Hodně moc virů a reklam na ruský stránky

[PavlinQa1234]

RogueKiller V12.4.3.0 (x64) [Aug 8 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9600) 64 bits version
Spuštěno : Normální režim
Uživatel : Ji?í [Práva správce]
Started from : C:\Users\Ji?í\Downloads\RogueKillerX64.exe
Mód : Prohledat -- Datum : 08/10/2016 00:12:41

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 1 ¤¤¤
[Suspicious.Path][Soubor] C:\Users\Ji?í\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [LNK@] C:\Users\Ji?í\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe "--startup" -> Nalezeno

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000DM003-1ER162 +++++
--- User ---
[MBR] ae74cf4d104c2ddfad2c1dee886b4401
[BSP] 2f65766060e6f237a735b8483b4208f1 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 953517 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WD My Passport 0827 USB Device +++++
--- User ---
[MBR] 7857ef4cd6e44ae38f991f73ddd52ac5
[BSP] 55687c994ef058d436de027932e394c5 : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953836 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

[Reklama]

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.

Vypni antivir i firewall.
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Vlož nový log z HJT + informuj o problémech.

[PavlinQa1234]

RogueKiller V12.4.3.0 (x64) [Aug 8 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9600) 64 bits version
Spuštěno : Normální režim
Uživatel : Ji?í [Práva správce]
Started from : C:\Users\Ji?í\Downloads\RogueKillerX64.exe
Mód : Smazat -- Datum : 08/10/2016 11:35:27

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 1 ¤¤¤
[Suspicious.Path][Soubor] C:\Users\Ji?í\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [LNK@] C:\Users\Ji?í\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe "--startup" -> Smazáno

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000DM003-1ER162 +++++
--- User ---
[MBR] ae74cf4d104c2ddfad2c1dee886b4401
[BSP] 2f65766060e6f237a735b8483b4208f1 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 953517 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

[PavlinQa1234]

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Jiýˇ on st 10. 08. 2016 at 11:38:19,45.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\JI10BB~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

10. 8. 2016 11:38:44 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\Users\JI10BB~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Counter-Strike 1.6 deleted successfully
C:\Users\JI10BB~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\San Andreas Multiplayer deleted successfully
C:\Users\JI10BB~1\AppData\\LocalGoogle deleted successfully
C:\Users\JI10BB~1\AppData\Local\EmieSiteList deleted successfully
C:\Users\JI10BB~1\AppData\Local\EmieUserList deleted successfully
C:\Users\JI10BB~1\AppData\Local\PackageStaging deleted successfully
C:\Users\JI10BB~1\AppData\Local\Unity deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2083599567-3356488530-3129411815-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{8E8F97CD-60B5-456F-A201-73065652D099} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HssTrayService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\hshld deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hshld deleted successfully

==== Deleting Files \ Folders ======================

C:\install.exe deleted
C:\slovnik quenya.exe deleted
C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\JI10BB~1\AppData\Local\CrashRpt deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\CrashRpt deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\JI10BB~1\AppData\LocalLow\Unity deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\Hotspot Shield deleted
C:\Users\Jiýˇ\Downloads\Bridge Constructor\BridgeConstructor - Instalace.exe deleted
"C:\Windows\Installer\52a6a54.msi" deleted
"C:\PROGRA~2\Hotspot Shield\bin\api-ms-win-crt-convert-l1-1-0.dll" deleted
"C:\PROGRA~2\Hotspot Shield\bin\api-ms-win-crt-environment-l1-1-0.dll" deleted
"C:\PROGRA~2\Hotspot Shield\bin\api-ms-win-crt-filesystem-l1-1-0.dll" deleted
"C:\PROGRA~2\Hotspot Shield\bin\api-ms-win-crt-heap-l1-1-0.dll" deleted
"C:\PROGRA~2\Hotspot Shield\bin\api-ms-win-crt-locale-l1-1-0.dll" deleted
"C:\PROGRA~2\Hotspot Shield\bin\api-ms-win-crt-math-l1-1-0.dll" deleted
"C:\PROGRA~2\Hotspot Shield\bin\api-ms-win-crt-multibyte-l1-1-0.dll" deleted
"C:\PROGRA~2\Hotspot Shield\bin\api-ms-win-crt-runtime-l1-1-0.dll" deleted
"C:\PROGRA~2\Hotspot Shield\bin\api-ms-win-crt-stdio-l1-1-0.dll" deleted
"C:\PROGRA~2\Hotspot Shield\bin\api-ms-win-crt-string-l1-1-0.dll" deleted
"C:\PROGRA~2\Hotspot Shield\bin\api-ms-win-crt-time-l1-1-0.dll" deleted
"C:\PROGRA~2\Hotspot Shield\bin\api-ms-win-crt-utility-l1-1-0.dll" deleted
"C:\PROGRA~2\Hotspot Shield\bin\CrashRpt1403.dll" deleted
"C:\PROGRA~2\Hotspot Shield\bin\HSSCP.exe" deleted
"C:\PROGRA~2\Hotspot Shield\bin\msvcp140.dll" deleted
"C:\PROGRA~2\Hotspot Shield\bin\ucrtbase.dll" deleted
"C:\PROGRA~2\Hotspot Shield\bin\vcruntime140.dll" deleted
"C:\PROGRA~3\Hotspot Shield\logs\hsscp_20160810.log" deleted
"C:\PROGRA~2\Hotspot Shield" deleted
"C:\PROGRA~3\Hotspot Shield" deleted
"C:\PROGRA~2\Hotspot Shield\bin" deleted
"C:\PROGRA~3\Hotspot Shield\config" deleted
"C:\PROGRA~3\Hotspot Shield\logs" deleted
"C:\PROGRA~3\Hotspot Shield\config\hsspx" deleted

==== Orphaned Tasks deleted from Registry ======================

Imperia Online D1 deleted
Imperia Online N deleted
Imperia Online W1 deleted
Imperia Online W2 deleted
Imperia Online W3 deleted
Imperia Online W4 deleted

==== Chromium Look ======================


Chrome Media Router - JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Fix ======================

C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_toolbar.yahoo.com_0.localstorage deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_toolbar.yahoo.com_0.localstorage-journal deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_findmusicbylyrics.com_0.localstorage deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_findmusicbylyrics.com_0.localstorage-journal deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.allthelyrics.com_0.localstorage deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.allthelyrics.com_0.localstorage-journal deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.savemygame.fr_0.localstorage deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.savemygame.fr_0.localstorage-journal deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adf.ly_0.localstorage deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adf.ly_0.localstorage-journal deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage-journal deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advert.uloz.to_0.localstorage deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advert.uloz.to_0.localstorage-journal deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.cmptch.com_0.localstorage deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.cmptch.com_0.localstorage-journal deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.donation-tools.org_0.localstorage deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.donation-tools.org_0.localstorage-journal deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mcskinsearch.com_0.localstorage deleted successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mcskinsearch.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\24C995FA5E2A15247BEE94521A769032 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D623BBA0-AD59-47AD-9547-6F8174413CF7} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HotspotShield deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AF599C42-A2E5-4251-B7EE-4925A1670923} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\24C995FA5E2A15247BEE94521A769032 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\JI10BB~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\JI10BB~1\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\JI10BB~1\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\JI10BB~1\AppData\Local\Microsoft\Windows\INetCache\IE\MAM42T1V will be deleted at reboot
C:\Users\JI10BB~1\AppData\Local\Microsoft\Windows\INetCache\IE\NPNH51WQ will be deleted at reboot
C:\Users\JI10BB~1\AppData\Local\Microsoft\Windows\INetCache\IE\SQWUR0AH will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=436 folders=93 105441528 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\JI10BB~1\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\JI10BB~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
"C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\JI10BB~1\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted
"C:\Users\JI10BB~1\AppData\Local\Microsoft\Windows\INetCache\IE\MAM42T1V" not found
"C:\Users\JI10BB~1\AppData\Local\Microsoft\Windows\INetCache\IE\NPNH51WQ" not found
"C:\Users\JI10BB~1\AppData\Local\Microsoft\Windows\INetCache\IE\SQWUR0AH" not found

==== EOF on st 10. 08. 2016 at 11:51:14,27 ======================

[PavlinQa1234]

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:53:15, on 10. 8. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe
C:\Program Files (x86)\Clownfish\Clownfish.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Jiří\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [PC Remote Server] C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe /silent
O4 - HKCU\..\Run: [Clownfish] "C:\Program Files (x86)\Clownfish\Clownfish.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Codec Pack Update Checker] "C:\Windows\system32\Codecs\UpdateChecker.exe"
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PACE License Services (PaceLicenseDServices) - PACE Anti-Piracy, Inc. - C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9841 bytes

[PavlinQa1234]

Při napsání něčeho do Googlu, zmáčnutím enter se mi daná věta kterou vyhledávám, zobrazí na této stránce http://nova.rambler.ru/search?query=kravina, ostatní problémy již nejsou :)

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Codec Pack Update Checker] "C:\Windows\system32\Codecs\UpdateChecker.exe"
O4 - HKCU\..\Run: [Codec Pack Update Checker] "C:\Windows\system32\Codecs\UpdateChecker.exe"

