13:41 - 2016-12-06 13:41 - 2938894 _____ () C:\Program Files\Common Files\04qwdu25.exe
2016-10-04 16:58 - 2016-10-04 16:58 - 2944529 _____ () C:\Program Files\Common Files\05oefwsf.exe
2016-10-27 16:57 - 2016-10-27 16:57 - 2921590 _____ () C:\Program Files\Common Files\0eg00edc.exe
2016-10-02 16:57 - 2016-10-02 16:57 - 2954707 _____ () C:\Program Files\Common Files\0en0e3sg.exe
2016-12-29 20:59 - 2016-12-29 20:59 - 3021703 _____ () C:\Program Files\Common Files\0exsbrkr.exe
2016-11-30 15:49 - 2016-11-30 15:49 - 2940140 _____ () C:\Program Files\Common Files\0g1dgsbu.exe
2016-11-26 20:59 - 2016-11-26 20:59 - 2943148 _____ () C:\Program Files\Common Files\0l12ipt1.exe
2016-07-12 19:59 - 2016-07-12 19:59 - 2920467 _____ () C:\Program Files\Common Files\0oorw430.exe
2016-11-23 15:13 - 2016-11-23 15:13 - 2932717 _____ () C:\Program Files\Common Files\0py4bdua.exe
2016-12-22 12:52 - 2016-12-22 12:53 - 3021667 _____ () C:\Program Files\Common Files\0vzqz3ha.exe
2016-10-25 20:00 - 2016-10-25 20:00 - 2915659 _____ () C:\Program Files\Common Files\11hlxcdr.exe
2016-11-13 17:57 - 2016-11-13 17:57 - 2934450 _____ () C:\Program Files\Common Files\1513ml3w.exe
2016-07-08 16:57 - 2016-07-08 16:57 - 2782549 _____ () C:\Program Files\Common Files\1ddqp54b.exe
2016-11-25 19:38 - 2016-11-25 19:38 - 2943148 _____ () C:\Program Files\Common Files\1hmb0u3j.exe
2016-11-01 13:11 - 2016-11-01 13:11 - 2950363 _____ () C:\Program Files\Common Files\1kqprawj.exe
2016-12-11 15:28 - 2016-12-11 15:28 - 2935391 _____ () C:\Program Files\Common Files\1zrqceuc.exe
2017-01-01 20:59 - 2017-01-01 20:59 - 3021732 _____ () C:\Program Files\Common Files\25rort0e.exe
2016-10-09 18:30 - 2016-10-09 18:30 - 2955293 _____ () C:\Program Files\Common Files\2cxyqc3s.exe
2016-10-03 17:11 - 2016-10-03 17:11 - 2956230 _____ () C:\Program Files\Common Files\2demmik5.exe
2016-11-25 14:59 - 2016-11-25 14:59 - 2943148 _____ () C:\Program Files\Common Files\2mvyv5jg.exe
2016-11-06 14:55 - 2016-11-06 14:55 - 2945240 _____ () C:\Program Files\Common Files\2nyysd1k.exe
2016-11-04 15:04 - 2016-11-04 15:04 - 2923820 _____ () C:\Program Files\Common Files\2sj4satr.exe
2016-11-03 20:15 - 2016-11-03 20:15 - 2935835 _____ () C:\Program Files\Common Files\35saldnh.exe
2016-07-18 18:04 - 2016-07-18 18:04 - 2944051 _____ () C:\Program Files\Common Files\3czrm32s.exe
2016-12-04 15:29 - 2016-12-04 15:29 - 2946417 _____ () C:\Program Files\Common Files\3pygfqz2.exe
2016-11-10 19:54 - 2016-11-10 19:54 - 2934450 _____ () C:\Program Files\Common Files\43gtalhj.exe
2016-10-23 16:57 - 2016-10-23 16:57 - 2914405 _____ () C:\Program Files\Common Files\4nmjvmnq.exe
2016-10-31 17:57 - 2016-10-31 17:57 - 2950363 _____ () C:\Program Files\Common Files\4qvpor1y.exe
2016-10-20 16:17 - 2016-10-20 16:17 - 2905522 _____ () C:\Program Files\Common Files\4qxmimad.exe
2016-09-28 19:39 - 2016-09-28 19:39 - 2946944 _____ () C:\Program Files\Common Files\4rt1jhl0.exe
2016-08-06 16:57 - 2016-08-06 16:57 - 2935236 _____ () C:\Program Files\Common Files\51seazmq.exe
2016-10-29 16:57 - 2016-10-29 16:57 - 2921590 _____ () C:\Program Files\Common Files\55kmvsar.exe
2016-12-28 17:57 - 2016-12-28 17:57 - 3021730 _____ () C:\Program Files\Common Files\55wqanx1.exe
2016-07-14 15:08 - 2016-07-14 15:08 - 2932283 _____ () C:\Program Files\Common Files\5a5icbj1.exe
2016-10-10 17:36 - 2016-10-10 17:36 - 2912949 _____ () C:\Program Files\Common Files\5b21lv0u.exe
2016-10-16 18:16 - 2016-10-16 18:16 - 2899580 _____ () C:\Program Files\Common Files\5vbqgvei.exe
2017-01-03 19:33 - 2017-01-03 19:33 - 3021780 _____ () C:\Program Files\Common Files\5xpjcjyy.exe
2016-11-03 20:15 - 2016-11-03 20:15 - 2935835 _____ () C:\Program Files\Common Files\a40qd1hl.exe
2016-07-11 19:59 - 2016-07-11 19:59 - 2782549 _____ () C:\Program Files\Common Files\amnzgeh5.exe
2016-10-03 19:59 - 2016-10-03 19:59 - 2930886 _____ () C:\Program Files\Common Files\bauhbmft.exe
2016-10-22 13:41 - 2016-10-22 13:41 - 2927797 _____ () C:\Program Files\Common Files\beykqiqq.exe
2016-11-11 17:57 - 2016-11-11 17:57 - 2934450 _____ () C:\Program Files\Common Files\bocciwdm.exe
2016-11-07 18:08 - 2016-11-07 18:08 - 2933671 _____ () C:\Program Files\Common Files\c12vnv5o.exe
2016-12-22 12:52 - 2016-12-22 12:53 - 3021667 _____ () C:\Program Files\Common Files\cerubweq.exe
2016-10-26 16:57 - 2016-10-26 16:57 - 2921590 _____ () C:\Program Files\Common Files\cjgiw3p2.exe
2016-12-04 15:29 - 2016-12-04 15:29 - 2946417 _____ () C:\Program Files\Common Files\couiw1uy.exe
2016-08-08 09:09 - 2016-08-08 09:09 - 2938647 _____ () C:\Program Files\Common Files\csuzaoe1.exe
2016-10-22 13:41 - 2016-10-22 13:41 - 2927797 _____ () C:\Program Files\Common Files\cyvuxdtg.exe
2016-12-12 17:57 - 2016-12-12 17:57 - 2932101 _____ () C:\Program Files\Common Files\cz1r2jom.exe
2016-10-16 18:16 - 2016-10-16 18:16 - 2899580 _____ () C:\Program Files\Common Files\drczz3tq.exe
2016-12-05 17:30 - 2016-12-05 17:30 - 2953209 _____ () C:\Program Files\Common Files\drm512ed.exe
2016-12-02 14:26 - 2016-12-02 14:26 - 2929716 _____ () C:\Program Files\Common Files\ebnrmo5w.exe
2016-07-16 11:21 - 2016-07-16 11:21 - 2939768 _____ () C:\Program Files\Common Files\edpms1kt.exe
2016-11-12 20:59 - 2016-11-12 20:59 - 2934450 _____ () C:\Program Files\Common Files\ehmunlei.exe
2016-10-06 16:22 - 2016-10-06 16:22 - 2930361 _____ () C:\Program Files\Common Files\ei2e3myr.exe
2016-11-21 17:57 - 2016-11-21 17:57 - 2934898 _____ () C:\Program Files\Common Files\elhvr21v.exe
2016-11-08 19:37 - 2016-11-08 19:37 - 2943601 _____ () C:\Program Files\Common Files\erw0x2t4.exe
2016-12-22 20:20 - 2016-12-22 20:20 - 3021753 _____ () C:\Program Files\Common Files\estffh1a.exe
2016-09-29 17:14 - 2016-09-29 17:14 - 2939150 _____ () C:\Program Files\Common Files\eydxk5dx.exe
2016-10-15 13:27 - 2016-10-15 13:27 - 2912360 _____ () C:\Program Files\Common Files\f2hq1oo5.exe
2016-10-30 21:00 - 2016-10-30 21:00 - 2937121 _____ () C:\Program Files\Common Files\faqrpddn.exe
2016-12-26 21:06 - 2016-12-26 21:06 - 3021675 _____ () C:\Program Files\Common Files\fl0jptaf.exe
2016-11-23 20:31 - 2016-11-23 20:31 - 2951694 _____ () C:\Program Files\Common Files\fmbzwqv5.exe
2016-12-31 10:15 - 2016-12-31 10:15 - 3021725 _____ () C:\Program Files\Common Files\fq05k4uv.exe
2016-07-18 18:04 - 2016-07-18 18:04 - 2944051 _____ () C:\Program Files\Common Files\fupdol1g.exe
2016-11-15 14:17 - 2016-11-15 14:17 - 2932047 _____ () C:\Program Files\Common Files\fzcpmz2f.exe
2016-12-01 17:57 - 2016-12-01 17:57 - 2948294 _____ () C:\Program Files\Common Files\g2ogkbjk.exe
2016-09-30 19:15 - 2016-09-30 19:15 - 2951025 _____ () C:\Program Files\Common Files\gc0ct2ic.exe
2016-10-15 13:27 - 2016-10-15 13:27 - 2912360 _____ () C:\Program Files\Common Files\ggn1cfcf.exe
2016-12-21 14:54 - 2016-12-21 14:55 - 3021671 _____ () C:\Program Files\Common Files\giz25buw.exe
2016-11-18 19:58 - 2016-11-18 19:58 - 2929738 _____ () C:\Program Files\Common Files\gzu42hjw.exe
2016-10-29 19:59 - 2016-10-29 19:59 - 2921590 _____ () C:\Program Files\Common Files\h3ldt4iw.exe
2016-12-26 21:06 - 2016-12-26 21:06 - 3021675 _____ () C:\Program Files\Common Files\hbufyaxp.exe
2016-11-18 20:59 - 2016-11-18 20:59 - 2933637 _____ () C:\Program Files\Common Files\hokxdgia.exe
2016-10-13 17:15 - 2016-10-13 17:15 - 2905641 _____ () C:\Program Files\Common Files\hp1d0yhk.exe
2016-07-18 19:59 - 2016-07-18 19:59 - 2941163 _____ () C:\Program Files\Common Files\hsdaaor0.exe
2016-10-16 19:59 - 2016-10-16 19:59 - 2918173 _____ () C:\Program Files\Common Files\htu5opdz.exe
2016-10-28 19:59 - 2016-10-28 19:59 - 2921590 _____ () C:\Program Files\Common Files\hx3xvvq0.exe
2017-01-02 19:06 - 2017-01-02 19:06 - 3021787 _____ () C:\Program Files\Common Files\i0xrlyta.exe
2016-11-23 20:59 - 2016-11-23 20:59 - 2929242 _____ () C:\Program Files\Common Files\ibadiuoq.exe
2016-12-22 20:59 - 2016-12-22 20:59 - 3021665 _____ () C:\Program Files\Common Files\iia2bvha.exe
2016-11-14 18:06 - 2016-11-14 18:06 - 2934450 _____ () C:\Program Files\Common Files\inmjytrw.exe
2016-07-08 19:59 - 2016-07-08 19:59 - 2782549 _____ () C:\Program Files\Common Files\invpfu0b.exe
2016-12-10 09:11 - 2016-12-10 09:11 - 2956128 _____ () C:\Program Files\Common Files\ioz0y3vw.exe
2016-10-27 19:59 - 2016-10-27 19:59 - 2921590 _____ () C:\Program Files\Common Files\j0a2lxdk.exe
2016-12-01 16:55 - 2016-12-01 16:55 - 2949285 _____ () C:\Program Files\Common Files\j3avvwpf.exe
2016-11-27 19:37 - 2016-11-27 19:37 - 2946256 _____ () C:\Program Files\Common Files\j3w54hai.exe
2016-07-19 16:57 - 2016-07-19 16:57 - 2921548 _____ () C:\Program Files\Common Files\j5zwfmc5.exe
2016-10-28 16:57 - 2016-10-28 16:57 - 2921590 _____ () C:\Program Files\Common Files\jfdmwnxf.exe
2016-07-09 16:57 - 2016-07-09 16:57 - 2782549 _____ () C:\Program Files\Common Files\jgd5slbd.exe
2016-11-16 15:17 - 2016-11-16 15:17 - 2938944 _____ () C:\Program Files\Common Files\jlskobxi.exe
2016-10-08 17:02 - 2016-10-08 17:02 - 2935036 _____ () C:\Program Files\Common Files\jousgfve.exe
2016-11-26 17:57 - 2016-11-26 17:57 - 2943148 _____ () C:\Program Files\Common Files\jwnsekcc.exe
2016-10-06 16:57 - 2016-10-06 16:57 - 2955516 _____ () C:\Program Files\Common Files\jxdhicfl.exe
2016-07-11 08:22 - 2016-07-11 08:22 - 2782549 _____ () C:\Program Files\Common Files\jzy3jrbp.exe
2016-10-06 16:22 - 2016-10-06 16:22 - 2930361 _____ () C:\Program Files\Common Files\k15yq0dv.exe
2016-11-20 19:28 - 2016-11-20 19:28 - 2942100 _____ () C:\Program Files\Common Files\k2fczvw1.exe
2016-12-27 17:57 - 2016-12-27 17:57 - 3021779 _____ () C:\Program Files\Common Files\kcasrqjk.exe
2016-12-18 18:00 - 2016-12-18 18:00 - 3021114 _____ () C:\Program Files\Common Files\kcmu1hjy.exe
2016-10-22 19:59 - 2016-10-22 19:59 - 2921572 _____ () C:\Program Files\Common Files\kddozdaw.exe
2016-07-10 16:57 - 2016-07-10 16:57 - 2782549 _____ () C:\Program Files\Common Files\kojkkksw.exe
2016-10-20 16:57 - 2016-10-20 16:57 - 2901670 _____ () C:\Program Files\Common Files\kqzavkf1.exe
2016-09-30 11:08 - 2016-09-30 11:08 - 2942067 _____ () C:\Program Files\Common Files\kym0fmv2.exe
2016-07-17 09:20 - 2016-07-17 09:20 - 2920600 _____ () C:\Program Files\Common Files\kzqjbomh.exe
2016-11-04 20:59 - 2016-11-04 20:59 - 2946612 _____ () C:\Program Files\Common Files\lihu4y5m.exe
2016-11-30 15:49 - 2016-11-30 15:49 - 2940140 _____ () C:\Program Files\Common Files\lksgpha4.exe
2017-01-01 17:57 - 2017-01-01 17:57 - 3021732 _____ () C:\Program Files\Common Files\lmkizp1g.exe
2016-12-09 17:59 - 2016-12-09 17:59 - 2956128 _____ () C:\Program Files\Common Files\lnbwitw4.exe
2016-07-05 19:59 - 2016-07-05 19:59 - 2782549 _____ () C:\Program Files\Common Files\loceak34.exe
2016-10-20 16:17 - 2016-10-20 16:17 - 2905522 _____ () C:\Program Files\Common Files\lt2nwekn.exe
2016-07-12 16:57 - 2016-07-12 16:57 - 2938043 _____ () C:\Program Files\Common Files\lteolrn2.exe
2016-10-02 08:32 - 2016-10-02 08:32 - 2951389 _____ () C:\Program Files\Common Files\m5mnqkpb.exe
2016-07-14 19:59 - 2016-07-14 19:59 - 2939331 _____ () C:\Program Files\Common Files\mabb30u2.exe
2016-07-04 19:59 - 2016-07-04 19:59 - 2782549 _____ () C:\Program Files\Common Files\mb3hbxpr.exe
2016-10-09 19:59 - 2016-10-09 19:59 - 2932069 _____ () C:\Program Files\Common Files\mjm1iijh.exe
2016-07-11 16:57 - 2016-07-11 16:57 - 2782549 _____ () C:\Program Files\Common Files\mjyfzx2u.exe
2016-07-14 15:08 - 2016-07-14 15:08 - 2932283 _____ () C:\Program Files\Common Files\mkoe4tkw.exe
2016-12-02 17:57 - 2016-12-02 17:57 - 2951041 _____ () C:\Program Files\Common Files\mxurj5np.exe
2016-09-21 13:52 - 2016-09-21 13:52 - 2919632 _____ () C:\Program Files\Common Files\n0ffhyal.exe
2016-12-02 21:00 - 2016-12-02 21:00 - 2934012 _____ () C:\Program Files\Common Files\n0vc25wh.exe
2016-07-14 16:57 - 2016-07-14 16:57 - 2927864 _____ () C:\Program Files\Common Files\n3wxpty5.exe
2016-07-16 16:57 - 2016-07-16 16:57 - 2936439 _____ () C:\Program Files\Common Files\n41mxg1i.exe
2016-08-08 09:09 - 2016-08-08 09:09 - 2938647 _____ () C:\Program Files\Common Files\n455teom.exe
2016-12-16 17:57 - 2016-12-16 17:57 - 3020737 _____ () C:\Program Files\Common Files\nfwgznb1.exe
2016-10-07 13:42 - 2016-10-07 13:42 - 2929811 _____ () C:\Program Files\Common Files\nigl4eoo.exe
2016-12-04 17:57 - 2016-12-04 17:57 - 2932227 _____ () C:\Program Files\Common Files\nwdekrup.exe
2016-12-29 19:41 - 2016-12-29 19:41 - 3021696 _____ () C:\Program Files\Common Files\o54eapdx.exe
2016-07-07 18:29 - 2016-07-07 18:29 - 2782549 _____ () C:\Program Files\Common Files\oayeqwmu.exe
2016-12-15 20:08 - 2016-12-15 20:08 - 3020700 _____ () C:\Program Files\Common Files\ob01ljjm.exe
2016-12-19 15:13 - 2016-12-19 15:13 - 3021071 _____ () C:\Program Files\Common Files\oksocrum.exe
2016-10-17 19:59 - 2016-10-17 19:59 - 2918600 _____ () C:\Program Files\Common Files\ozv1vdjg.exe
2016-11-26 08:59 - 2016-11-26 08:59 - 2943148 _____ () C:\Program Files\Common Files\p1fvv3db.exe
2016-12-11 17:57 - 2016-12-11 17:57 - 2931631 _____ () C:\Program Files\Common Files\p3ojh45m.exe
2016-11-14 18:06 - 2016-11-14 18:06 - 2934450 _____ () C:\Program Files\Common Files\palguvvs.exe
2016-12-28 20:59 - 2016-12-28 20:59 - 3021716 _____ () C:\Program Files\Common Files\pcd2ombm.exe
2016-10-18 16:57 - 2016-10-18 16:57 - 2922291 _____ () C:\Program Files\Common Files\pjii3qxu.exe
2016-11-20 20:59 - 2016-11-20 20:59 - 2933300 _____ () C:\Program Files\Common Files\pmmuqhgv.exe
2016-07-09 19:59 - 2016-07-09 19:59 - 2782549 _____ () C:\Program Files\Common Files\q2a3gd0a.exe
2016-11-08 14:25 - 2016-11-08 14:25 - 2940624 _____ () C:\Program Files\Common Files\qbgroqgg.exe
2016-09-28 19:39 - 2016-09-28 19:39 - 2946944 _____ () C:\Program Files\Common Files\qfpr1zwt.exe
2016-08-17 19:13 - 2016-08-17 19:13 - 2946352 _____ () C:\Program Files\Common Files\qh4urva5.exe
2016-11-11 17:35 - 2016-11-11 17:35 - 2934450 _____ () C:\Program Files\Common Files\qqcyi2gx.exe
2016-12-18 18:00 - 2016-12-18 18:00 - 3021114 _____ () C:\Program Files\Common Files\qqxofseg.exe
2016-11-12 15:55 - 2016-11-12 15:55 - 2934450 _____ () C:\Program Files\Common Files\r0ftsvbl.exe
2016-12-17 13:19 - 2016-12-17 13:19 - 3020680 _____ () C:\Program Files\Common Files\r2olm24z.exe
2016-10-21 13:19 - 2016-10-21 13:19 - 2927316 _____ () C:\Program Files\Common Files\r5olko2w.exe
2016-07-03 19:59 - 2016-07-03 19:59 - 2782549 _____ () C:\Program Files\Common Files\ri5x4fgk.exe
2016-12-19 17:57 - 2016-12-19 17:57 - 3021770 _____ () C:\Program Files\Common Files\rxqpuygp.exe
2016-12-27 20:59 - 2016-12-27 20:59 - 3021724 _____ () C:\Program Files\Common Files\s5wtazjc.exe
2016-11-19 17:57 - 2016-11-19 17:57 - 2945069 _____ () C:\Program Files\Common Files\sl2d3zpl.exe
2017-01-03 14:44 - 2017-01-03 14:44 - 3021709 _____ () C:\Program Files\Common Files\smxueyuc.exe
2016-10-25 12:12 - 2016-10-25 12:13 - 2903248 _____ () C:\Program Files\Common Files\sycms1br.exe
2016-07-06 19:59 - 2016-07-06 19:59 - 2782549 _____ () C:\Program Files\Common Files\t0n5ss3c.exe
2016-07-05 19:58 - 2016-07-05 19:58 - 2782549 _____ () C:\Program Files\Common Files\tje4ytpi.exe
2016-12-15 20:08 - 2016-12-15 20:08 - 3020700 _____ () C:\Program Files\Common Files\tnwtjvk2.exe
2017-01-01 14:00 - 2017-01-01 14:00 - 3021732 _____ () C:\Program Files\Common Files\tqfs03wv.exe
2016-12-21 14:54 - 2016-12-21 14:55 - 3021671 _____ () C:\Program Files\Common Files\tvs414ga.exe
2016-12-05 17:57 - 2016-12-05 17:57 - 2927990 _____ () C:\Program Files\Common Files\twe11t2e.exe
2016-10-17 16:57 - 2016-10-17 16:57 - 2925323 _____ () C:\Program Files\Common Files\tyi1nqr2.exe
2016-07-15 16:57 - 2016-07-15 16:57 - 2942508 _____ () C:\Program Files\Common Files\u5dy0prb.exe
2016-12-11 15:28 - 2016-12-11 15:28 - 2935391 _____ () C:\Program Files\Common Files\udhysuxk.exe
2016-11-06 17:57 - 2016-11-06 17:57 - 2938085 _____ () C:\Program Files\Common Files\ugxhryqz.exe
2016-11-06 14:55 - 2016-11-06 14:55 - 2945240 _____ () C:\Program Files\Common Files\uuozoc05.exe
2016-10-25 16:57 - 2016-10-25 16:57 - 2904199 _____ () C:\Program Files\Common Files\uxbuzdja.exe
2016-11-16 15:17 - 2016-11-16 15:17 - 2938944 _____ () C:\Program Files\Common Files\uxsh02ar.exe
2016-09-28 20:01 - 2016-09-28 20:01 - 2943114 _____ () C:\Program Files\Common Files\v4aqxnwd.exe
2016-12-20 14:10 - 2016-12-20 14:10 - 3021670 _____ () C:\Program Files\Common Files\vk0wkvcr.exe
2016-12-31 10:15 - 2016-12-31 10:15 - 3021725 _____ () C:\Program Files\Common Files\vlxzsivq.exe
2016-11-07 18:08 - 2016-11-07 18:08 - 2933671 _____ () C:\Program Files\Common Files\vs0zp3ks.exe
2016-11-23 15:14 - 2016-11-23 15:14 - 2932717 _____ () C:\Program Files\Common Files\vtuzsmei.exe
2016-10-08 19:59 - 2016-10-08 19:59 - 2927877 _____ () C:\Program Files\Common Files\vwjjrjvt.exe
2016-11-24 19:54 - 2016-11-24 19:54 - 2943148 _____ () C:\Program Files\Common Files\w4yo24kb.exe
2016-10-22 16:57 - 2016-10-22 16:57 - 2918021 _____ () C:\Program Files\Common Files\wdadnedb.exe
2016-11-18 19:58 - 2016-11-18 19:58 - 2929738 _____ () C:\Program Files\Common Files\wf51afsz.exe
2016-12-12 15:14 - 2016-12-12 15:14 - 2935878 _____ () C:\Program Files\Common Files\wknlgrk1.exe
2016-10-11 14:07 - 2016-10-11 14:07 - 2908906 _____ () C:\Program Files\Common Files\wrdyohnj.exe
2016-07-04 16:57 - 2016-07-04 16:57 - 2782549 _____ () C:\Program Files\Common Files\wwvmuezm.exe
2016-10-02 08:32 - 2016-10-02 08:32 - 2951389 _____ () C:\Program Files\Common Files\x0riyolp.exe
2016-09-30 19:59 - 2016-09-30 19:59 - 2928684 _____ () C:\Program Files\Common Files\xcp5ic0i.exe
2016-11-10 19:54 - 2016-11-10 19:54 - 2934450 _____ () C:\Program Files\Common Files\xjczwvpu.exe
2017-01-01 14:00 - 2017-01-01 14:00 - 3021732 _____ () C:\Program Files\Common Files\xliupj2u.exe
2016-10-30 17:57 - 2016-10-30 17:57 - 2936204 _____ () C:\Program Files\Common Files\xuw3hhm2.exe
2016-10-08 17:02 - 2016-10-08 17:02 - 2935036 _____ () C:\Program Files\Common Files\xxyaq1ht.exe
2016-07-07 19:59 - 2016-07-07 19:59 - 2782549 _____ () C:\Program Files\Common Files\y3l0nk3r.exe
2016-10-03 17:11 - 2016-10-03 17:11 - 2956230 _____ () C:\Program Files\Common Files\yd0rt05x.exe
2016-10-15 17:18 - 2016-10-15 17:18 - 2907559 _____ () C:\Program Files\Common Files\ygm5w2au.exe
2016-12-09 15:55 - 2016-12-09 15:55 - 2956128 _____ () C:\Program Files\Common Files\yqsq0cbg.exe
2016-12-15 20:59 - 2016-12-15 20:59 - 3020706 _____ () C:\Program Files\Common Files\yshmwokf.exe
2016-10-13 17:15 - 2016-10-13 17:15 - 2905641 _____ () C:\Program Files\Common Files\z1qbrjtb.exe
2016-12-01 16:55 - 2016-12-01 16:55 - 2949285 _____ () C:\Program Files\Common Files\z4clxxqv.exe
2016-12-09 15:55 - 2016-12-09 15:55 - 2956128 _____ () C:\Program Files\Common Files\zfa2n2yt.exe
2016-11-22 13:54 - 2016-11-22 13:54 - 2927502 _____ () C:\Program Files\Common Files\zhwghrnp.exe
2016-07-06 16:57 - 2016-07-06 16:57 - 2782549 _____ () C:\Program Files\Common Files\zqs102rv.exe
2016-11-12 17:57 - 2016-11-12 17:57 - 2934450 _____ () C:\Program Files\Common Files\zutt2rov.exe
2016-10-25 12:12 - 2016-10-25 12:13 - 2903248 _____ () C:\Program Files\Common Files\zz5r55he.exe
2016-07-03 18:56 - 2016-07-03 18:56 - 2279413 _____ () C:\Users\lukykos\AppData\Roaming\Anplus.bin
2016-07-03 18:56 - 2016-07-03 18:56 - 0054272 _____ () C:\Users\lukykos\AppData\Roaming\ApplicationHosting.dat
2016-07-03 18:56 - 2016-07-03 18:56 - 1761214 _____ () C:\Users\lukykos\AppData\Roaming\Consoft.tst
2016-06-28 02:12 - 2016-06-28 02:12 - 0314434 _____ () C:\Users\lukykos\AppData\Roaming\EYapp.apk
2016-07-03 18:56 - 2016-07-03 18:56 - 0072704 _____ () C:\Users\lukykos\AppData\Roaming\Good-Hold.tst
2016-07-03 18:56 - 2016-07-03 18:56 - 0126464 _____ () C:\Users\lukykos\AppData\Roaming\lobby.dat
2016-07-15 14:11 - 2016-07-15 14:56 - 7616340 _____ () C:\Users\lukykos\AppData\Roaming\setup.apk
2016-07-03 18:56 - 2016-07-03 18:56 - 0189635 _____ () C:\Users\lukykos\AppData\Roaming\Y-phase.bin
2016-08-04 13:39 - 2016-08-04 13:39 - 0000000 ___SH () C:\Users\lukykos\AppData\Local\LumaEmu
2016-07-03 18:57 - 2016-07-03 18:57 - 0041472 _____ () C:\Users\lukykos\AppData\Local\statstrip.dat
2016-07-03 18:57 - 2016-07-03 18:57 - 0000187 _____ () C:\Users\lukykos\AppData\Local\statstrip.exe.config
Some files in TEMP:
====================
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\103322779.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\110708445.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\119984832.t.exe
2017-01-22 19:22 - 2017-01-22 19:22 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\133089149.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\1912568.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\21876516.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\27543046.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\29083994.t.exe
2017-02-23 19:18 - 2017-02-23 19:18 - 1433088 _____ () C:\Users\lukykos\AppData\Local\Temp\29837922.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\34111101.t.exe
2017-02-23 19:18 - 2017-02-23 19:18 - 1433088 _____ () C:\Users\lukykos\AppData\Local\Temp\43152943.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\45483728.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\46522839.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\47682761.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\48985246.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\4931755.t.exe
2017-01-22 19:22 - 2017-01-22 19:22 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\49925678.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\50814912.t.exe
2017-01-22 19:22 - 2017-01-22 19:22 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\53068435.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\55962992.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\57536350.t.exe
