DNS Unlocker

[KrteCzech]

Zdravím. Řeším tu problém s tím, že na mě v jakémkoliv prohlížeči (Chrome, Mozilla, Explorer) na mém pc vyskakují samovolně různé stránky a bannery s reklamou. U těch otravných bannerů jsem zahlédl hlášku "Ads by DNS Unlocker".

Můžete mi prosím pomoci se toho zbavit ?

[Rudy]

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[KrteCzech]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Hubert (administrator) on HUBERT (13-03-2016 12:31:10)
Running from C:\Users\Hubert\Desktop
Loaded Profiles: Hubert (Available Profiles: Hubert)
Platform: Windows 8.1 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
() C:\Windows\jmesoft\Service.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSYNC.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
() C:\Windows\jmesoft\JME_LOAD.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(forum.viry.cz) C:\Users\Hubert\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo)
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\MountPoints2: {52bc56ca-04a9-11e5-825c-806e6f6e6963} - "Explorer.exe" monitor.htm
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\MountPoints2: {5c93f1a5-855c-11e5-8262-b8aeed9b7871} - "E:\Launcher.exe"
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\MountPoints2: {5c93f1ab-855c-11e5-8262-b8aeed9b7871} - "G:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\MountPoints2: {83dc61f2-8ba1-11e5-8268-b8aeed9b7871} - "E:\Launcher.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\Users\Hubert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KooBits 4.lnk [2016-02-01]
ShortcutTarget: KooBits 4.lnk -> C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\Parameters: [NameServer] 82.163.143.171 82.163.142.173
Tcpip\..\Interfaces\{1FF38049-A0DB-4132-BD26-852F7FEC605C}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
URLSearchHook: [S-1-5-21-416052096-752880450-10621532-1001] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope {7765FA40-9EF3-49EA-A705-FE7AF4CBD466} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-02-05] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Filter: application/x-mfe-ipt - No CLSID Value

FireFox:
========
FF ProfilePath: C:\Users\Hubert\AppData\Roaming\Mozilla\Firefox\Profiles\n3uguvu9.default
FF NewTab:
FF SelectedSearchEngine: Default
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-02-04] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Hubert\AppData\Roaming\Mozilla\Firefox\Profiles\n3uguvu9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]

Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-13]
CHR Extension: (Dokumenty Google) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-13]
CHR Extension: (Disk Google) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-13]
CHR Extension: (YouTube) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-13]
CHR Extension: (Tabulky Google) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-13]
CHR Extension: (AdBlock) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-21]
CHR Extension: (Avast Online Security) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-03-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-13]
CHR Extension: (Gmail) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-13]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2804976 2016-02-04] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2522616 2015-11-20] (ESET)
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-17] () [File not signed]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [619776 2014-12-06] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-12-02] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.)
S4 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-10-08] ()
R2 ssinstall; C:\windows\SysWOW64\ssins.exe [2324216 2015-12-17] (PS Media s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
S3 McODS; "C:\ProgramData\McAfee\Update\Installs\pkg_default\Download_Files\default\vso\vso_li_cat\%VSINSTALL_DIR64%\mcods.exe" [X]
S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe" [X]
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-11-08] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [263528 2015-11-20] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2015-11-20] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2015-11-20] (ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [142976 2015-11-20] (ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [206312 2015-11-20] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [52872 2015-11-20] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [69840 2015-11-20] (ESET)
S2 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-02-20] ()
S2 EsgScanner; C:\Windows\SysWOW64\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
R3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [103656 2013-10-21] (GenesysLogic)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-20] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3071704 2014-02-07] (Realtek Semiconductor Corporation )
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-02] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-13 12:31 - 2016-03-13 12:31 - 00014962 _____ C:\Users\Hubert\Desktop\FRST.txt
2016-03-13 12:30 - 2016-03-13 12:31 - 00000000 ____D C:\FRST
2016-03-13 12:23 - 2016-03-13 10:36 - 02374144 _____ (Farbar) C:\Users\Hubert\Desktop\FRST64.exe
2016-03-13 12:23 - 2016-03-13 10:36 - 00112640 _____ (forum.viry.cz) C:\Users\Hubert\Desktop\FRSTLauncher.exe
2016-03-12 22:52 - 2016-03-13 12:10 - 00042495 _____ C:\spyhunter.fix
2016-03-12 22:52 - 2016-02-20 19:34 - 00285747 _____ C:\shldr
2016-03-12 22:52 - 2016-02-20 19:34 - 00008192 _____ C:\shldr.mbr
2016-03-12 21:58 - 2016-03-12 21:58 - 00002309 _____ C:\Users\Hubert\Desktop\SpyHunter.lnk
2016-03-12 21:58 - 2016-03-12 21:58 - 00000000 ____D C:\Users\Hubert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2016-03-12 21:58 - 2016-03-12 21:58 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2016-03-12 21:57 - 2016-03-12 21:58 - 00000000 ____D C:\windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP
2016-03-09 19:01 - 2016-02-20 16:45 - 01373184 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-03-09 19:01 - 2016-02-20 16:45 - 01168896 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-03-09 19:01 - 2016-02-20 16:45 - 00696832 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-03-09 19:01 - 2016-02-20 16:45 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-03-09 19:01 - 2016-02-20 16:45 - 00499200 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-03-09 19:01 - 2016-02-20 16:45 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-03-09 19:01 - 2016-02-08 22:05 - 20352512 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-03-09 19:01 - 2016-02-08 21:39 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-03-09 19:01 - 2016-02-08 21:34 - 02280448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-03-09 19:01 - 2016-02-08 21:29 - 00099328 _____ (Microsoft Corporation) C:\windows\SysWOW64\hlink.dll
2016-03-09 19:01 - 2016-02-08 21:28 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-03-09 19:01 - 2016-02-08 21:10 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-03-09 19:01 - 2016-02-08 21:07 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2016-03-09 19:01 - 2016-02-08 21:05 - 25816576 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-03-09 19:01 - 2016-02-08 21:03 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-03-09 19:01 - 2016-02-08 21:02 - 13012480 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-03-09 19:01 - 2016-02-08 21:02 - 00687104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-03-09 19:01 - 2016-02-08 21:01 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-03-09 19:01 - 2016-02-08 20:43 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-03-09 19:01 - 2016-02-08 20:39 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-03-09 19:01 - 2016-02-08 20:38 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-03-09 19:01 - 2016-02-08 19:27 - 02887680 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-03-09 19:01 - 2016-02-08 19:26 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-03-09 19:01 - 2016-02-08 19:16 - 06052352 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-03-09 19:01 - 2016-02-08 19:14 - 00108544 _____ (Microsoft Corporation) C:\windows\system32\hlink.dll