Vyčisti systém CCleanerem

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[PavlinQa1234]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2016
Ran by Jiří (administrator) on LEATHERFACE (20-08-2016 18:30:37)
Running from C:\Users\Jiří\Downloads
Loaded Profiles: Jiří (Available Profiles: Jiří)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(PC Remote) C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-07-20] (LogMeIn Inc.)
HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\Run: [PC Remote Server] => C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe [1190648 2014-10-12] (PC Remote)
HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1368816 2016-05-12] (Bogdan Sharkov)
HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-16] (Valve Corporation)
HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8894680 2016-08-05] (Piriform Ltd)
HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\MountPoints2: {1cd32224-07c5-11e6-8254-fcaa1475b0a1} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\MountPoints2: {1cd32256-07c5-11e6-8254-fcaa1475b0a1} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\MountPoints2: {1cd32296-07c5-11e6-8254-fcaa1475b0a1} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\MountPoints2: {d030d0eb-51b5-11e6-8260-fcaa1475b0a1} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\MountPoints2: {f750f86e-4f84-11e6-8260-fcaa1475b0a1} - "E:\Lenovo_Suite.exe"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.15
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{26E2A1A3-207B-4500-BCA7-45E4AE3672F4}: [DhcpNameServer] 192.168.1.15

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2083599567-3356488530-3129411815-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-08] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-08] (Oracle Corporation)