2017-02-23 19:18 - 2017-02-23 19:18 - 1433088 _____ () C:\Users\lukykos\AppData\Local\Temp\61051531.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\63336490.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\83655997.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\84898033.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\87793770.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\91546016.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\91738252.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\98522940.t.exe
2016-10-04 16:45 - 2016-08-03 05:28 - 0962072 _____ (BlueStack Systems, Inc.) C:\Users\lukykos\AppData\Local\Temp\BluestacksUninstaller.exe
2016-12-04 19:32 - 2016-12-04 19:51 - 0208896 _____ (Sony DADC Austria AG) C:\Users\lukykos\AppData\Local\Temp\drm_dyndata_7370012.dll
2016-10-04 16:45 - 2016-08-03 05:27 - 0187416 _____ (BlueStack Systems) C:\Users\lukykos\AppData\Local\Temp\HD-LibraryHandler.dll
2016-10-04 16:45 - 2016-08-03 05:25 - 0246808 _____ (BlueStack Systems) C:\Users\lukykos\AppData\Local\Temp\HD-Logger-Native.dll
2017-03-07 19:59 - 2017-03-07 19:59 - 14456872 _____ (Microsoft Corporation) C:\Users\lukykos\AppData\Local\Temp\vc_redist.x86.exe
2016-12-25 17:36 - 2016-12-25 17:36 - 7349520 _____ () C:\Users\lukykos\AppData\Local\Temp\~E49E.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-03-05 07:52
==================== End of FRST.txt ============================
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files\BitTorrent\BitTorrent.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-11-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-25] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [270336 2013-04-09] ()
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5883912 2017-03-02] (LogMeIn Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\lukykos\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\lukykos\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [Akamai NetSession Interface] => C:\Users\lukykos\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-03-09] (Valve Corporation)
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545056 2017-02-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\RunOnce: [Uninstall C:\Users\lukykos\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\lukykos\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellExecuteHooks: No Name - {6710C780-E20E-4C49-A87D-321850ED3D7C} - -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-07-11]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2017-02-23]
ShortcutTarget: Curse.lnk -> C:\Users\lukykos\AppData\Roaming\Curse Client\Bin\Curse.exe (No File)
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{268870a5-d72e-46ad-8646-40f514dcefd0}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{a4d891ec-b6ae-476b-9915-a8a0e537697b}: [DhcpNameServer] 82.163.143.157
Internet Explorer:
==================
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hXJxhvOlVRNKH9N5AP-Ck-DKz4chcM0RNwUEYAiUIKDS2wgKOmoZ-PqcYIaT-hR4r6k2bHNn5s,&q={searchTerms}
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQ0NfCDSlzGblGQ1kgbwEZCDXtA2bA5S7Mwywp45uWVNa241Ymowj-24U1Aq8EdVg7xPemPDAGkGt3vsilaiAY72fPrKT7M,
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001 -> {46DAFD89-E4E4-4037-5507-D2F982BAF333} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-TqszdEi2xwXHjQ6yX-e7dGBZMOnOdf5apBcbX5hcmn8RaIYm_MFJXWe2Dz8hT1gSp0UR61lY3DsH0drHm1_Ht3sAi5-Ubs9xuGyEZUG80xW12jWVVolZ6nB8NjLfGwfhniVnQu2pswHOFGT-FaM2V98fhWHwk6&q={searchTerms}
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-06-28] (Intel Security)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-18] (Oracle Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-06-28] (Intel Security)
FireFox:
========
FF DefaultProfile: acezlehe.default-1470335100542
FF ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542 [2017-03-12]
FF NewTab: Mozilla\Firefox\Profiles\acezlehe.default-1470335100542 -> C:\\ProgramData\\oceps\\ff.NT
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\acezlehe.default-1470335100542 ->
FF Homepage: Mozilla\Firefox\Profiles\acezlehe.default-1470335100542 -> hxxps://www.seznam.cz/
FF Keyword.URL: Mozilla\Firefox\Profiles\acezlehe.default-1470335100542 -> hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=Unknown
FF Extension: (MEGA) - C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542\Extensions\firefox@mega.co.nz.xpi [2017-03-11]
FF Extension: (Seznam lištička) - C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-25]
FF ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144 [2016-12-18]
FF Extension: (Firefox Hotfix) - C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144\Extensions\firefox-hotfix@mozilla.org.xpi [2016-12-18]
FF Extension: (Seznam lištička) - C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-12-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-24] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-24] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-18] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-23] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-2668155180-1392316393-2198943076-1001: @nsroblox.roblox.com/launcher -> C:\Users\lukykos\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2668155180-1392316393-2198943076-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\lukykos\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2668155180-1392316393-2198943076-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\lukykos\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
Chrome:
=======
CHR HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFFk7_hyQrEptAC3t41oi3O9IN2aA4fIN0RlcFHRnacz70_bsjcjDLoc2Hk1NwqVvH0z2BCxckCNMrb7QPXyfKUz_GpDb8,
CHR StartupUrls: Default -> "hxxp://www-searching.com/?pid=s&s=Unknown"
CHR NewTab: Default -> "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=Unknown
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Profile: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default [2017-02-08]
CHR Extension: (Prezentace Google) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-05]
CHR Extension: (Dokumenty Google) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-05]
CHR Extension: (Disk Google) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-05]
CHR Extension: (Torrent Search) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bceciholkmjngdohanojikiiccgnmpdj [2016-07-11]
CHR Extension: (Seznam Lištička - Email) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-02-08]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-02-08]
CHR Extension: (YouTube) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-05]
CHR Extension: (Tabulky Google) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-06]
CHR Extension: (Slither.io Mods, Zoom, Create Skins SLITHERE) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkfpaolkkchfafkhdleklbddpcolkdea [2017-02-08]
CHR Extension: (SlitherX Sidebar Mods & Skins) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpnncaegjbbljnidgkfhgmhnmpiclplp [2017-02-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-08]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-02-08]
CHR Extension: (Gmail) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-05]
CHR Extension: (Chrome Media Router) - C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 BitTorrent; C:\Program Files\BitTorrent\BitTorrent.exe [383488 2016-07-03] () [File not signed] <==== ATTENTION
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [227104 2016-12-15] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-11-05] (NVIDIA Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3416584 2017-03-02] (LogMeIn Inc.)
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel(R) Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2017-02-27] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.11.266\McCHSvc.exe [235696 2015-12-02] (McAfee, Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-11-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-11-05] (NVIDIA Corporation)
S2 ocep; C:\ProgramData\\ocep\\ocep.exe [1120768 2017-03-07] () [File not signed]
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [905672 2016-06-22] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-06-22] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-06-22] (McAfee, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-06-07] (LogMeIn Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-11-05] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50472 2015-11-05] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 RTL8023x64; C:\WINDOWS\System32\drivers\Rtnic64.sys [51712 2016-07-16] (Realtek Semiconductor Corporation )
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [133064 2016-05-28] (BigNox Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [281544 2016-05-28] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [281544 2016-05-28] (BigNox Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-12 16:34 - 2017-03-12 16:35 - 00019678 _____ C:\Users\lukykos\Desktop\FRST.txt
2017-03-12 16:34 - 2017-03-12 16:34 - 00000000 ____D C:\Users\lukykos\Desktop\FRST-OlderVersion
2017-03-11 08:42 - 2017-03-11 08:42 - 00000000 ____D C:\ProgramData\TrueKey
2017-03-07 20:01 - 2017-03-07 20:01 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-03-07 20:01 - 2017-03-07 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-07 17:22 - 2017-03-07 17:22 - 02211944 _____ (Easeware ) C:\Users\lukykos\Downloads\DriverNavigator_Setup(1).exe
2017-03-07 17:18 - 2017-03-07 17:18 - 02211944 _____ (Easeware ) C:\Users\lukykos\Downloads\DriverNavigator_Setup.exe
2017-03-07 17:12 - 2017-03-07 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-03-07 17:12 - 2017-03-07 17:12 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2017-03-07 17:08 - 2017-03-07 17:08 - 00000000 ____D C:\ProgramData\oceps
2017-03-07 17:08 - 2017-03-07 17:08 - 00000000 ____D C:\ProgramData\ocep
2017-03-07 14:31 - 2017-03-07 17:09 - 00000000 ____D C:\AdwCleaner
2017-03-07 14:30 - 2017-03-07 14:31 - 04031440 _____ C:\Users\lukykos\Desktop\adwcleaner_6.044.exe
2017-03-04 18:17 - 2017-03-04 18:17 - 00000219 _____ C:\Users\lukykos\Desktop\Team Fortress 2.url
2017-02-28 14:04 - 2017-02-28 14:05 - 00000000 ____D C:\FRST
2017-02-28 14:02 - 2017-02-28 14:02 - 00112640 _____ (forum.viry.cz) C:\Users\lukykos\Downloads\FRSTLauncher.exe
2017-02-28 14:00 - 2017-03-12 16:34 - 02424832 _____ (Farbar) C:\Users\lukykos\Desktop\FRST64.exe
2017-02-27 16:11 - 2017-02-27 16:11 - 04734784 _____ () C:\Users\lukykos\Downloads\TechnicLauncher.exe
2017-02-26 16:29 - 2017-02-26 16:29 - 00000000 ____D C:\rsit
2017-02-26 16:29 - 2017-02-26 16:29 - 00000000 ____D C:\Program Files\trend micro
2017-02-26 16:27 - 2017-02-26 16:28 - 01324032 _____ C:\Users\lukykos\Downloads\RSITx64.exe
2017-02-23 21:05 - 2017-02-23 21:05 - 00003976 _____ C:\WINDOWS\System32\Tasks\{CDA5889D-7A0E-3F36-0DAC-C1F834128FC7}
2017-02-23 21:05 - 2017-02-23 21:05 - 00003976 _____ C:\WINDOWS\System32\Tasks\{62D58402-D57E-33A9-866B-427B8F3261E7}
2017-02-23 21:05 - 2017-02-23 21:05 - 00000000 ____D C:\ProgramData\{BBAF9586-0C04-222D-733A-C310C6F6AB0F}
2017-02-23 21:05 - 2017-02-23 21:05 - 00000000 ____D C:\ProgramData\{128CAFAC-A527-1807-895D-56B88DD8F484}
2017-02-18 16:15 - 2017-02-18 16:15 - 00000000 _____ C:\hamachi-2-0541-20170218-161552.dmp
2017-02-17 21:38 - 2017-02-17 21:38 - 00000000 ____D C:\Users\lukykos\Downloads\Automaticke_Vypnuti_PC
2017-02-17 21:29 - 2017-02-17 21:29 - 00615434 _____ C:\Users\lukykos\Downloads\Automaticke_Vypnuti_PC.zip
2017-02-11 12:26 - 2017-02-11 12:26 - 03103454 _____ C:\Users\lukykos\Downloads\SkyBlock_v2.1.zip
2017-02-11 12:05 - 2017-02-11 12:05 - 00000000 ____D C:\Users\lukykos\Documents\Curse
2017-02-11 12:01 - 2017-02-23 21:09 - 00000000 ____D C:\Users\lukykos\AppData\Roaming\Curse Client
2017-02-11 11:57 - 2017-02-11 11:57 - 84707568 _____ (Curse) C:\Users\lukykos\Downloads\CurseClientSetup.exe
2017-02-11 10:42 - 2017-02-11 10:42 - 00000222 _____ C:\Users\lukykos\Desktop\Rocket League.url
2017-02-10 23:38 - 2017-02-10 23:38 - 00000222 _____ C:\Users\lukykos\Desktop\Factorio.url
2017-02-10 18:20 - 2017-03-07 14:37 - 00000000 ____D C:\Users\lukykos\AppData\Local\CrashDumps
2017-02-10 17:48 - 2017-02-10 17:48 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-10 17:48 - 2016-12-29 13:43 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-10 17:48 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-10 17:48 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-10 17:48 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-10 17:48 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-02-10 17:47 - 2017-01-04 15:24 - 00222648 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-02-10 17:47 - 2017-01-04 15:24 - 00210360 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-02-10 17:47 - 2016-12-29 14:06 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-12 16:31 - 2016-11-19 15:41 - 00000000 ____D C:\Users\lukykos\AppData\LocalLow\Mozilla
2017-03-12 16:31 - 2016-09-02 14:07 - 00000000 ____D C:\Users\lukykos\Desktop\Nová složka (3)
2017-03-12 16:24 - 2016-06-30 11:13 - 00000000 ____D C:\Users\lukykos\AppData\Roaming\Skype
2017-03-12 16:03 - 2016-12-27 19:15 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-12 15:19 - 2016-09-25 06:35 - 00000000 ____D C:\Users\lukykos
2017-03-12 15:17 - 2016-09-25 06:40 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2017-03-12 15:17 - 2016-09-25 06:40 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2017-03-11 21:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-10 20:40 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-07 21:05 - 2016-09-25 06:29 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-07 20:01 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-07 20:01 - 2016-06-30 11:12 - 00002658 _____ C:\Users\Public\Desktop\Skype.lnk
2017-03-07 20:01 - 2016-06-30 11:12 - 00000000 ____D C:\ProgramData\Skype
2017-03-07 20:00 - 2016-06-15 16:34 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-07 17:17 - 2017-01-27 15:13 - 00003294 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-03-07 17:17 - 2016-06-15 16:23 - 00002397 _____ C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-07 17:17 - 2016-06-15 16:23 - 00000000 ___RD C:\Users\lukykos\OneDrive
2017-03-07 17:11 - 2016-09-25 06:51 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-07 17:11 - 2016-09-25 06:31 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-07 17:10 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-07 17:08 - 2017-01-14 09:24 - 00001232 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-03-07 17:08 - 2017-01-01 21:29 - 00001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-03-07 17:08 - 2016-12-05 17:31 - 00001303 _____ C:\Users\lukykos\Desktop\Google Chrome.lnk
2017-03-07 17:08 - 2016-07-05 20:23 - 00002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-04 22:30 - 2016-09-04 18:09 - 00001435 _____ C:\Users\lukykos\Desktop\ROBLOX Player.lnk
2017-03-04 22:30 - 2016-09-04 18:09 - 00001250 _____ C:\Users\lukykos\Desktop\ROBLOX Studio.lnk
2017-03-04 22:30 - 2016-09-04 18:09 - 00000000 ____D C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-02-24 12:37 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-24 12:37 - 2016-06-15 19:09 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 12:33 - 2016-06-15 19:09 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{CD503F7A-7AFB-88D1-AA8E-102E9839FDA5}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{ADD8EF3D-1A73-5896-55D6-B502330BC0F3}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{929FBDE2-2534-0A49-79A6-CACDFF061ACD}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{651044B9-D2BB-F312-1649-060647157667}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{3E793E0D-89D2-89A6-F277-5C011EE8D9F5}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{299D261F-9E36-91B4-2894-5AEC8BBDC518}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{1B9B808D-AC30-3726-4572-439BB44CE605}
2017-02-23 21:05 - 2017-01-22 19:22 - 00000000 ____D C:\ProgramData\{1B4DEA7D-ACE6-5DD6-CBA3-B3B4D74E8A05}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{F2182982-45B3-9E29-6B47-8FF10B170B89}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{777C0CDB-C0D7-BB70-F62C-F5128F43849A}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{7171A84A-C6DA-1FE1-DE7E-25EF12E5148E}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{38DABB64-8F71-0CCF-6B89-B4C454A5CE64}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{36A0494C-810B-FEE7-A6D0-7D892DB0D54B}
2017-02-23 21:05 - 2017-01-17 17:42 - 00000000 ____D C:\ProgramData\{1B34E018-AC9F-57B3-BEFF-09E1444B4084}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{F1D4198B-467F-AE20-BC63-B9B2285515BA}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{EBBA2EEE-5C11-9945-1863-D4C8D31D98CF}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{E583F77F-5228-40D4-D736-3EA835065C39}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{D8352E8F-6F9E-9924-D8FF-0FC342F896DE}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{CDFF537B-7A54-E4D0-00C0-02409DC9BB48}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{C9D6FE21-7E7D-498A-4CB9-ABA6C0E196EF}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{B0829170-0729-26DB-FDF1-2DABE31D0DDF}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{9E07956E-29AC-22C5-7122-3D9FDA6CE6CC}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{96B3BAC8-2118-0D63-5BE7-9CCB109F92BC}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{9409E97A-23A2-5ED1-54EA-BBB602BAD5ED}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{8ECC1717-3967-A0BC-643D-BA01EF252B19}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{8518E7D3-32B3-5078-4743-BFD97374671A}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{7D7D6ED9-CAD6-D972-FB13-5CFD086A93D1}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{7A973D83-CD3C-8A28-0C29-4F7B0B3672E6}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{5C9A3476-EB31-83DD-4693-BA29EEC61C78}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{59F5DF12-EE5E-68B9-6872-914D9A6165A7}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{56A4B67C-E10F-01D7-6311-668609A07EFC}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{55B99A20-E212-2D8B-E4A1-DBFAFE24F06E}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{4D54E968-FAFF-5EC3-C645-6AA024054E11}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{38CC076F-8F67-B0C4-0352-3AF4BB22EE65}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{35273A61-828C-8DCA-8CE5-5FB97D27D681}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{203989DE-9792-3E75-F5F2-EE02D3FF55FC}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{1576FBDC-A2DD-4C77-F202-40FE6E2E42D1}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{0ECE888E-B965-3F25-E484-8F4AF6B6173D}
2017-02-23 21:05 - 2017-01-11 14:51 - 00000000 ____D C:\ProgramData\{09AEFE6E-BE05-49C5-94C4-AE7D72040EBD}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{E4BD55FC-5316-E257-1306-477553B1FB7F}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{CFFAF2F5-7851-455E-B16A-8B78BF5860E2}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{B6787064-01D3-C7CF-6807-1A7566D841C7}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{A4E94271-1342-F5DA-2F16-92354430913D}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{899158A1-3E3A-EF0A-7721-10C392E1973A}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{7CDC623D-CB77-D596-FFE8-E06031F08A5A}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{7144E9FE-C6EF-5E55-39D8-ABD1A487FD5B}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{31127FF7-86B9-C85C-89CE-361276409D1A}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{2264E049-95CF-57E2-3E2A-CDBC05E73188}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{119D5BEB-A636-EC40-3FA1-78CCFB144D2F}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{0899AFC8-BF32-1863-6CC9-78336B4279EE}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{06E7CD0A-B14C-7AA1-E5EA-47530BC945F0}
2017-02-23 21:05 - 2016-12-16 16:19 - 00000000 ____D C:\ProgramData\{05D80F2B-B273-B880-933E-FA517BE9A2CE}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{7CBF93FB-CB14-2450-D3AE-BCBC7827387B}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{7C995788-CB32-E023-1768-C28EDB73E9C5}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{70170708-C7BC-B0A3-1DD0-20BDAAE9769D}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{6C6C1653-DBC7-A1F8-2D30-E211E824C758}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{6B97C952-DC3C-7EF9-3AE8-FE66D6143677}
2017-02-23 21:05 - 2016-11-26 08:56 - 00000000 ____D C:\ProgramData\{11597869-A6F2-CFC2-221F-D20D334FE5B6}
2017-02-18 16:15 - 2016-09-25 06:42 - 00000476 _____ C:\WINDOWS\Tasks\SMW_UpdateTask_Time_323238343538353637382d3437415a556c2a3223346c41.job
2017-02-17 17:45 - 2016-12-11 16:45 - 00542760 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-02-10 17:49 - 2016-09-25 06:31 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-10 17:49 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-10 17:49 - 2016-06-15 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-10 17:47 - 2016-09-25 06:30 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-10 17:47 - 2016-09-25 06:30 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
==================== Files in the root of some directories =======
2016-11-04 17:57 - 2016-11-04 17:57 - 2924848 _____ () C:\Program Files\Common Files\00idalsa.exe
2016-11-20 19:29 - 2016-11-20 19:29 - 2942100 _____ () C:\Program Files\Common Files\04nspnbe.exe
2016-12-06 13:41 - 2016-12-06 13:41 - 2938894 _____ () C:\Program Files\Common Files\04qwdu25.exe
2016-10-04 16:58 - 2016-10-04 16:58 - 2944529 _____ () C:\Program Files\Common Files\05oefwsf.exe
2016-10-27 16:57 - 2016-10-27 16:57 - 2921590 _____ () C:\Program Files\Common Files\0eg00edc.exe
2016-10-02 16:57 - 2016-10-02 16:57 - 2954707 _____ () C:\Program Files\Common Files\0en0e3sg.exe
2016-12-29 20:59 - 2016-12-29 20:59 - 3021703 _____ () C:\Program Files\Common Files\0exsbrkr.exe
2016-11-30 15:49 - 2016-11-30 15:49 - 2940140 _____ () C:\Program Files\Common Files\0g1dgsbu.exe