2016-03-09 19:01 - 2016-02-08 19:13 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-03-09 19:01 - 2016-02-08 18:51 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-03-09 19:01 - 2016-02-08 18:42 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2016-03-09 19:01 - 2016-02-08 18:37 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-03-09 19:01 - 2016-02-08 18:34 - 00798720 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-03-09 19:01 - 2016-02-08 18:33 - 14613504 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-03-09 19:01 - 2016-02-08 18:33 - 02123264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-03-09 19:01 - 2016-02-08 18:19 - 02597376 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-03-09 19:01 - 2016-02-08 18:15 - 02880000 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2016-03-09 19:01 - 2016-02-08 18:07 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-03-09 19:01 - 2016-02-08 17:55 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-03-09 19:01 - 2016-02-05 20:06 - 00046768 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-03-09 19:01 - 2016-01-06 19:25 - 00416768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2016-03-09 19:01 - 2015-12-30 22:53 - 02017624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2016-03-09 19:00 - 2016-02-12 20:14 - 00136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2016-03-09 19:00 - 2016-02-12 16:14 - 03708416 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-03-09 19:00 - 2016-02-12 15:55 - 00409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2016-03-09 19:00 - 2016-02-12 15:54 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2016-03-09 19:00 - 2016-02-12 15:54 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2016-03-09 19:00 - 2016-02-12 15:54 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2016-03-09 19:00 - 2016-02-12 15:51 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2016-03-09 19:00 - 2016-02-12 15:51 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2016-03-09 19:00 - 2016-02-12 15:51 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2016-03-09 19:00 - 2016-02-12 15:48 - 02244096 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2016-03-09 19:00 - 2016-02-12 15:47 - 00897024 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2016-03-09 19:00 - 2016-02-12 15:46 - 00726528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2016-03-09 19:00 - 2016-02-11 15:21 - 00869576 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll
2016-03-09 19:00 - 2016-02-11 15:21 - 00678600 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll
2016-03-09 19:00 - 2016-02-11 15:20 - 00875720 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2016-03-09 19:00 - 2016-02-11 15:20 - 00536776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp120_clr0400.dll
2016-03-09 19:00 - 2016-02-06 19:08 - 00031744 _____ (Microsoft Corporation) C:\windows\system32\seclogon.dll
2016-03-09 19:00 - 2016-02-06 17:58 - 00987648 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-03-09 19:00 - 2016-02-06 17:32 - 00801792 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-03-09 19:00 - 2016-02-05 20:07 - 00292696 _____ (Microsoft Corporation) C:\windows\system32\WMASF.DLL
2016-03-09 19:00 - 2016-02-05 20:07 - 00243032 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMASF.DLL
2016-03-09 19:00 - 2016-02-05 16:03 - 15432704 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2016-03-09 19:00 - 2016-02-05 16:00 - 13318144 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2016-03-09 19:00 - 2016-02-05 15:59 - 07784960 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2016-03-09 19:00 - 2016-02-05 15:55 - 05264384 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 19:00 - 2016-02-05 15:48 - 07075840 _____ (Microsoft Corporation) C:\windows\system32\glcndFilter.dll
2016-03-09 19:00 - 2016-02-05 15:47 - 05268480 _____ (Microsoft Corporation) C:\windows\SysWOW64\glcndFilter.dll
2016-03-09 19:00 - 2016-02-04 19:18 - 04174336 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-03-09 19:00 - 2016-02-04 19:18 - 00358912 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-03-09 19:00 - 2016-02-04 19:12 - 00044032 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-03-09 19:00 - 2016-02-04 18:44 - 00301568 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-03-09 19:00 - 2016-02-04 18:39 - 00035840 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-03-09 19:00 - 2016-02-03 21:37 - 01661576 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-03-09 19:00 - 2016-02-03 21:36 - 01212248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-03-09 19:00 - 2016-02-03 16:09 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll
2016-03-09 19:00 - 2016-02-03 16:00 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
2016-03-09 19:00 - 2016-02-03 16:00 - 00077824 _____ (Microsoft Corporation) C:\windows\SysWOW64\asycfilt.dll
2016-03-09 19:00 - 2016-01-31 20:16 - 00148832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2016-03-09 19:00 - 2016-01-24 19:19 - 00419160 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2016-03-09 19:00 - 2016-01-24 19:19 - 00378712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2016-03-09 19:00 - 2016-01-24 19:19 - 00331608 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2016-03-09 19:00 - 2016-01-24 12:57 - 01335296 _____ (Microsoft Corporation) C:\windows\system32\mispace.dll
2016-03-09 19:00 - 2016-01-24 12:45 - 01063424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mispace.dll
2016-03-09 19:00 - 2016-01-10 17:41 - 01707008 _____ (Microsoft Corporation) C:\windows\system32\comsvcs.dll
2016-03-09 19:00 - 2016-01-10 17:31 - 01344512 _____ (Microsoft Corporation) C:\windows\SysWOW64\comsvcs.dll
2016-03-09 19:00 - 2016-01-09 02:49 - 00218448 _____ (Microsoft Corporation) C:\windows\system32\rsaenh.dll
2016-03-09 19:00 - 2016-01-09 02:49 - 00192120 _____ (Microsoft Corporation) C:\windows\SysWOW64\rsaenh.dll
2016-03-09 19:00 - 2016-01-09 02:38 - 00091992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2016-03-09 19:00 - 2016-01-07 00:46 - 00148752 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscapi.dll
2016-03-09 19:00 - 2016-01-07 00:45 - 00177712 _____ (Microsoft Corporation) C:\windows\system32\wscapi.dll
2016-03-09 19:00 - 2016-01-06 17:47 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\wscsvc.dll
2016-03-09 19:00 - 2015-12-30 21:49 - 00470360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2016-03-09 19:00 - 2015-12-20 15:57 - 00839168 _____ (Microsoft Corporation) C:\windows\system32\netlogon.dll
2016-03-09 19:00 - 2015-12-20 15:43 - 00696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\netlogon.dll
2016-03-09 19:00 - 2015-11-19 15:33 - 00994760 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2016-03-09 19:00 - 2015-11-19 15:26 - 00922432 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2016-03-09 18:59 - 2016-02-04 18:24 - 00603648 _____ (Microsoft Corporation) C:\windows\system32\mfds.dll
2016-03-09 18:59 - 2016-02-04 18:02 - 00483328 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfds.dll
2016-03-09 18:59 - 2016-01-15 17:56 - 02487296 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2016-03-09 18:59 - 2016-01-15 17:45 - 01482240 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2016-03-09 18:59 - 2016-01-05 16:00 - 00570880 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2016-03-09 18:59 - 2015-12-20 15:56 - 00616960 _____ (Microsoft Corporation) C:\windows\system32\msra.exe
2016-03-05 20:10 - 2016-03-05 20:10 - 00000043 _____ C:\Users\Hubert\Desktop\Ulož.to.url
2016-03-04 05:34 - 2016-03-04 05:34 - 00290013 _____ C:\Users\Hubert\Downloads\Pavouci-sit---Niedl,-Frantisek.epub