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-08] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-09] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2083599567-3356488530-3129411815-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jiří\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: Default -> mail.ru/cnt/11956636?rciguc__PARAM__
CHR StartupUrls: Default -> "hxxp://exensup.ru/?utm_source=startpage03&utm_content=1f58ddd739e064d7788f5568b5afa0ae&utm_term=DF10FEDC4F60E1F8112B85A3BD8FFEBF&utm_d=20160808"
CHR Profile: C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-13]
CHR Extension: (Dokumenty Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-13]
CHR Extension: (Disk Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-13]
CHR Extension: (YouTube) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-13]
CHR Extension: (Tabulky Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-13]
CHR Extension: (AdBlock) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-13]
CHR Extension: (Gmail) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-13]
CHR Extension: (Chrome Media Router) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-18]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [245544 2016-08-16] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
S2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2554376 2016-07-20] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [296432 2014-04-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-07-20] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
R2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2932224 2011-09-08] (PACE Anti-Piracy, Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [46016 2016-03-22] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42064 2016-05-27] (Anchorfree Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-08-10] ()
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S2 WCMVCAM; C:\Windows\system32\DRIVERS\wcmvcam64.sys [1071032 2012-04-15] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-20 18:30 - 2016-08-20 18:31 - 00016095 _____ C:\Users\Jiří\Downloads\FRST.txt
2016-08-20 18:30 - 2016-08-20 18:30 - 00000000 ____D C:\FRST
2016-08-20 18:29 - 2016-08-20 18:30 - 02396160 _____ (Farbar) C:\Users\Jiří\Downloads\FRST64.exe
2016-08-20 18:28 - 2016-08-20 18:28 - 00184676 _____ C:\Users\Jiří\Documents\cc_20160820_182806.reg
2016-08-20 18:20 - 2016-08-20 18:20 - 00002794 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-08-20 18:20 - 2016-08-20 18:20 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-08-20 18:20 - 2016-08-20 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-08-20 18:20 - 2016-08-20 18:20 - 00000000 ____D C:\Program Files\CCleaner
2016-08-20 18:18 - 2016-08-20 18:18 - 08227032 _____ (Piriform Ltd) C:\Users\Jiří\Downloads\ccsetup521.exe
2016-08-20 18:16 - 2016-08-20 18:16 - 00000000 ____D C:\Users\Jiří\Downloads\backups
2016-08-20 17:59 - 2016-08-20 17:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jiří\Downloads\HijackThis (1).exe
2016-08-20 00:48 - 2016-08-20 00:48 - 00020653 _____ C:\Users\Jiří\Desktop\Untitled.camproj
2016-08-20 00:33 - 2016-08-20 00:33 - 00000000 ____D C:\Users\Jiří\AppData\Local\TechSmith
2016-08-20 00:30 - 2016-08-20 00:30 - 00000000 ____D C:\Users\Jiří\Documents\Camtasia Studio
2016-08-20 00:30 - 2016-08-20 00:30 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\TechSmith
2016-08-20 00:29 - 2016-08-20 00:29 - 00001184 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2016-08-20 00:29 - 2016-08-20 00:29 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2016-08-20 00:29 - 2016-08-20 00:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2016-08-20 00:29 - 2016-08-20 00:29 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-08-20 00:28 - 2016-08-20 00:28 - 00000000 ____D C:\ProgramData\TechSmith
2016-08-20 00:28 - 2016-08-20 00:28 - 00000000 ____D C:\Program Files (x86)\TechSmith
2016-08-19 23:14 - 2016-08-19 23:42 - 255523923 _____ C:\Users\Jiří\Downloads\Camtasia-Studio-8-plná-verze-(+-klíč)-By-KoHi.zip
2016-08-19 22:53 - 2016-08-19 22:53 - 00000097 _____ C:\Users\Jiří\AppData\Roaming\LauncherSettings_live.cfg
2016-08-19 22:42 - 2016-08-19 22:42 - 00010308 _____ C:\Users\Jiří\AppData\Roaming\TheHunterSettings_live.bin
2016-08-19 22:41 - 2016-08-19 22:41 - 00000040 _____ C:\Users\Jiří\AppData\Roaming\TheHunterSettings_steam_live.cfg
2016-08-19 22:41 - 2016-08-19 22:41 - 00000000 ____D C:\Users\Jiří\Documents\theHunter
2016-08-19 22:41 - 2016-08-19 22:41 - 00000000 ____D C:\Users\Jiří\AppData\Local\theHunter
2016-08-19 22:41 - 2016-08-19 22:41 - 00000000 ____D C:\Users\Jiří\AppData\Local\CrashRpt
2016-08-19 22:38 - 2016-08-19 22:38 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\theHunterSteam
2016-08-19 22:38 - 2016-08-19 22:38 - 00000000 ____D C:\ProgramData\Hunter
2016-08-19 15:17 - 2016-08-19 15:18 - 00000000 ____D C:\Users\Jiří\Desktop\Nová složka (2)
2016-08-19 14:45 - 2016-08-19 14:45 - 00000000 ____D C:\Users\Jiří\AppData\LocalLow\Unity
2016-08-19 14:45 - 2016-08-19 14:45 - 00000000 ____D C:\Users\Jiří\AppData\Local\Unity
2016-08-19 14:45 - 2016-08-19 14:45 - 00000000 ____D C:\Users\Jiří\AppData\Local\Deployment
2016-08-19 14:45 - 2016-08-19 14:45 - 00000000 ____D C:\Users\Jiří\AppData\Local\Apps\2.0
2016-08-19 14:39 - 2016-08-19 14:47 - 96112851 _____ C:\Users\Jiří\Downloads\IGG-Terraria.v1.3.2.1.rar
2016-08-19 14:32 - 2016-08-19 14:33 - 88704499 _____ C:\Users\Jiří\Downloads\setup_Terraria_1.3.0.7_rus_eng.exe
2016-08-19 14:32 - 2016-08-19 14:32 - 00014213 _____ C:\Users\Jiří\Downloads\2006_Terraria.torrent
2016-08-19 14:20 - 2016-08-19 14:20 - 00000222 _____ C:\Users\Jiří\Desktop\theHunter.url
2016-08-19 12:18 - 2016-08-19 12:18 - 00000219 _____ C:\Users\Jiří\Desktop\Team Fortress 2.url
2016-08-19 01:11 - 2016-08-19 01:13 - 1081688576 _____ C:\Users\Jiří\Desktop\KMPlayer 2016-08-19 01-11-35-99.avi
2016-08-18 18:18 - 2016-08-18 18:28 - 2102748944 _____ C:\Users\Jiří\Downloads\Suicide Squad 2016 HD-TS x264-CPG.CZ.mkv
2016-08-18 18:17 - 2016-08-18 18:17 - 00020554 _____ C:\Users\Jiří\Downloads\[SkT]Sebevrazedny_oddil_-_Suicide_Squad_(2016)(CZ)[TS]__=_CSFD_72%.torrent
2016-08-18 18:17 - 2016-08-18 18:17 - 00014557 _____ C:\Users\Jiří\Downloads\[SkT]Zombieland_(CZ)(2009)[1080p]_=_CSFD_76%.torrent
2016-08-16 19:30 - 2016-08-16 19:30 - 00000000 ____D C:\Users\Jiří\AppData\LocalLow\Freejam
2016-08-16 19:23 - 2016-08-16 10:33 - 00245544 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2016-08-16 10:33 - 2016-08-16 10:33 - 00000222 _____ C:\Users\Jiří\Desktop\Robocraft.url
2016-08-14 11:09 - 2016-08-14 11:09 - 00024516 _____ C:\Users\Jiří\Downloads\Mirror-s.Edge.2.PC.torrent
2016-08-14 11:03 - 2016-08-14 11:04 - 00000000 ____D C:\Users\Jiří\Downloads\Quantum Break_RePack by SEYTER
2016-08-14 11:01 - 2016-08-14 13:28 - 00000000 ____D C:\Users\Jiří\Downloads\Just Cause 3 - XL Edition [FitGirl Repack]
2016-08-13 19:51 - 2016-08-14 10:53 - 00000000 ____D C:\Users\Jiří\Downloads\Game.of.Thrones.S06E10.720p.HDTV.x264-AVS[rarbg]
2016-08-13 19:51 - 2016-08-13 19:51 - 00092328 _____ C:\Users\Jiří\Downloads\[SkT]Hra_o_truny_-_Game_of_Thrones_S06E10_-_The_Winds_of_Winter_[TvRip][720p]_=_CSFD_92% (1).torrent
2016-08-12 13:27 - 2016-08-12 13:27 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Rise_Of_TB_Instaler
2016-08-12 13:09 - 2016-08-12 13:14 - 632843264 _____ () C:\Users\Jiří\Downloads\Rise_Of_TB_Instaler_6.3.exe
2016-08-12 13:09 - 2016-08-12 13:09 - 00012560 _____ C:\Users\Jiří\Downloads\[SkT]Rise_of_the_Tomb_Raider_(2016)_-_cestina_v6.3.torrent
2016-08-11 01:20 - 2016-08-11 01:20 - 00000000 ____D C:\Users\Jiří\Documents\Rise of the Tomb Raider
2016-08-11 01:20 - 2016-08-11 01:20 - 00000000 ____D C:\Users\Jiří\Documents\CPY_SAVES
2016-08-11 01:20 - 2016-08-11 01:20 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Crystal Dynamics
2016-08-11 01:17 - 2016-08-11 01:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rise of the Tomb Raider
2016-08-11 00:58 - 2016-08-12 13:32 - 00000000 ____D C:\Program Files (x86)\Rise of the Tomb Raider
2016-08-10 16:17 - 2016-08-10 16:17 - 01838157 _____ C:\Users\Jiří\Downloads\la-pirula-project.rar
2016-08-10 15:58 - 2016-08-10 15:58 - 16270006 _____ C:\Users\Jiří\Downloads\0.3.7.exe
2016-08-10 15:58 - 2016-08-10 15:58 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2016-08-10 13:33 - 2016-08-10 19:09 - 00000000 ____D C:\Users\Jiří\Downloads\Rise.Of.The.Tomb.Raider-CONSPIR4CY
2016-08-10 13:32 - 2016-08-10 13:32 - 00160607 _____ C:\Users\Jiří\Downloads\[SkT]Rise_of_the_Tomb_Raider_(2016).torrent
2016-08-10 11:48 - 2016-08-10 11:38 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-08-10 11:38 - 2016-08-10 11:47 - 00000000 ____D C:\zoek_backup
2016-08-10 11:37 - 2016-06-18 22:06 - 00590688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-08-10 11:37 - 2016-06-18 22:06 - 00072408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2016-08-10 11:37 - 2016-06-11 21:52 - 00379232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-08-10 11:37 - 2016-06-11 21:52 - 00057184 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2016-08-10 11:37 - 2016-06-11 20:05 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\gpresult.exe
2016-08-10 11:37 - 2016-06-11 19:14 - 00192512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpresult.exe
2016-08-10 11:37 - 2016-06-11 18:50 - 00987136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-10 11:37 - 2016-06-11 18:46 - 00482304 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2016-08-10 11:37 - 2016-06-11 18:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-08-10 11:37 - 2016-06-11 18:37 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-08-10 11:37 - 2016-06-11 18:24 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-08-10 11:37 - 2016-06-11 18:20 - 00413184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-08-10 11:37 - 2016-06-11 18:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-08-10 11:37 - 2016-06-11 05:44 - 00107984 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-08-10 11:37 - 2016-06-11 05:44 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-08-10 11:37 - 2016-06-10 22:07 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-08-10 11:37 - 2016-06-10 22:03 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-10 11:37 - 2016-06-10 21:04 - 03547136 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-08-10 11:37 - 2016-06-10 20:11 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-08-10 11:37 - 2016-06-10 20:11 - 01487992 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-08-10 11:37 - 2016-06-10 20:11 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-08-10 11:37 - 2016-06-10 20:11 - 00125024 _____ (Microsoft Corporation) C:\Windows\system32\cryptxml.dll
2016-08-10 11:37 - 2016-06-10 20:10 - 00099136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptxml.dll
2016-08-10 11:37 - 2016-06-10 20:07 - 03273728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-08-10 11:37 - 2016-06-10 20:04 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-08-10 11:37 - 2016-06-09 21:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-08-10 11:37 - 2016-06-09 20:18 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-08-10 11:37 - 2016-06-07 20:10 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2016-08-10 11:37 - 2016-06-07 19:13 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hbaapi.dll
2016-08-10 11:37 - 2016-06-04 02:38 - 01613528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-08-10 11:37 - 2016-06-04 02:37 - 01970968 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-08-10 11:37 - 2016-05-29 09:08 - 22361344 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-08-10 11:37 - 2016-05-28 20:31 - 19788688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-08-10 11:37 - 2016-05-18 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2016-08-10 11:37 - 2016-05-18 23:15 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2016-08-10 11:37 - 2016-05-18 22:56 - 01291776 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2016-08-10 11:37 - 2016-05-18 22:33 - 01060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2016-08-10 11:37 - 2016-05-18 22:28 - 02635264 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2016-08-10 11:37 - 2016-05-18 22:16 - 02317824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2016-08-10 11:37 - 2016-05-14 22:26 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-08-10 11:37 - 2016-05-14 07:19 - 01134768 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-08-10 11:37 - 2016-05-14 01:08 - 00111616 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-08-10 11:37 - 2016-05-14 01:08 - 00032768 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2016-08-10 11:37 - 2016-05-14 01:08 - 00032512 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2016-08-10 11:37 - 2016-05-14 00:24 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-08-10 11:37 - 2016-05-13 23:42 - 03667968 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-08-10 11:37 - 2016-05-13 23:29 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-08-10 11:37 - 2016-05-13 23:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-08-10 11:37 - 2016-05-13 23:27 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-08-10 11:37 - 2016-05-13 23:26 - 02230784 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-08-10 11:37 - 2016-05-13 23:26 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-08-10 11:37 - 2016-05-13 23:18 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-08-10 11:37 - 2016-05-13 23:16 - 00727040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-08-10 11:37 - 2016-05-12 20:36 - 00034600 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountBroker.exe
2016-08-10 11:37 - 2016-05-12 19:39 - 00030984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountBroker.exe
2016-08-10 11:37 - 2016-05-06 23:59 - 00331608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-08-10 11:37 - 2016-05-06 19:13 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-08-10 11:37 - 2016-05-05 20:28 - 01661072 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-08-10 11:37 - 2016-05-05 19:39 - 01212256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-08-10 11:37 - 2016-05-05 19:18 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-08-10 11:37 - 2016-05-05 19:02 - 03320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-08-10 11:37 - 2016-05-05 18:37 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-08-10 11:37 - 2016-05-05 18:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-08-10 11:37 - 2016-05-05 18:29 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-08-10 11:37 - 2016-05-05 17:28 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-08-10 11:37 - 2016-04-16 15:56 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-08-10 11:37 - 2016-04-10 07:35 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-08-10 11:37 - 2016-04-10 00:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2016-08-10 11:37 - 2016-04-10 00:14 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Geolocation.dll