2016-11-26 20:59 - 2016-11-26 20:59 - 2943148 _____ () C:\Program Files\Common Files\0l12ipt1.exe
2016-07-12 19:59 - 2016-07-12 19:59 - 2920467 _____ () C:\Program Files\Common Files\0oorw430.exe
2016-11-23 15:13 - 2016-11-23 15:13 - 2932717 _____ () C:\Program Files\Common Files\0py4bdua.exe
2016-12-22 12:52 - 2016-12-22 12:53 - 3021667 _____ () C:\Program Files\Common Files\0vzqz3ha.exe
2016-10-25 20:00 - 2016-10-25 20:00 - 2915659 _____ () C:\Program Files\Common Files\11hlxcdr.exe
2016-11-13 17:57 - 2016-11-13 17:57 - 2934450 _____ () C:\Program Files\Common Files\1513ml3w.exe
2016-07-08 16:57 - 2016-07-08 16:57 - 2782549 _____ () C:\Program Files\Common Files\1ddqp54b.exe
2016-11-25 19:38 - 2016-11-25 19:38 - 2943148 _____ () C:\Program Files\Common Files\1hmb0u3j.exe
2016-11-01 13:11 - 2016-11-01 13:11 - 2950363 _____ () C:\Program Files\Common Files\1kqprawj.exe
2016-12-11 15:28 - 2016-12-11 15:28 - 2935391 _____ () C:\Program Files\Common Files\1zrqceuc.exe
2017-01-01 20:59 - 2017-01-01 20:59 - 3021732 _____ () C:\Program Files\Common Files\25rort0e.exe
2016-10-09 18:30 - 2016-10-09 18:30 - 2955293 _____ () C:\Program Files\Common Files\2cxyqc3s.exe
2016-10-03 17:11 - 2016-10-03 17:11 - 2956230 _____ () C:\Program Files\Common Files\2demmik5.exe
2016-11-25 14:59 - 2016-11-25 14:59 - 2943148 _____ () C:\Program Files\Common Files\2mvyv5jg.exe
2016-11-06 14:55 - 2016-11-06 14:55 - 2945240 _____ () C:\Program Files\Common Files\2nyysd1k.exe
2016-11-04 15:04 - 2016-11-04 15:04 - 2923820 _____ () C:\Program Files\Common Files\2sj4satr.exe
2016-11-03 20:15 - 2016-11-03 20:15 - 2935835 _____ () C:\Program Files\Common Files\35saldnh.exe
2016-07-18 18:04 - 2016-07-18 18:04 - 2944051 _____ () C:\Program Files\Common Files\3czrm32s.exe
2016-12-04 15:29 - 2016-12-04 15:29 - 2946417 _____ () C:\Program Files\Common Files\3pygfqz2.exe
2016-11-10 19:54 - 2016-11-10 19:54 - 2934450 _____ () C:\Program Files\Common Files\43gtalhj.exe
2016-10-23 16:57 - 2016-10-23 16:57 - 2914405 _____ () C:\Program Files\Common Files\4nmjvmnq.exe
2016-10-31 17:57 - 2016-10-31 17:57 - 2950363 _____ () C:\Program Files\Common Files\4qvpor1y.exe
2016-10-20 16:17 - 2016-10-20 16:17 - 2905522 _____ () C:\Program Files\Common Files\4qxmimad.exe
2016-09-28 19:39 - 2016-09-28 19:39 - 2946944 _____ () C:\Program Files\Common Files\4rt1jhl0.exe
2016-08-06 16:57 - 2016-08-06 16:57 - 2935236 _____ () C:\Program Files\Common Files\51seazmq.exe
2016-10-29 16:57 - 2016-10-29 16:57 - 2921590 _____ () C:\Program Files\Common Files\55kmvsar.exe
2016-12-28 17:57 - 2016-12-28 17:57 - 3021730 _____ () C:\Program Files\Common Files\55wqanx1.exe
2016-07-14 15:08 - 2016-07-14 15:08 - 2932283 _____ () C:\Program Files\Common Files\5a5icbj1.exe
2016-10-10 17:36 - 2016-10-10 17:36 - 2912949 _____ () C:\Program Files\Common Files\5b21lv0u.exe
2016-10-16 18:16 - 2016-10-16 18:16 - 2899580 _____ () C:\Program Files\Common Files\5vbqgvei.exe
2017-01-03 19:33 - 2017-01-03 19:33 - 3021780 _____ () C:\Program Files\Common Files\5xpjcjyy.exe
2016-11-03 20:15 - 2016-11-03 20:15 - 2935835 _____ () C:\Program Files\Common Files\a40qd1hl.exe
2016-07-11 19:59 - 2016-07-11 19:59 - 2782549 _____ () C:\Program Files\Common Files\amnzgeh5.exe
2016-10-03 19:59 - 2016-10-03 19:59 - 2930886 _____ () C:\Program Files\Common Files\bauhbmft.exe
2016-10-22 13:41 - 2016-10-22 13:41 - 2927797 _____ () C:\Program Files\Common Files\beykqiqq.exe
2016-11-11 17:57 - 2016-11-11 17:57 - 2934450 _____ () C:\Program Files\Common Files\bocciwdm.exe
2016-11-07 18:08 - 2016-11-07 18:08 - 2933671 _____ () C:\Program Files\Common Files\c12vnv5o.exe
2016-12-22 12:52 - 2016-12-22 12:53 - 3021667 _____ () C:\Program Files\Common Files\cerubweq.exe
2016-10-26 16:57 - 2016-10-26 16:57 - 2921590 _____ () C:\Program Files\Common Files\cjgiw3p2.exe
2016-12-04 15:29 - 2016-12-04 15:29 - 2946417 _____ () C:\Program Files\Common Files\couiw1uy.exe
2016-08-08 09:09 - 2016-08-08 09:09 - 2938647 _____ () C:\Program Files\Common Files\csuzaoe1.exe
2016-10-22 13:41 - 2016-10-22 13:41 - 2927797 _____ () C:\Program Files\Common Files\cyvuxdtg.exe
2016-12-12 17:57 - 2016-12-12 17:57 - 2932101 _____ () C:\Program Files\Common Files\cz1r2jom.exe
2016-10-16 18:16 - 2016-10-16 18:16 - 2899580 _____ () C:\Program Files\Common Files\drczz3tq.exe
2016-12-05 17:30 - 2016-12-05 17:30 - 2953209 _____ () C:\Program Files\Common Files\drm512ed.exe
2016-12-02 14:26 - 2016-12-02 14:26 - 2929716 _____ () C:\Program Files\Common Files\ebnrmo5w.exe
2016-07-16 11:21 - 2016-07-16 11:21 - 2939768 _____ () C:\Program Files\Common Files\edpms1kt.exe
2016-11-12 20:59 - 2016-11-12 20:59 - 2934450 _____ () C:\Program Files\Common Files\ehmunlei.exe
2016-10-06 16:22 - 2016-10-06 16:22 - 2930361 _____ () C:\Program Files\Common Files\ei2e3myr.exe
2016-11-21 17:57 - 2016-11-21 17:57 - 2934898 _____ () C:\Program Files\Common Files\elhvr21v.exe
2016-11-08 19:37 - 2016-11-08 19:37 - 2943601 _____ () C:\Program Files\Common Files\erw0x2t4.exe
2016-12-22 20:20 - 2016-12-22 20:20 - 3021753 _____ () C:\Program Files\Common Files\estffh1a.exe
2016-09-29 17:14 - 2016-09-29 17:14 - 2939150 _____ () C:\Program Files\Common Files\eydxk5dx.exe
2016-10-15 13:27 - 2016-10-15 13:27 - 2912360 _____ () C:\Program Files\Common Files\f2hq1oo5.exe
2016-10-30 21:00 - 2016-10-30 21:00 - 2937121 _____ () C:\Program Files\Common Files\faqrpddn.exe
2016-12-26 21:06 - 2016-12-26 21:06 - 3021675 _____ () C:\Program Files\Common Files\fl0jptaf.exe
2016-11-23 20:31 - 2016-11-23 20:31 - 2951694 _____ () C:\Program Files\Common Files\fmbzwqv5.exe
2016-12-31 10:15 - 2016-12-31 10:15 - 3021725 _____ () C:\Program Files\Common Files\fq05k4uv.exe
2016-07-18 18:04 - 2016-07-18 18:04 - 2944051 _____ () C:\Program Files\Common Files\fupdol1g.exe
2016-11-15 14:17 - 2016-11-15 14:17 - 2932047 _____ () C:\Program Files\Common Files\fzcpmz2f.exe
2016-12-01 17:57 - 2016-12-01 17:57 - 2948294 _____ () C:\Program Files\Common Files\g2ogkbjk.exe
2016-09-30 19:15 - 2016-09-30 19:15 - 2951025 _____ () C:\Program Files\Common Files\gc0ct2ic.exe
2016-10-15 13:27 - 2016-10-15 13:27 - 2912360 _____ () C:\Program Files\Common Files\ggn1cfcf.exe
2016-12-21 14:54 - 2016-12-21 14:55 - 3021671 _____ () C:\Program Files\Common Files\giz25buw.exe
2016-11-18 19:58 - 2016-11-18 19:58 - 2929738 _____ () C:\Program Files\Common Files\gzu42hjw.exe
2016-10-29 19:59 - 2016-10-29 19:59 - 2921590 _____ () C:\Program Files\Common Files\h3ldt4iw.exe
2016-12-26 21:06 - 2016-12-26 21:06 - 3021675 _____ () C:\Program Files\Common Files\hbufyaxp.exe
2016-11-18 20:59 - 2016-11-18 20:59 - 2933637 _____ () C:\Program Files\Common Files\hokxdgia.exe
2016-10-13 17:15 - 2016-10-13 17:15 - 2905641 _____ () C:\Program Files\Common Files\hp1d0yhk.exe
2016-07-18 19:59 - 2016-07-18 19:59 - 2941163 _____ () C:\Program Files\Common Files\hsdaaor0.exe
2016-10-16 19:59 - 2016-10-16 19:59 - 2918173 _____ () C:\Program Files\Common Files\htu5opdz.exe
2016-10-28 19:59 - 2016-10-28 19:59 - 2921590 _____ () C:\Program Files\Common Files\hx3xvvq0.exe
2017-01-02 19:06 - 2017-01-02 19:06 - 3021787 _____ () C:\Program Files\Common Files\i0xrlyta.exe
2016-11-23 20:59 - 2016-11-23 20:59 - 2929242 _____ () C:\Program Files\Common Files\ibadiuoq.exe
2016-12-22 20:59 - 2016-12-22 20:59 - 3021665 _____ () C:\Program Files\Common Files\iia2bvha.exe
2016-11-14 18:06 - 2016-11-14 18:06 - 2934450 _____ () C:\Program Files\Common Files\inmjytrw.exe
2016-07-08 19:59 - 2016-07-08 19:59 - 2782549 _____ () C:\Program Files\Common Files\invpfu0b.exe
2016-12-10 09:11 - 2016-12-10 09:11 - 2956128 _____ () C:\Program Files\Common Files\ioz0y3vw.exe
2016-10-27 19:59 - 2016-10-27 19:59 - 2921590 _____ () C:\Program Files\Common Files\j0a2lxdk.exe
2016-12-01 16:55 - 2016-12-01 16:55 - 2949285 _____ () C:\Program Files\Common Files\j3avvwpf.exe
2016-11-27 19:37 - 2016-11-27 19:37 - 2946256 _____ () C:\Program Files\Common Files\j3w54hai.exe
2016-07-19 16:57 - 2016-07-19 16:57 - 2921548 _____ () C:\Program Files\Common Files\j5zwfmc5.exe
2016-10-28 16:57 - 2016-10-28 16:57 - 2921590 _____ () C:\Program Files\Common Files\jfdmwnxf.exe
2016-07-09 16:57 - 2016-07-09 16:57 - 2782549 _____ () C:\Program Files\Common Files\jgd5slbd.exe
2016-11-16 15:17 - 2016-11-16 15:17 - 2938944 _____ () C:\Program Files\Common Files\jlskobxi.exe
2016-10-08 17:02 - 2016-10-08 17:02 - 2935036 _____ () C:\Program Files\Common Files\jousgfve.exe
2016-11-26 17:57 - 2016-11-26 17:57 - 2943148 _____ () C:\Program Files\Common Files\jwnsekcc.exe
2016-10-06 16:57 - 2016-10-06 16:57 - 2955516 _____ () C:\Program Files\Common Files\jxdhicfl.exe
2016-07-11 08:22 - 2016-07-11 08:22 - 2782549 _____ () C:\Program Files\Common Files\jzy3jrbp.exe
2016-10-06 16:22 - 2016-10-06 16:22 - 2930361 _____ () C:\Program Files\Common Files\k15yq0dv.exe
2016-11-20 19:28 - 2016-11-20 19:28 - 2942100 _____ () C:\Program Files\Common Files\k2fczvw1.exe
2016-12-27 17:57 - 2016-12-27 17:57 - 3021779 _____ () C:\Program Files\Common Files\kcasrqjk.exe
2016-12-18 18:00 - 2016-12-18 18:00 - 3021114 _____ () C:\Program Files\Common Files\kcmu1hjy.exe
2016-10-22 19:59 - 2016-10-22 19:59 - 2921572 _____ () C:\Program Files\Common Files\kddozdaw.exe
2016-07-10 16:57 - 2016-07-10 16:57 - 2782549 _____ () C:\Program Files\Common Files\kojkkksw.exe
2016-10-20 16:57 - 2016-10-20 16:57 - 2901670 _____ () C:\Program Files\Common Files\kqzavkf1.exe
2016-09-30 11:08 - 2016-09-30 11:08 - 2942067 _____ () C:\Program Files\Common Files\kym0fmv2.exe
2016-07-17 09:20 - 2016-07-17 09:20 - 2920600 _____ () C:\Program Files\Common Files\kzqjbomh.exe
2016-11-04 20:59 - 2016-11-04 20:59 - 2946612 _____ () C:\Program Files\Common Files\lihu4y5m.exe
2016-11-30 15:49 - 2016-11-30 15:49 - 2940140 _____ () C:\Program Files\Common Files\lksgpha4.exe
2017-01-01 17:57 - 2017-01-01 17:57 - 3021732 _____ () C:\Program Files\Common Files\lmkizp1g.exe
2016-12-09 17:59 - 2016-12-09 17:59 - 2956128 _____ () C:\Program Files\Common Files\lnbwitw4.exe
2016-07-05 19:59 - 2016-07-05 19:59 - 2782549 _____ () C:\Program Files\Common Files\loceak34.exe
2016-10-20 16:17 - 2016-10-20 16:17 - 2905522 _____ () C:\Program Files\Common Files\lt2nwekn.exe
2016-07-12 16:57 - 2016-07-12 16:57 - 2938043 _____ () C:\Program Files\Common Files\lteolrn2.exe
2016-10-02 08:32 - 2016-10-02 08:32 - 2951389 _____ () C:\Program Files\Common Files\m5mnqkpb.exe
2016-07-14 19:59 - 2016-07-14 19:59 - 2939331 _____ () C:\Program Files\Common Files\mabb30u2.exe
2016-07-04 19:59 - 2016-07-04 19:59 - 2782549 _____ () C:\Program Files\Common Files\mb3hbxpr.exe
2016-10-09 19:59 - 2016-10-09 19:59 - 2932069 _____ () C:\Program Files\Common Files\mjm1iijh.exe
2016-07-11 16:57 - 2016-07-11 16:57 - 2782549 _____ () C:\Program Files\Common Files\mjyfzx2u.exe
2016-07-14 15:08 - 2016-07-14 15:08 - 2932283 _____ () C:\Program Files\Common Files\mkoe4tkw.exe
2016-12-02 17:57 - 2016-12-02 17:57 - 2951041 _____ () C:\Program Files\Common Files\mxurj5np.exe
2016-09-21 13:52 - 2016-09-21 13:52 - 2919632 _____ () C:\Program Files\Common Files\n0ffhyal.exe
2016-12-02 21:00 - 2016-12-02 21:00 - 2934012 _____ () C:\Program Files\Common Files\n0vc25wh.exe
2016-07-14 16:57 - 2016-07-14 16:57 - 2927864 _____ () C:\Program Files\Common Files\n3wxpty5.exe
2016-07-16 16:57 - 2016-07-16 16:57 - 2936439 _____ () C:\Program Files\Common Files\n41mxg1i.exe
2016-08-08 09:09 - 2016-08-08 09:09 - 2938647 _____ () C:\Program Files\Common Files\n455teom.exe
2016-12-16 17:57 - 2016-12-16 17:57 - 3020737 _____ () C:\Program Files\Common Files\nfwgznb1.exe
2016-10-07 13:42 - 2016-10-07 13:42 - 2929811 _____ () C:\Program Files\Common Files\nigl4eoo.exe
2016-12-04 17:57 - 2016-12-04 17:57 - 2932227 _____ () C:\Program Files\Common Files\nwdekrup.exe
2016-12-29 19:41 - 2016-12-29 19:41 - 3021696 _____ () C:\Program Files\Common Files\o54eapdx.exe
2016-07-07 18:29 - 2016-07-07 18:29 - 2782549 _____ () C:\Program Files\Common Files\oayeqwmu.exe
2016-12-15 20:08 - 2016-12-15 20:08 - 3020700 _____ () C:\Program Files\Common Files\ob01ljjm.exe
2016-12-19 15:13 - 2016-12-19 15:13 - 3021071 _____ () C:\Program Files\Common Files\oksocrum.exe
2016-10-17 19:59 - 2016-10-17 19:59 - 2918600 _____ () C:\Program Files\Common Files\ozv1vdjg.exe
2016-11-26 08:59 - 2016-11-26 08:59 - 2943148 _____ () C:\Program Files\Common Files\p1fvv3db.exe
2016-12-11 17:57 - 2016-12-11 17:57 - 2931631 _____ () C:\Program Files\Common Files\p3ojh45m.exe
2016-11-14 18:06 - 2016-11-14 18:06 - 2934450 _____ () C:\Program Files\Common Files\palguvvs.exe
2016-12-28 20:59 - 2016-12-28 20:59 - 3021716 _____ () C:\Program Files\Common Files\pcd2ombm.exe
2016-10-18 16:57 - 2016-10-18 16:57 - 2922291 _____ () C:\Program Files\Common Files\pjii3qxu.exe
2016-11-20 20:59 - 2016-11-20 20:59 - 2933300 _____ () C:\Program Files\Common Files\pmmuqhgv.exe
2016-07-09 19:59 - 2016-07-09 19:59 - 2782549 _____ () C:\Program Files\Common Files\q2a3gd0a.exe
2016-11-08 14:25 - 2016-11-08 14:25 - 2940624 _____ () C:\Program Files\Common Files\qbgroqgg.exe
2016-09-28 19:39 - 2016-09-28 19:39 - 2946944 _____ () C:\Program Files\Common Files\qfpr1zwt.exe
2016-08-17 19:13 - 2016-08-17 19:13 - 2946352 _____ () C:\Program Files\Common Files\qh4urva5.exe
2016-11-11 17:35 - 2016-11-11 17:35 - 2934450 _____ () C:\Program Files\Common Files\qqcyi2gx.exe
2016-12-18 18:00 - 2016-12-18 18:00 - 3021114 _____ () C:\Program Files\Common Files\qqxofseg.exe
2016-11-12 15:55 - 2016-11-12 15:55 - 2934450 _____ () C:\Program Files\Common Files\r0ftsvbl.exe
2016-12-17 13:19 - 2016-12-17 13:19 - 3020680 _____ () C:\Program Files\Common Files\r2olm24z.exe
2016-10-21 13:19 - 2016-10-21 13:19 - 2927316 _____ () C:\Program Files\Common Files\r5olko2w.exe
2016-07-03 19:59 - 2016-07-03 19:59 - 2782549 _____ () C:\Program Files\Common Files\ri5x4fgk.exe
2016-12-19 17:57 - 2016-12-19 17:57 - 3021770 _____ () C:\Program Files\Common Files\rxqpuygp.exe
2016-12-27 20:59 - 2016-12-27 20:59 - 3021724 _____ () C:\Program Files\Common Files\s5wtazjc.exe
2016-11-19 17:57 - 2016-11-19 17:57 - 2945069 _____ () C:\Program Files\Common Files\sl2d3zpl.exe
2017-01-03 14:44 - 2017-01-03 14:44 - 3021709 _____ () C:\Program Files\Common Files\smxueyuc.exe
2016-10-25 12:12 - 2016-10-25 12:13 - 2903248 _____ () C:\Program Files\Common Files\sycms1br.exe
2016-07-06 19:59 - 2016-07-06 19:59 - 2782549 _____ () C:\Program Files\Common Files\t0n5ss3c.exe
2016-07-05 19:58 - 2016-07-05 19:58 - 2782549 _____ () C:\Program Files\Common Files\tje4ytpi.exe
2016-12-15 20:08 - 2016-12-15 20:08 - 3020700 _____ () C:\Program Files\Common Files\tnwtjvk2.exe
2017-01-01 14:00 - 2017-01-01 14:00 - 3021732 _____ () C:\Program Files\Common Files\tqfs03wv.exe
2016-12-21 14:54 - 2016-12-21 14:55 - 3021671 _____ () C:\Program Files\Common Files\tvs414ga.exe
2016-12-05 17:57 - 2016-12-05 17:57 - 2927990 _____ () C:\Program Files\Common Files\twe11t2e.exe
2016-10-17 16:57 - 2016-10-17 16:57 - 2925323 _____ () C:\Program Files\Common Files\tyi1nqr2.exe
2016-07-15 16:57 - 2016-07-15 16:57 - 2942508 _____ () C:\Program Files\Common Files\u5dy0prb.exe
2016-12-11 15:28 - 2016-12-11 15:28 - 2935391 _____ () C:\Program Files\Common Files\udhysuxk.exe
2016-11-06 17:57 - 2016-11-06 17:57 - 2938085 _____ () C:\Program Files\Common Files\ugxhryqz.exe
2016-11-06 14:55 - 2016-11-06 14:55 - 2945240 _____ () C:\Program Files\Common Files\uuozoc05.exe
2016-10-25 16:57 - 2016-10-25 16:57 - 2904199 _____ () C:\Program Files\Common Files\uxbuzdja.exe
2016-11-16 15:17 - 2016-11-16 15:17 - 2938944 _____ () C:\Program Files\Common Files\uxsh02ar.exe
2016-09-28 20:01 - 2016-09-28 20:01 - 2943114 _____ () C:\Program Files\Common Files\v4aqxnwd.exe
2016-12-20 14:10 - 2016-12-20 14:10 - 3021670 _____ () C:\Program Files\Common Files\vk0wkvcr.exe
2016-12-31 10:15 - 2016-12-31 10:15 - 3021725 _____ () C:\Program Files\Common Files\vlxzsivq.exe
2016-11-07 18:08 - 2016-11-07 18:08 - 2933671 _____ () C:\Program Files\Common Files\vs0zp3ks.exe
2016-11-23 15:14 - 2016-11-23 15:14 - 2932717 _____ () C:\Program Files\Common Files\vtuzsmei.exe
2016-10-08 19:59 - 2016-10-08 19:59 - 2927877 _____ () C:\Program Files\Common Files\vwjjrjvt.exe
2016-11-24 19:54 - 2016-11-24 19:54 - 2943148 _____ () C:\Program Files\Common Files\w4yo24kb.exe
2016-10-22 16:57 - 2016-10-22 16:57 - 2918021 _____ () C:\Program Files\Common Files\wdadnedb.exe
2016-11-18 19:58 - 2016-11-18 19:58 - 2929738 _____ () C:\Program Files\Common Files\wf51afsz.exe
2016-12-12 15:14 - 2016-12-12 15:14 - 2935878 _____ () C:\Program Files\Common Files\wknlgrk1.exe
2016-10-11 14:07 - 2016-10-11 14:07 - 2908906 _____ () C:\Program Files\Common Files\wrdyohnj.exe
2016-07-04 16:57 - 2016-07-04 16:57 - 2782549 _____ () C:\Program Files\Common Files\wwvmuezm.exe
2016-10-02 08:32 - 2016-10-02 08:32 - 2951389 _____ () C:\Program Files\Common Files\x0riyolp.exe
2016-09-30 19:59 - 2016-09-30 19:59 - 2928684 _____ () C:\Program Files\Common Files\xcp5ic0i.exe
2016-11-10 19:54 - 2016-11-10 19:54 - 2934450 _____ () C:\Program Files\Common Files\xjczwvpu.exe
2017-01-01 14:00 - 2017-01-01 14:00 - 3021732 _____ () C:\Program Files\Common Files\xliupj2u.exe
2016-10-30 17:57 - 2016-10-30 17:57 - 2936204 _____ () C:\Program Files\Common Files\xuw3hhm2.exe
2016-10-08 17:02 - 2016-10-08 17:02 - 2935036 _____ () C:\Program Files\Common Files\xxyaq1ht.exe
2016-07-07 19:59 - 2016-07-07 19:59 - 2782549 _____ () C:\Program Files\Common Files\y3l0nk3r.exe
2016-10-03 17:11 - 2016-10-03 17:11 - 2956230 _____ () C:\Program Files\Common Files\yd0rt05x.exe
2016-10-15 17:18 - 2016-10-15 17:18 - 2907559 _____ () C:\Program Files\Common Files\ygm5w2au.exe
2016-12-09 15:55 - 2016-12-09 15:55 - 2956128 _____ () C:\Program Files\Common Files\yqsq0cbg.exe
2016-12-15 20:59 - 2016-12-15 20:59 - 3020706 _____ () C:\Program Files\Common Files\yshmwokf.exe
2016-10-13 17:15 - 2016-10-13 17:15 - 2905641 _____ () C:\Program Files\Common Files\z1qbrjtb.exe
2016-12-01 16:55 - 2016-12-01 16:55 - 2949285 _____ () C:\Program Files\Common Files\z4clxxqv.exe
2016-12-09 15:55 - 2016-12-09 15:55 - 2956128 _____ () C:\Program Files\Common Files\zfa2n2yt.exe
2016-11-22 13:54 - 2016-11-22 13:54 - 2927502 _____ () C:\Program Files\Common Files\zhwghrnp.exe
2016-07-06 16:57 - 2016-07-06 16:57 - 2782549 _____ () C:\Program Files\Common Files\zqs102rv.exe
2016-11-12 17:57 - 2016-11-12 17:57 - 2934450 _____ () C:\Program Files\Common Files\zutt2rov.exe
2016-10-25 12:12 - 2016-10-25 12:13 - 2903248 _____ () C:\Program Files\Common Files\zz5r55he.exe
2016-07-03 18:56 - 2016-07-03 18:56 - 2279413 _____ () C:\Users\lukykos\AppData\Roaming\Anplus.bin
2016-07-03 18:56 - 2016-07-03 18:56 - 0054272 _____ () C:\Users\lukykos\AppData\Roaming\ApplicationHosting.dat
2016-07-03 18:56 - 2016-07-03 18:56 - 1761214 _____ () C:\Users\lukykos\AppData\Roaming\Consoft.tst
2016-06-28 02:12 - 2016-06-28 02:12 - 0314434 _____ () C:\Users\lukykos\AppData\Roaming\EYapp.apk
2016-07-03 18:56 - 2016-07-03 18:56 - 0072704 _____ () C:\Users\lukykos\AppData\Roaming\Good-Hold.tst
2016-07-03 18:56 - 2016-07-03 18:56 - 0126464 _____ () C:\Users\lukykos\AppData\Roaming\lobby.dat
2016-07-15 14:11 - 2016-07-15 14:56 - 7616340 _____ () C:\Users\lukykos\AppData\Roaming\setup.apk
2016-07-03 18:56 - 2016-07-03 18:56 - 0189635 _____ () C:\Users\lukykos\AppData\Roaming\Y-phase.bin
2016-08-04 13:39 - 2016-08-04 13:39 - 0000000 ___SH () C:\Users\lukykos\AppData\Local\LumaEmu
2016-07-03 18:57 - 2016-07-03 18:57 - 0041472 _____ () C:\Users\lukykos\AppData\Local\statstrip.dat
2016-07-03 18:57 - 2016-07-03 18:57 - 0000187 _____ () C:\Users\lukykos\AppData\Local\statstrip.exe.config
Some files in TEMP:
====================
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\103322779.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\110708445.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\119984832.t.exe
2017-01-22 19:22 - 2017-01-22 19:22 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\133089149.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\1912568.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\21876516.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\27543046.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\29083994.t.exe
2017-02-23 19:18 - 2017-02-23 19:18 - 1433088 _____ () C:\Users\lukykos\AppData\Local\Temp\29837922.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\34111101.t.exe
2017-02-23 19:18 - 2017-02-23 19:18 - 1433088 _____ () C:\Users\lukykos\AppData\Local\Temp\43152943.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\45483728.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\46522839.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\47682761.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\48985246.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\4931755.t.exe
2017-01-22 19:22 - 2017-01-22 19:22 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\49925678.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\50814912.t.exe
2017-01-22 19:22 - 2017-01-22 19:22 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\53068435.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\55962992.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\57536350.t.exe
2017-02-23 19:18 - 2017-02-23 19:18 - 1433088 _____ () C:\Users\lukykos\AppData\Local\Temp\61051531.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\63336490.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\83655997.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\84898033.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\87793770.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\91546016.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\91738252.t.exe
2017-01-11 14:51 - 2017-01-11 14:51 - 1178112 _____ () C:\Users\lukykos\AppData\Local\Temp\98522940.t.exe
2016-10-04 16:45 - 2016-08-03 05:28 - 0962072 _____ (BlueStack Systems, Inc.) C:\Users\lukykos\AppData\Local\Temp\BluestacksUninstaller.exe
2016-12-04 19:32 - 2016-12-04 19:51 - 0208896 _____ (Sony DADC Austria AG) C:\Users\lukykos\AppData\Local\Temp\drm_dyndata_7370012.dll