2016-03-03 20:44 - 2016-03-03 20:59 - 455268589 _____ C:\Users\Hubert\Downloads\Nepotvrzeno 811143.crdownload
2016-03-03 17:49 - 2016-03-03 17:49 - 00147109 _____ C:\Users\Hubert\Downloads\cenik_2016-03-03.html
2016-02-28 11:10 - 2016-02-28 11:58 - 1627216117 _____ C:\Users\Hubert\Downloads\Vladimír-Neff---Královny-nemají-nohy-1.díl-trilogie-(čte-Jan-Hyhlík-2002).rar
2016-02-27 20:24 - 2016-02-27 20:50 - 364902400 _____ C:\Users\Hubert\Downloads\The-Blacklist-S03E15-cz.tit..avi
2016-02-27 13:34 - 2016-02-27 13:38 - 43828448 _____ C:\Users\Hubert\Downloads\Seznam.cz.exe
2016-02-26 15:23 - 2016-02-26 16:02 - 721564890 _____ C:\Users\Hubert\Downloads\Most-3-9.díl-CZ-titulky.avi
2016-02-26 15:23 - 2016-02-26 15:57 - 480710528 _____ C:\Users\Hubert\Downloads\Most-3-10.díl-CZ-titulky.avi
2016-02-26 15:23 - 2016-02-26 15:56 - 430083182 _____ C:\Users\Hubert\Downloads\Most-3-8.díl-CZ-titulky.avi
2016-02-25 20:23 - 2016-02-25 20:23 - 00000000 ____D C:\Users\Hubert\Tracing
2016-02-25 20:22 - 2016-03-01 15:16 - 00000000 ____D C:\Users\Hubert\AppData\Roaming\Skype
2016-02-25 20:22 - 2016-03-01 15:16 - 00000000 ____D C:\ProgramData\Skype
2016-02-25 20:21 - 2016-02-25 20:21 - 01503872 _____ (Skype Technologies S.A.) C:\Users\Hubert\Downloads\SkypeSetup (1).exe
2016-02-25 20:21 - 2016-02-25 20:21 - 00003136 _____ C:\windows\System32\Tasks\{42CB0D8C-E593-4B6A-80B9-7AFC05A36368}
2016-02-25 20:20 - 2016-02-25 20:20 - 01503872 _____ (Skype Technologies S.A.) C:\Users\Hubert\Downloads\SkypeSetup.exe
2016-02-25 14:49 - 2016-02-25 15:00 - 462190856 _____ C:\Users\Hubert\Downloads\Most-3-7.díl-CZ-titulky.avi
2016-02-25 14:48 - 2016-02-25 15:00 - 462565644 _____ C:\Users\Hubert\Downloads\Most-3-5.díl-CZ-titulky.avi
2016-02-25 14:48 - 2016-02-25 14:58 - 448959322 _____ C:\Users\Hubert\Downloads\Most-3-6.díl-CZ-titulky.avi
2016-02-25 14:48 - 2016-02-25 14:58 - 422238998 _____ C:\Users\Hubert\Downloads\Most-3-4.díl-CZ-titulky.avi
2016-02-24 20:48 - 2016-02-24 20:53 - 434253402 _____ C:\Users\Hubert\Downloads\Most-3-2.díl-CZ-titulky.avi
2016-02-24 15:14 - 2016-02-24 15:35 - 2061885947 _____ C:\Users\Hubert\Downloads\Peaky-Blinders-–-Gangy-z-Birminghamu-S01E02-FullHD-CZ-EN-dabing-2014-by-Pretorian.mkv
2016-02-24 15:14 - 2016-02-24 15:22 - 617580719 _____ C:\Users\Hubert\Downloads\Peaky-Blinders-–-Gangy-z-Birminghamu-S01E01-CZ-dabing-2014-by-Pretorian.mkv
2016-02-21 12:35 - 2016-02-21 12:35 - 00000000 ____D C:\_OTM
2016-02-21 12:34 - 2016-02-21 12:34 - 00522240 _____ (OldTimer Tools) C:\Users\Hubert\Downloads\OTM.exe
2016-02-21 12:30 - 2016-02-21 12:30 - 00005892 _____ C:\Users\Hubert\Desktop\AdwCleaner[C1].txt
2016-02-21 12:20 - 2016-02-21 12:28 - 00000000 ____D C:\AdwCleaner
2016-02-21 12:19 - 2016-02-21 12:19 - 01511424 _____ C:\Users\Hubert\Downloads\adwcleaner_5.035.exe
2016-02-20 20:58 - 2016-02-20 20:58 - 00002054 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2016-02-20 20:58 - 2016-02-20 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-02-20 20:58 - 2016-02-20 20:58 - 00000000 ____D C:\ProgramData\ESET
2016-02-20 20:58 - 2016-02-20 20:58 - 00000000 ____D C:\Program Files\ESET
2016-02-20 20:40 - 2016-02-20 20:40 - 02861880 _____ (ESET) C:\Users\Hubert\Downloads\eset_smart_security_live_installer_.exe
2016-02-20 20:02 - 2016-02-20 20:35 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-20 20:01 - 2016-02-20 20:02 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-20 20:01 - 2016-02-20 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-20 20:01 - 2016-02-20 20:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-20 20:01 - 2016-02-20 20:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-20 20:01 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-02-20 20:01 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-02-20 20:01 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-02-20 20:00 - 2016-02-20 20:00 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Hubert\Downloads\mbam-setup-2.1.4.1018.exe
2016-02-20 19:45 - 2016-02-20 19:45 - 00001287 _____ C:\Users\Hubert\Desktop\Revo Uninstaller.lnk
2016-02-20 19:45 - 2016-02-20 19:45 - 00000000 ____D C:\Users\Hubert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-02-20 19:45 - 2016-02-20 19:45 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-02-20 19:44 - 2016-02-20 19:44 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Hubert\Downloads\revosetup.exe
2016-02-20 19:34 - 2016-03-12 21:58 - 00003338 _____ C:\windows\System32\Tasks\SpyHunter4Startup
2016-02-20 19:33 - 2016-02-20 19:34 - 00000000 ____D C:\sh4ldr
2016-02-20 19:33 - 2016-02-20 19:33 - 00022704 _____ C:\windows\system32\Drivers\EsgScanner.sys
2016-02-20 19:33 - 2016-02-20 19:33 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-02-20 19:32 - 2016-02-20 19:32 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Hubert\Downloads\SpyHunter-Installer (1).exe
2016-02-20 14:11 - 2016-02-20 14:11 - 05207096 _____ (AVAST Software) C:\Users\Hubert\Downloads\avast_free_antivirus_setup_online.exe
2016-02-19 21:02 - 2015-12-09 04:39 - 00301728 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2016-02-19 20:57 - 2016-02-19 20:57 - 02861880 _____ (ESET) C:\Users\Hubert\Downloads\eset_nod32_antivirus_live_installer_.exe
2016-02-19 19:00 - 2016-02-19 23:19 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-02-19 19:00 - 2016-02-19 19:00 - 00000000 ____D C:\Users\Hubert\AppData\Roaming\TeamViewer
2016-02-19 18:59 - 2016-02-19 19:00 - 09789392 _____ (TeamViewer GmbH) C:\Users\Hubert\Downloads\TeamViewer_Setup_cs.exe
2016-02-19 16:58 - 2016-02-19 16:58 - 00009728 ___SH C:\Users\Hubert\Desktop\Thumbs.db
2016-02-19 16:20 - 2016-03-04 18:18 - 00000000 ____D C:\ProgramData\a9bfe22
2016-02-19 16:20 - 2016-03-04 17:51 - 00000000 ____D C:\ProgramData\2d2432cd-6295-0
2016-02-19 11:05 - 2016-02-19 11:05 - 00027235 _____ C:\Users\Hubert\Downloads\The.Big.Bang.Theory.S09E15.HDTV.x264-LOL.srt
2016-02-17 20:26 - 2016-02-17 20:26 - 379735606 _____ C:\Users\Hubert\Downloads\The-Blacklist-S03E14---CZ-titulky,-1176620 (1).avi
2016-02-17 20:18 - 2016-02-17 20:23 - 379735606 _____ C:\Users\Hubert\Downloads\The-Blacklist-S03E14---CZ-titulky,-1176620.avi
2016-02-17 18:41 - 2016-02-17 18:41 - 00285889 _____ C:\Users\Hubert\Downloads\Platner---Niedl,-Frantisek.epub
2016-02-17 17:27 - 2016-02-17 17:33 - 691248394 _____ C:\Users\Hubert\Downloads\Most.01x03.DVB-T.CZ.avi
2016-02-16 19:25 - 2016-02-16 19:25 - 00309698 _____ C:\Users\Hubert\Downloads\pisecka-cetnicka-patracka.www.palmknihy.cz.159985.epub
2016-02-16 17:39 - 2016-02-16 17:39 - 00352991 _____ C:\Users\Hubert\Downloads\Krajina-nocnich-jezdcu---Niedl,-Frantisek.epub
2016-02-14 13:40 - 2016-02-14 13:46 - 712721468 _____ C:\Users\Hubert\Downloads\Babička-pozdravuje-a-omlouvá-se-2015-MP3.rar
2016-02-13 22:22 - 2016-02-13 22:22 - 00294745 _____ C:\Users\Hubert\Downloads\Navrat-mistra---Niedl,-Frantisek.epub