2016-08-10 11:37 - 2016-04-10 00:10 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-08-10 11:37 - 2016-04-10 00:09 - 00754176 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2016-08-10 11:37 - 2016-04-10 00:02 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2016-08-10 11:37 - 2016-04-09 23:59 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Geolocation.dll
2016-08-10 11:37 - 2016-04-09 23:59 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2016-08-10 11:37 - 2016-04-09 23:56 - 00543232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2016-08-10 11:37 - 2016-04-09 23:55 - 00881152 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-08-10 11:37 - 2016-04-09 23:52 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2016-08-10 11:37 - 2016-04-07 18:06 - 00927744 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-08-10 11:37 - 2016-04-06 23:21 - 00114528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2016-08-10 11:37 - 2016-04-06 20:20 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2016-08-10 11:37 - 2016-04-06 20:17 - 18825216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-08-10 11:37 - 2016-04-06 18:25 - 15158272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 11:37 - 2016-04-06 00:37 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2016-08-10 11:37 - 2016-04-02 15:58 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2016-08-10 11:37 - 2016-04-01 19:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2016-08-10 11:37 - 2016-04-01 18:53 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2016-08-10 11:37 - 2016-04-01 18:50 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-08-10 11:37 - 2016-02-04 18:57 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-08-10 11:37 - 2016-02-04 18:49 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-08-10 11:37 - 2016-02-04 18:39 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-08-10 11:36 - 2016-05-13 23:30 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-08-10 11:36 - 2016-05-13 23:18 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-08-10 11:36 - 2016-05-13 23:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-08-10 11:36 - 2016-05-05 17:16 - 02464768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-08-10 11:16 - 2016-07-08 16:18 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-10 11:15 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-10 11:15 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-10 11:15 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-10 11:15 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-10 11:15 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-10 11:15 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-10 11:15 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-10 11:15 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-08-10 11:15 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-08-10 11:15 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-08-10 11:15 - 2016-08-02 07:46 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-08-10 11:15 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-08-10 11:15 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-10 11:15 - 2016-08-02 07:39 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-10 11:15 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-10 11:15 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-10 11:15 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-10 11:15 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-10 11:15 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-10 11:15 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-08-10 11:15 - 2016-08-02 07:20 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-08-10 11:15 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-08-10 11:15 - 2016-08-02 07:15 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-08-10 11:15 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-08-10 11:15 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-08-10 11:15 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-10 11:15 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-10 11:15 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-08-10 11:15 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-08-10 11:15 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-08-10 11:14 - 2016-07-09 02:09 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-08-10 11:14 - 2016-07-09 02:08 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-08-10 11:14 - 2016-07-08 16:32 - 01753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-08-10 11:14 - 2016-07-08 16:25 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-08-10 11:14 - 2016-07-08 16:22 - 01445376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-10 11:14 - 2016-07-08 16:19 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-08-10 11:14 - 2016-07-08 16:17 - 00696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-08-10 11:14 - 2016-07-08 00:33 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-10 11:14 - 2016-07-07 23:53 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-08-10 11:14 - 2016-07-07 22:06 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-08-10 11:14 - 2016-07-06 16:26 - 07793152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-08-10 11:14 - 2016-07-06 16:26 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-08-10 11:14 - 2016-07-06 16:23 - 05270016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-08-10 11:14 - 2016-07-06 16:21 - 05265920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 11:14 - 2016-05-19 01:18 - 00563024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-08-10 11:14 - 2016-05-19 01:18 - 00397232 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-08-10 11:14 - 2016-05-19 01:16 - 00178016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-10 11:14 - 2016-05-19 00:28 - 00340880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-08-10 11:13 - 2016-07-12 16:08 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2016-08-10 11:09 - 2016-08-10 11:09 - 01309184 _____ C:\Users\Jiří\Desktop\zoek.exe
2016-08-10 00:55 - 2016-08-10 00:55 - 00058941 _____ C:\Users\Jiří\Downloads\Manti.amx
2016-08-10 00:23 - 2016-08-10 00:23 - 00009095 _____ C:\Users\Jiří\Downloads\AntiCheat.inc
2016-08-10 00:18 - 2013-09-28 09:28 - 00000000 ____D C:\Users\Jiří\Desktop\include
2016-08-10 00:18 - 2013-09-28 09:25 - 00000000 ____D C:\Users\Jiří\Desktop\filterscripts
2016-08-10 00:18 - 2012-12-08 17:21 - 00000000 ____D C:\Users\Jiří\Desktop\plugins
2016-08-10 00:17 - 2016-08-10 00:17 - 00020058 _____ C:\Users\Jiří\Downloads\Anti-DDos (1).rar
2016-08-10 00:16 - 2016-08-10 00:16 - 00020058 _____ C:\Users\Jiří\Downloads\Anti-DDos.rar
2016-08-09 23:54 - 2016-08-10 11:11 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-08-09 23:54 - 2016-08-09 23:54 - 00000000 ____D C:\ProgramData\RogueKiller
2016-08-09 23:52 - 2016-08-09 23:53 - 25356360 _____ C:\Users\Jiří\Downloads\RogueKillerX64.exe
2016-08-09 23:50 - 2016-08-09 23:50 - 00000774 _____ C:\Users\Jiří\Desktop\JRT.txt
2016-08-09 23:48 - 2016-08-09 23:48 - 01610560 _____ (Malwarebytes) C:\Users\Jiří\Downloads\JRT.exe
2016-08-09 16:27 - 2016-08-19 10:27 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-09 16:27 - 2016-08-09 16:27 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-08-09 16:27 - 2016-08-09 16:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-09 16:27 - 2016-08-09 16:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-09 16:27 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-08-09 16:27 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-09 16:27 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-08-09 16:26 - 2016-08-09 16:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-09 16:25 - 2016-08-09 16:25 - 22851472 _____ (Malwarebytes ) C:\Users\Jiří\Downloads\mbam-setup-2.2.1.1043 (1).exe
2016-08-09 16:11 - 2016-08-09 16:11 - 22851472 _____ (Malwarebytes ) C:\Users\Jiří\Downloads\mbam-setup-2.2.1.1043.exe
2016-08-09 16:10 - 2016-08-09 16:11 - 03712064 _____ C:\Users\Jiří\Downloads\AdwCleaner.exe
2016-08-09 15:54 - 2016-08-09 15:55 - 00448512 _____ (OldTimer Tools) C:\Users\Jiří\Downloads\TFC.exe
2016-08-09 15:53 - 2016-08-09 15:53 - 00050688 _____ (Atribune.org) C:\Users\Jiří\Downloads\ATF-Cleaner.exe
2016-08-09 15:44 - 2016-08-09 15:44 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jiří\Downloads\HijackThis.exe
2016-08-09 15:10 - 2016-08-09 14:55 - 00000098 _____ C:\Users\Jiří\Desktop\DDoS navod.txt
2016-08-09 15:09 - 2016-08-09 15:09 - 00326608 _____ C:\Users\Jiří\Downloads\s1.n2game-DDoS.rar
2016-08-09 14:38 - 2016-08-09 14:38 - 00025040 _____ C:\Users\Jiří\Desktop\Untitled.amx
2016-08-09 14:38 - 2016-08-09 14:38 - 00020447 _____ C:\Users\Jiří\Desktop\Untitled.pwn
2016-08-09 14:34 - 2013-06-22 19:43 - 00027682 _____ C:\Users\Jiří\Desktop\ProtectServer.amx
2016-08-09 14:33 - 2016-08-09 14:33 - 00021656 _____ C:\Users\Jiří\Desktop\ProtectServer.pwn
2016-08-09 14:15 - 2016-08-09 14:15 - 00011915 _____ C:\Users\Jiří\Downloads\Server_Protect_Attack_V1.0.3.rar
2016-08-09 13:54 - 2016-08-09 13:54 - 00002291 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-09 13:54 - 2016-08-09 13:54 - 00002279 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-08 20:55 - 2016-08-08 20:55 - 00739904 _____ (Oracle Corporation) C:\Users\Jiří\Downloads\chromeinstall-8u101.exe
2016-08-08 17:42 - 2016-08-08 17:51 - 1523464192 _____ C:\Users\Jiří\Downloads\Er.Ist.Wieder.Da.2015.BRRip.XviD.AC3.CZ.avi
2016-08-08 17:42 - 2016-08-08 17:42 - 00013551 _____ C:\Users\Jiří\Downloads\[SkT]American_Horror_Story_1._serie_(2011)(CZ).torrent
2016-08-08 17:41 - 2016-08-08 17:41 - 00015037 _____ C:\Users\Jiří\Downloads\[SkT]Uz_je_tady_zas_-_Er_ist_wieder_da_(2015)(CZ)_=_CSFD_72%.torrent
2016-08-08 17:20 - 2016-08-08 17:20 - 00000000 ____D C:\Users\Jiří\AppData\Local\Вoйти в Интeрнет
2016-08-08 17:15 - 2016-08-08 17:15 - 00059904 _____ C:\Users\Jiří\Desktop\zlib1.dll
2016-08-08 17:15 - 2016-08-08 17:15 - 00000000 ____D C:\Users\Jiří\AppData\Local\Поиcк в Интeрнете
2016-08-08 15:20 - 2016-08-08 15:20 - 00025442 _____ C:\Users\Jiří\Downloads\uwac_free_v2.rar
2016-08-07 23:36 - 2016-08-07 23:36 - 00002485 _____ C:\Users\Jiří\Downloads\filterscripts.rar
2016-08-07 22:00 - 2016-08-07 23:36 - 00000000 ____D C:\Users\Jiří\Desktop\klklklklkljklklkl
2016-08-07 21:59 - 2016-08-07 21:59 - 00163591 _____ C:\Users\Jiří\Downloads\VIP Script.rar
2016-08-07 21:59 - 2016-08-07 21:59 - 00006473 _____ C:\Users\Jiří\Downloads\Radio System.rar
2016-08-07 21:59 - 2016-08-07 21:59 - 00005972 _____ C:\Users\Jiří\Downloads\Tip System.rar
2016-08-07 21:53 - 2016-08-07 23:31 - 00000000 ____D C:\Users\Jiří\Desktop\MultiKultur
2016-08-07 21:39 - 2016-08-07 21:41 - 09800744 _____ (TeamViewer GmbH) C:\Users\Jiří\Downloads\TeamViewer_Setup_cs-iuu (1).exe
2016-08-07 21:34 - 2016-08-07 21:35 - 09800744 _____ (TeamViewer GmbH) C:\Users\Jiří\Downloads\TeamViewer_Setup_cs-iuu.exe
2016-08-07 20:56 - 2016-08-09 16:51 - 00000000 ____D C:\Extracted
2016-08-07 17:56 - 2016-08-07 17:56 - 00036864 _____ C:\Users\Jiří\Desktop\rcon.exe
2016-08-06 23:55 - 2015-11-02 23:47 - 00001936 _____ C:\Users\Jiří\Desktop\hack přikazy.txt
2016-08-04 21:05 - 2016-08-04 21:14 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\.technic
2016-08-04 21:05 - 2016-08-04 21:05 - 00000782 _____ C:\Users\Jiří\Desktop\TechCraft.lnk
2016-08-04 21:01 - 2016-08-04 21:05 - 00000000 ____D C:\TechData
2016-08-04 21:01 - 2016-08-04 21:02 - 56923232 _____ (Oracle Corporation) C:\Users\Jiří\Downloads\java64.exe
2016-08-04 21:01 - 2016-08-04 21:01 - 08320942 _____ C:\Users\Jiří\Desktop\Technic.jar
2016-08-04 21:01 - 2016-08-04 21:01 - 00029067 _____ C:\Users\Jiří\Downloads\TechCraft-Instalator.jar
2016-08-04 18:40 - 2016-08-04 18:45 - 00001602 _____ C:\Users\Jiří\Desktop\CVarDump.txt
2016-08-04 18:40 - 2016-08-04 18:45 - 00001008 _____ C:\Users\Jiří\Desktop\OffsetDump.txt
2016-08-04 18:40 - 2016-08-04 18:45 - 00000323 _____ C:\Users\Jiří\Desktop\CVars.cfg
2016-08-04 18:35 - 2016-08-04 18:44 - 00000366 _____ C:\Users\Jiří\Desktop\R-Aimbot.cfg
2016-08-04 18:35 - 2012-07-18 01:39 - 00006016 _____ C:\Users\Jiří\Desktop\Komando AimBOT - Turkish Comando Force By Ugur H.exe
2016-08-04 18:35 - 2012-07-18 01:19 - 00017920 _____ C:\Users\Jiří\Desktop\Komando AimBOT - Turkish Comando Force By Ugur H.dll
2016-08-04 18:35 - 2012-04-14 20:47 - 00020480 _____ C:\Users\Jiří\Desktop\AdvHack v2.exe
2016-08-04 18:34 - 2016-08-04 18:34 - 00038842 _____ C:\Users\Jiří\Downloads\Checked by A-T-H Cs 1.6 Hacks (1).rar
2016-08-04 18:01 - 2016-08-05 00:35 - 00000000 ____D C:\Users\Jiří\BrawlhallaReplays
2016-08-04 17:47 - 2016-08-04 17:47 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\BrawlhallaAir
2016-08-04 17:45 - 2016-08-04 17:45 - 00000222 _____ C:\Users\Jiří\Desktop\Brawlhalla.url
2016-08-04 16:40 - 2016-08-04 16:40 - 00519070 _____ C:\Users\Jiří\Downloads\sexychick.rar
2016-08-03 19:41 - 2016-08-03 19:41 - 00015550 _____ C:\Users\Jiří\Downloads\WH+AB+Krížik....Hacky-na-CS-1.6-by-Lacost.rar
2016-08-03 19:02 - 2012-02-17 21:55 - 04661445 _____ (Dark Byte ) C:\Users\Jiří\Desktop\Speed hack.exe
2016-08-03 19:01 - 2016-08-03 19:01 - 04639288 _____ C:\Users\Jiří\Downloads\Speed-hack-na-cs-1.6-by-Lakatos.rar
2016-08-03 00:00 - 2016-08-03 00:00 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2016-08-02 23:00 - 2016-08-02 23:01 - 84814768 _____ C:\Users\Jiří\Downloads\gimp-2.8.18-setup.exe
2016-08-02 12:56 - 2016-08-02 12:56 - 00105315 _____ C:\Users\Jiří\Downloads\CdHack 7.0 2013 by R.A.N.T.rar
2016-08-01 19:51 - 2016-08-01 19:51 - 00015573 _____ C:\Users\Jiří\Downloads\CS-1.6-Aimbot-&-Wallhack.rar
2016-08-01 19:43 - 2011-03-26 18:08 - 00000095 _____ C:\Users\Jiří\Desktop\wall hack.bat
2016-08-01 19:43 - 2005-03-13 17:35 - 00053248 _____ C:\Users\Jiří\Desktop\opengl32.dll
2016-08-01 19:33 - 2016-08-01 19:33 - 00010117 _____ C:\Users\Jiří\Downloads\Wallhack-na-cs-1.6-by-Lakatos.rar
2016-08-01 19:12 - 2016-08-01 19:12 - 00001884 _____ C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike.lnk
2016-08-01 19:12 - 2016-08-01 19:12 - 00001854 _____ C:\Users\Jiří\Desktop\Counter-Strike.lnk
2016-08-01 19:12 - 2016-08-01 19:12 - 00001846 _____ C:\Users\Jiří\Desktop\CS Servery.lnk
2016-08-01 19:10 - 2016-08-20 18:23 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\TS3Client
2016-08-01 19:09 - 2016-08-04 23:54 - 00000000 ____D C:\Users\Jiří\Counter-Strike 1.6
2016-08-01 19:07 - 2016-08-01 19:09 - 32019840 _____ (TeamSpeak Systems GmbH) C:\Users\Jiří\Downloads\TeamSpeak3-Client-win64-3.0.19.4.exe
2016-08-01 19:04 - 2016-08-01 19:09 - 372506411 _____ () C:\Users\Jiří\Downloads\CS16_install.exe
2016-08-01 13:43 - 2016-08-01 13:43 - 00014305 _____ C:\Users\Jiří\Downloads\[SkT]Alvin_a_Chipmunkove-_Ciperna_jizda_-