2016-10-04 16:45 - 2016-08-03 05:27 - 0187416 _____ (BlueStack Systems) C:\Users\lukykos\AppData\Local\Temp\HD-LibraryHandler.dll
2016-10-04 16:45 - 2016-08-03 05:25 - 0246808 _____ (BlueStack Systems) C:\Users\lukykos\AppData\Local\Temp\HD-Logger-Native.dll
2017-03-07 19:59 - 2017-03-07 19:59 - 14456872 _____ (Microsoft Corporation) C:\Users\lukykos\AppData\Local\Temp\vc_redist.x86.exe
2016-12-25 17:36 - 2016-12-25 17:36 - 7349520 _____ () C:\Users\lukykos\AppData\Local\Temp\~E49E.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-03-05 07:52
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vyskakují reklamy,nezůstává domovská stránka
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [Akamai NetSession Interface] => C:\Users\lukykos\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
c:\Users\lukykos\AppData\Local\Akamai
ShellExecuteHooks: No Name - {6710C780-E20E-4C49-A87D-321850ED3D7C} - -> No File
ShortcutTarget: Curse.lnk -> C:\Users\lukykos\AppData\Roaming\Curse Client\Bin\Curse.exe (No File)
GroupPolicy: Restriction - Chrome <======= ATTENTION
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72 ... bHNn5s,&q={searchTerms}
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72 ... Y72fPrKT7M,
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001 -> {46DAFD89-E4E4-4037-5507-D2F982BAF333} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... fhWHwk6&q={searchTerms}
FF Keyword.URL: Mozilla\Firefox\Profiles\acezlehe.default-1470335100542 -> hxxp://www-searching.com/search.aspx?si ... s&shr=d&q={searchTerms}&s=Unknown
CHR HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72 ... fKUz_GpDb8,
CHR StartupUrls: Default -> "hxxp://www-searching.com/?pid=s&s=Unknown"
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?si ... s&shr=d&q={searchTerms}&s=Unknown
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtyp ... 1&command={searchTerms}
C:\ProgramData\ocep
S2 ocep; C:\ProgramData\\ocep\\ocep.exe [1120768 2017-03-07] () [File not signed]
C:\ProgramData\oceps
C:\ProgramData\{BBAF9586-0C04-222D-733A-C310C6F6AB0F}
C:\ProgramData\{128CAFAC-A527-1807-895D-56B88DD8F484}
C:\Program Files\Common Files\00idalsa.exe
C:\Program Files\Common Files\04nspnbe.exe
C:\Program Files\Common Files\04qwdu25.exe
C:\Program Files\Common Files\05oefwsf.exe
C:\Program Files\Common Files\0eg00edc.exe
C:\Program Files\Common Files\0en0e3sg.exe
C:\Program Files\Common Files\0exsbrkr.exe
C:\Program Files\Common Files\0g1dgsbu.exe
C:\Program Files\Common Files\0l12ipt1.exe
C:\Program Files\Common Files\0oorw430.exe
C:\Program Files\Common Files\0py4bdua.exe
C:\Program Files\Common Files\0vzqz3ha.exe
C:\Program Files\Common Files\11hlxcdr.exe
C:\Program Files\Common Files\1513ml3w.exe
C:\Program Files\Common Files\1ddqp54b.exe
C:\Program Files\Common Files\1hmb0u3j.exe
C:\Program Files\Common Files\1kqprawj.exe
C:\Program Files\Common Files\1zrqceuc.exe
C:\Program Files\Common Files\25rort0e.exe
C:\Program Files\Common Files\2cxyqc3s.exe
C:\Program Files\Common Files\2demmik5.exe
C:\Program Files\Common Files\2mvyv5jg.exe
C:\Program Files\Common Files\2nyysd1k.exe
C:\Program Files\Common Files\2sj4satr.exe
C:\Program Files\Common Files\35saldnh.exe
C:\Program Files\Common Files\3czrm32s.exe
C:\Program Files\Common Files\3pygfqz2.exe
C:\Program Files\Common Files\43gtalhj.exe
C:\Program Files\Common Files\4nmjvmnq.exe
C:\Program Files\Common Files\4qvpor1y.exe
C:\Program Files\Common Files\4qxmimad.exe
C:\Program Files\Common Files\4rt1jhl0.exe
C:\Program Files\Common Files\51seazmq.exe
C:\Program Files\Common Files\55kmvsar.exe
C:\Program Files\Common Files\55wqanx1.exe
C:\Program Files\Common Files\5a5icbj1.exe
C:\Program Files\Common Files\5b21lv0u.exe
C:\Program Files\Common Files\5vbqgvei.exe
C:\Program Files\Common Files\5xpjcjyy.exe
C:\Program Files\Common Files\a40qd1hl.exe
C:\Program Files\Common Files\amnzgeh5.exe
C:\Program Files\Common Files\bauhbmft.exe
C:\Program Files\Common Files\beykqiqq.exe
C:\Program Files\Common Files\bocciwdm.exe
C:\Program Files\Common Files\c12vnv5o.exe
C:\Program Files\Common Files\cerubweq.exe
C:\Program Files\Common Files\cjgiw3p2.exe
C:\Program Files\Common Files\couiw1uy.exe
C:\Program Files\Common Files\csuzaoe1.exe
C:\Program Files\Common Files\cyvuxdtg.exe
C:\Program Files\Common Files\cz1r2jom.exe
C:\Program Files\Common Files\drczz3tq.exe
C:\Program Files\Common Files\drm512ed.exe
C:\Program Files\Common Files\ebnrmo5w.exe
C:\Program Files\Common Files\edpms1kt.exe
C:\Program Files\Common Files\ehmunlei.exe
C:\Program Files\Common Files\ei2e3myr.exe
C:\Program Files\Common Files\elhvr21v.exe
C:\Program Files\Common Files\erw0x2t4.exe
C:\Program Files\Common Files\estffh1a.exe
C:\Program Files\Common Files\eydxk5dx.exe
C:\Program Files\Common Files\f2hq1oo5.exe
C:\Program Files\Common Files\faqrpddn.exe
C:\Program Files\Common Files\fl0jptaf.exe
C:\Program Files\Common Files\fmbzwqv5.exe
C:\Program Files\Common Files\fq05k4uv.exe
C:\Program Files\Common Files\fupdol1g.exe
C:\Program Files\Common Files\fzcpmz2f.exe
C:\Program Files\Common Files\g2ogkbjk.exe
C:\Program Files\Common Files\gc0ct2ic.exe
C:\Program Files\Common Files\ggn1cfcf.exe
C:\Program Files\Common Files\giz25buw.exe
C:\Program Files\Common Files\gzu42hjw.exe
C:\Program Files\Common Files\h3ldt4iw.exe
C:\Program Files\Common Files\hbufyaxp.exe
C:\Program Files\Common Files\hokxdgia.exe
C:\Program Files\Common Files\hp1d0yhk.exe
C:\Program Files\Common Files\hsdaaor0.exe
C:\Program Files\Common Files\htu5opdz.exe
C:\Program Files\Common Files\hx3xvvq0.exe
C:\Program Files\Common Files\i0xrlyta.exe
C:\Program Files\Common Files\ibadiuoq.exe
C:\Program Files\Common Files\iia2bvha.exe
C:\Program Files\Common Files\inmjytrw.exe
C:\Program Files\Common Files\invpfu0b.exe
C:\Program Files\Common Files\ioz0y3vw.exe
C:\Program Files\Common Files\j0a2lxdk.exe
C:\Program Files\Common Files\j3avvwpf.exe
C:\Program Files\Common Files\j3w54hai.exe
C:\Program Files\Common Files\j5zwfmc5.exe
C:\Program Files\Common Files\jfdmwnxf.exe
C:\Program Files\Common Files\jgd5slbd.exe
C:\Program Files\Common Files\jlskobxi.exe
C:\Program Files\Common Files\jousgfve.exe
C:\Program Files\Common Files\jwnsekcc.exe
C:\Program Files\Common Files\jxdhicfl.exe
C:\Program Files\Common Files\jzy3jrbp.exe
C:\Program Files\Common Files\k15yq0dv.exe
C:\Program Files\Common Files\k2fczvw1.exe
C:\Program Files\Common Files\kcasrqjk.exe
C:\Program Files\Common Files\kcmu1hjy.exe
C:\Program Files\Common Files\kddozdaw.exe
C:\Program Files\Common Files\kojkkksw.exe
C:\Program Files\Common Files\kqzavkf1.exe
C:\Program Files\Common Files\kym0fmv2.exe
C:\Program Files\Common Files\kzqjbomh.exe
C:\Program Files\Common Files\lihu4y5m.exe
C:\Program Files\Common Files\lksgpha4.exe
C:\Program Files\Common Files\lmkizp1g.exe
C:\Program Files\Common Files\lnbwitw4.exe
C:\Program Files\Common Files\loceak34.exe
C:\Program Files\Common Files\lt2nwekn.exe
C:\Program Files\Common Files\lteolrn2.exe
C:\Program Files\Common Files\m5mnqkpb.exe
C:\Program Files\Common Files\mabb30u2.exe
C:\Program Files\Common Files\mb3hbxpr.exe
C:\Program Files\Common Files\mjm1iijh.exe
C:\Program Files\Common Files\mjyfzx2u.exe
C:\Program Files\Common Files\mkoe4tkw.exe
C:\Program Files\Common Files\mxurj5np.exe
C:\Program Files\Common Files\n0ffhyal.exe
C:\Program Files\Common Files\n0vc25wh.exe
C:\Program Files\Common Files\n3wxpty5.exe
C:\Program Files\Common Files\n41mxg1i.exe
C:\Program Files\Common Files\n455teom.exe
C:\Program Files\Common Files\nfwgznb1.exe
C:\Program Files\Common Files\nigl4eoo.exe
C:\Program Files\Common Files\nwdekrup.exe
C:\Program Files\Common Files\o54eapdx.exe
C:\Program Files\Common Files\oayeqwmu.exe
C:\Program Files\Common Files\ob01ljjm.exe
C:\Program Files\Common Files\oksocrum.exe
C:\Program Files\Common Files\ozv1vdjg.exe
C:\Program Files\Common Files\p1fvv3db.exe
C:\Program Files\Common Files\p3ojh45m.exe
C:\Program Files\Common Files\palguvvs.exe
C:\Program Files\Common Files\pcd2ombm.exe
C:\Program Files\Common Files\pjii3qxu.exe
C:\Program Files\Common Files\pmmuqhgv.exe
C:\Program Files\Common Files\q2a3gd0a.exe
C:\Program Files\Common Files\qbgroqgg.exe
C:\Program Files\Common Files\qfpr1zwt.exe
C:\Program Files\Common Files\qh4urva5.exe
C:\Program Files\Common Files\qqcyi2gx.exe
C:\Program Files\Common Files\qqxofseg.exe
C:\Program Files\Common Files\r0ftsvbl.exe
C:\Program Files\Common Files\r2olm24z.exe
C:\Program Files\Common Files\r5olko2w.exe
C:\Program Files\Common Files\ri5x4fgk.exe
C:\Program Files\Common Files\rxqpuygp.exe
C:\Program Files\Common Files\s5wtazjc.exe
C:\Program Files\Common Files\sl2d3zpl.exe
C:\Program Files\Common Files\smxueyuc.exe
C:\Program Files\Common Files\sycms1br.exe
C:\Program Files\Common Files\t0n5ss3c.exe
C:\Program Files\Common Files\tje4ytpi.exe
C:\Program Files\Common Files\tnwtjvk2.exe
C:\Program Files\Common Files\tqfs03wv.exe
C:\Program Files\Common Files\tvs414ga.exe
C:\Program Files\Common Files\twe11t2e.exe
C:\Program Files\Common Files\tyi1nqr2.exe
C:\Program Files\Common Files\u5dy0prb.exe
C:\Program Files\Common Files\udhysuxk.exe
C:\Program Files\Common Files\ugxhryqz.exe
C:\Program Files\Common Files\uuozoc05.exe
C:\Program Files\Common Files\uxbuzdja.exe
C:\Program Files\Common Files\uxsh02ar.exe
C:\Program Files\Common Files\v4aqxnwd.exe
C:\Program Files\Common Files\vk0wkvcr.exe
C:\Program Files\Common Files\vlxzsivq.exe
C:\Program Files\Common Files\vs0zp3ks.exe
C:\Program Files\Common Files\vtuzsmei.exe
C:\Program Files\Common Files\vwjjrjvt.exe
C:\Program Files\Common Files\w4yo24kb.exe
C:\Program Files\Common Files\wdadnedb.exe
C:\Program Files\Common Files\wf51afsz.exe
C:\Program Files\Common Files\wknlgrk1.exe
C:\Program Files\Common Files\wrdyohnj.exe
C:\Program Files\Common Files\wwvmuezm.exe
C:\Program Files\Common Files\x0riyolp.exe
C:\Program Files\Common Files\xcp5ic0i.exe
C:\Program Files\Common Files\xjczwvpu.exe
C:\Program Files\Common Files\xliupj2u.exe
C:\Program Files\Common Files\xuw3hhm2.exe
C:\Program Files\Common Files\xxyaq1ht.exe
C:\Program Files\Common Files\y3l0nk3r.exe
C:\Program Files\Common Files\yd0rt05x.exe
C:\Program Files\Common Files\ygm5w2au.exe
C:\Program Files\Common Files\yqsq0cbg.exe
C:\Program Files\Common Files\yshmwokf.exe
C:\Program Files\Common Files\z1qbrjtb.exe
C:\Program Files\Common Files\z4clxxqv.exe
C:\Program Files\Common Files\zfa2n2yt.exe
C:\Program Files\Common Files\zhwghrnp.exe
C:\Program Files\Common Files\zqs102rv.exe
C:\Program Files\Common Files\zutt2rov.exe
C:\Users\lukykos\AppData\Local\Temp
EmptyTemp"
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vyskakují reklamy,nezůstává domovská stránka
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by lukykos (15-03-2017 15:02:45) Run:1
Running from C:\Users\lukykos\Desktop
Loaded Profiles: lukykos (Available Profiles: lukykos)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [Akamai NetSession Interface] => C:\Users\lukykos\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
c:\Users\lukykos\AppData\Local\Akamai
ShellExecuteHooks: No Name - {6710C780-E20E-4C49-A87D-321850ED3D7C} - -> No File
ShortcutTarget: Curse.lnk -> C:\Users\lukykos\AppData\Roaming\Curse Client\Bin\Curse.exe (No File)
GroupPolicy: Restriction - Chrome <======= ATTENTION
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72 ... bHNn5s,&q={searchTerms}
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72 ... Y72fPrKT7M,
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001 -> {46DAFD89-E4E4-4037-5507-D2F982BAF333} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... fhWHwk6&q={searchTerms}
FF Keyword.URL: Mozilla\Firefox\Profiles\acezlehe.default-1470335100542 -> hxxp://www-searching.com/search.aspx?si ... s&shr=d&q={searchTerms}&s=Unknown
CHR HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72 ... fKUz_GpDb8,
CHR StartupUrls: Default -> "hxxp://www-searching.com/?pid=s&s=Unknown"
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?si ... s&shr=d&q={searchTerms}&s=Unknown
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtyp ... 1&command={searchTerms}
C:\ProgramData\ocep
S2 ocep; C:\ProgramData\\ocep\\ocep.exe [1120768 2017-03-07] () [File not signed]
C:\ProgramData\oceps
C:\ProgramData\{BBAF9586-0C04-222D-733A-C310C6F6AB0F}
C:\ProgramData\{128CAFAC-A527-1807-895D-56B88DD8F484}
C:\Program Files\Common Files\00idalsa.exe
C:\Program Files\Common Files\04nspnbe.exe
C:\Program Files\Common Files\04qwdu25.exe
C:\Program Files\Common Files\05oefwsf.exe
C:\Program Files\Common Files\0eg00edc.exe
C:\Program Files\Common Files\0en0e3sg.exe
C:\Program Files\Common Files\0exsbrkr.exe
C:\Program Files\Common Files\0g1dgsbu.exe
C:\Program Files\Common Files\0l12ipt1.exe
C:\Program Files\Common Files\0oorw430.exe
C:\Program Files\Common Files\0py4bdua.exe
C:\Program Files\Common Files\0vzqz3ha.exe
C:\Program Files\Common Files\11hlxcdr.exe
C:\Program Files\Common Files\1513ml3w.exe
C:\Program Files\Common Files\1ddqp54b.exe
C:\Program Files\Common Files\1hmb0u3j.exe
C:\Program Files\Common Files\1kqprawj.exe
C:\Program Files\Common Files\1zrqceuc.exe
C:\Program Files\Common Files\25rort0e.exe
C:\Program Files\Common Files\2cxyqc3s.exe
C:\Program Files\Common Files\2demmik5.exe
C:\Program Files\Common Files\2mvyv5jg.exe
C:\Program Files\Common Files\2nyysd1k.exe
C:\Program Files\Common Files\2sj4satr.exe
C:\Program Files\Common Files\35saldnh.exe
C:\Program Files\Common Files\3czrm32s.exe
C:\Program Files\Common Files\3pygfqz2.exe
C:\Program Files\Common Files\43gtalhj.exe
C:\Program Files\Common Files\4nmjvmnq.exe
C:\Program Files\Common Files\4qvpor1y.exe
C:\Program Files\Common Files\4qxmimad.exe
C:\Program Files\Common Files\4rt1jhl0.exe
C:\Program Files\Common Files\51seazmq.exe
C:\Program Files\Common Files\55kmvsar.exe
C:\Program Files\Common Files\55wqanx1.exe
C:\Program Files\Common Files\5a5icbj1.exe
C:\Program Files\Common Files\5b21lv0u.exe
C:\Program Files\Common Files\5vbqgvei.exe
C:\Program Files\Common Files\5xpjcjyy.exe
C:\Program Files\Common Files\a40qd1hl.exe
C:\Program Files\Common Files\amnzgeh5.exe
C:\Program Files\Common Files\bauhbmft.exe
C:\Program Files\Common Files\beykqiqq.exe
C:\Program Files\Common Files\bocciwdm.exe
C:\Program Files\Common Files\c12vnv5o.exe
C:\Program Files\Common Files\cerubweq.exe
C:\Program Files\Common Files\cjgiw3p2.exe
C:\Program Files\Common Files\couiw1uy.exe
C:\Program Files\Common Files\csuzaoe1.exe
C:\Program Files\Common Files\cyvuxdtg.exe
C:\Program Files\Common Files\cz1r2jom.exe
C:\Program Files\Common Files\drczz3tq.exe
C:\Program Files\Common Files\drm512ed.exe
C:\Program Files\Common Files\ebnrmo5w.exe
C:\Program Files\Common Files\edpms1kt.exe
C:\Program Files\Common Files\ehmunlei.exe
C:\Program Files\Common Files\ei2e3myr.exe
C:\Program Files\Common Files\elhvr21v.exe
C:\Program Files\Common Files\erw0x2t4.exe
C:\Program Files\Common Files\estffh1a.exe
C:\Program Files\Common Files\eydxk5dx.exe
C:\Program Files\Common Files\f2hq1oo5.exe
C:\Program Files\Common Files\faqrpddn.exe
C:\Program Files\Common Files\fl0jptaf.exe
C:\Program Files\Common Files\fmbzwqv5.exe
C:\Program Files\Common Files\fq05k4uv.exe
C:\Program Files\Common Files\fupdol1g.exe
C:\Program Files\Common Files\fzcpmz2f.exe
C:\Program Files\Common Files\g2ogkbjk.exe
C:\Program Files\Common Files\gc0ct2ic.exe
C:\Program Files\Common Files\ggn1cfcf.exe
C:\Program Files\Common Files\giz25buw.exe
C:\Program Files\Common Files\gzu42hjw.exe
C:\Program Files\Common Files\h3ldt4iw.exe
C:\Program Files\Common Files\hbufyaxp.exe
C:\Program Files\Common Files\hokxdgia.exe
C:\Program Files\Common Files\hp1d0yhk.exe
C:\Program Files\Common Files\hsdaaor0.exe
C:\Program Files\Common Files\htu5opdz.exe
C:\Program Files\Common Files\hx3xvvq0.exe
C:\Program Files\Common Files\i0xrlyta.exe
C:\Program Files\Common Files\ibadiuoq.exe
C:\Program Files\Common Files\iia2bvha.exe
C:\Program Files\Common Files\inmjytrw.exe
C:\Program Files\Common Files\invpfu0b.exe
C:\Program Files\Common Files\ioz0y3vw.exe
C:\Program Files\Common Files\j0a2lxdk.exe
C:\Program Files\Common Files\j3avvwpf.exe
C:\Program Files\Common Files\j3w54hai.exe
C:\Program Files\Common Files\j5zwfmc5.exe
C:\Program Files\Common Files\jfdmwnxf.exe
C:\Program Files\Common Files\jgd5slbd.exe
C:\Program Files\Common Files\jlskobxi.exe
C:\Program Files\Common Files\jousgfve.exe
C:\Program Files\Common Files\jwnsekcc.exe
C:\Program Files\Common Files\jxdhicfl.exe
C:\Program Files\Common Files\jzy3jrbp.exe
C:\Program Files\Common Files\k15yq0dv.exe
C:\Program Files\Common Files\k2fczvw1.exe
C:\Program Files\Common Files\kcasrqjk.exe
C:\Program Files\Common Files\kcmu1hjy.exe
C:\Program Files\Common Files\kddozdaw.exe
C:\Program Files\Common Files\kojkkksw.exe
C:\Program Files\Common Files\kqzavkf1.exe
C:\Program Files\Common Files\kym0fmv2.exe
C:\Program Files\Common Files\kzqjbomh.exe
C:\Program Files\Common Files\lihu4y5m.exe
C:\Program Files\Common Files\lksgpha4.exe
C:\Program Files\Common Files\lmkizp1g.exe
C:\Program Files\Common Files\lnbwitw4.exe
C:\Program Files\Common Files\loceak34.exe
C:\Program Files\Common Files\lt2nwekn.exe
C:\Program Files\Common Files\lteolrn2.exe
C:\Program Files\Common Files\m5mnqkpb.exe
C:\Program Files\Common Files\mabb30u2.exe
C:\Program Files\Common Files\mb3hbxpr.exe
C:\Program Files\Common Files\mjm1iijh.exe
C:\Program Files\Common Files\mjyfzx2u.exe
C:\Program Files\Common Files\mkoe4tkw.exe
C:\Program Files\Common Files\mxurj5np.exe
C:\Program Files\Common Files\n0ffhyal.exe
C:\Program Files\Common Files\n0vc25wh.exe
C:\Program Files\Common Files\n3wxpty5.exe
C:\Program Files\Common Files\n41mxg1i.exe
C:\Program Files\Common Files\n455teom.exe
C:\Program Files\Common Files\nfwgznb1.exe
C:\Program Files\Common Files\nigl4eoo.exe
C:\Program Files\Common Files\nwdekrup.exe
C:\Program Files\Common Files\o54eapdx.exe
C:\Program Files\Common Files\oayeqwmu.exe
C:\Program Files\Common Files\ob01ljjm.exe
C:\Program Files\Common Files\oksocrum.exe
C:\Program Files\Common Files\ozv1vdjg.exe
C:\Program Files\Common Files\p1fvv3db.exe
C:\Program Files\Common Files\p3ojh45m.exe
C:\Program Files\Common Files\palguvvs.exe
C:\Program Files\Common Files\pcd2ombm.exe
C:\Program Files\Common Files\pjii3qxu.exe
C:\Program Files\Common Files\pmmuqhgv.exe
C:\Program Files\Common Files\q2a3gd0a.exe
C:\Program Files\Common Files\qbgroqgg.exe
C:\Program Files\Common Files\qfpr1zwt.exe
C:\Program Files\Common Files\qh4urva5.exe
C:\Program Files\Common Files\qqcyi2gx.exe
C:\Program Files\Common Files\qqxofseg.exe
C:\Program Files\Common Files\r0ftsvbl.exe
C:\Program Files\Common Files\r2olm24z.exe
C:\Program Files\Common Files\r5olko2w.exe
C:\Program Files\Common Files\ri5x4fgk.exe
C:\Program Files\Common Files\rxqpuygp.exe
C:\Program Files\Common Files\s5wtazjc.exe
C:\Program Files\Common Files\sl2d3zpl.exe
C:\Program Files\Common Files\smxueyuc.exe
C:\Program Files\Common Files\sycms1br.exe
C:\Program Files\Common Files\t0n5ss3c.exe
C:\Program Files\Common Files\tje4ytpi.exe
C:\Program Files\Common Files\tnwtjvk2.exe
C:\Program Files\Common Files\tqfs03wv.exe
C:\Program Files\Common Files\tvs414ga.exe
C:\Program Files\Common Files\twe11t2e.exe
C:\Program Files\Common Files\tyi1nqr2.exe
C:\Program Files\Common Files\u5dy0prb.exe
C:\Program Files\Common Files\udhysuxk.exe
C:\Program Files\Common Files\ugxhryqz.exe
C:\Program Files\Common Files\uuozoc05.exe
C:\Program Files\Common Files\uxbuzdja.exe
C:\Program Files\Common Files\uxsh02ar.exe
C:\Program Files\Common Files\v4aqxnwd.exe
C:\Program Files\Common Files\vk0wkvcr.exe
C:\Program Files\Common Files\vlxzsivq.exe
C:\Program Files\Common Files\vs0zp3ks.exe
C:\Program Files\Common Files\vtuzsmei.exe
C:\Program Files\Common Files\vwjjrjvt.exe
C:\Program Files\Common Files\w4yo24kb.exe
C:\Program Files\Common Files\wdadnedb.exe
C:\Program Files\Common Files\wf51afsz.exe
C:\Program Files\Common Files\wknlgrk1.exe
C:\Program Files\Common Files\wrdyohnj.exe
C:\Program Files\Common Files\wwvmuezm.exe
C:\Program Files\Common Files\x0riyolp.exe
C:\Program Files\Common Files\xcp5ic0i.exe
C:\Program Files\Common Files\xjczwvpu.exe
C:\Program Files\Common Files\xliupj2u.exe
C:\Program Files\Common Files\xuw3hhm2.exe
C:\Program Files\Common Files\xxyaq1ht.exe
C:\Program Files\Common Files\y3l0nk3r.exe
C:\Program Files\Common Files\yd0rt05x.exe
C:\Program Files\Common Files\ygm5w2au.exe
C:\Program Files\Common Files\yqsq0cbg.exe
C:\Program Files\Common Files\yshmwokf.exe
C:\Program Files\Common Files\z1qbrjtb.exe
C:\Program Files\Common Files\z4clxxqv.exe
C:\Program Files\Common Files\zfa2n2yt.exe
C:\Program Files\Common Files\zhwghrnp.exe
C:\Program Files\Common Files\zqs102rv.exe
C:\Program Files\Common Files\zutt2rov.exe
C:\Users\lukykos\AppData\Local\Temp
EmptyTemp"
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value removed successfully
c:\Users\lukykos\AppData\Local\Akamai => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{6710C780-E20E-4C49-A87D-321850ED3D7C} => value removed successfully
HKCR\CLSID\{6710C780-E20E-4C49-A87D-321850ED3D7C} => key not found.
C:\Users\lukykos\AppData\Roaming\Curse Client\Bin\Curse.exe => not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{46DAFD89-E4E4-4037-5507-D2F982BAF333} => key removed successfully
HKCR\CLSID\{46DAFD89-E4E4-4037-5507-D2F982BAF333} => key not found.
Firefox "Keyword.URL" removed successfully
Chrome HomePage => removed successfully
Chrome StartupUrls => removed successfully
Chrome DefaultSearchURL => removed successfully
Chrome DefaultSearchKeyword => removed successfully
Chrome DefaultSuggestURL => removed successfully
C:\ProgramData\ocep => moved successfully
HKLM\System\CurrentControlSet\Services\ocep => key removed successfully
ocep => service removed successfully
C:\ProgramData\oceps => moved successfully
"C:\ProgramData\{BBAF9586-0C04-222D-733A-C310C6F6AB0F}" folder move:
Could not move "C:\ProgramData\{BBAF9586-0C04-222D-733A-C310C6F6AB0F}" => Scheduled to move on reboot.