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-13 12:27 - 2015-11-06 20:00 - 00003590 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-416052096-752880450-10621532-1001
2016-03-13 12:26 - 2015-05-26 23:29 - 00738666 _____ C:\windows\system32\perfh005.dat
2016-03-13 12:26 - 2015-05-26 23:29 - 00151408 _____ C:\windows\system32\perfc005.dat
2016-03-13 12:26 - 2014-03-18 10:53 - 01745984 _____ C:\windows\system32\PerfStringBackup.INI
2016-03-13 12:26 - 2013-08-22 14:36 - 00000000 ____D C:\windows\Inf
2016-03-13 12:22 - 2015-11-06 20:02 - 00000000 __RDO C:\Users\Hubert\OneDrive
2016-03-13 12:22 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-03-13 12:21 - 2013-08-22 14:25 - 00262144 ___SH C:\windows\system32\config\BBI
2016-03-13 11:55 - 2016-01-06 16:36 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-03-12 21:53 - 2013-08-22 16:36 - 00000000 ____D C:\windows\AppReadiness
2016-03-12 13:40 - 2015-11-14 22:06 - 00003094 _____ C:\windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-416052096-752880450-10621532-1001
2016-03-11 15:21 - 2015-11-11 16:07 - 00000000 ____D C:\windows\system32\appraiser
2016-03-11 15:21 - 2015-11-06 19:52 - 00000000 ____D C:\Users\Hubert
2016-03-11 12:38 - 2013-08-22 16:20 - 00000000 ____D C:\windows\CbsTemp
2016-03-11 11:55 - 2016-01-06 16:36 - 00003802 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-03-11 11:43 - 2016-01-31 22:04 - 00000000 ____D C:\Users\Hubert\AppData\Local\ElevatedDiagnostics
2016-03-11 11:29 - 2013-08-22 15:44 - 00483288 _____ C:\windows\system32\FNTCACHE.DAT
2016-03-09 19:14 - 2013-08-22 16:36 - 00000000 ____D C:\windows\rescache
2016-03-09 19:11 - 2015-11-09 01:53 - 00000000 ____D C:\windows\system32\MRT
2016-03-09 19:04 - 2015-11-09 01:53 - 143659408 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-03-09 18:58 - 2015-12-09 10:33 - 00718336 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-03-09 18:58 - 2015-12-09 10:33 - 00372224 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-03-09 18:58 - 2015-12-09 10:33 - 00325632 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-03-09 18:56 - 2015-12-26 14:48 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-08 16:37 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-08 08:00 - 2015-11-11 16:21 - 00829944 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:00 - 2015-11-11 16:21 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-07 21:41 - 2015-11-06 20:06 - 00000000 ____D C:\Program Files (x86)\Google
2016-03-04 05:23 - 2015-11-21 18:06 - 00000000 ____D C:\Users\Hubert\AppData\Roaming\AIMP3
2016-03-01 18:01 - 2015-11-19 18:06 - 00000000 ____D C:\Program Files (x86)\FastShare
2016-03-01 17:13 - 2015-12-05 09:00 - 00000000 ____D C:\Users\Hubert\Desktop\Stahování
2016-02-28 19:40 - 2015-11-11 09:08 - 00369152 ___SH C:\Users\Hubert\Downloads\Thumbs.db
2016-02-28 17:31 - 2015-12-23 19:31 - 00000000 ____D C:\Users\Hubert\Desktop\Martin Záloha
2016-02-26 10:11 - 2015-11-06 19:53 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-02-26 10:11 - 2015-11-06 19:53 - 00000000 ___SD C:\windows\system32\GWX
2016-02-25 20:04 - 2016-02-07 00:13 - 00000000 ____D C:\Users\Hubert\AppData\Roaming\vlc
2016-02-23 16:52 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-23 16:50 - 2015-05-26 23:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-02-20 20:59 - 2013-08-22 16:36 - 00000000 ___HD C:\windows\ELAMBKUP
2016-02-20 20:44 - 2015-11-11 19:18 - 00000000 ____D C:\Users\Hubert\AppData\Roaming\AVAST Software
2016-02-20 20:44 - 2015-11-11 19:13 - 00000000 ____D C:\ProgramData\AVAST Software
2016-02-20 20:24 - 2015-05-26 22:45 - 00000000 ____D C:\windows\jmesoft
2016-02-20 19:34 - 2013-08-22 16:44 - 00285747 _____ C:\bootmgr
2016-02-19 20:43 - 2016-01-27 20:11 - 00000879 _____ C:\Users\Hubert\Desktop\KMPlayer.lnk
2016-02-19 17:01 - 2015-11-06 20:05 - 00000000 ____D C:\Users\Hubert\AppData\Local\Deployment
2016-02-19 16:24 - 2015-12-18 11:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-19 16:20 - 2015-12-17 21:37 - 00000000 ____D C:\ProgramData\3110ec7e-3451-1
2016-02-19 16:20 - 2015-12-17 21:37 - 00000000 ____D C:\ProgramData\3110ec7e-20c3-0
2016-02-17 17:34 - 2015-11-06 21:01 - 00000000 ____D C:\Users\Hubert\Downloads\Ripper Street 1.Serie
2016-02-15 07:24 - 2016-01-07 20:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-14 14:11 - 2015-11-22 10:33 - 00000000 ____D C:\Users\Hubert\Downloads\Audioknihy
2016-02-12 05:13 - 2015-05-26 23:14 - 00000000 ____D C:\windows\System32\Tasks\Lenovo