[PavlinQa1234]

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-20 18:23 - 2016-06-15 16:46 - 00000000 ____D C:\Users\Jiří\AppData\Local\LogMeIn Hamachi
2016-08-20 18:23 - 2016-06-15 16:28 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-20 18:23 - 2016-04-14 15:12 - 00000000 ____D C:\Users\Jiří\AppData\Local\CrashDumps
2016-08-20 18:23 - 2016-04-14 02:01 - 00000000 ____D C:\Windows\Panther
2016-08-20 18:23 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-08-20 18:17 - 2016-04-16 19:20 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Skype
2016-08-20 18:00 - 2016-04-13 17:00 - 02552320 ___SH C:\Users\Jiří\Downloads\Thumbs.db
2016-08-20 17:52 - 2016-04-13 16:32 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2083599567-3356488530-3129411815-1001
2016-08-20 17:51 - 2016-04-13 16:30 - 00003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{53E4D96E-C4CC-4327-A5A8-E84159DC296D}
2016-08-20 17:50 - 2016-04-14 12:01 - 00000000 ____D C:\Users\Jiří\AppData\Local\Adobe
2016-08-20 17:48 - 2016-04-13 16:28 - 00000000 ___DO C:\Users\Jiří\SkyDrive
2016-08-20 00:39 - 2016-04-14 10:46 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\uTorrent
2016-08-20 00:29 - 2016-04-13 16:23 - 00000000 ____D C:\Users\Jiří
2016-08-19 23:07 - 2015-06-16 18:35 - 00000000 ____D C:\KMPlayer
2016-08-19 15:17 - 2016-04-20 23:50 - 01517056 ___SH C:\Users\Jiří\Desktop\Thumbs.db
2016-08-19 14:20 - 2016-06-15 16:41 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-19 14:07 - 2016-04-13 16:16 - 01749406 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-19 14:07 - 2013-10-11 20:11 - 00739720 _____ C:\Windows\system32\perfh005.dat
2016-08-19 14:07 - 2013-10-11 20:11 - 00151940 _____ C:\Windows\system32\perfc005.dat
2016-08-18 10:51 - 2016-04-16 19:20 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-18 10:51 - 2016-04-16 19:20 - 00000000 ____D C:\ProgramData\Skype
2016-08-17 11:27 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-08-15 19:04 - 2016-04-13 16:37 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-15 19:04 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-15 19:03 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-08-14 12:26 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-08-12 12:12 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-08-11 18:58 - 2013-08-22 16:44 - 05107808 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-11 18:55 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-08-11 18:55 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2016-08-10 17:30 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-10 17:26 - 2016-04-14 23:33 - 00000000 ____D C:\Windows\system32\MRT
2016-08-10 17:20 - 2016-04-14 23:33 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-10 13:13 - 2016-06-11 21:27 - 00000000 ____D C:\Users\Jiří\Downloads\Until.Dawn.PC
2016-08-10 11:47 - 2016-06-18 16:48 - 00000000 ____D C:\Users\Jiří\Downloads\Bridge Constructor
2016-08-10 11:47 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-08-10 11:47 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-08-10 00:54 - 2016-06-09 16:54 - 00000000 ____D C:\Users\Jiří\Desktop\District
2016-08-09 16:57 - 2016-06-28 17:38 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\IMVU
2016-08-09 16:52 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\ADFS
2016-08-09 16:51 - 2016-06-25 10:10 - 00000000 ____D C:\Program Files (x86)\Sniper Elite 3
2016-08-09 16:51 - 2016-04-16 22:42 - 00000000 ____D C:\Program Files (x86)\South Park - The Stick of Truth
2016-08-09 16:46 - 2015-12-29 15:40 - 00000000 ____D C:\AdwCleaner
2016-08-09 15:44 - 2016-04-13 16:24 - 00000000 ____D C:\Users\Jiří\AppData\Local\VirtualStore
2016-08-09 13:54 - 2016-04-13 16:30 - 00000000 ____D C:\Program Files (x86)\Google
2016-08-08 20:57 - 2016-04-23 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-08 20:56 - 2016-04-23 12:49 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-08-08 20:56 - 2016-04-23 12:49 - 00000000 ____D C:\Users\Jiří\.oracle_jre_usage
2016-08-08 20:56 - 2016-04-23 12:49 - 00000000 ____D C:\Program Files (x86)\Java
2016-08-03 19:58 - 2016-05-15 10:49 - 00000000 ____D C:\Program Files (x86)\Cheat Engine
2016-08-03 19:41 - 2016-06-07 17:57 - 00000000 ____D C:\Users\Jiří\Desktop\Tor Browser
2016-08-03 19:02 - 2016-05-15 10:49 - 00000999 _____ C:\Users\Jiří\Desktop\Cheat Engine.lnk
2016-08-03 19:02 - 2016-05-15 10:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 5.6.1
2016-08-03 00:01 - 2016-04-08 20:28 - 00000000 ____D C:\MagicPlusMini
2016-08-01 20:02 - 2015-10-26 18:04 - 00000000 ____D C:\Counter-Strike 1.6
2016-08-01 19:59 - 2016-05-20 15:10 - 00000000 ____D C:\Program Files (x86)\Counter-Strike 1.6
2016-08-01 19:10 - 2016-05-22 11:02 - 00000979 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-08-01 19:10 - 2016-05-22 11:02 - 00000941 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2016-08-01 12:45 - 2016-04-16 22:49 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\WarThunder
2016-08-01 12:45 - 2016-04-13 16:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-08-01 12:43 - 2016-04-13 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2016-08-01 12:43 - 2015-08-28 15:21 - 00000000 ____D C:\Hry
2016-08-01 12:41 - 2016-06-06 19:06 - 00000000 ____D C:\Users\Jiří\Downloads\Angry Birds CZ
2016-07-27 21:25 - 2016-04-15 08:30 - 00504488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-25 15:26 - 2016-04-26 15:43 - 00000000 ____D C:\Program Files (x86)\WebcamMax
2016-07-25 15:08 - 2016-05-15 18:42 - 00000000 ____D C:\Program Files\Adobe
2016-07-25 15:08 - 2016-04-14 12:04 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-07-21 15:20 - 2016-06-25 12:07 - 00000000 ____D C:\Users\Jiří\Downloads\Game.of.Thrones.S06E09.1080p.HDTV.x264-BATV
2016-07-21 15:20 - 2016-06-06 19:04 - 00000000 ____D C:\Users\Jiří\Downloads\Game.of.Thrones.S06E07.720p.HDTV.x264-AVS[rarbg]
2016-07-21 15:20 - 2016-05-31 18:28 - 00000000 ____D C:\Users\Jiří\Downloads\Game.of.Thrones.S06E06.720p.HDTV.x264-AVS[rarbg]
2016-07-21 15:20 - 2016-05-19 21:44 - 00000000 ____D C:\Users\Jiří\Downloads\Game.of.Thrones.S06E04.720p.HDTV.x264-AVS[rarbg]
2016-07-21 15:20 - 2016-05-02 17:42 - 00000000 ____D C:\Users\Jiří\Downloads\Game.of.Thrones.S06E02.720p.HDTV.x264-FLEET[rarbg]
2016-07-21 15:20 - 2016-04-27 15:11 - 00000000 ____D C:\Users\Jiří\Downloads\Game.of.Thrones.S06E01.720p.HDTV.x264-SVA[rarbg]
2016-07-21 12:43 - 2016-05-01 13:09 - 00000000 ____D C:\Users\Jiří\Downloads\Deadpool.2016.1080p.BluRay.DTS-ES.x264-EbP.CZ-FTU