"C:\ProgramData\{128CAFAC-A527-1807-895D-56B88DD8F484}" folder move:
Could not move "C:\ProgramData\{128CAFAC-A527-1807-895D-56B88DD8F484}" => Scheduled to move on reboot.
C:\Program Files\Common Files\00idalsa.exe => moved successfully
C:\Program Files\Common Files\04nspnbe.exe => moved successfully
C:\Program Files\Common Files\04qwdu25.exe => moved successfully
C:\Program Files\Common Files\05oefwsf.exe => moved successfully
C:\Program Files\Common Files\0eg00edc.exe => moved successfully
C:\Program Files\Common Files\0en0e3sg.exe => moved successfully
C:\Program Files\Common Files\0exsbrkr.exe => moved successfully
C:\Program Files\Common Files\0g1dgsbu.exe => moved successfully
C:\Program Files\Common Files\0l12ipt1.exe => moved successfully
C:\Program Files\Common Files\0oorw430.exe => moved successfully
C:\Program Files\Common Files\0py4bdua.exe => moved successfully
C:\Program Files\Common Files\0vzqz3ha.exe => moved successfully
C:\Program Files\Common Files\11hlxcdr.exe => moved successfully
C:\Program Files\Common Files\1513ml3w.exe => moved successfully
C:\Program Files\Common Files\1ddqp54b.exe => moved successfully
C:\Program Files\Common Files\1hmb0u3j.exe => moved successfully
C:\Program Files\Common Files\1kqprawj.exe => moved successfully
C:\Program Files\Common Files\1zrqceuc.exe => moved successfully
C:\Program Files\Common Files\25rort0e.exe => moved successfully
C:\Program Files\Common Files\2cxyqc3s.exe => moved successfully
C:\Program Files\Common Files\2demmik5.exe => moved successfully
C:\Program Files\Common Files\2mvyv5jg.exe => moved successfully
C:\Program Files\Common Files\2nyysd1k.exe => moved successfully
C:\Program Files\Common Files\2sj4satr.exe => moved successfully
C:\Program Files\Common Files\35saldnh.exe => moved successfully
C:\Program Files\Common Files\3czrm32s.exe => moved successfully
C:\Program Files\Common Files\3pygfqz2.exe => moved successfully
C:\Program Files\Common Files\43gtalhj.exe => moved successfully
C:\Program Files\Common Files\4nmjvmnq.exe => moved successfully
C:\Program Files\Common Files\4qvpor1y.exe => moved successfully
C:\Program Files\Common Files\4qxmimad.exe => moved successfully
C:\Program Files\Common Files\4rt1jhl0.exe => moved successfully
C:\Program Files\Common Files\51seazmq.exe => moved successfully
C:\Program Files\Common Files\55kmvsar.exe => moved successfully
C:\Program Files\Common Files\55wqanx1.exe => moved successfully
C:\Program Files\Common Files\5a5icbj1.exe => moved successfully
C:\Program Files\Common Files\5b21lv0u.exe => moved successfully
C:\Program Files\Common Files\5vbqgvei.exe => moved successfully
C:\Program Files\Common Files\5xpjcjyy.exe => moved successfully
C:\Program Files\Common Files\a40qd1hl.exe => moved successfully
C:\Program Files\Common Files\amnzgeh5.exe => moved successfully
C:\Program Files\Common Files\bauhbmft.exe => moved successfully
C:\Program Files\Common Files\beykqiqq.exe => moved successfully
C:\Program Files\Common Files\bocciwdm.exe => moved successfully
C:\Program Files\Common Files\c12vnv5o.exe => moved successfully
C:\Program Files\Common Files\cerubweq.exe => moved successfully
C:\Program Files\Common Files\cjgiw3p2.exe => moved successfully
C:\Program Files\Common Files\couiw1uy.exe => moved successfully
C:\Program Files\Common Files\csuzaoe1.exe => moved successfully
C:\Program Files\Common Files\cyvuxdtg.exe => moved successfully
C:\Program Files\Common Files\cz1r2jom.exe => moved successfully
C:\Program Files\Common Files\drczz3tq.exe => moved successfully
C:\Program Files\Common Files\drm512ed.exe => moved successfully
C:\Program Files\Common Files\ebnrmo5w.exe => moved successfully
C:\Program Files\Common Files\edpms1kt.exe => moved successfully
C:\Program Files\Common Files\ehmunlei.exe => moved successfully
C:\Program Files\Common Files\ei2e3myr.exe => moved successfully
C:\Program Files\Common Files\elhvr21v.exe => moved successfully
C:\Program Files\Common Files\erw0x2t4.exe => moved successfully
C:\Program Files\Common Files\estffh1a.exe => moved successfully
C:\Program Files\Common Files\eydxk5dx.exe => moved successfully
C:\Program Files\Common Files\f2hq1oo5.exe => moved successfully
C:\Program Files\Common Files\faqrpddn.exe => moved successfully
C:\Program Files\Common Files\fl0jptaf.exe => moved successfully
C:\Program Files\Common Files\fmbzwqv5.exe => moved successfully
Could not move "C:\Program Files\Common Files\fq05k4uv.exe" => Scheduled to move on reboot.
C:\Program Files\Common Files\fupdol1g.exe => moved successfully
C:\Program Files\Common Files\fzcpmz2f.exe => moved successfully
C:\Program Files\Common Files\g2ogkbjk.exe => moved successfully
C:\Program Files\Common Files\gc0ct2ic.exe => moved successfully
C:\Program Files\Common Files\ggn1cfcf.exe => moved successfully
C:\Program Files\Common Files\giz25buw.exe => moved successfully
C:\Program Files\Common Files\gzu42hjw.exe => moved successfully
C:\Program Files\Common Files\h3ldt4iw.exe => moved successfully
C:\Program Files\Common Files\hbufyaxp.exe => moved successfully
C:\Program Files\Common Files\hokxdgia.exe => moved successfully
C:\Program Files\Common Files\hp1d0yhk.exe => moved successfully
C:\Program Files\Common Files\hsdaaor0.exe => moved successfully
C:\Program Files\Common Files\htu5opdz.exe => moved successfully
C:\Program Files\Common Files\hx3xvvq0.exe => moved successfully
C:\Program Files\Common Files\i0xrlyta.exe => moved successfully
C:\Program Files\Common Files\ibadiuoq.exe => moved successfully
C:\Program Files\Common Files\iia2bvha.exe => moved successfully
C:\Program Files\Common Files\inmjytrw.exe => moved successfully
C:\Program Files\Common Files\invpfu0b.exe => moved successfully
C:\Program Files\Common Files\ioz0y3vw.exe => moved successfully
C:\Program Files\Common Files\j0a2lxdk.exe => moved successfully
C:\Program Files\Common Files\j3avvwpf.exe => moved successfully
C:\Program Files\Common Files\j3w54hai.exe => moved successfully
C:\Program Files\Common Files\j5zwfmc5.exe => moved successfully
C:\Program Files\Common Files\jfdmwnxf.exe => moved successfully
C:\Program Files\Common Files\jgd5slbd.exe => moved successfully
C:\Program Files\Common Files\jlskobxi.exe => moved successfully
C:\Program Files\Common Files\jousgfve.exe => moved successfully
C:\Program Files\Common Files\jwnsekcc.exe => moved successfully
C:\Program Files\Common Files\jxdhicfl.exe => moved successfully
C:\Program Files\Common Files\jzy3jrbp.exe => moved successfully
C:\Program Files\Common Files\k15yq0dv.exe => moved successfully
C:\Program Files\Common Files\k2fczvw1.exe => moved successfully
C:\Program Files\Common Files\kcasrqjk.exe => moved successfully
C:\Program Files\Common Files\kcmu1hjy.exe => moved successfully
C:\Program Files\Common Files\kddozdaw.exe => moved successfully
C:\Program Files\Common Files\kojkkksw.exe => moved successfully
C:\Program Files\Common Files\kqzavkf1.exe => moved successfully
C:\Program Files\Common Files\kym0fmv2.exe => moved successfully
C:\Program Files\Common Files\kzqjbomh.exe => moved successfully
C:\Program Files\Common Files\lihu4y5m.exe => moved successfully
C:\Program Files\Common Files\lksgpha4.exe => moved successfully
C:\Program Files\Common Files\lmkizp1g.exe => moved successfully
C:\Program Files\Common Files\lnbwitw4.exe => moved successfully
C:\Program Files\Common Files\loceak34.exe => moved successfully
C:\Program Files\Common Files\lt2nwekn.exe => moved successfully
C:\Program Files\Common Files\lteolrn2.exe => moved successfully
C:\Program Files\Common Files\m5mnqkpb.exe => moved successfully
C:\Program Files\Common Files\mabb30u2.exe => moved successfully
C:\Program Files\Common Files\mb3hbxpr.exe => moved successfully
C:\Program Files\Common Files\mjm1iijh.exe => moved successfully
C:\Program Files\Common Files\mjyfzx2u.exe => moved successfully
C:\Program Files\Common Files\mkoe4tkw.exe => moved successfully
C:\Program Files\Common Files\mxurj5np.exe => moved successfully
C:\Program Files\Common Files\n0ffhyal.exe => moved successfully
C:\Program Files\Common Files\n0vc25wh.exe => moved successfully
C:\Program Files\Common Files\n3wxpty5.exe => moved successfully
C:\Program Files\Common Files\n41mxg1i.exe => moved successfully
C:\Program Files\Common Files\n455teom.exe => moved successfully
C:\Program Files\Common Files\nfwgznb1.exe => moved successfully
C:\Program Files\Common Files\nigl4eoo.exe => moved successfully
C:\Program Files\Common Files\nwdekrup.exe => moved successfully
C:\Program Files\Common Files\o54eapdx.exe => moved successfully
C:\Program Files\Common Files\oayeqwmu.exe => moved successfully
C:\Program Files\Common Files\ob01ljjm.exe => moved successfully
C:\Program Files\Common Files\oksocrum.exe => moved successfully
C:\Program Files\Common Files\ozv1vdjg.exe => moved successfully
C:\Program Files\Common Files\p1fvv3db.exe => moved successfully
"C:\Program Files\Common Files\p3ojh45m.exe" => not found.
C:\Program Files\Common Files\palguvvs.exe => moved successfully
C:\Program Files\Common Files\pcd2ombm.exe => moved successfully
C:\Program Files\Common Files\pjii3qxu.exe => moved successfully
C:\Program Files\Common Files\pmmuqhgv.exe => moved successfully
C:\Program Files\Common Files\q2a3gd0a.exe => moved successfully
"C:\Program Files\Common Files\qbgroqgg.exe" => not found.
C:\Program Files\Common Files\qfpr1zwt.exe => moved successfully
C:\Program Files\Common Files\qh4urva5.exe => moved successfully
C:\Program Files\Common Files\qqcyi2gx.exe => moved successfully
C:\Program Files\Common Files\qqxofseg.exe => moved successfully
C:\Program Files\Common Files\r0ftsvbl.exe => moved successfully
C:\Program Files\Common Files\r2olm24z.exe => moved successfully
C:\Program Files\Common Files\r5olko2w.exe => moved successfully
C:\Program Files\Common Files\ri5x4fgk.exe => moved successfully
C:\Program Files\Common Files\rxqpuygp.exe => moved successfully
C:\Program Files\Common Files\s5wtazjc.exe => moved successfully
C:\Program Files\Common Files\sl2d3zpl.exe => moved successfully
C:\Program Files\Common Files\smxueyuc.exe => moved successfully
C:\Program Files\Common Files\sycms1br.exe => moved successfully
C:\Program Files\Common Files\t0n5ss3c.exe => moved successfully
C:\Program Files\Common Files\tje4ytpi.exe => moved successfully
C:\Program Files\Common Files\tnwtjvk2.exe => moved successfully
C:\Program Files\Common Files\tqfs03wv.exe => moved successfully
C:\Program Files\Common Files\tvs414ga.exe => moved successfully
C:\Program Files\Common Files\twe11t2e.exe => moved successfully
C:\Program Files\Common Files\tyi1nqr2.exe => moved successfully
C:\Program Files\Common Files\u5dy0prb.exe => moved successfully
C:\Program Files\Common Files\udhysuxk.exe => moved successfully
C:\Program Files\Common Files\ugxhryqz.exe => moved successfully
C:\Program Files\Common Files\uuozoc05.exe => moved successfully
C:\Program Files\Common Files\uxbuzdja.exe => moved successfully
C:\Program Files\Common Files\uxsh02ar.exe => moved successfully
C:\Program Files\Common Files\v4aqxnwd.exe => moved successfully
C:\Program Files\Common Files\vk0wkvcr.exe => moved successfully
C:\Program Files\Common Files\vlxzsivq.exe => moved successfully
C:\Program Files\Common Files\vs0zp3ks.exe => moved successfully
C:\Program Files\Common Files\vtuzsmei.exe => moved successfully
C:\Program Files\Common Files\vwjjrjvt.exe => moved successfully
C:\Program Files\Common Files\w4yo24kb.exe => moved successfully
C:\Program Files\Common Files\wdadnedb.exe => moved successfully
C:\Program Files\Common Files\wf51afsz.exe => moved successfully
C:\Program Files\Common Files\wknlgrk1.exe => moved successfully
C:\Program Files\Common Files\wrdyohnj.exe => moved successfully
C:\Program Files\Common Files\wwvmuezm.exe => moved successfully
C:\Program Files\Common Files\x0riyolp.exe => moved successfully
C:\Program Files\Common Files\xcp5ic0i.exe => moved successfully
C:\Program Files\Common Files\xjczwvpu.exe => moved successfully
C:\Program Files\Common Files\xliupj2u.exe => moved successfully
C:\Program Files\Common Files\xuw3hhm2.exe => moved successfully
C:\Program Files\Common Files\xxyaq1ht.exe => moved successfully
C:\Program Files\Common Files\y3l0nk3r.exe => moved successfully
C:\Program Files\Common Files\yd0rt05x.exe => moved successfully
C:\Program Files\Common Files\ygm5w2au.exe => moved successfully
C:\Program Files\Common Files\yqsq0cbg.exe => moved successfully
C:\Program Files\Common Files\yshmwokf.exe => moved successfully
C:\Program Files\Common Files\z1qbrjtb.exe => moved successfully
C:\Program Files\Common Files\z4clxxqv.exe => moved successfully
C:\Program Files\Common Files\zfa2n2yt.exe => moved successfully
C:\Program Files\Common Files\zhwghrnp.exe => moved successfully
C:\Program Files\Common Files\zqs102rv.exe => moved successfully
C:\Program Files\Common Files\zutt2rov.exe => moved successfully
"C:\Users\lukykos\AppData\Local\Temp" folder move:
Could not move "C:\Users\lukykos\AppData\Local\Temp" => Scheduled to move on reboot.
EmptyTemp" => Error: No automatic fix found for this entry.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 15-03-2017 15:09:37)
C:\ProgramData\{BBAF9586-0C04-222D-733A-C310C6F6AB0F} => Is moved successfully
C:\ProgramData\{128CAFAC-A527-1807-895D-56B88DD8F484} => Is moved successfully
C:\Program Files\Common Files\fq05k4uv.exe => Is moved successfully
C:\Users\lukykos\AppData\Local\Temp => moved successfully
==== End of Fixlog 15:09:41 ====
Ran by lukykos (15-03-2017 15:02:45) Run:1
Running from C:\Users\lukykos\Desktop
Loaded Profiles: lukykos (Available Profiles: lukykos)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\...\Run: [Akamai NetSession Interface] => C:\Users\lukykos\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
c:\Users\lukykos\AppData\Local\Akamai
ShellExecuteHooks: No Name - {6710C780-E20E-4C49-A87D-321850ED3D7C} - -> No File
ShortcutTarget: Curse.lnk -> C:\Users\lukykos\AppData\Roaming\Curse Client\Bin\Curse.exe (No File)
GroupPolicy: Restriction - Chrome <======= ATTENTION
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72 ... bHNn5s,&q={searchTerms}
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72 ... Y72fPrKT7M,
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKU\S-1-5-21-2668155180-1392316393-2198943076-1001 -> {46DAFD89-E4E4-4037-5507-D2F982BAF333} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... fhWHwk6&q={searchTerms}
FF Keyword.URL: Mozilla\Firefox\Profiles\acezlehe.default-1470335100542 -> hxxp://www-searching.com/search.aspx?si ... s&shr=d&q={searchTerms}&s=Unknown
CHR HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72 ... fKUz_GpDb8,
CHR StartupUrls: Default -> "hxxp://www-searching.com/?pid=s&s=Unknown"
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?si ... s&shr=d&q={searchTerms}&s=Unknown
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtyp ... 1&command={searchTerms}
C:\ProgramData\ocep
S2 ocep; C:\ProgramData\\ocep\\ocep.exe [1120768 2017-03-07] () [File not signed]
C:\ProgramData\oceps
C:\ProgramData\{BBAF9586-0C04-222D-733A-C310C6F6AB0F}
C:\ProgramData\{128CAFAC-A527-1807-895D-56B88DD8F484}
C:\Program Files\Common Files\00idalsa.exe
C:\Program Files\Common Files\04nspnbe.exe
C:\Program Files\Common Files\04qwdu25.exe
C:\Program Files\Common Files\05oefwsf.exe
C:\Program Files\Common Files\0eg00edc.exe
C:\Program Files\Common Files\0en0e3sg.exe
C:\Program Files\Common Files\0exsbrkr.exe
C:\Program Files\Common Files\0g1dgsbu.exe
C:\Program Files\Common Files\0l12ipt1.exe
C:\Program Files\Common Files\0oorw430.exe
C:\Program Files\Common Files\0py4bdua.exe
C:\Program Files\Common Files\0vzqz3ha.exe
C:\Program Files\Common Files\11hlxcdr.exe
C:\Program Files\Common Files\1513ml3w.exe
C:\Program Files\Common Files\1ddqp54b.exe
C:\Program Files\Common Files\1hmb0u3j.exe
C:\Program Files\Common Files\1kqprawj.exe
C:\Program Files\Common Files\1zrqceuc.exe
C:\Program Files\Common Files\25rort0e.exe
C:\Program Files\Common Files\2cxyqc3s.exe
C:\Program Files\Common Files\2demmik5.exe
C:\Program Files\Common Files\2mvyv5jg.exe
C:\Program Files\Common Files\2nyysd1k.exe
C:\Program Files\Common Files\2sj4satr.exe
C:\Program Files\Common Files\35saldnh.exe
C:\Program Files\Common Files\3czrm32s.exe
C:\Program Files\Common Files\3pygfqz2.exe
C:\Program Files\Common Files\43gtalhj.exe
C:\Program Files\Common Files\4nmjvmnq.exe
C:\Program Files\Common Files\4qvpor1y.exe
C:\Program Files\Common Files\4qxmimad.exe
C:\Program Files\Common Files\4rt1jhl0.exe
C:\Program Files\Common Files\51seazmq.exe
C:\Program Files\Common Files\55kmvsar.exe
C:\Program Files\Common Files\55wqanx1.exe
C:\Program Files\Common Files\5a5icbj1.exe
C:\Program Files\Common Files\5b21lv0u.exe
C:\Program Files\Common Files\5vbqgvei.exe
C:\Program Files\Common Files\5xpjcjyy.exe
C:\Program Files\Common Files\a40qd1hl.exe
C:\Program Files\Common Files\amnzgeh5.exe
C:\Program Files\Common Files\bauhbmft.exe
C:\Program Files\Common Files\beykqiqq.exe
C:\Program Files\Common Files\bocciwdm.exe
C:\Program Files\Common Files\c12vnv5o.exe
C:\Program Files\Common Files\cerubweq.exe
C:\Program Files\Common Files\cjgiw3p2.exe
C:\Program Files\Common Files\couiw1uy.exe
C:\Program Files\Common Files\csuzaoe1.exe
C:\Program Files\Common Files\cyvuxdtg.exe
C:\Program Files\Common Files\cz1r2jom.exe
C:\Program Files\Common Files\drczz3tq.exe
C:\Program Files\Common Files\drm512ed.exe
C:\Program Files\Common Files\ebnrmo5w.exe
C:\Program Files\Common Files\edpms1kt.exe
C:\Program Files\Common Files\ehmunlei.exe
C:\Program Files\Common Files\ei2e3myr.exe
C:\Program Files\Common Files\elhvr21v.exe
C:\Program Files\Common Files\erw0x2t4.exe
C:\Program Files\Common Files\estffh1a.exe
C:\Program Files\Common Files\eydxk5dx.exe
C:\Program Files\Common Files\f2hq1oo5.exe
C:\Program Files\Common Files\faqrpddn.exe
C:\Program Files\Common Files\fl0jptaf.exe
C:\Program Files\Common Files\fmbzwqv5.exe
C:\Program Files\Common Files\fq05k4uv.exe
C:\Program Files\Common Files\fupdol1g.exe
C:\Program Files\Common Files\fzcpmz2f.exe
C:\Program Files\Common Files\g2ogkbjk.exe
C:\Program Files\Common Files\gc0ct2ic.exe
C:\Program Files\Common Files\ggn1cfcf.exe
C:\Program Files\Common Files\giz25buw.exe
C:\Program Files\Common Files\gzu42hjw.exe
C:\Program Files\Common Files\h3ldt4iw.exe
C:\Program Files\Common Files\hbufyaxp.exe
C:\Program Files\Common Files\hokxdgia.exe
C:\Program Files\Common Files\hp1d0yhk.exe
C:\Program Files\Common Files\hsdaaor0.exe
C:\Program Files\Common Files\htu5opdz.exe
C:\Program Files\Common Files\hx3xvvq0.exe
C:\Program Files\Common Files\i0xrlyta.exe
C:\Program Files\Common Files\ibadiuoq.exe
C:\Program Files\Common Files\iia2bvha.exe
C:\Program Files\Common Files\inmjytrw.exe
C:\Program Files\Common Files\invpfu0b.exe
C:\Program Files\Common Files\ioz0y3vw.exe
C:\Program Files\Common Files\j0a2lxdk.exe
C:\Program Files\Common Files\j3avvwpf.exe
C:\Program Files\Common Files\j3w54hai.exe
C:\Program Files\Common Files\j5zwfmc5.exe
C:\Program Files\Common Files\jfdmwnxf.exe
C:\Program Files\Common Files\jgd5slbd.exe
C:\Program Files\Common Files\jlskobxi.exe
C:\Program Files\Common Files\jousgfve.exe
C:\Program Files\Common Files\jwnsekcc.exe
C:\Program Files\Common Files\jxdhicfl.exe
C:\Program Files\Common Files\jzy3jrbp.exe
C:\Program Files\Common Files\k15yq0dv.exe
C:\Program Files\Common Files\k2fczvw1.exe
C:\Program Files\Common Files\kcasrqjk.exe
C:\Program Files\Common Files\kcmu1hjy.exe
C:\Program Files\Common Files\kddozdaw.exe
C:\Program Files\Common Files\kojkkksw.exe
C:\Program Files\Common Files\kqzavkf1.exe
C:\Program Files\Common Files\kym0fmv2.exe
C:\Program Files\Common Files\kzqjbomh.exe
C:\Program Files\Common Files\lihu4y5m.exe
C:\Program Files\Common Files\lksgpha4.exe
C:\Program Files\Common Files\lmkizp1g.exe
C:\Program Files\Common Files\lnbwitw4.exe
C:\Program Files\Common Files\loceak34.exe
C:\Program Files\Common Files\lt2nwekn.exe
C:\Program Files\Common Files\lteolrn2.exe
C:\Program Files\Common Files\m5mnqkpb.exe
C:\Program Files\Common Files\mabb30u2.exe
C:\Program Files\Common Files\mb3hbxpr.exe
C:\Program Files\Common Files\mjm1iijh.exe
C:\Program Files\Common Files\mjyfzx2u.exe
C:\Program Files\Common Files\mkoe4tkw.exe
C:\Program Files\Common Files\mxurj5np.exe
C:\Program Files\Common Files\n0ffhyal.exe
C:\Program Files\Common Files\n0vc25wh.exe
C:\Program Files\Common Files\n3wxpty5.exe
C:\Program Files\Common Files\n41mxg1i.exe
C:\Program Files\Common Files\n455teom.exe
C:\Program Files\Common Files\nfwgznb1.exe
C:\Program Files\Common Files\nigl4eoo.exe
C:\Program Files\Common Files\nwdekrup.exe
C:\Program Files\Common Files\o54eapdx.exe
C:\Program Files\Common Files\oayeqwmu.exe
C:\Program Files\Common Files\ob01ljjm.exe
C:\Program Files\Common Files\oksocrum.exe
C:\Program Files\Common Files\ozv1vdjg.exe
C:\Program Files\Common Files\p1fvv3db.exe
C:\Program Files\Common Files\p3ojh45m.exe
C:\Program Files\Common Files\palguvvs.exe
C:\Program Files\Common Files\pcd2ombm.exe
C:\Program Files\Common Files\pjii3qxu.exe
C:\Program Files\Common Files\pmmuqhgv.exe
C:\Program Files\Common Files\q2a3gd0a.exe
C:\Program Files\Common Files\qbgroqgg.exe
C:\Program Files\Common Files\qfpr1zwt.exe
C:\Program Files\Common Files\qh4urva5.exe
C:\Program Files\Common Files\qqcyi2gx.exe
C:\Program Files\Common Files\qqxofseg.exe
C:\Program Files\Common Files\r0ftsvbl.exe
C:\Program Files\Common Files\r2olm24z.exe
C:\Program Files\Common Files\r5olko2w.exe
C:\Program Files\Common Files\ri5x4fgk.exe
C:\Program Files\Common Files\rxqpuygp.exe
C:\Program Files\Common Files\s5wtazjc.exe
C:\Program Files\Common Files\sl2d3zpl.exe
C:\Program Files\Common Files\smxueyuc.exe
C:\Program Files\Common Files\sycms1br.exe
C:\Program Files\Common Files\t0n5ss3c.exe
C:\Program Files\Common Files\tje4ytpi.exe
C:\Program Files\Common Files\tnwtjvk2.exe
C:\Program Files\Common Files\tqfs03wv.exe
C:\Program Files\Common Files\tvs414ga.exe
C:\Program Files\Common Files\twe11t2e.exe
C:\Program Files\Common Files\tyi1nqr2.exe
C:\Program Files\Common Files\u5dy0prb.exe
C:\Program Files\Common Files\udhysuxk.exe
C:\Program Files\Common Files\ugxhryqz.exe
C:\Program Files\Common Files\uuozoc05.exe
C:\Program Files\Common Files\uxbuzdja.exe
C:\Program Files\Common Files\uxsh02ar.exe
C:\Program Files\Common Files\v4aqxnwd.exe
C:\Program Files\Common Files\vk0wkvcr.exe
C:\Program Files\Common Files\vlxzsivq.exe
C:\Program Files\Common Files\vs0zp3ks.exe
C:\Program Files\Common Files\vtuzsmei.exe
C:\Program Files\Common Files\vwjjrjvt.exe
C:\Program Files\Common Files\w4yo24kb.exe
C:\Program Files\Common Files\wdadnedb.exe
C:\Program Files\Common Files\wf51afsz.exe
C:\Program Files\Common Files\wknlgrk1.exe
C:\Program Files\Common Files\wrdyohnj.exe
C:\Program Files\Common Files\wwvmuezm.exe
C:\Program Files\Common Files\x0riyolp.exe
C:\Program Files\Common Files\xcp5ic0i.exe
C:\Program Files\Common Files\xjczwvpu.exe
C:\Program Files\Common Files\xliupj2u.exe
C:\Program Files\Common Files\xuw3hhm2.exe
C:\Program Files\Common Files\xxyaq1ht.exe
C:\Program Files\Common Files\y3l0nk3r.exe
C:\Program Files\Common Files\yd0rt05x.exe
C:\Program Files\Common Files\ygm5w2au.exe
C:\Program Files\Common Files\yqsq0cbg.exe
C:\Program Files\Common Files\yshmwokf.exe
C:\Program Files\Common Files\z1qbrjtb.exe
C:\Program Files\Common Files\z4clxxqv.exe
C:\Program Files\Common Files\zfa2n2yt.exe
C:\Program Files\Common Files\zhwghrnp.exe
C:\Program Files\Common Files\zqs102rv.exe
C:\Program Files\Common Files\zutt2rov.exe
C:\Users\lukykos\AppData\Local\Temp
EmptyTemp"
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value removed successfully
c:\Users\lukykos\AppData\Local\Akamai => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{6710C780-E20E-4C49-A87D-321850ED3D7C} => value removed successfully
HKCR\CLSID\{6710C780-E20E-4C49-A87D-321850ED3D7C} => key not found.