==================== Files in the root of some directories =======

2015-05-26 22:44 - 2015-05-26 22:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET Smart Security 9.0.351.2 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus a Antispyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 9.0.351.2 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
AS: McAfee Anti-Virus a Antispyware (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
FW: McAfee Firewall (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Hubert\Desktop" je 90381 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[KrteCzech]

Mrkněte se mi prosím na ten log, dal jsem pod ten log v raru i ty dva textové soubory, které mi vyjel FRST.

[Rudy]

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[KrteCzech]

# AdwCleaner v5.102 - Logfile created 13/03/2016 at 17:48:12
# Updated 13/03/2016 by Xplode
# Database : 2016-03-13.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Hubert - HUBERT
# Running from : C:\Users\Hubert\Desktop\adwcleaner_5.102.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\2d2432cd-6295-0
[-] Folder Deleted : C:\ProgramData\3110ec7e-20c3-0
[-] Folder Deleted : C:\ProgramData\3110ec7e-3451-1
[-] Folder Deleted : C:\Users\Hubert\AppData\Local\Steam\htmlcache

***** [ Files ] *****

[-] File Deleted : C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage
[-] File Deleted : C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage-journal
[-] File Deleted : C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage
[-] File Deleted : C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{C480CB10-7C81-4EF0-9E02-90532AB23E4B}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{595F99CC-7315-4D42-B2F1-867512C917F1}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{C473A8B3-966B-49BF-ABFC-52F86976B702}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{F46B512B-4341-4369-8509-25270DEB2335}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{54750132-FE04-437E-B4E0-76AAAE193776}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{6094583A-7146-4B33-88EE-08F57EB62003}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [TCP Query User{33EB1FCC-2467-4B20-A174-FF1099339CC5}C:\program files (x86)\simplitec\kmpfaster\serviceprovider.exe]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [UDP Query User{CF8F4016-5705-462A-B321-A80E1B5F7F59}C:\program files (x86)\simplitec\kmpfaster\serviceprovider.exe]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{85AEF8A8-B1D9-4F7C-AC9D-BAA7B5A5B2E8}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{4D84DA4A-241C-4E3E-A428-4EBB36069459}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{4EE2823F-226A-4CAC-84C9-91A7FFF1B0DB}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{88143A25-DC27-4E24-ADBF-5C9778BCBBA8}]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\nps.pastaleads.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pastaleads.com

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [4258 bytes] - [13/03/2016 17:48:12]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [4205 bytes] - [13/03/2016 17:45:24]

########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [4444 bytes] ##########

[KrteCzech]

Myslíte, že už to tento AdwCleaner vyčistil ?

[Rudy]

Je třeba ještě dočistit. Dejte nový log FRST.