==================== Files in the root of some directories =======

2016-08-19 22:53 - 2016-08-19 22:53 - 0000097 _____ () C:\Users\Jiří\AppData\Roaming\LauncherSettings_live.cfg
2016-08-19 22:42 - 2016-08-19 22:42 - 0010308 _____ () C:\Users\Jiří\AppData\Roaming\TheHunterSettings_live.bin
2016-08-19 22:41 - 2016-08-19 22:41 - 0000040 _____ () C:\Users\Jiří\AppData\Roaming\TheHunterSettings_steam_live.cfg
2016-05-01 10:20 - 2016-05-01 10:20 - 0044032 ___SH () C:\Users\Jiří\AppData\Roaming\Thumbs.db
2016-04-13 16:41 - 2016-04-13 16:41 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-15 12:42

==================== End of FRST.txt ============================

[PavlinQa1234]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2016
Ran by Jiří (20-08-2016 18:31:33)
Running from C:\Users\Jiří\Downloads
Windows 8.1 (Update) (X64) (2016-04-13 14:24:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2083599567-3356488530-3129411815-500 - Administrator - Disabled)
Guest (S-1-5-21-2083599567-3356488530-3129411815-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2083599567-3356488530-3129411815-1003 - Limited - Enabled)
Jiří (S-1-5-21-2083599567-3356488530-3129411815-1001 - Administrator - Enabled) => C:\Users\Jiří

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.11.3.5 (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Antares Auto-Tune 7 VST (HKLM-x32\...\{D08EEB75-E3D5-4E93-9E1D-441A261E6B9A}) (Version: 7.01.0002 - Antares Audio Technologies)
Antares Auto-Tune 8.1 AAX (64+32-bit) (HKLM\...\{BC66BA4E-70FF-4780-A16D-155DD36A256C}) (Version: 8.01.0001 - Antares Audio Technologies)
Assassins Creed - Unity (HKLM-x32\...\{9L5KR86L-0F3I-4HJ7-HKY5-DRTL4V36QG2X}_is1) (Version: 1.1.0.0 - Ubisoft)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Brawlhalla (HKLM\...\Steam App 291550) (Version: - Blue Mammoth Games)
Camtasia Studio 8 (HKLM-x32\...\{5303CFB5-D635-44F0-A94B-9611E81F07C4}) (Version: 8.3.0.1471 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform)
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version: - )
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version: - )
Counter-Strike 1.6 (HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\Counter-Strike 1.6) (Version: - )
Dark Souls III (HKLM-x32\...\Dark Souls III_is1) (Version: - )
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 3.01 - NCH Software)
Dying Light (HKLM-x32\...\Dying Light_is1) (Version: 1.11.0.0 - Techland)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Game Booster (HKLM-x32\...\Game Booster_is1) (Version: 2.3.0.0 - IObit)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Hard Reset Redux (HKLM-x32\...\1459790972_is1) (Version: 2.0.0.2 - GOG.com)
Hitman Absolution v1.0.446.0 (HKLM-x32\...\Hitman Absolution_is1) (Version: - )
Cheat Engine 5.6.1 (HKLM-x32\...\Cheat Engine 5.6.1_is1) (Version: - Dark Byte)
IMVU Avatar Chat Software (HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\IMVU Avatar chat client software BETA) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.9.5 - PACE Anti-Piracy, Inc.)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
K-Lite Codec Pack 12.2.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.2.5 - KLCP)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.0.7.1 - PandoraTV)
LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version: - Audacity Team)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Life is Strange verze 1.05 (HKLM-x32\...\Life is Strange_is1) (Version: 1.05 - Tomi2k9)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.493 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.493 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.72 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenIV (HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\OpenIV) (Version: 2.7.681 - .black/OpenIV Team)
Ovládací panel NVIDIA 364.72 (Version: 364.72 - NVIDIA Corporation) Hidden
PC Remote (HKLM-x32\...\{C934DF74-D0D9-445C-90AA-34012A04E11D}) (Version: 3.51 - PC Remote)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.)
Rise of the Tomb Raider (HKLM-x32\...\{45F08513-973A-4C18-93FD-8E12B1908390}_is1) (Version: - Square Enix)
RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder)
Robocraft (HKLM\...\Steam App 301520) (Version: - Freejam)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Sniper Elite 3 verze v1.10 (HKLM-x32\...\Sniper Elite 3_is1) (Version: v1.10 - R.G. Danik1B9)
South Park - The Stick of Truth verzia 1.0.1380/83 (HKLM-x32\...\South Park - The Stick of Truth_is1) (Version: 1.0.1380/83 - CzTorrent.net)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERHOT (HKLM-x32\...\1456141688_is1) (Version: 2.0.0.4 - GOG.com)
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Elder Scrolls V - Skyrim 1.9.32.0.8 (HKLM-x32\...\The Elder Scrolls V - Skyrim_is1) (Version: - )
The Walking Dead Epizody 1-5 verze 1.0 (HKLM-x32\...\{65BE85A8-13BB-4B4A-B1AF-EC6054292C00}_is1) (Version: 1.0 - Telltale Games)
theHunter (HKLM\...\Steam App 253710) (Version: - Expansive Worlds)
Unity Web Player (HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS)
Vegas Pro 13.0 (64-bit) (HKLM\...\{77CEFB5E-CCC3-11E4-8043-F04DA23A5C58}) (Version: 13.0.444 - Sony)
Windows 8 Codec Pack 2.0.7 (HKLM-x32\...\Windows 8 - Codec Pack) (Version: 2.0.7 - Windows 8 Codec Pack)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2083599567-3356488530-3129411815-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {013294CE-CAE2-4224-A46E-D99CDE42D060} - System32\Tasks\{52796FC3-0A00-9B6B-83F2-08BEBF3F1163} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\d892ddc1\bd525e10.dll" <==== ATTENTION
Task: {7FA49F66-C720-4857-BD34-64DB017705E3} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-07-07] ()
Task: {BEE1A520-9CF4-4055-A216-E2EDDF3C99A2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-05] (Piriform Ltd)
Task: {CAFC5626-9750-4D07-9EC4-080F9D06AD88} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-ThomasHewitt9@seznam.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Jiří\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.html

ShortcutWithArgument: C:\Users\Jiří\Desktop\District\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1440,900
ShortcutWithArgument: C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1440,900