C:\Users\lukykos\AppData\Roaming\Curse Client\Bin\Curse.exe => not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{46DAFD89-E4E4-4037-5507-D2F982BAF333} => key removed successfully
HKCR\CLSID\{46DAFD89-E4E4-4037-5507-D2F982BAF333} => key not found.
Firefox "Keyword.URL" removed successfully
Chrome HomePage => removed successfully
Chrome StartupUrls => removed successfully
Chrome DefaultSearchURL => removed successfully
Chrome DefaultSearchKeyword => removed successfully
Chrome DefaultSuggestURL => removed successfully
C:\ProgramData\ocep => moved successfully
HKLM\System\CurrentControlSet\Services\ocep => key removed successfully
ocep => service removed successfully
C:\ProgramData\oceps => moved successfully
"C:\ProgramData\{BBAF9586-0C04-222D-733A-C310C6F6AB0F}" folder move:
Could not move "C:\ProgramData\{BBAF9586-0C04-222D-733A-C310C6F6AB0F}" => Scheduled to move on reboot.
"C:\ProgramData\{128CAFAC-A527-1807-895D-56B88DD8F484}" folder move:
Could not move "C:\ProgramData\{128CAFAC-A527-1807-895D-56B88DD8F484}" => Scheduled to move on reboot.
C:\Program Files\Common Files\00idalsa.exe => moved successfully
C:\Program Files\Common Files\04nspnbe.exe => moved successfully
C:\Program Files\Common Files\04qwdu25.exe => moved successfully
C:\Program Files\Common Files\05oefwsf.exe => moved successfully
C:\Program Files\Common Files\0eg00edc.exe => moved successfully
C:\Program Files\Common Files\0en0e3sg.exe => moved successfully
C:\Program Files\Common Files\0exsbrkr.exe => moved successfully
C:\Program Files\Common Files\0g1dgsbu.exe => moved successfully
C:\Program Files\Common Files\0l12ipt1.exe => moved successfully
C:\Program Files\Common Files\0oorw430.exe => moved successfully
C:\Program Files\Common Files\0py4bdua.exe => moved successfully
C:\Program Files\Common Files\0vzqz3ha.exe => moved successfully
C:\Program Files\Common Files\11hlxcdr.exe => moved successfully
C:\Program Files\Common Files\1513ml3w.exe => moved successfully
C:\Program Files\Common Files\1ddqp54b.exe => moved successfully
C:\Program Files\Common Files\1hmb0u3j.exe => moved successfully
C:\Program Files\Common Files\1kqprawj.exe => moved successfully
C:\Program Files\Common Files\1zrqceuc.exe => moved successfully
C:\Program Files\Common Files\25rort0e.exe => moved successfully
C:\Program Files\Common Files\2cxyqc3s.exe => moved successfully
C:\Program Files\Common Files\2demmik5.exe => moved successfully
C:\Program Files\Common Files\2mvyv5jg.exe => moved successfully
C:\Program Files\Common Files\2nyysd1k.exe => moved successfully
C:\Program Files\Common Files\2sj4satr.exe => moved successfully
C:\Program Files\Common Files\35saldnh.exe => moved successfully
C:\Program Files\Common Files\3czrm32s.exe => moved successfully
C:\Program Files\Common Files\3pygfqz2.exe => moved successfully
C:\Program Files\Common Files\43gtalhj.exe => moved successfully
C:\Program Files\Common Files\4nmjvmnq.exe => moved successfully
C:\Program Files\Common Files\4qvpor1y.exe => moved successfully
C:\Program Files\Common Files\4qxmimad.exe => moved successfully
C:\Program Files\Common Files\4rt1jhl0.exe => moved successfully
C:\Program Files\Common Files\51seazmq.exe => moved successfully
C:\Program Files\Common Files\55kmvsar.exe => moved successfully
C:\Program Files\Common Files\55wqanx1.exe => moved successfully
C:\Program Files\Common Files\5a5icbj1.exe => moved successfully
C:\Program Files\Common Files\5b21lv0u.exe => moved successfully
C:\Program Files\Common Files\5vbqgvei.exe => moved successfully
C:\Program Files\Common Files\5xpjcjyy.exe => moved successfully
C:\Program Files\Common Files\a40qd1hl.exe => moved successfully
C:\Program Files\Common Files\amnzgeh5.exe => moved successfully
C:\Program Files\Common Files\bauhbmft.exe => moved successfully
C:\Program Files\Common Files\beykqiqq.exe => moved successfully
C:\Program Files\Common Files\bocciwdm.exe => moved successfully
C:\Program Files\Common Files\c12vnv5o.exe => moved successfully
C:\Program Files\Common Files\cerubweq.exe => moved successfully
C:\Program Files\Common Files\cjgiw3p2.exe => moved successfully
C:\Program Files\Common Files\couiw1uy.exe => moved successfully
C:\Program Files\Common Files\csuzaoe1.exe => moved successfully
C:\Program Files\Common Files\cyvuxdtg.exe => moved successfully
C:\Program Files\Common Files\cz1r2jom.exe => moved successfully
C:\Program Files\Common Files\drczz3tq.exe => moved successfully
C:\Program Files\Common Files\drm512ed.exe => moved successfully
C:\Program Files\Common Files\ebnrmo5w.exe => moved successfully
C:\Program Files\Common Files\edpms1kt.exe => moved successfully
C:\Program Files\Common Files\ehmunlei.exe => moved successfully
C:\Program Files\Common Files\ei2e3myr.exe => moved successfully
C:\Program Files\Common Files\elhvr21v.exe => moved successfully
C:\Program Files\Common Files\erw0x2t4.exe => moved successfully
C:\Program Files\Common Files\estffh1a.exe => moved successfully
C:\Program Files\Common Files\eydxk5dx.exe => moved successfully
C:\Program Files\Common Files\f2hq1oo5.exe => moved successfully
C:\Program Files\Common Files\faqrpddn.exe => moved successfully
C:\Program Files\Common Files\fl0jptaf.exe => moved successfully
C:\Program Files\Common Files\fmbzwqv5.exe => moved successfully
Could not move "C:\Program Files\Common Files\fq05k4uv.exe" => Scheduled to move on reboot.
C:\Program Files\Common Files\fupdol1g.exe => moved successfully
C:\Program Files\Common Files\fzcpmz2f.exe => moved successfully
C:\Program Files\Common Files\g2ogkbjk.exe => moved successfully
C:\Program Files\Common Files\gc0ct2ic.exe => moved successfully
C:\Program Files\Common Files\ggn1cfcf.exe => moved successfully
C:\Program Files\Common Files\giz25buw.exe => moved successfully
C:\Program Files\Common Files\gzu42hjw.exe => moved successfully
C:\Program Files\Common Files\h3ldt4iw.exe => moved successfully
C:\Program Files\Common Files\hbufyaxp.exe => moved successfully
C:\Program Files\Common Files\hokxdgia.exe => moved successfully
C:\Program Files\Common Files\hp1d0yhk.exe => moved successfully
C:\Program Files\Common Files\hsdaaor0.exe => moved successfully
C:\Program Files\Common Files\htu5opdz.exe => moved successfully
C:\Program Files\Common Files\hx3xvvq0.exe => moved successfully
C:\Program Files\Common Files\i0xrlyta.exe => moved successfully
C:\Program Files\Common Files\ibadiuoq.exe => moved successfully
C:\Program Files\Common Files\iia2bvha.exe => moved successfully
C:\Program Files\Common Files\inmjytrw.exe => moved successfully
C:\Program Files\Common Files\invpfu0b.exe => moved successfully
C:\Program Files\Common Files\ioz0y3vw.exe => moved successfully
C:\Program Files\Common Files\j0a2lxdk.exe => moved successfully
C:\Program Files\Common Files\j3avvwpf.exe => moved successfully
C:\Program Files\Common Files\j3w54hai.exe => moved successfully
C:\Program Files\Common Files\j5zwfmc5.exe => moved successfully
C:\Program Files\Common Files\jfdmwnxf.exe => moved successfully
C:\Program Files\Common Files\jgd5slbd.exe => moved successfully
C:\Program Files\Common Files\jlskobxi.exe => moved successfully
C:\Program Files\Common Files\jousgfve.exe => moved successfully
C:\Program Files\Common Files\jwnsekcc.exe => moved successfully
C:\Program Files\Common Files\jxdhicfl.exe => moved successfully
C:\Program Files\Common Files\jzy3jrbp.exe => moved successfully
C:\Program Files\Common Files\k15yq0dv.exe => moved successfully
C:\Program Files\Common Files\k2fczvw1.exe => moved successfully
C:\Program Files\Common Files\kcasrqjk.exe => moved successfully
C:\Program Files\Common Files\kcmu1hjy.exe => moved successfully
C:\Program Files\Common Files\kddozdaw.exe => moved successfully
C:\Program Files\Common Files\kojkkksw.exe => moved successfully
C:\Program Files\Common Files\kqzavkf1.exe => moved successfully
C:\Program Files\Common Files\kym0fmv2.exe => moved successfully
C:\Program Files\Common Files\kzqjbomh.exe => moved successfully
C:\Program Files\Common Files\lihu4y5m.exe => moved successfully
C:\Program Files\Common Files\lksgpha4.exe => moved successfully
C:\Program Files\Common Files\lmkizp1g.exe => moved successfully
C:\Program Files\Common Files\lnbwitw4.exe => moved successfully
C:\Program Files\Common Files\loceak34.exe => moved successfully
C:\Program Files\Common Files\lt2nwekn.exe => moved successfully
C:\Program Files\Common Files\lteolrn2.exe => moved successfully
C:\Program Files\Common Files\m5mnqkpb.exe => moved successfully
C:\Program Files\Common Files\mabb30u2.exe => moved successfully
C:\Program Files\Common Files\mb3hbxpr.exe => moved successfully
C:\Program Files\Common Files\mjm1iijh.exe => moved successfully
C:\Program Files\Common Files\mjyfzx2u.exe => moved successfully
C:\Program Files\Common Files\mkoe4tkw.exe => moved successfully
C:\Program Files\Common Files\mxurj5np.exe => moved successfully
C:\Program Files\Common Files\n0ffhyal.exe => moved successfully
C:\Program Files\Common Files\n0vc25wh.exe => moved successfully
C:\Program Files\Common Files\n3wxpty5.exe => moved successfully
C:\Program Files\Common Files\n41mxg1i.exe => moved successfully
C:\Program Files\Common Files\n455teom.exe => moved successfully
C:\Program Files\Common Files\nfwgznb1.exe => moved successfully
C:\Program Files\Common Files\nigl4eoo.exe => moved successfully
C:\Program Files\Common Files\nwdekrup.exe => moved successfully
C:\Program Files\Common Files\o54eapdx.exe => moved successfully
C:\Program Files\Common Files\oayeqwmu.exe => moved successfully
C:\Program Files\Common Files\ob01ljjm.exe => moved successfully
C:\Program Files\Common Files\oksocrum.exe => moved successfully
C:\Program Files\Common Files\ozv1vdjg.exe => moved successfully
C:\Program Files\Common Files\p1fvv3db.exe => moved successfully
"C:\Program Files\Common Files\p3ojh45m.exe" => not found.
C:\Program Files\Common Files\palguvvs.exe => moved successfully
C:\Program Files\Common Files\pcd2ombm.exe => moved successfully
C:\Program Files\Common Files\pjii3qxu.exe => moved successfully
C:\Program Files\Common Files\pmmuqhgv.exe => moved successfully
C:\Program Files\Common Files\q2a3gd0a.exe => moved successfully
"C:\Program Files\Common Files\qbgroqgg.exe" => not found.
C:\Program Files\Common Files\qfpr1zwt.exe => moved successfully
C:\Program Files\Common Files\qh4urva5.exe => moved successfully
C:\Program Files\Common Files\qqcyi2gx.exe => moved successfully
C:\Program Files\Common Files\qqxofseg.exe => moved successfully
C:\Program Files\Common Files\r0ftsvbl.exe => moved successfully
C:\Program Files\Common Files\r2olm24z.exe => moved successfully
C:\Program Files\Common Files\r5olko2w.exe => moved successfully
C:\Program Files\Common Files\ri5x4fgk.exe => moved successfully
C:\Program Files\Common Files\rxqpuygp.exe => moved successfully
C:\Program Files\Common Files\s5wtazjc.exe => moved successfully
C:\Program Files\Common Files\sl2d3zpl.exe => moved successfully
C:\Program Files\Common Files\smxueyuc.exe => moved successfully
C:\Program Files\Common Files\sycms1br.exe => moved successfully
C:\Program Files\Common Files\t0n5ss3c.exe => moved successfully
C:\Program Files\Common Files\tje4ytpi.exe => moved successfully
C:\Program Files\Common Files\tnwtjvk2.exe => moved successfully
C:\Program Files\Common Files\tqfs03wv.exe => moved successfully
C:\Program Files\Common Files\tvs414ga.exe => moved successfully
C:\Program Files\Common Files\twe11t2e.exe => moved successfully
C:\Program Files\Common Files\tyi1nqr2.exe => moved successfully
C:\Program Files\Common Files\u5dy0prb.exe => moved successfully
C:\Program Files\Common Files\udhysuxk.exe => moved successfully
C:\Program Files\Common Files\ugxhryqz.exe => moved successfully
C:\Program Files\Common Files\uuozoc05.exe => moved successfully
C:\Program Files\Common Files\uxbuzdja.exe => moved successfully
C:\Program Files\Common Files\uxsh02ar.exe => moved successfully
C:\Program Files\Common Files\v4aqxnwd.exe => moved successfully
C:\Program Files\Common Files\vk0wkvcr.exe => moved successfully
C:\Program Files\Common Files\vlxzsivq.exe => moved successfully
C:\Program Files\Common Files\vs0zp3ks.exe => moved successfully
C:\Program Files\Common Files\vtuzsmei.exe => moved successfully
C:\Program Files\Common Files\vwjjrjvt.exe => moved successfully
C:\Program Files\Common Files\w4yo24kb.exe => moved successfully
C:\Program Files\Common Files\wdadnedb.exe => moved successfully
C:\Program Files\Common Files\wf51afsz.exe => moved successfully
C:\Program Files\Common Files\wknlgrk1.exe => moved successfully
C:\Program Files\Common Files\wrdyohnj.exe => moved successfully
C:\Program Files\Common Files\wwvmuezm.exe => moved successfully
C:\Program Files\Common Files\x0riyolp.exe => moved successfully
C:\Program Files\Common Files\xcp5ic0i.exe => moved successfully
C:\Program Files\Common Files\xjczwvpu.exe => moved successfully
C:\Program Files\Common Files\xliupj2u.exe => moved successfully
C:\Program Files\Common Files\xuw3hhm2.exe => moved successfully
C:\Program Files\Common Files\xxyaq1ht.exe => moved successfully
C:\Program Files\Common Files\y3l0nk3r.exe => moved successfully
C:\Program Files\Common Files\yd0rt05x.exe => moved successfully
C:\Program Files\Common Files\ygm5w2au.exe => moved successfully
C:\Program Files\Common Files\yqsq0cbg.exe => moved successfully
C:\Program Files\Common Files\yshmwokf.exe => moved successfully
C:\Program Files\Common Files\z1qbrjtb.exe => moved successfully
C:\Program Files\Common Files\z4clxxqv.exe => moved successfully
C:\Program Files\Common Files\zfa2n2yt.exe => moved successfully
C:\Program Files\Common Files\zhwghrnp.exe => moved successfully
C:\Program Files\Common Files\zqs102rv.exe => moved successfully
C:\Program Files\Common Files\zutt2rov.exe => moved successfully
"C:\Users\lukykos\AppData\Local\Temp" folder move:
Could not move "C:\Users\lukykos\AppData\Local\Temp" => Scheduled to move on reboot.
EmptyTemp" => Error: No automatic fix found for this entry.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 15-03-2017 15:09:37)
C:\ProgramData\{BBAF9586-0C04-222D-733A-C310C6F6AB0F} => Is moved successfully
C:\ProgramData\{128CAFAC-A527-1807-895D-56B88DD8F484} => Is moved successfully
C:\Program Files\Common Files\fq05k4uv.exe => Is moved successfully
C:\Users\lukykos\AppData\Local\Temp => moved successfully
==== End of Fixlog 15:09:41 ====
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vyskakují reklamy,nezůstává domovská stránka
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vyskakují reklamy,nezůstává domovská stránka
Dobrý den.
Reklamy mi už nevyskakují, pouze prohlížeč nenajede do nastavené domovské stránky,
ale do :https://search.safefinder.com/?st=sc&q=
Jinak to vypadá v pořádku.
Zatím děkuji.
Reklamy mi už nevyskakují, pouze prohlížeč nenajede do nastavené domovské stránky,
ale do :https://search.safefinder.com/?st=sc&q=
Jinak to vypadá v pořádku.
Zatím děkuji.
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vyskakují reklamy,nezůstává domovská stránka
Spusťte ještě tyto skeny:
1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vyskakují reklamy,nezůstává domovská stránka
Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by lukykos on 25.03.2017 at 18:14:44,80.
Microsoft Windows 10 Home 10.0.14393 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\lukykos\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
25.03.2017 18:16:59 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\LumaEmu_SteamCloud deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\{05D80F2B-B273-B880-933E-FA517BE9A2CE} deleted successfully
C:\PROGRA~3\{06E7CD0A-B14C-7AA1-E5EA-47530BC945F0} deleted successfully
C:\PROGRA~3\{0899AFC8-BF32-1863-6CC9-78336B4279EE} deleted successfully
C:\PROGRA~3\{09AEFE6E-BE05-49C5-94C4-AE7D72040EBD} deleted successfully
C:\PROGRA~3\{0ECE888E-B965-3F25-E484-8F4AF6B6173D} deleted successfully
C:\PROGRA~3\{11597869-A6F2-CFC2-221F-D20D334FE5B6} deleted successfully
C:\PROGRA~3\{119D5BEB-A636-EC40-3FA1-78CCFB144D2F} deleted successfully
C:\PROGRA~3\{1576FBDC-A2DD-4C77-F202-40FE6E2E42D1} deleted successfully
C:\PROGRA~3\{1B34E018-AC9F-57B3-BEFF-09E1444B4084} deleted successfully
C:\PROGRA~3\{1B4DEA7D-ACE6-5DD6-CBA3-B3B4D74E8A05} deleted successfully
C:\PROGRA~3\{1B9B808D-AC30-3726-4572-439BB44CE605} deleted successfully
C:\PROGRA~3\{203989DE-9792-3E75-F5F2-EE02D3FF55FC} deleted successfully
C:\PROGRA~3\{2264E049-95CF-57E2-3E2A-CDBC05E73188} deleted successfully
C:\PROGRA~3\{299D261F-9E36-91B4-2894-5AEC8BBDC518} deleted successfully
C:\PROGRA~3\{31127FF7-86B9-C85C-89CE-361276409D1A} deleted successfully
C:\PROGRA~3\{35273A61-828C-8DCA-8CE5-5FB97D27D681} deleted successfully
C:\PROGRA~3\{36A0494C-810B-FEE7-A6D0-7D892DB0D54B} deleted successfully
C:\PROGRA~3\{38CC076F-8F67-B0C4-0352-3AF4BB22EE65} deleted successfully
C:\PROGRA~3\{38DABB64-8F71-0CCF-6B89-B4C454A5CE64} deleted successfully
C:\PROGRA~3\{3E793E0D-89D2-89A6-F277-5C011EE8D9F5} deleted successfully
C:\PROGRA~3\{4D54E968-FAFF-5EC3-C645-6AA024054E11} deleted successfully
C:\PROGRA~3\{55B99A20-E212-2D8B-E4A1-DBFAFE24F06E} deleted successfully
C:\PROGRA~3\{56A4B67C-E10F-01D7-6311-668609A07EFC} deleted successfully
C:\PROGRA~3\{59F5DF12-EE5E-68B9-6872-914D9A6165A7} deleted successfully
C:\PROGRA~3\{5C5A8382-EBF1-3429-5A72-BC58BFFA019E} deleted successfully
C:\PROGRA~3\{5C9A3476-EB31-83DD-4693-BA29EEC61C78} deleted successfully
C:\PROGRA~3\{651044B9-D2BB-F312-1649-060647157667} deleted successfully
C:\PROGRA~3\{65AAD0AC-D201-6707-A569-F7F478E7D9FB} deleted successfully
C:\PROGRA~3\{6B97C952-DC3C-7EF9-3AE8-FE66D6143677} deleted successfully
C:\PROGRA~3\{6C6C1653-DBC7-A1F8-2D30-E211E824C758} deleted successfully
C:\PROGRA~3\{70170708-C7BC-B0A3-1DD0-20BDAAE9769D} deleted successfully
C:\PROGRA~3\{7144E9FE-C6EF-5E55-39D8-ABD1A487FD5B} deleted successfully
C:\PROGRA~3\{7171A84A-C6DA-1FE1-DE7E-25EF12E5148E} deleted successfully
C:\PROGRA~3\{777C0CDB-C0D7-BB70-F62C-F5128F43849A} deleted successfully
C:\PROGRA~3\{7A973D83-CD3C-8A28-0C29-4F7B0B3672E6} deleted successfully
C:\PROGRA~3\{7C2B3D14-CB80-8ABF-1E95-09E886BB9801} deleted successfully
C:\PROGRA~3\{7C995788-CB32-E023-1768-C28EDB73E9C5} deleted successfully
C:\PROGRA~3\{7CBF93FB-CB14-2450-D3AE-BCBC7827387B} deleted successfully
C:\PROGRA~3\{7CDC623D-CB77-D596-FFE8-E06031F08A5A} deleted successfully
C:\PROGRA~3\{7D7D6ED9-CAD6-D972-FB13-5CFD086A93D1} deleted successfully
C:\PROGRA~3\{8518E7D3-32B3-5078-4743-BFD97374671A} deleted successfully
C:\PROGRA~3\{899158A1-3E3A-EF0A-7721-10C392E1973A} deleted successfully
C:\PROGRA~3\{8ECC1717-3967-A0BC-643D-BA01EF252B19} deleted successfully
C:\PROGRA~3\{929FBDE2-2534-0A49-79A6-CACDFF061ACD} deleted successfully
C:\PROGRA~3\{9409E97A-23A2-5ED1-54EA-BBB602BAD5ED} deleted successfully
C:\PROGRA~3\{96B3BAC8-2118-0D63-5BE7-9CCB109F92BC} deleted successfully
C:\PROGRA~3\{9E07956E-29AC-22C5-7122-3D9FDA6CE6CC} deleted successfully
C:\PROGRA~3\{A4E94271-1342-F5DA-2F16-92354430913D} deleted successfully
C:\PROGRA~3\{ADD8EF3D-1A73-5896-55D6-B502330BC0F3} deleted successfully
C:\PROGRA~3\{B0829170-0729-26DB-FDF1-2DABE31D0DDF} deleted successfully
C:\PROGRA~3\{B6787064-01D3-C7CF-6807-1A7566D841C7} deleted successfully
C:\PROGRA~3\{C9D6FE21-7E7D-498A-4CB9-ABA6C0E196EF} deleted successfully
C:\PROGRA~3\{CD503F7A-7AFB-88D1-AA8E-102E9839FDA5} deleted successfully
C:\PROGRA~3\{CDFF537B-7A54-E4D0-00C0-02409DC9BB48} deleted successfully
C:\PROGRA~3\{CFFAF2F5-7851-455E-B16A-8B78BF5860E2} deleted successfully
C:\PROGRA~3\{D8352E8F-6F9E-9924-D8FF-0FC342F896DE} deleted successfully
C:\PROGRA~3\{E41F6006-53B4-D7AD-8DA4-3DC5EFB058EF} deleted successfully
C:\PROGRA~3\{E4BD55FC-5316-E257-1306-477553B1FB7F} deleted successfully
C:\PROGRA~3\{E583F77F-5228-40D4-D736-3EA835065C39} deleted successfully
C:\PROGRA~3\{EBBA2EEE-5C11-9945-1863-D4C8D31D98CF} deleted successfully
C:\PROGRA~3\{F1D4198B-467F-AE20-BC63-B9B2285515BA} deleted successfully
C:\PROGRA~3\{F2182982-45B3-9E29-6B47-8FF10B170B89} deleted successfully
C:\PROGRA~3\{F9C98569-4E62-32C2-AAD2-9F0BF084D29C} deleted successfully
C:\Users\lukykos\AppData\Local\ActiveSync deleted successfully
C:\Users\lukykos\AppData\Local\Adobe deleted successfully
C:\Users\lukykos\AppData\Local\lptmp deleted successfully
C:\Users\lukykos\AppData\Local\Profiles deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\CrashDumps deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0101B50B-8513-4EFD-AE64-464520CF2203} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0DA527BF-0F0A-422F-A392-EFBE7E5F628C} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{114E89B3-BBDE-400B-BC18-8B6E29DC384B} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D32900C-955D-45C8-AE54-3D4DDE71E7AC} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21712C00-D8F9-4325-A3D9-EC7C802BFC06} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2662523C-9ECF-474B-A7A6-04A8D66A5222} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D5D9C1C-F6D7-4682-9368-AA309C4CA76F} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{316C0128-F019-489B-805C-0FE6EC23E4A8} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3551B7FE-3302-4000-9360-DBFE02990AF1} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47F4E95C-351B-4557-9DB5-1A03C84641E8} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4818E77B-D94C-4153-8AF8-320808DE6947} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4BB6784A-C54C-45E8-8243-DF753630A849} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{585DBF2A-3DAE-4EF9-AF4D-383046ED16B2} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74280DC0-EF58-47BF-B7AB-83ED20C36564} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7510E887-25D8-40B1-A55D-5F528AAB6D94} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7651E436-391E-42FC-8F01-D1AD63C86F9C} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A83B011-3040-45B7-A796-E6FCB7A1F41E} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80AED33D-8B1B-4152-90A9-4D4D33992D27} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83DE8609-2BA1-4334-92F9-8CCD47EE6CF9} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{856E55EA-D071-4301-974D-0728DEBB19EF} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88A55E75-D1F1-4441-B086-B3B47FCC1590} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97CF0540-6797-4FDB-B611-AFC21007D722} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{990B479B-2B79-458F-B15A-85862763D69B} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9FC08138-1FD6-4598-823C-FDFC8F43F269} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A23466D8-6AEB-40BD-B05B-4C54D347DCB4} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A93163CF-63E6-4BA4-93AF-E55294B18345} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE0823E6-7319-4FBF-9B53-0050A278AC6C} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2925937-A5C0-4EC5-A7EB-BE55976AB175} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C70B34EA-FA27-437F-91C6-885C69180D85} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D871DAE0-9662-431A-A12C-5C0C4507A29D} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA7128F0-C553-484A-BBFB-069C03374D9E} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCE54A16-D7B0-4FC9-AD46-5536857C9B47} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCFCC2EC-3F33-45A8-8ADF-A6C81F11232F} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7409536-6C5B-4894-B83D-BB09120F9088} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA2AD8B9-E713-4E39-9CA3-345EC2A29A4D} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5C89F56-B248-4078-9B63-EE93664C231B} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\lukykos\AppData\Roaming\Profiles\cekerykajaingativucult\prefs.js:
user_pref("browser.startup.homepage", "http://www.youndoo.com/?z=6fddb4ad109f3 ... 57&type=hp");
user_pref("browser.newtab.url", "http://www.youndoo.com/?z=6fddb4ad109f3 ... 57&type=hp");
user_pref("browser.search.defaultenginename", "youndoo");
user_pref("browser.search.selectedEngine", "youndoo");
Added to C:\Users\lukykos\AppData\Roaming\Profiles\cekerykajaingativucult\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542\prefs.js:
user_pref("browser.startup.homepage", "http://hp.myway.com/filmfanatic/ttab02/ ... &si=627101");
user_pref("browser.newtab.url", "C:\\ProgramData\\oceps\\ff.NT");
user_pref("browser.search.selectedEngine", "");
Added to C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\cips93d2.default\prefs.js:
user_pref("browser.startup.homepage", "");
user_pref("browser.newtab.url", "");
user_pref("browser.search.selectedEngine", "");
user_pref("keyword.URL", "http://www-searching.com/search.aspx?si ... &s=Unknown");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\cips93d2.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144\prefs.js:
Added to C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\lukykos\AppData\Roaming\Profiles\cekerykajaingativucult
user.js not found
---- Lines searches removed from prefs.js ----
user_pref("browser.urlbar.suggest.searches", true);
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----
prefs__1832_.backup
ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542
user.js not found
---- Lines mindspark removed from prefs.js ----
user_pref("extensions.toolbar.mindspark._gtMembers_.lastActivePing", "1490460809623");
user_pref("extensions.toolbar.mindspark._paMembers_.lastActivePing", "1490460830778");
user_pref("extensions.toolbar.mindspark.hp.enabled", false);
user_pref("extensions.toolbar.mindspark.lastInstalled", "filmfanatic2@mindspark.com");
---- FireFox user.js and prefs.js backups ----
prefs__1832_.backup
ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\cips93d2.default
user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----
prefs__1832_.backup
ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs__1832_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~3\{05D80F2B-B273-B880-933E-FA517BE9A2CE} not found
C:\PROGRA~3\{06E7CD0A-B14C-7AA1-E5EA-47530BC945F0} not found
C:\PROGRA~3\{0899AFC8-BF32-1863-6CC9-78336B4279EE} not found
C:\PROGRA~3\{09AEFE6E-BE05-49C5-94C4-AE7D72040EBD} not found
C:\PROGRA~3\{0ECE888E-B965-3F25-E484-8F4AF6B6173D} not found
C:\PROGRA~3\{11597869-A6F2-CFC2-221F-D20D334FE5B6} not found
C:\PROGRA~3\{119D5BEB-A636-EC40-3FA1-78CCFB144D2F} not found
C:\PROGRA~3\{1576FBDC-A2DD-4C77-F202-40FE6E2E42D1} not found
C:\PROGRA~3\{1B34E018-AC9F-57B3-BEFF-09E1444B4084} not found
C:\PROGRA~3\{1B4DEA7D-ACE6-5DD6-CBA3-B3B4D74E8A05} not found
C:\PROGRA~3\{1B9B808D-AC30-3726-4572-439BB44CE605} not found
C:\PROGRA~3\{203989DE-9792-3E75-F5F2-EE02D3FF55FC} not found
C:\PROGRA~3\{2264E049-95CF-57E2-3E2A-CDBC05E73188} not found
C:\PROGRA~3\{299D261F-9E36-91B4-2894-5AEC8BBDC518} not found
C:\PROGRA~3\{31127FF7-86B9-C85C-89CE-361276409D1A} not found
C:\PROGRA~3\{35273A61-828C-8DCA-8CE5-5FB97D27D681} not found
C:\PROGRA~3\{36A0494C-810B-FEE7-A6D0-7D892DB0D54B} not found
C:\PROGRA~3\{38CC076F-8F67-B0C4-0352-3AF4BB22EE65} not found
C:\PROGRA~3\{38DABB64-8F71-0CCF-6B89-B4C454A5CE64} not found
C:\PROGRA~3\{3E793E0D-89D2-89A6-F277-5C011EE8D9F5} not found
C:\PROGRA~3\{4D54E968-FAFF-5EC3-C645-6AA024054E11} not found
C:\PROGRA~3\{55B99A20-E212-2D8B-E4A1-DBFAFE24F06E} not found
C:\PROGRA~3\{56A4B67C-E10F-01D7-6311-668609A07EFC} not found
C:\PROGRA~3\{59F5DF12-EE5E-68B9-6872-914D9A6165A7} not found
C:\PROGRA~3\{5C5A8382-EBF1-3429-5A72-BC58BFFA019E} not found
C:\PROGRA~3\{5C9A3476-EB31-83DD-4693-BA29EEC61C78} not found
C:\PROGRA~3\{651044B9-D2BB-F312-1649-060647157667} not found
C:\PROGRA~3\{65AAD0AC-D201-6707-A569-F7F478E7D9FB} not found
C:\PROGRA~3\{6B97C952-DC3C-7EF9-3AE8-FE66D6143677} not found
C:\PROGRA~3\{6C6C1653-DBC7-A1F8-2D30-E211E824C758} not found
C:\PROGRA~3\{70170708-C7BC-B0A3-1DD0-20BDAAE9769D} not found
C:\PROGRA~3\{7144E9FE-C6EF-5E55-39D8-ABD1A487FD5B} not found
C:\PROGRA~3\{7171A84A-C6DA-1FE1-DE7E-25EF12E5148E} not found
C:\PROGRA~3\{777C0CDB-C0D7-BB70-F62C-F5128F43849A} not found
C:\PROGRA~3\{7A973D83-CD3C-8A28-0C29-4F7B0B3672E6} not found
C:\PROGRA~3\{7C2B3D14-CB80-8ABF-1E95-09E886BB9801} not found
C:\PROGRA~3\{7C995788-CB32-E023-1768-C28EDB73E9C5} not found
C:\PROGRA~3\{7CBF93FB-CB14-2450-D3AE-BCBC7827387B} not found
C:\PROGRA~3\{7CDC623D-CB77-D596-FFE8-E06031F08A5A} not found
C:\PROGRA~3\{7D7D6ED9-CAD6-D972-FB13-5CFD086A93D1} not found
C:\PROGRA~3\{8518E7D3-32B3-5078-4743-BFD97374671A} not found
C:\PROGRA~3\{899158A1-3E3A-EF0A-7721-10C392E1973A} not found
C:\PROGRA~3\{8ECC1717-3967-A0BC-643D-BA01EF252B19} not found
C:\PROGRA~3\{929FBDE2-2534-0A49-79A6-CACDFF061ACD} not found
C:\PROGRA~3\{9409E97A-23A2-5ED1-54EA-BBB602BAD5ED} not found
C:\PROGRA~3\{96B3BAC8-2118-0D63-5BE7-9CCB109F92BC} not found
C:\PROGRA~3\{9E07956E-29AC-22C5-7122-3D9FDA6CE6CC} not found
C:\PROGRA~3\{A4E94271-1342-F5DA-2F16-92354430913D} not found
C:\PROGRA~3\{ADD8EF3D-1A73-5896-55D6-B502330BC0F3} not found
C:\PROGRA~3\{B0829170-0729-26DB-FDF1-2DABE31D0DDF} not found
C:\PROGRA~3\{B6787064-01D3-C7CF-6807-1A7566D841C7} not found
C:\PROGRA~3\{C9D6FE21-7E7D-498A-4CB9-ABA6C0E196EF} not found
C:\PROGRA~3\{CD503F7A-7AFB-88D1-AA8E-102E9839FDA5} not found
C:\PROGRA~3\{CDFF537B-7A54-E4D0-00C0-02409DC9BB48} not found
C:\PROGRA~3\{CFFAF2F5-7851-455E-B16A-8B78BF5860E2} not found
C:\PROGRA~3\{D8352E8F-6F9E-9924-D8FF-0FC342F896DE} not found
C:\PROGRA~3\{E41F6006-53B4-D7AD-8DA4-3DC5EFB058EF} not found
C:\PROGRA~3\{E4BD55FC-5316-E257-1306-477553B1FB7F} not found
C:\PROGRA~3\{E583F77F-5228-40D4-D736-3EA835065C39} not found
C:\PROGRA~3\{EBBA2EEE-5C11-9945-1863-D4C8D31D98CF} not found
C:\PROGRA~3\{F1D4198B-467F-AE20-BC63-B9B2285515BA} not found
C:\PROGRA~3\{F2182982-45B3-9E29-6B47-8FF10B170B89} not found
C:\PROGRA~3\{F9C98569-4E62-32C2-AAD2-9F0BF084D29C} not found
C:\PROGRA~2\Tolisykerroward deleted
C:\Users\lukykos\AppData\Roaming\.pixelmon-beta deleted
C:\Users\lukykos\AppData\Roaming\.technic deleted
C:\Users\lukykos\AppData\Roaming\Curse Client deleted
C:\Users\lukykos\AppData\Roaming\Factorio deleted
C:\windows\SysNative\Tasks\{62D58402-D57E-33A9-866B-427B8F3261E7} deleted
C:\windows\SysNative\Tasks\{CDA5889D-7A0E-3F36-0DAC-C1F834128FC7} deleted
C:\Users\lukykos\.android deleted
C:\install.exe deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\lukykos\AppData\Local\Unity deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\Users\lukykos\AppData\LocalLow\Unity deleted
C:\windows\SysNative\tasks\SMW_UpdateTask_Time_323238343538353637382d375055574132506c572a4a45 deleted
C:\WINDOWS\tasks\SMW_UpdateTask_Time_323238343538353637382d3437415a556c2a3223346c41.job deleted
C:\windows\SysNative\GroupPolicy\Adm deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542\extensions\firefox@mega.co.nz.xpi deleted
C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\cips93d2.default\extensions\firefox@mega.co.nz.xpi deleted
C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\cips93d2.default\extensions\staged deleted
C:\Users\lukykos\AppData\Local\statstrip.exe.config deleted
"C:\Users\lukykos\AppData\Local\LumaEmu" deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\lukykos\AppData\Roaming\Profiles\cekerykajaingativucult
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\cips93d2.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
ProfilePath: C:\Users\lukykos\AppData\Roaming\Profiles\cekerykajaingativucult
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- GsearchFinder - %ProfilePath%\extensions\@90B817C8-8A5C-413B-9DDD-B2C61ED6E79A.xpi
- S3.Google Translator - %ProfilePath%\extensions\s3google@translator.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\cips93d2.default
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- Adblock Plus Pop-up Addon - %ProfilePath%\extensions\adblockpopups@jessehakanen.net.xpi
- Firefox Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi
- S3.Google Translator - %ProfilePath%\extensions\s3google@translator.xpi
- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- Firefox Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542
E8D38E8FB6EC88E7B0E0B4D9AC9B0725 - C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll - Shockwave Flash
7CE6CE44C5FE8053BC167567AA80FDE5 - C:\Users\lukykos\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\NPRobloxProxy.dll - Roblox Launcher Plugin
D58510F2BE61676086E342692EC4768B - C:\Users\lukykos\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\NPRobloxProxy64.dll - Roblox Launcher Plugin
==== Fake Chromium Profiles Check ======================
Fake profile C:\Users\Default\AppData\Local\Google\Chrome deleted
==== Chromium Look ======================
Seznam Lištička - Email - lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Lištička - Slovník - lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Slither.io Mods Skins - lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkfpaolkkchfafkhdleklbddpcolkdea
SlitherX Sidebar Mods & Skins - lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpnncaegjbbljnidgkfhgmhnmpiclplp
Seznam Lištička - Rychlá volba - lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
Chrome Media Router - lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
UC浏览器活动 - lukykos\AppData\Local\UCBrowser\User Data\Default\Extensions\acbckhilidhkcoenjgmejpgnnmcbhjhi
Ghostify FREE - lukykos\AppData\Local\UCBrowser\User Data\Default\Extensions\oaocmnfllndpbbmjmniielgaanaifehp
UC Nexus - lukykos\AppData\Local\UCBrowser\User Data\Default\Extensions\pogijhnlcfmcppgimcaccdkmbedjkmhi
==== Chromium Fix ======================
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_search.safefinder.com_0.localstorage deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_search.safefinder.com_0.localstorage-journal deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.safefinder.com_0.localstorage deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.safefinder.com_0.localstorage-journal deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.donation-tools.org_0.localstorage deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.donation-tools.org_0.localstorage-journal deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.davebestdeals.com_0.localstorage deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.davebestdeals.com_0.localstorage-journal deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.davebestdeals.com_0.localstorage deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.davebestdeals.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQ0NfCDSlzGblGQ1kgbwEZHdqo0b4jwRIV5K2_lJDaj_y0IucbRX5ga21ySqGLPW8kn8L-8-gCYnE8EjZqvOLXaBhtLb40w,"
"Search Page"="https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0WBFC1GXK1JxPajbucrKLB0aZsBqpQo2kSGXsCejo7enDW2dmAwOftqZ4dODJ8KFErtQ0,&q={searchTerms}"
"Search Bar"="https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0WBFC1GXK1JxPajbucrKLB0aZsBqpQo2kSGXsCejo7enDW2dmAwOftqZ4dODJ8KFErtQ0,&q={searchTerms}"
"SearchAssistant"="https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0WBFC1GXK1JxPajbucrKLB0aZsBqpQo2kSGXsCejo7enDW2dmAwOftqZ4dODJ8KFErtQ0,&q={searchTerms}"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0WBFC1GXK1JxPajbucrKLB0aZsBqpQo2kSGXsCejo7enDW2dmAwOftqZ4dODJ8KFErtQ0,&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0WBFC1GXK1JxPajbucrKLB0aZsBqpQo2kSGXsCejo7enDW2dmAwOftqZ4dODJ8KFErtQ0,&q={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0WBFC1GXK1JxPajbucrKLB0aZsBqpQo2kSGXsCejo7enDW2dmAwOftqZ4dODJ8KFErtQ0,&q={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0WBFC1GXK1JxPajbucrKLB0aZsBqpQo2kSGXsCejo7enDW2dmAwOftqZ4dODJ8KFErtQ0,&q={searchTerms}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{ielnksrch}"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQ0NfCDSlzGblGQ1kgbwEZHdqo0b4jwRIV5K2_lJDaj_y0IucbRX5ga21ySqGLPW8kn8L-8-gCYnE8EjZqvOLXaBhtLb40w,"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
{ielnksrch} Search the web Url="https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0WBFC1GXK1JxPajbucrKLB0aZsBqpQo2kSGXsCejo7enDW2dmAwOftqZ4dODJ8KFErtQ0,&q={searchTerms}"
==== Reset Google Chrome ======================
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\lukykos\AppData\Local\UCBrowser\User Data\Default\Preferences was reset successfully
C:\Users\lukykos\AppData\Local\UCBrowser\User Data\Default\Secure Preferences was reset successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\lukykos\AppData\Local\UCBrowser\User Data\Default\Web Data.65 was reset successfully
C:\Users\lukykos\AppData\Local\UCBrowser\User Data\Default\Web Data.65-journal was reset successfully
==== shortcuts on Users Desktops ======================
C:\Users\lukykos\Desktop\Counter-Strike Global Offensive WaRzOnE.lnk - C:\Games\Counter-Strike Global Offensive\csgo_launcher.exe
C:\Users\lukykos\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D?publisher=apsnapdoam&co=CZ&userid=2bf485ac-f8e0-dba2-57a7-be789e4d2538&searchtype=sc&installDate=15.03.2017&barcodeid=50046888&channelid=888&av=windows
C:\Users\lukykos\Desktop\ROBLOX Player.lnk - C:\Users\lukykos\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\RobloxPlayerLauncher.exe -browser
C:\Users\lukykos\Desktop\ROBLOX Studio.lnk - C:\Users\lukykos\AppData\Local\Roblox\Versions\RobloxStudioLauncherBeta.exe -ide
C:\Users\lukykos\Desktop\stranka predlohy\PSPad.lnk - C:\Program Files (x86)\PSPad editor\PSPad.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Fraps.lnk - C:\Fraps\fraps.exe
C:\Users\Public\Desktop\gBurner.lnk - C:\Program Files (x86)\gBurner\gBurner.exe
C:\Users\Public\Desktop\Grand Theft Auto V.lnk - C:\Program Files\Rockstar Games\Grand Theft Auto V\PlayGTAV.exe
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.11.266\McUICnt.exe SecurityScanner.dll
C:\Users\Public\Desktop\Mine-imator.lnk - C:\Users\lukykos\Mine-imator\Mine-imator.exe
C:\Users\Public\Desktop\Minecraft.lnk - C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\oceps\snp.sc
C:\Users\Public\Desktop\Pixelmon Launcher.lnk - C:\Program Files (x86)\Pixelmon Launcher (Beta)\PixelmonLauncher.exe
C:\Users\Public\Desktop\PokeCraft GameTeam 1.7.10.lnk - C:\GameTeamPokeCraft\PokeCraft GameTeam.jar PokeCraft GameTeam 1.7.10
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}\SkypeIcon.exe
C:\Users\Public\Desktop\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
==== shortcuts in Users Start Menu ======================
C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\lukykos\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www%2dsearching.com/?prd=set_epf&s=g7fzamobl17639br,35b92afd-c5de-4708-b366-f8517b70eca1,
C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox\ROBLOX Player.lnk - C:\Users\lukykos\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\RobloxPlayerLauncher.exe -browser
C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox\ROBLOX Studio.lnk - C:\Users\lukykos\AppData\Local\Roblox\Versions\RobloxStudioLauncherBeta.exe -ide
C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk - C:\Users\lukykos\AppData\Roaming\Curse Client\Bin\Curse.exe /startup
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D?publisher=apsnapdoam&co=CZ&userid=2bf485ac-f8e0-dba2-57a7-be789e4d2538&searchtype=sc&installDate=15.03.2017&barcodeid=50046888&channelid=888&av=windows
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\oceps\snp.sc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends\League of Legends.lnk - C:\Riot Games\League of Legends\lol.launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk - C:\WINDOWS\SysWOW64\msiexec.exe /i {89E5827E-EAE7-47F2-A57F-52D92C671983} REMOVE=ALL
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /show
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D?publisher=apsnapdoam&co=CZ&userid=2bf485ac-f8e0-dba2-57a7-be789e4d2538&searchtype=sc&installDate=15.03.2017&barcodeid=50046888&channelid=888&av=windows
C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PSPad.lnk - C:\Program Files (x86)\PSPad editor\PSPad.exe
C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www%2dsearching.com/?prd=set_epf&s=g7fzamobl17639br,35b92afd-c5de-4708-b366-f8517b70eca1,
C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Search.lnk - C:\program files\internet explorer\iexplore.exe http://www%2dsearching.com/?prd=set_epf&s=g7fzamobl17639br,35b92afd-c5de-4708-b366-f8517b70eca1,
==== shortcuts After Repair ======================
C:\Users\lukykos\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Search.lnk - C:\Program Files\Internet Explorer\iexplore.exe
==== Deleting Registry Keys ======================
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\lukykos\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\lukykos\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\lukykos\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\lukykos\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
C:\Users\lukykos\AppData\Local\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542\cache2 emptied successfully
C:\Users\lukykos\AppData\Local\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\lukykos\AppData\Local\UCBrowser\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=10063 folders=2076 4669715891 bytes)
==== Empty Temp Folders ======================
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\lukykos\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 25.03.2017 at 18:47:01,58 ======================
Tool run by lukykos on 25.03.2017 at 18:14:44,80.