==================== Loaded Modules (Whitelisted) ==============

2016-04-13 17:25 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-04-13 17:25 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-13 17:25 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-04-13 17:25 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-04-13 17:25 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-13 17:25 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-04-13 17:25 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-13 17:25 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-13 16:37 - 2016-03-22 04:25 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-13 17:25 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-13 17:25 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-08-09 13:54 - 2016-08-03 01:41 - 02366280 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-09 13:54 - 2016-08-03 01:40 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2016-08-09 13:54 - 2016-08-03 01:04 - 31541952 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\PepperFlash\pepflashplayer.dll
2016-04-13 16:33 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-04-13 17:25 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-04-17 11:17 - 2014-10-29 05:59 - 01029952 _____ () C:\Windows\SYSTEM32\speech\engines\tts\MSTTSEngine.dll
2016-04-17 11:14 - 2014-10-29 02:46 - 00531456 _____ () C:\Windows\SYSTEM32\speech\engines\tts\MSTTSLoc.DLL
2016-06-15 16:30 - 2016-08-09 01:27 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-06-15 16:30 - 2015-07-02 00:06 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-06-15 16:30 - 2016-08-16 22:54 - 02321184 _____ () C:\Program Files (x86)\Steam\video.dll
2016-06-15 16:30 - 2015-07-02 00:06 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-06-15 16:30 - 2015-07-02 00:06 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-06-15 16:29 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-06-15 16:29 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-06-15 16:29 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-06-15 16:29 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-06-15 16:29 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-06-15 16:30 - 2016-08-16 22:54 - 00835360 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-06-15 16:30 - 2016-08-04 22:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2016-08-10 11:39 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jiří\Desktop\Bagul.jpg
DNS Servers: 192.168.1.15
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{D43ECCE6-75F7-427F-8673-80D5A5078C93}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DF1FF9A5-6134-43F3-9423-31921568BD52}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D01F2FB6-6A42-48ED-A497-11F20675D048}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{781109E9-D71F-4861-A459-D6B2325E7C7D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0F56AB97-0572-4214-BC96-DC481BB2497B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{94DAE226-10A8-45DC-914A-A760A5DA8B01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2034297B-55E6-40BC-93CA-BCDE06FE86F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{48B9B3F8-8942-437C-AE16-6795D2C35167}C:\users\jiří\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jiří\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{BAA222D3-0F3B-4148-AF28-CE4A6CA1293A}C:\users\jiří\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jiří\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{E6FDCC96-0B97-470B-8574-B1B73D9FD836}C:\hry\dying light\dyinglightgame.exe] => (Allow) C:\hry\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{27470535-7F39-409E-82CE-7196EA81A88B}C:\hry\dying light\dyinglightgame.exe] => (Allow) C:\hry\dying light\dyinglightgame.exe
FirewallRules: [TCP Query User{CB53E574-95CE-4E80-877E-A8D1A06FAFE7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{07AB4D9F-64AC-49E2-85F9-2C0DC80DE270}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{A8A69E43-ECC4-476A-A8F8-21703609161D}C:\games\mohaa\mohaa.exe] => (Allow) C:\games\mohaa\mohaa.exe
FirewallRules: [UDP Query User{E593A7DE-5FFB-418F-A3D1-972C2D66E292}C:\games\mohaa\mohaa.exe] => (Allow) C:\games\mohaa\mohaa.exe
FirewallRules: [TCP Query User{6E02CEC8-69B0-4631-A9AC-9E5ACC11FA16}C:\games\mohaa\moh_breakthrough.exe] => (Allow) C:\games\mohaa\moh_breakthrough.exe
FirewallRules: [UDP Query User{C15DDE4B-1B81-4CFE-9003-FF15EE0121FB}C:\games\mohaa\moh_breakthrough.exe] => (Allow) C:\games\mohaa\moh_breakthrough.exe
FirewallRules: [TCP Query User{B9D8B63C-0409-4083-B6F9-2D154B440D1C}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{9599EC90-543A-4FEA-B7C1-E2C27067EB57}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{6A9925A2-AEAE-4B51-AC6F-FC88DB8F9AD3}C:\hry\dying light\devtools\dyinglightplayer.exe] => (Allow) C:\hry\dying light\devtools\dyinglightplayer.exe
FirewallRules: [UDP Query User{57F8EF1B-0CA5-45D0-AB0B-9194C563BE49}C:\hry\dying light\devtools\dyinglightplayer.exe] => (Allow) C:\hry\dying light\devtools\dyinglightplayer.exe
FirewallRules: [TCP Query User{EB2B6EF9-FA45-4640-B6D5-B84207F141A6}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [UDP Query User{2D27B1EC-688C-4307-AA37-CED4B59D8F1B}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [TCP Query User{846EA982-492D-44DB-99DA-93B67A817960}C:\users\jiří\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jiří\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{E3361948-B4FD-4D1D-BF47-467EC4865DB3}C:\users\jiří\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jiří\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{15ABBE4E-44D1-4804-B6A4-000C85636273}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{1EA9EFEA-764E-4D2A-9620-386D80AA945C}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
FirewallRules: [{12DED9BD-E59A-4793-978D-98A2598CB2A3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{74BA177A-C4E2-4704-89B1-73160A600F12}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C9483393-E3B4-47D8-BF9E-71F4D9DB5B57}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{99B355DF-1DB6-4CD4-9DC6-A69430FF98E4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B75DDCC6-C15D-4120-A56D-0815C16D5935}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{B32EBBEF-A7FC-4EAF-B92D-F05B009C078F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{B25D2CC0-53D3-4D5A-A9EB-698A367AA631}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{117648AF-1275-4B03-8DFB-5617186C53A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{607EF893-B285-43DC-8764-888B199E51AD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B6AE9F7C-C5DD-4363-9DE1-E0FCE4D41FA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{77DEC118-2872-48FE-B262-CCBCA37C1582}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{4E4363D6-7678-4F38-B136-EAAC568F0AC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{6E010A1E-403A-428E-8D3C-46D7C6A93638}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{3FBC112D-DB33-48AD-A267-9E3CBF83009F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\theHunter\launcher\launcher.exe
FirewallRules: [{2C13009D-480A-404C-BBE6-5056A1505129}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\theHunter\launcher\launcher.exe
FirewallRules: [{93CA019F-2422-406C-8F1E-32EDBE298E9E}] => (Allow) LPort=8317

==================== Restore Points =========================

11-08-2016 18:53:57 Windows Update
15-08-2016 12:42:58 Windows Update
19-08-2016 10:10:23 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/19/2016 03:21:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TerrariaServer.exe, verze: 1.3.2.1, časové razítko: 0x57910b25
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.18340, časové razítko: 0x5736541b
Kód výjimky: 0xe0434352
Posun chyby: 0x00014878
ID chybujícího procesu: 0x1d54
Čas spuštění chybující aplikace: 0xTerrariaServer.exe0
Cesta k chybující aplikaci: TerrariaServer.exe1
Cesta k chybujícímu modulu: TerrariaServer.exe2
ID zprávy: TerrariaServer.exe3
Úplný název chybujícího balíčku: TerrariaServer.exe4
ID aplikace související s chybujícím balíčkem: TerrariaServer.exe5

Error: (08/19/2016 03:21:07 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: TerrariaServer.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
Zásobník:
na Terraria.Program.LaunchGame(System.String[])
na Terraria.WindowsLaunch.Main(System.String[])

Error: (08/19/2016 03:20:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Terraria.exe, verze: 1.3.2.1, časové razítko: 0x579109c9
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.18340, časové razítko: 0x5736541b
Kód výjimky: 0xe0434352
Posun chyby: 0x00014878
ID chybujícího procesu: 0x1c30
Čas spuštění chybující aplikace: 0xTerraria.exe0
Cesta k chybující aplikaci: Terraria.exe1
Cesta k chybujícímu modulu: Terraria.exe2
ID zprávy: Terraria.exe3
Úplný název chybujícího balíčku: Terraria.exe4
ID aplikace související s chybujícím balíčkem: Terraria.exe5

Error: (08/19/2016 03:20:52 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: Terraria.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
Zásobník:
na Terraria.Program.LaunchGame(System.String[])
na Terraria.WindowsLaunch.Main(System.String[])

Error: (08/19/2016 03:16:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Terraria.exe, verze: 1.3.2.1, časové razítko: 0x579109c9
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.18340, časové razítko: 0x5736541b
Kód výjimky: 0xe0434352
Posun chyby: 0x00014878
ID chybujícího procesu: 0x18f4
Čas spuštění chybující aplikace: 0xTerraria.exe0
Cesta k chybující aplikaci: Terraria.exe1
Cesta k chybujícímu modulu: Terraria.exe2
ID zprávy: Terraria.exe3
Úplný název chybujícího balíčku: Terraria.exe4
ID aplikace související s chybujícím balíčkem: Terraria.exe5

Error: (08/19/2016 03:16:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: Terraria.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
Zásobník:
na Terraria.Program.LaunchGame(System.String[])
na Terraria.WindowsLaunch.Main(System.String[])

Error: (08/19/2016 10:25:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 52.0.2743.116, časové razítko: 0x57a12717
Název chybujícího modulu: chrome.exe, verze: 52.0.2743.116, časové razítko: 0x57a12717
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000086c18
ID chybujícího procesu: 0x13c8
Čas spuštění chybující aplikace: 0xchrome.exe0
Cesta k chybující aplikaci: chrome.exe1
Cesta k chybujícímu modulu: chrome.exe2
ID zprávy: chrome.exe3
Úplný název chybujícího balíčku: chrome.exe4
ID aplikace související s chybujícím balíčkem: chrome.exe5

Error: (08/18/2016 07:35:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wwahost.exe, verze: 6.3.9600.17415, časové razítko: 0x545036ce
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.18233, časové razítko: 0x56bb4ebb
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003dd8e
ID chybujícího procesu: 0xb20
Čas spuštění chybující aplikace: 0xwwahost.exe0
Cesta k chybující aplikaci: wwahost.exe1
Cesta k chybujícímu modulu: wwahost.exe2
ID zprávy: wwahost.exe3
Úplný název chybujícího balíčku: wwahost.exe4
ID aplikace související s chybujícím balíčkem: wwahost.exe5

Error: (08/18/2016 07:35:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program KMPlayer.exe verze 4.0.7.1 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1c6c

Čas spuštění: 01d1f976b49f260c

Čas ukončení: 4294967295

Cesta k aplikaci: C:\KMPlayer\KMPlayer.exe

ID hlášení: 22b9210d-656a-11e6-8266-fcaa1475b0a1

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/18/2016 10:52:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program mbam.exe verze 2.3.173.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1be8

Čas spuštění: 01d1f92d52892d69

Čas ukončení: 2

Cesta k aplikaci: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

ID hlášení: 14e6c0fe-6521-11e6-8266-fcaa1475b0a1

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (08/19/2016 01:25:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070103): Intel Corporation driver update for Intel(R) HD Graphics.