Microsoft Windows 10 Home 10.0.14393 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\lukykos\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
25.03.2017 18:16:59 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\LumaEmu_SteamCloud deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\{05D80F2B-B273-B880-933E-FA517BE9A2CE} deleted successfully
C:\PROGRA~3\{06E7CD0A-B14C-7AA1-E5EA-47530BC945F0} deleted successfully
C:\PROGRA~3\{0899AFC8-BF32-1863-6CC9-78336B4279EE} deleted successfully
C:\PROGRA~3\{09AEFE6E-BE05-49C5-94C4-AE7D72040EBD} deleted successfully
C:\PROGRA~3\{0ECE888E-B965-3F25-E484-8F4AF6B6173D} deleted successfully
C:\PROGRA~3\{11597869-A6F2-CFC2-221F-D20D334FE5B6} deleted successfully
C:\PROGRA~3\{119D5BEB-A636-EC40-3FA1-78CCFB144D2F} deleted successfully
C:\PROGRA~3\{1576FBDC-A2DD-4C77-F202-40FE6E2E42D1} deleted successfully
C:\PROGRA~3\{1B34E018-AC9F-57B3-BEFF-09E1444B4084} deleted successfully
C:\PROGRA~3\{1B4DEA7D-ACE6-5DD6-CBA3-B3B4D74E8A05} deleted successfully
C:\PROGRA~3\{1B9B808D-AC30-3726-4572-439BB44CE605} deleted successfully
C:\PROGRA~3\{203989DE-9792-3E75-F5F2-EE02D3FF55FC} deleted successfully
C:\PROGRA~3\{2264E049-95CF-57E2-3E2A-CDBC05E73188} deleted successfully
C:\PROGRA~3\{299D261F-9E36-91B4-2894-5AEC8BBDC518} deleted successfully
C:\PROGRA~3\{31127FF7-86B9-C85C-89CE-361276409D1A} deleted successfully
C:\PROGRA~3\{35273A61-828C-8DCA-8CE5-5FB97D27D681} deleted successfully
C:\PROGRA~3\{36A0494C-810B-FEE7-A6D0-7D892DB0D54B} deleted successfully
C:\PROGRA~3\{38CC076F-8F67-B0C4-0352-3AF4BB22EE65} deleted successfully
C:\PROGRA~3\{38DABB64-8F71-0CCF-6B89-B4C454A5CE64} deleted successfully
C:\PROGRA~3\{3E793E0D-89D2-89A6-F277-5C011EE8D9F5} deleted successfully
C:\PROGRA~3\{4D54E968-FAFF-5EC3-C645-6AA024054E11} deleted successfully
C:\PROGRA~3\{55B99A20-E212-2D8B-E4A1-DBFAFE24F06E} deleted successfully
C:\PROGRA~3\{56A4B67C-E10F-01D7-6311-668609A07EFC} deleted successfully
C:\PROGRA~3\{59F5DF12-EE5E-68B9-6872-914D9A6165A7} deleted successfully
C:\PROGRA~3\{5C5A8382-EBF1-3429-5A72-BC58BFFA019E} deleted successfully
C:\PROGRA~3\{5C9A3476-EB31-83DD-4693-BA29EEC61C78} deleted successfully
C:\PROGRA~3\{651044B9-D2BB-F312-1649-060647157667} deleted successfully
C:\PROGRA~3\{65AAD0AC-D201-6707-A569-F7F478E7D9FB} deleted successfully
C:\PROGRA~3\{6B97C952-DC3C-7EF9-3AE8-FE66D6143677} deleted successfully
C:\PROGRA~3\{6C6C1653-DBC7-A1F8-2D30-E211E824C758} deleted successfully
C:\PROGRA~3\{70170708-C7BC-B0A3-1DD0-20BDAAE9769D} deleted successfully
C:\PROGRA~3\{7144E9FE-C6EF-5E55-39D8-ABD1A487FD5B} deleted successfully
C:\PROGRA~3\{7171A84A-C6DA-1FE1-DE7E-25EF12E5148E} deleted successfully
C:\PROGRA~3\{777C0CDB-C0D7-BB70-F62C-F5128F43849A} deleted successfully
C:\PROGRA~3\{7A973D83-CD3C-8A28-0C29-4F7B0B3672E6} deleted successfully
C:\PROGRA~3\{7C2B3D14-CB80-8ABF-1E95-09E886BB9801} deleted successfully
C:\PROGRA~3\{7C995788-CB32-E023-1768-C28EDB73E9C5} deleted successfully
C:\PROGRA~3\{7CBF93FB-CB14-2450-D3AE-BCBC7827387B} deleted successfully
C:\PROGRA~3\{7CDC623D-CB77-D596-FFE8-E06031F08A5A} deleted successfully
C:\PROGRA~3\{7D7D6ED9-CAD6-D972-FB13-5CFD086A93D1} deleted successfully
C:\PROGRA~3\{8518E7D3-32B3-5078-4743-BFD97374671A} deleted successfully
C:\PROGRA~3\{899158A1-3E3A-EF0A-7721-10C392E1973A} deleted successfully
C:\PROGRA~3\{8ECC1717-3967-A0BC-643D-BA01EF252B19} deleted successfully
C:\PROGRA~3\{929FBDE2-2534-0A49-79A6-CACDFF061ACD} deleted successfully
C:\PROGRA~3\{9409E97A-23A2-5ED1-54EA-BBB602BAD5ED} deleted successfully
C:\PROGRA~3\{96B3BAC8-2118-0D63-5BE7-9CCB109F92BC} deleted successfully
C:\PROGRA~3\{9E07956E-29AC-22C5-7122-3D9FDA6CE6CC} deleted successfully
C:\PROGRA~3\{A4E94271-1342-F5DA-2F16-92354430913D} deleted successfully
C:\PROGRA~3\{ADD8EF3D-1A73-5896-55D6-B502330BC0F3} deleted successfully
C:\PROGRA~3\{B0829170-0729-26DB-FDF1-2DABE31D0DDF} deleted successfully
C:\PROGRA~3\{B6787064-01D3-C7CF-6807-1A7566D841C7} deleted successfully
C:\PROGRA~3\{C9D6FE21-7E7D-498A-4CB9-ABA6C0E196EF} deleted successfully
C:\PROGRA~3\{CD503F7A-7AFB-88D1-AA8E-102E9839FDA5} deleted successfully
C:\PROGRA~3\{CDFF537B-7A54-E4D0-00C0-02409DC9BB48} deleted successfully
C:\PROGRA~3\{CFFAF2F5-7851-455E-B16A-8B78BF5860E2} deleted successfully
C:\PROGRA~3\{D8352E8F-6F9E-9924-D8FF-0FC342F896DE} deleted successfully
C:\PROGRA~3\{E41F6006-53B4-D7AD-8DA4-3DC5EFB058EF} deleted successfully
C:\PROGRA~3\{E4BD55FC-5316-E257-1306-477553B1FB7F} deleted successfully
C:\PROGRA~3\{E583F77F-5228-40D4-D736-3EA835065C39} deleted successfully
C:\PROGRA~3\{EBBA2EEE-5C11-9945-1863-D4C8D31D98CF} deleted successfully
C:\PROGRA~3\{F1D4198B-467F-AE20-BC63-B9B2285515BA} deleted successfully
C:\PROGRA~3\{F2182982-45B3-9E29-6B47-8FF10B170B89} deleted successfully
C:\PROGRA~3\{F9C98569-4E62-32C2-AAD2-9F0BF084D29C} deleted successfully
C:\Users\lukykos\AppData\Local\ActiveSync deleted successfully
C:\Users\lukykos\AppData\Local\Adobe deleted successfully
C:\Users\lukykos\AppData\Local\lptmp deleted successfully
C:\Users\lukykos\AppData\Local\Profiles deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\CrashDumps deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0101B50B-8513-4EFD-AE64-464520CF2203} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0DA527BF-0F0A-422F-A392-EFBE7E5F628C} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{114E89B3-BBDE-400B-BC18-8B6E29DC384B} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D32900C-955D-45C8-AE54-3D4DDE71E7AC} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21712C00-D8F9-4325-A3D9-EC7C802BFC06} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2662523C-9ECF-474B-A7A6-04A8D66A5222} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D5D9C1C-F6D7-4682-9368-AA309C4CA76F} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{316C0128-F019-489B-805C-0FE6EC23E4A8} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3551B7FE-3302-4000-9360-DBFE02990AF1} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47F4E95C-351B-4557-9DB5-1A03C84641E8} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4818E77B-D94C-4153-8AF8-320808DE6947} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4BB6784A-C54C-45E8-8243-DF753630A849} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{585DBF2A-3DAE-4EF9-AF4D-383046ED16B2} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74280DC0-EF58-47BF-B7AB-83ED20C36564} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7510E887-25D8-40B1-A55D-5F528AAB6D94} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7651E436-391E-42FC-8F01-D1AD63C86F9C} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A83B011-3040-45B7-A796-E6FCB7A1F41E} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80AED33D-8B1B-4152-90A9-4D4D33992D27} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83DE8609-2BA1-4334-92F9-8CCD47EE6CF9} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{856E55EA-D071-4301-974D-0728DEBB19EF} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88A55E75-D1F1-4441-B086-B3B47FCC1590} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97CF0540-6797-4FDB-B611-AFC21007D722} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{990B479B-2B79-458F-B15A-85862763D69B} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9FC08138-1FD6-4598-823C-FDFC8F43F269} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A23466D8-6AEB-40BD-B05B-4C54D347DCB4} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A93163CF-63E6-4BA4-93AF-E55294B18345} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE0823E6-7319-4FBF-9B53-0050A278AC6C} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2925937-A5C0-4EC5-A7EB-BE55976AB175} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C70B34EA-FA27-437F-91C6-885C69180D85} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D871DAE0-9662-431A-A12C-5C0C4507A29D} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA7128F0-C553-484A-BBFB-069C03374D9E} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCE54A16-D7B0-4FC9-AD46-5536857C9B47} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCFCC2EC-3F33-45A8-8ADF-A6C81F11232F} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7409536-6C5B-4894-B83D-BB09120F9088} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA2AD8B9-E713-4E39-9CA3-345EC2A29A4D} deleted successfully
HKEY_USERS\S-1-5-21-2668155180-1392316393-2198943076-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5C89F56-B248-4078-9B63-EE93664C231B} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\lukykos\AppData\Roaming\Profiles\cekerykajaingativucult\prefs.js:
user_pref("browser.startup.homepage", "http://www.youndoo.com/?z=6fddb4ad109f3 ... 57&type=hp");
user_pref("browser.newtab.url", "http://www.youndoo.com/?z=6fddb4ad109f3 ... 57&type=hp");
user_pref("browser.search.defaultenginename", "youndoo");
user_pref("browser.search.selectedEngine", "youndoo");
Added to C:\Users\lukykos\AppData\Roaming\Profiles\cekerykajaingativucult\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542\prefs.js:
user_pref("browser.startup.homepage", "http://hp.myway.com/filmfanatic/ttab02/ ... &si=627101");
user_pref("browser.newtab.url", "C:\\ProgramData\\oceps\\ff.NT");
user_pref("browser.search.selectedEngine", "");
Added to C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\cips93d2.default\prefs.js:
user_pref("browser.startup.homepage", "");
user_pref("browser.newtab.url", "");
user_pref("browser.search.selectedEngine", "");
user_pref("keyword.URL", "http://www-searching.com/search.aspx?si ... &s=Unknown");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\cips93d2.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144\prefs.js:
Added to C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\lukykos\AppData\Roaming\Profiles\cekerykajaingativucult
user.js not found
---- Lines searches removed from prefs.js ----
user_pref("browser.urlbar.suggest.searches", true);
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----
prefs__1832_.backup
ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542
user.js not found
---- Lines mindspark removed from prefs.js ----
user_pref("extensions.toolbar.mindspark._gtMembers_.lastActivePing", "1490460809623");
user_pref("extensions.toolbar.mindspark._paMembers_.lastActivePing", "1490460830778");
user_pref("extensions.toolbar.mindspark.hp.enabled", false);
user_pref("extensions.toolbar.mindspark.lastInstalled", "filmfanatic2@mindspark.com");
---- FireFox user.js and prefs.js backups ----
prefs__1832_.backup
ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\cips93d2.default
user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----
prefs__1832_.backup
ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs__1832_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~3\{05D80F2B-B273-B880-933E-FA517BE9A2CE} not found
C:\PROGRA~3\{06E7CD0A-B14C-7AA1-E5EA-47530BC945F0} not found
C:\PROGRA~3\{0899AFC8-BF32-1863-6CC9-78336B4279EE} not found
C:\PROGRA~3\{09AEFE6E-BE05-49C5-94C4-AE7D72040EBD} not found
C:\PROGRA~3\{0ECE888E-B965-3F25-E484-8F4AF6B6173D} not found
C:\PROGRA~3\{11597869-A6F2-CFC2-221F-D20D334FE5B6} not found
C:\PROGRA~3\{119D5BEB-A636-EC40-3FA1-78CCFB144D2F} not found
C:\PROGRA~3\{1576FBDC-A2DD-4C77-F202-40FE6E2E42D1} not found
C:\PROGRA~3\{1B34E018-AC9F-57B3-BEFF-09E1444B4084} not found
C:\PROGRA~3\{1B4DEA7D-ACE6-5DD6-CBA3-B3B4D74E8A05} not found
C:\PROGRA~3\{1B9B808D-AC30-3726-4572-439BB44CE605} not found
C:\PROGRA~3\{203989DE-9792-3E75-F5F2-EE02D3FF55FC} not found
C:\PROGRA~3\{2264E049-95CF-57E2-3E2A-CDBC05E73188} not found
C:\PROGRA~3\{299D261F-9E36-91B4-2894-5AEC8BBDC518} not found
C:\PROGRA~3\{31127FF7-86B9-C85C-89CE-361276409D1A} not found
C:\PROGRA~3\{35273A61-828C-8DCA-8CE5-5FB97D27D681} not found
C:\PROGRA~3\{36A0494C-810B-FEE7-A6D0-7D892DB0D54B} not found
C:\PROGRA~3\{38CC076F-8F67-B0C4-0352-3AF4BB22EE65} not found
C:\PROGRA~3\{38DABB64-8F71-0CCF-6B89-B4C454A5CE64} not found
C:\PROGRA~3\{3E793E0D-89D2-89A6-F277-5C011EE8D9F5} not found
C:\PROGRA~3\{4D54E968-FAFF-5EC3-C645-6AA024054E11} not found
C:\PROGRA~3\{55B99A20-E212-2D8B-E4A1-DBFAFE24F06E} not found
C:\PROGRA~3\{56A4B67C-E10F-01D7-6311-668609A07EFC} not found
C:\PROGRA~3\{59F5DF12-EE5E-68B9-6872-914D9A6165A7} not found
C:\PROGRA~3\{5C5A8382-EBF1-3429-5A72-BC58BFFA019E} not found
C:\PROGRA~3\{5C9A3476-EB31-83DD-4693-BA29EEC61C78} not found
C:\PROGRA~3\{651044B9-D2BB-F312-1649-060647157667} not found
C:\PROGRA~3\{65AAD0AC-D201-6707-A569-F7F478E7D9FB} not found
C:\PROGRA~3\{6B97C952-DC3C-7EF9-3AE8-FE66D6143677} not found
C:\PROGRA~3\{6C6C1653-DBC7-A1F8-2D30-E211E824C758} not found
C:\PROGRA~3\{70170708-C7BC-B0A3-1DD0-20BDAAE9769D} not found
C:\PROGRA~3\{7144E9FE-C6EF-5E55-39D8-ABD1A487FD5B} not found
C:\PROGRA~3\{7171A84A-C6DA-1FE1-DE7E-25EF12E5148E} not found
C:\PROGRA~3\{777C0CDB-C0D7-BB70-F62C-F5128F43849A} not found
C:\PROGRA~3\{7A973D83-CD3C-8A28-0C29-4F7B0B3672E6} not found
C:\PROGRA~3\{7C2B3D14-CB80-8ABF-1E95-09E886BB9801} not found
C:\PROGRA~3\{7C995788-CB32-E023-1768-C28EDB73E9C5} not found
C:\PROGRA~3\{7CBF93FB-CB14-2450-D3AE-BCBC7827387B} not found
C:\PROGRA~3\{7CDC623D-CB77-D596-FFE8-E06031F08A5A} not found
C:\PROGRA~3\{7D7D6ED9-CAD6-D972-FB13-5CFD086A93D1} not found
C:\PROGRA~3\{8518E7D3-32B3-5078-4743-BFD97374671A} not found
C:\PROGRA~3\{899158A1-3E3A-EF0A-7721-10C392E1973A} not found
C:\PROGRA~3\{8ECC1717-3967-A0BC-643D-BA01EF252B19} not found
C:\PROGRA~3\{929FBDE2-2534-0A49-79A6-CACDFF061ACD} not found
C:\PROGRA~3\{9409E97A-23A2-5ED1-54EA-BBB602BAD5ED} not found
C:\PROGRA~3\{96B3BAC8-2118-0D63-5BE7-9CCB109F92BC} not found
C:\PROGRA~3\{9E07956E-29AC-22C5-7122-3D9FDA6CE6CC} not found
C:\PROGRA~3\{A4E94271-1342-F5DA-2F16-92354430913D} not found
C:\PROGRA~3\{ADD8EF3D-1A73-5896-55D6-B502330BC0F3} not found
C:\PROGRA~3\{B0829170-0729-26DB-FDF1-2DABE31D0DDF} not found
C:\PROGRA~3\{B6787064-01D3-C7CF-6807-1A7566D841C7} not found
C:\PROGRA~3\{C9D6FE21-7E7D-498A-4CB9-ABA6C0E196EF} not found
C:\PROGRA~3\{CD503F7A-7AFB-88D1-AA8E-102E9839FDA5} not found
C:\PROGRA~3\{CDFF537B-7A54-E4D0-00C0-02409DC9BB48} not found
C:\PROGRA~3\{CFFAF2F5-7851-455E-B16A-8B78BF5860E2} not found
C:\PROGRA~3\{D8352E8F-6F9E-9924-D8FF-0FC342F896DE} not found
C:\PROGRA~3\{E41F6006-53B4-D7AD-8DA4-3DC5EFB058EF} not found
C:\PROGRA~3\{E4BD55FC-5316-E257-1306-477553B1FB7F} not found
C:\PROGRA~3\{E583F77F-5228-40D4-D736-3EA835065C39} not found
C:\PROGRA~3\{EBBA2EEE-5C11-9945-1863-D4C8D31D98CF} not found
C:\PROGRA~3\{F1D4198B-467F-AE20-BC63-B9B2285515BA} not found
C:\PROGRA~3\{F2182982-45B3-9E29-6B47-8FF10B170B89} not found
C:\PROGRA~3\{F9C98569-4E62-32C2-AAD2-9F0BF084D29C} not found
C:\PROGRA~2\Tolisykerroward deleted
C:\Users\lukykos\AppData\Roaming\.pixelmon-beta deleted
C:\Users\lukykos\AppData\Roaming\.technic deleted
C:\Users\lukykos\AppData\Roaming\Curse Client deleted
C:\Users\lukykos\AppData\Roaming\Factorio deleted
C:\windows\SysNative\Tasks\{62D58402-D57E-33A9-866B-427B8F3261E7} deleted
C:\windows\SysNative\Tasks\{CDA5889D-7A0E-3F36-0DAC-C1F834128FC7} deleted
C:\Users\lukykos\.android deleted
C:\install.exe deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\lukykos\AppData\Local\Unity deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\Users\lukykos\AppData\LocalLow\Unity deleted
C:\windows\SysNative\tasks\SMW_UpdateTask_Time_323238343538353637382d375055574132506c572a4a45 deleted
C:\WINDOWS\tasks\SMW_UpdateTask_Time_323238343538353637382d3437415a556c2a3223346c41.job deleted
C:\windows\SysNative\GroupPolicy\Adm deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542\extensions\firefox@mega.co.nz.xpi deleted
C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\cips93d2.default\extensions\firefox@mega.co.nz.xpi deleted
C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\cips93d2.default\extensions\staged deleted
C:\Users\lukykos\AppData\Local\statstrip.exe.config deleted
"C:\Users\lukykos\AppData\Local\LumaEmu" deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\lukykos\AppData\Roaming\Profiles\cekerykajaingativucult
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\cips93d2.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
ProfilePath: C:\Users\lukykos\AppData\Roaming\Profiles\cekerykajaingativucult
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- GsearchFinder - %ProfilePath%\extensions\@90B817C8-8A5C-413B-9DDD-B2C61ED6E79A.xpi
- S3.Google Translator - %ProfilePath%\extensions\s3google@translator.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\cips93d2.default
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- Adblock Plus Pop-up Addon - %ProfilePath%\extensions\adblockpopups@jessehakanen.net.xpi
- Firefox Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi
- S3.Google Translator - %ProfilePath%\extensions\s3google@translator.xpi
- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
ProfilePath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- Firefox Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542
E8D38E8FB6EC88E7B0E0B4D9AC9B0725 - C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll - Shockwave Flash
7CE6CE44C5FE8053BC167567AA80FDE5 - C:\Users\lukykos\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\NPRobloxProxy.dll - Roblox Launcher Plugin
D58510F2BE61676086E342692EC4768B - C:\Users\lukykos\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\NPRobloxProxy64.dll - Roblox Launcher Plugin
==== Fake Chromium Profiles Check ======================
Fake profile C:\Users\Default\AppData\Local\Google\Chrome deleted
==== Chromium Look ======================
Seznam Lištička - Email - lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Lištička - Slovník - lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Slither.io Mods Skins - lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkfpaolkkchfafkhdleklbddpcolkdea
SlitherX Sidebar Mods & Skins - lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpnncaegjbbljnidgkfhgmhnmpiclplp
Seznam Lištička - Rychlá volba - lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
Chrome Media Router - lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
UC浏览器活动 - lukykos\AppData\Local\UCBrowser\User Data\Default\Extensions\acbckhilidhkcoenjgmejpgnnmcbhjhi
Ghostify FREE - lukykos\AppData\Local\UCBrowser\User Data\Default\Extensions\oaocmnfllndpbbmjmniielgaanaifehp
UC Nexus - lukykos\AppData\Local\UCBrowser\User Data\Default\Extensions\pogijhnlcfmcppgimcaccdkmbedjkmhi
==== Chromium Fix ======================
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_search.safefinder.com_0.localstorage deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_search.safefinder.com_0.localstorage-journal deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.safefinder.com_0.localstorage deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.safefinder.com_0.localstorage-journal deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.donation-tools.org_0.localstorage deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.donation-tools.org_0.localstorage-journal deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.davebestdeals.com_0.localstorage deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.davebestdeals.com_0.localstorage-journal deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.davebestdeals.com_0.localstorage deleted successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.davebestdeals.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQ0NfCDSlzGblGQ1kgbwEZHdqo0b4jwRIV5K2_lJDaj_y0IucbRX5ga21ySqGLPW8kn8L-8-gCYnE8EjZqvOLXaBhtLb40w,"
"Search Page"="https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0WBFC1GXK1JxPajbucrKLB0aZsBqpQo2kSGXsCejo7enDW2dmAwOftqZ4dODJ8KFErtQ0,&q={searchTerms}"
"Search Bar"="https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0WBFC1GXK1JxPajbucrKLB0aZsBqpQo2kSGXsCejo7enDW2dmAwOftqZ4dODJ8KFErtQ0,&q={searchTerms}"
"SearchAssistant"="https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0WBFC1GXK1JxPajbucrKLB0aZsBqpQo2kSGXsCejo7enDW2dmAwOftqZ4dODJ8KFErtQ0,&q={searchTerms}"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0WBFC1GXK1JxPajbucrKLB0aZsBqpQo2kSGXsCejo7enDW2dmAwOftqZ4dODJ8KFErtQ0,&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0WBFC1GXK1JxPajbucrKLB0aZsBqpQo2kSGXsCejo7enDW2dmAwOftqZ4dODJ8KFErtQ0,&q={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0WBFC1GXK1JxPajbucrKLB0aZsBqpQo2kSGXsCejo7enDW2dmAwOftqZ4dODJ8KFErtQ0,&q={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0WBFC1GXK1JxPajbucrKLB0aZsBqpQo2kSGXsCejo7enDW2dmAwOftqZ4dODJ8KFErtQ0,&q={searchTerms}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{ielnksrch}"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQ0NfCDSlzGblGQ1kgbwEZHdqo0b4jwRIV5K2_lJDaj_y0IucbRX5ga21ySqGLPW8kn8L-8-gCYnE8EjZqvOLXaBhtLb40w,"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
{ielnksrch} Search the web Url="https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjVh2Li4LLGrp3kcTjCnGQyS6iK5eg-gplDjpCiXl7DOYlhU96kglX666q7PNj2APQFeF9yhIOml62_eMS3L2hRFvW0WBFC1GXK1JxPajbucrKLB0aZsBqpQo2kSGXsCejo7enDW2dmAwOftqZ4dODJ8KFErtQ0,&q={searchTerms}"
==== Reset Google Chrome ======================
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\lukykos\AppData\Local\UCBrowser\User Data\Default\Preferences was reset successfully
C:\Users\lukykos\AppData\Local\UCBrowser\User Data\Default\Secure Preferences was reset successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\lukykos\AppData\Local\UCBrowser\User Data\Default\Web Data.65 was reset successfully
C:\Users\lukykos\AppData\Local\UCBrowser\User Data\Default\Web Data.65-journal was reset successfully
==== shortcuts on Users Desktops ======================
C:\Users\lukykos\Desktop\Counter-Strike Global Offensive WaRzOnE.lnk - C:\Games\Counter-Strike Global Offensive\csgo_launcher.exe
C:\Users\lukykos\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D?publisher=apsnapdoam&co=CZ&userid=2bf485ac-f8e0-dba2-57a7-be789e4d2538&searchtype=sc&installDate=15.03.2017&barcodeid=50046888&channelid=888&av=windows
C:\Users\lukykos\Desktop\ROBLOX Player.lnk - C:\Users\lukykos\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\RobloxPlayerLauncher.exe -browser
C:\Users\lukykos\Desktop\ROBLOX Studio.lnk - C:\Users\lukykos\AppData\Local\Roblox\Versions\RobloxStudioLauncherBeta.exe -ide
C:\Users\lukykos\Desktop\stranka predlohy\PSPad.lnk - C:\Program Files (x86)\PSPad editor\PSPad.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Fraps.lnk - C:\Fraps\fraps.exe
C:\Users\Public\Desktop\gBurner.lnk - C:\Program Files (x86)\gBurner\gBurner.exe
C:\Users\Public\Desktop\Grand Theft Auto V.lnk - C:\Program Files\Rockstar Games\Grand Theft Auto V\PlayGTAV.exe
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.11.266\McUICnt.exe SecurityScanner.dll
C:\Users\Public\Desktop\Mine-imator.lnk - C:\Users\lukykos\Mine-imator\Mine-imator.exe
C:\Users\Public\Desktop\Minecraft.lnk - C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\oceps\snp.sc
C:\Users\Public\Desktop\Pixelmon Launcher.lnk - C:\Program Files (x86)\Pixelmon Launcher (Beta)\PixelmonLauncher.exe
C:\Users\Public\Desktop\PokeCraft GameTeam 1.7.10.lnk - C:\GameTeamPokeCraft\PokeCraft GameTeam.jar PokeCraft GameTeam 1.7.10
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}\SkypeIcon.exe
C:\Users\Public\Desktop\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
==== shortcuts in Users Start Menu ======================
C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\lukykos\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www%2dsearching.com/?prd=set_epf&s=g7fzamobl17639br,35b92afd-c5de-4708-b366-f8517b70eca1,
C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox\ROBLOX Player.lnk - C:\Users\lukykos\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\RobloxPlayerLauncher.exe -browser
C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox\ROBLOX Studio.lnk - C:\Users\lukykos\AppData\Local\Roblox\Versions\RobloxStudioLauncherBeta.exe -ide
C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk - C:\Users\lukykos\AppData\Roaming\Curse Client\Bin\Curse.exe /startup
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D?publisher=apsnapdoam&co=CZ&userid=2bf485ac-f8e0-dba2-57a7-be789e4d2538&searchtype=sc&installDate=15.03.2017&barcodeid=50046888&channelid=888&av=windows
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\oceps\snp.sc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends\League of Legends.lnk - C:\Riot Games\League of Legends\lol.launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk - C:\WINDOWS\SysWOW64\msiexec.exe /i {89E5827E-EAE7-47F2-A57F-52D92C671983} REMOVE=ALL
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /show
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D?publisher=apsnapdoam&co=CZ&userid=2bf485ac-f8e0-dba2-57a7-be789e4d2538&searchtype=sc&installDate=15.03.2017&barcodeid=50046888&channelid=888&av=windows
C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PSPad.lnk - C:\Program Files (x86)\PSPad editor\PSPad.exe
C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www%2dsearching.com/?prd=set_epf&s=g7fzamobl17639br,35b92afd-c5de-4708-b366-f8517b70eca1,
C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Search.lnk - C:\program files\internet explorer\iexplore.exe http://www%2dsearching.com/?prd=set_epf&s=g7fzamobl17639br,35b92afd-c5de-4708-b366-f8517b70eca1,
==== shortcuts After Repair ======================
C:\Users\lukykos\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\lukykos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Search.lnk - C:\Program Files\Internet Explorer\iexplore.exe
==== Deleting Registry Keys ======================
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\lukykos\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\lukykos\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\lukykos\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\lukykos\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
C:\Users\lukykos\AppData\Local\Mozilla\Firefox\Profiles\acezlehe.default-1470335100542\cache2 emptied successfully
C:\Users\lukykos\AppData\Local\Mozilla\Firefox\Profiles\vfsjcrmr.default-1482085377144\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\lukykos\AppData\Local\UCBrowser\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=10063 folders=2076 4669715891 bytes)
==== Empty Temp Folders ======================
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\lukykos\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 25.03.2017 at 18:47:01,58 ======================
Re: vyskakují reklamy,nezůstává domovská stránka
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.2 (03.10.2017)
Operating System: Windows 10 Home x64
Ran by lukykos (Administrator) on 25.03.2017 at 18:54:34,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 14
Successfully deleted: C:\ProgramData\ocep (Folder)
Successfully deleted: C:\Users\lukykos\AppData\Local\2345explorer (Folder)
Successfully deleted: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Folder)
Successfully deleted: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd (Folder)
Successfully deleted: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Folder)
Successfully deleted: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bgjpfhpjcgdppjbgnpnjllokbmcdllig_0.localstorage-journal (File)
Successfully deleted: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bgjpfhpjcgdppjbgnpnjllokbmcdllig_0.localstorage (File)
Successfully deleted: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_blmojkbhnkkphngknkmgccmlenfaelkd_0.localstorage-journal (File)
Successfully deleted: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_blmojkbhnkkphngknkmgccmlenfaelkd_0.localstorage (File)
Successfully deleted: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage-journal (File)
Successfully deleted: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage (File)
Successfully deleted: C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\search.lnk (Shortcut)
Successfully deleted: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\cips93d2.default\searchplugins\smod.xml (File)
Successfully deleted: C:\WINDOWS\SysWOW64\findit.xml (File)
Registry: 3
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\SearchAssistant (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page (Registry Value)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.03.2017 at 18:57:17,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.2 (03.10.2017)
Operating System: Windows 10 Home x64
Ran by lukykos (Administrator) on 25.03.2017 at 18:54:34,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 14
Successfully deleted: C:\ProgramData\ocep (Folder)
Successfully deleted: C:\Users\lukykos\AppData\Local\2345explorer (Folder)
Successfully deleted: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Folder)
Successfully deleted: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd (Folder)
Successfully deleted: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Folder)
Successfully deleted: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bgjpfhpjcgdppjbgnpnjllokbmcdllig_0.localstorage-journal (File)
Successfully deleted: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bgjpfhpjcgdppjbgnpnjllokbmcdllig_0.localstorage (File)
Successfully deleted: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_blmojkbhnkkphngknkmgccmlenfaelkd_0.localstorage-journal (File)
Successfully deleted: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_blmojkbhnkkphngknkmgccmlenfaelkd_0.localstorage (File)
Successfully deleted: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage-journal (File)
Successfully deleted: C:\Users\lukykos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage (File)
Successfully deleted: C:\Users\lukykos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\search.lnk (Shortcut)
Successfully deleted: C:\Users\lukykos\AppData\Roaming\Mozilla\Firefox\Profiles\cips93d2.default\searchplugins\smod.xml (File)
Successfully deleted: C:\WINDOWS\SysWOW64\findit.xml (File)
Registry: 3
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\SearchAssistant (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page (Registry Value)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.03.2017 at 18:57:17,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vyskakují reklamy,nezůstává domovská stránka
Už je to OK?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?