Error: (08/19/2016 12:46:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070103): Intel Corporation driver update for Intel(R) HD Graphics.

Error: (08/19/2016 12:01:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070103): Intel Corporation driver update for Intel(R) HD Graphics.

Error: (08/19/2016 10:11:16 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070103): Intel Corporation driver update for Intel(R) HD Graphics.

Error: (08/18/2016 10:53:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
%%1053 = Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/18/2016 10:53:41 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (08/17/2016 11:46:15 PM) (Source: DCOM) (EventID: 10010) (User: LEATHERFACE)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (08/17/2016 11:46:15 PM) (Source: DCOM) (EventID: 10010) (User: LEATHERFACE)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (08/17/2016 11:46:15 PM) (Source: DCOM) (EventID: 10010) (User: LEATHERFACE)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (08/17/2016 11:46:15 PM) (Source: DCOM) (EventID: 10010) (User: LEATHERFACE)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU G3258 @ 3.20GHz
Percentage of memory in use: 37%
Total physical RAM: 8084.23 MB
Available physical RAM: 5020.15 MB
Total Virtual: 22676.23 MB
Available Virtual: 19035.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.17 GB) (Free:72.64 GB) NTFS
Drive e: (My Passport) (Fixed) (Total:931.48 GB) (Free:43.73 GB) NTFS
Drive g: (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.1 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 931.5 GB) (Disk ID: 0CDCFA2F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: E831C02A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\MountPoints2: {1cd32224-07c5-11e6-8254-fcaa1475b0a1} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\MountPoints2: {1cd32256-07c5-11e6-8254-fcaa1475b0a1} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\MountPoints2: {1cd32296-07c5-11e6-8254-fcaa1475b0a1} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\MountPoints2: {d030d0eb-51b5-11e6-8260-fcaa1475b0a1} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\MountPoints2: {f750f86e-4f84-11e6-8260-fcaa1475b0a1} - "E:\Lenovo_Suite.exe"
SearchScopes: HKU\S-1-5-21-2083599567-3356488530-3129411815-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CHR HomePage: Default -> mail.ru/cnt/11956636?rciguc__PARAM__
CHR StartupUrls: Default -> "hxxp://exensup.ru/?utm_source=startpage03&utm_content=1f58ddd739e064d7788f5568b5afa0ae&utm_term=DF10FEDC4F60E1F8112B85A3BD8FFEBF&utm_d=20160808"
C:\Users\Jiří\AppData\Local\Поиcк в Интeрнете
C:\Users\Jiří\Desktop\zlib1.dll
C:\Users\Jiří\BrawlhallaReplays
C:\Users\Jiří\AppData\Roaming\BrawlhallaAir
C:\Users\Jiří\Desktop\Brawlhalla.url
C:\ProgramData\DP45977C.lfl
Task: {013294CE-CAE2-4224-A46E-D99CDE42D060} - System32\Tasks\{52796FC3-0A00-9B6B-83F2-08BEBF3F1163} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\d892ddc1\bd525e10.dll" <==== ATTENTION

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

C:\Users\Jiří\Desktop\klklklklkljklklkl --- znáš tu složku?

Bylo by dobré si vyčistit plochu a downloads od pochybných souborů a složek..smazat je.
AdvHack v2.exe
Hacky-na-CS-1.6-by-Lacost.rar
Speed hack.exe
Speed-hack-na-cs-1.6-by-Lakatos.rar
C:\Users\Jiří\Desktop\wall hack.bat
C:\Users\Jiří\Desktop\opengl32.dll
ap.

Drive c: () (Fixed) (Total:931.17 GB) (Free:72.64 GB) NTFS
Totální nedostatek volného místa na disku!! Něco odinstaluj , smaž. Máš mít nejméně 15-20% volného místa na syst. disku , pro zajištění bezproblémového chodu windows!!

Stáhni Kaspersky VRT
na svojí plochu.
Spusť program Kaspersky VRT, .Program se nainstaluje.
Potvrď licenci a klikni na „Start“ . Pokud program nabídne aktualizaci , klikni dole na na „Download Now“.
- Klikni na ozubené kolečko v pravém horním rohu. V okně vyber kromě již zatržených , svojí jednotku disku , pokud jich máš víc , můžeš zatrhnout všechny.
- zvol „Automatic Scan“ nahoře vlevo. a stiskni tlačítko „Start Scanning“
- Program začne skenovat zatržené jednotky

Zaškrtnuté :
Hidden startup objects
System Memory
Disk boot sectors
Počítač
Místní disk C

Nezašrkrtnuté:
Dokumenty
My email
Místní disk D
Jednotka DVD-Rom (E)
Jednotka BD-ROM (G)
Disketová jednotka
A jiné , např. Flash disky , které máš připojeny.

- povol programu Virus Removal Tool odstranit všechny nalezené infekce
- jakmile sken skončí ,zvol záložku „Report“ , vpravo nahoře (vedle ozubeného kolečka)
- klikni na „Detected Threads“ a klikni na obrázek diskety („Save“)
- ulož do počítače zprávu a vložit ji sem do příspěvku

[PavlinQa1234]

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-08-2016
Ran by Jiří (21-08-2016 12:20:27) Run:1
Running from C:\Users\Jiří\Desktop
Loaded Profiles: Jiří (Available Profiles: Jiří)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\MountPoints2: {1cd32224-07c5-11e6-8254-fcaa1475b0a1} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\MountPoints2: {1cd32256-07c5-11e6-8254-fcaa1475b0a1} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\MountPoints2: {1cd32296-07c5-11e6-8254-fcaa1475b0a1} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\MountPoints2: {d030d0eb-51b5-11e6-8260-fcaa1475b0a1} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\...\MountPoints2: {f750f86e-4f84-11e6-8260-fcaa1475b0a1} - "E:\Lenovo_Suite.exe"
SearchScopes: HKU\S-1-5-21-2083599567-3356488530-3129411815-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CHR HomePage: Default -> mail.ru/cnt/11956636?rciguc__PARAM__
CHR StartupUrls: Default -> "hxxp://exensup.ru/?utm_source=startpage03&utm_content=1f58ddd739e064d7788f5568b5afa0ae&utm_term=DF10FEDC4F60E1F8112B85A3BD8FFEBF&utm_d=20160808"
C:\Users\Jiří\AppData\Local\???c? ? ???e?????
C:\Users\Jiří\Desktop\zlib1.dll
C:\Users\Jiří\BrawlhallaReplays
C:\Users\Jiří\AppData\Roaming\BrawlhallaAir
C:\Users\Jiří\Desktop\Brawlhalla.url
C:\ProgramData\DP45977C.lfl
Task: {013294CE-CAE2-4224-A46E-D99CDE42D060} - System32\Tasks\{52796FC3-0A00-9B6B-83F2-08BEBF3F1163} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\d892ddc1\bd525e10.dll" <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1cd32224-07c5-11e6-8254-fcaa1475b0a1}" => key removed successfully
HKCR\CLSID\{1cd32224-07c5-11e6-8254-fcaa1475b0a1} => key not found.
"HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1cd32256-07c5-11e6-8254-fcaa1475b0a1}" => key removed successfully
HKCR\CLSID\{1cd32256-07c5-11e6-8254-fcaa1475b0a1} => key not found.
"HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1cd32296-07c5-11e6-8254-fcaa1475b0a1}" => key removed successfully
HKCR\CLSID\{1cd32296-07c5-11e6-8254-fcaa1475b0a1} => key not found.
"HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d030d0eb-51b5-11e6-8260-fcaa1475b0a1}" => key removed successfully
HKCR\CLSID\{d030d0eb-51b5-11e6-8260-fcaa1475b0a1} => key not found.
"HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f750f86e-4f84-11e6-8260-fcaa1475b0a1}" => key removed successfully
HKCR\CLSID\{f750f86e-4f84-11e6-8260-fcaa1475b0a1} => key not found.
"HKU\S-1-5-21-2083599567-3356488530-3129411815-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
Chrome HomePage => removed successfully
Chrome StartupUrls => removed successfully
"C:\Users\Jiří\AppData\Local\???c? ? ???e?????" => not found.
C:\Users\Jiří\Desktop\zlib1.dll => moved successfully
C:\Users\Jiří\BrawlhallaReplays => moved successfully
C:\Users\Jiří\AppData\Roaming\BrawlhallaAir => moved successfully
C:\Users\Jiří\Desktop\Brawlhalla.url => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{013294CE-CAE2-4224-A46E-D99CDE42D060}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{013294CE-CAE2-4224-A46E-D99CDE42D060}" => key removed successfully
C:\Windows\System32\Tasks\{52796FC3-0A00-9B6B-83F2-08BEBF3F1163} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{52796FC3-0A00-9B6B-83F2-08BEBF3F1163}" => key removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 79331791 B
Java, Flash, Steam htmlcache => 712 B
Windows/system/drivers => 8916 B
Edge => 0 B
Chrome => 444383725 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 1354 B
Jiří => 541412176 B

RecycleBin => 0 B
EmptyTemp: => 1023.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:20:34 ====


C:\Users\Jiří\Desktop\klklklklkljklklkl - Tuto složku znám a jsem přesvědčena, že v ní nic nebezpečného není.