[KrteCzech]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Hubert (administrator) on HUBERT (13-03-2016 19:56:12)
Running from C:\Users\Hubert\Desktop
Loaded Profiles: Hubert (Available Profiles: Hubert)
Platform: Windows 8.1 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
() C:\Windows\jmesoft\Service.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
() C:\Windows\jmesoft\JME_LOAD.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSYNC.EXE
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(forum.viry.cz) C:\Users\Hubert\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo)
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\MountPoints2: {52bc56ca-04a9-11e5-825c-806e6f6e6963} - "Explorer.exe" monitor.htm
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\MountPoints2: {5c93f1a5-855c-11e5-8262-b8aeed9b7871} - "E:\Launcher.exe"
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\MountPoints2: {5c93f1ab-855c-11e5-8262-b8aeed9b7871} - "G:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\MountPoints2: {83dc61f2-8ba1-11e5-8268-b8aeed9b7871} - "E:\Launcher.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\Users\Hubert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KooBits 4.lnk [2016-02-01]
ShortcutTarget: KooBits 4.lnk -> C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\Parameters: [NameServer] 82.163.143.171 82.163.142.173
Tcpip\..\Interfaces\{1FF38049-A0DB-4132-BD26-852F7FEC605C}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
URLSearchHook: [S-1-5-21-416052096-752880450-10621532-1001] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope {7765FA40-9EF3-49EA-A705-FE7AF4CBD466} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-02-05] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Filter: application/x-mfe-ipt - No CLSID Value

FireFox:
========
FF ProfilePath: C:\Users\Hubert\AppData\Roaming\Mozilla\Firefox\Profiles\n3uguvu9.default
FF NewTab:
FF SelectedSearchEngine: Default
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-02-04] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Hubert\AppData\Roaming\Mozilla\Firefox\Profiles\n3uguvu9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]

Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-13]
CHR Extension: (Dokumenty Google) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-13]
CHR Extension: (Disk Google) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-13]
CHR Extension: (YouTube) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-13]
CHR Extension: (Tabulky Google) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-13]
CHR Extension: (AdBlock) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-21]
CHR Extension: (Avast Online Security) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-03-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-13]
CHR Extension: (Gmail) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-13]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2804976 2016-02-04] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2522616 2015-11-20] (ESET)
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-17] () [File not signed]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [619776 2014-12-06] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-12-02] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.)
S4 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-10-08] ()
R2 ssinstall; C:\windows\SysWOW64\ssins.exe [2324216 2015-12-17] (PS Media s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
S3 McODS; "C:\ProgramData\McAfee\Update\Installs\pkg_default\Download_Files\default\vso\vso_li_cat\%VSINSTALL_DIR64%\mcods.exe" [X]
S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe" [X]
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-11-08] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [263528 2015-11-20] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2015-11-20] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2015-11-20] (ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [142976 2015-11-20] (ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [206312 2015-11-20] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [52872 2015-11-20] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [69840 2015-11-20] (ESET)
S2 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-02-20] ()
S2 EsgScanner; C:\Windows\SysWOW64\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
R3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [103656 2013-10-21] (GenesysLogic)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-20] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3071704 2014-02-07] (Realtek Semiconductor Corporation )
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-02] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-13 17:45 - 2016-03-13 17:48 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-13 17:45 - 2016-03-13 17:43 - 01527296 _____ C:\Users\Hubert\Desktop\adwcleaner_5.102.exe
2016-03-13 12:31 - 2016-03-13 19:56 - 00015020 _____ C:\Users\Hubert\Desktop\FRST.txt
2016-03-13 12:30 - 2016-03-13 19:56 - 00000000 ____D C:\FRST
2016-03-13 12:23 - 2016-03-13 10:36 - 02374144 _____ (Farbar) C:\Users\Hubert\Desktop\FRST64.exe
2016-03-13 12:23 - 2016-03-13 10:36 - 00112640 _____ (forum.viry.cz) C:\Users\Hubert\Desktop\FRSTLauncher.exe
2016-03-12 22:52 - 2016-03-13 12:10 - 00042495 _____ C:\spyhunter.fix
2016-03-12 22:52 - 2016-02-20 19:34 - 00285747 _____ C:\shldr
2016-03-12 22:52 - 2016-02-20 19:34 - 00008192 _____ C:\shldr.mbr
2016-03-12 21:58 - 2016-03-12 21:58 - 00002309 _____ C:\Users\Hubert\Desktop\SpyHunter.lnk
2016-03-12 21:58 - 2016-03-12 21:58 - 00000000 ____D C:\Users\Hubert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2016-03-12 21:58 - 2016-03-12 21:58 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2016-03-12 21:57 - 2016-03-12 21:58 - 00000000 ____D C:\windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP
2016-03-09 19:01 - 2016-02-20 16:45 - 01373184 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-03-09 19:01 - 2016-02-20 16:45 - 01168896 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-03-09 19:01 - 2016-02-20 16:45 - 00696832 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-03-09 19:01 - 2016-02-20 16:45 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-03-09 19:01 - 2016-02-20 16:45 - 00499200 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-03-09 19:01 - 2016-02-20 16:45 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-03-09 19:01 - 2016-02-08 22:05 - 20352512 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-03-09 19:01 - 2016-02-08 21:39 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-03-09 19:01 - 2016-02-08 21:34 - 02280448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-03-09 19:01 - 2016-02-08 21:29 - 00099328 _____ (Microsoft Corporation) C:\windows\SysWOW64\hlink.dll
2016-03-09 19:01 - 2016-02-08 21:28 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-03-09 19:01 - 2016-02-08 21:10 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-03-09 19:01 - 2016-02-08 21:07 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2016-03-09 19:01 - 2016-02-08 21:05 - 25816576 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-03-09 19:01 - 2016-02-08 21:03 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-03-09 19:01 - 2016-02-08 21:02 - 13012480 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-03-09 19:01 - 2016-02-08 21:02 - 00687104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-03-09 19:01 - 2016-02-08 21:01 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-03-09 19:01 - 2016-02-08 20:43 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-03-09 19:01 - 2016-02-08 20:39 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-03-09 19:01 - 2016-02-08 20:38 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-03-09 19:01 - 2016-02-08 19:27 - 02887680 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-03-09 19:01 - 2016-02-08 19:26 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-03-09 19:01 - 2016-02-08 19:16 - 06052352 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-03-09 19:01 - 2016-02-08 19:14 - 00108544 _____ (Microsoft Corporation) C:\windows\system32\hlink.dll
2016-03-09 19:01 - 2016-02-08 19:13 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-03-09 19:01 - 2016-02-08 18:51 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-03-09 19:01 - 2016-02-08 18:42 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2016-03-09 19:01 - 2016-02-08 18:37 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-03-09 19:01 - 2016-02-08 18:34 - 00798720 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-03-09 19:01 - 2016-02-08 18:33 - 14613504 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-03-09 19:01 - 2016-02-08 18:33 - 02123264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-03-09 19:01 - 2016-02-08 18:19 - 02597376 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-03-09 19:01 - 2016-02-08 18:15 - 02880000 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2016-03-09 19:01 - 2016-02-08 18:07 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-03-09 19:01 - 2016-02-08 17:55 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-03-09 19:01 - 2016-02-05 20:06 - 00046768 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-03-09 19:01 - 2016-01-06 19:25 - 00416768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2016-03-09 19:01 - 2015-12-30 22:53 - 02017624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2016-03-09 19:00 - 2016-02-12 20:14 - 00136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2016-03-09 19:00 - 2016-02-12 16:14 - 03708416 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-03-09 19:00 - 2016-02-12 15:55 - 00409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2016-03-09 19:00 - 2016-02-12 15:54 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2016-03-09 19:00 - 2016-02-12 15:54 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2016-03-09 19:00 - 2016-02-12 15:54 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2016-03-09 19:00 - 2016-02-12 15:51 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2016-03-09 19:00 - 2016-02-12 15:51 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2016-03-09 19:00 - 2016-02-12 15:51 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2016-03-09 19:00 - 2016-02-12 15:48 - 02244096 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2016-03-09 19:00 - 2016-02-12 15:47 - 00897024 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2016-03-09 19:00 - 2016-02-12 15:46 - 00726528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2016-03-09 19:00 - 2016-02-11 15:21 - 00869576 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll
2016-03-09 19:00 - 2016-02-11 15:21 - 00678600 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll
2016-03-09 19:00 - 2016-02-11 15:20 - 00875720 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2016-03-09 19:00 - 2016-02-11 15:20 - 00536776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp120_clr0400.dll
2016-03-09 19:00 - 2016-02-06 19:08 - 00031744 _____ (Microsoft Corporation) C:\windows\system32\seclogon.dll
2016-03-09 19:00 - 2016-02-06 17:58 - 00987648 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-03-09 19:00 - 2016-02-06 17:32 - 00801792 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-03-09 19:00 - 2016-02-05 20:07 - 00292696 _____ (Microsoft Corporation) C:\windows\system32\WMASF.DLL
2016-03-09 19:00 - 2016-02-05 20:07 - 00243032 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMASF.DLL
2016-03-09 19:00 - 2016-02-05 16:03 - 15432704 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2016-03-09 19:00 - 2016-02-05 16:00 - 13318144 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2016-03-09 19:00 - 2016-02-05 15:59 - 07784960 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2016-03-09 19:00 - 2016-02-05 15:55 - 05264384 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 19:00 - 2016-02-05 15:48 - 07075840 _____ (Microsoft Corporation) C:\windows\system32\glcndFilter.dll
2016-03-09 19:00 - 2016-02-05 15:47 - 05268480 _____ (Microsoft Corporation) C:\windows\SysWOW64\glcndFilter.dll
2016-03-09 19:00 - 2016-02-04 19:18 - 04174336 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-03-09 19:00 - 2016-02-04 19:18 - 00358912 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-03-09 19:00 - 2016-02-04 19:12 - 00044032 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-03-09 19:00 - 2016-02-04 18:44 - 00301568 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-03-09 19:00 - 2016-02-04 18:39 - 00035840 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-03-09 19:00 - 2016-02-03 21:37 - 01661576 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-03-09 19:00 - 2016-02-03 21:36 - 01212248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-03-09 19:00 - 2016-02-03 16:09 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll
2016-03-09 19:00 - 2016-02-03 16:00 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
2016-03-09 19:00 - 2016-02-03 16:00 - 00077824 _____ (Microsoft Corporation) C:\windows\SysWOW64\asycfilt.dll
2016-03-09 19:00 - 2016-01-31 20:16 - 00148832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2016-03-09 19:00 - 2016-01-24 19:19 - 00419160 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2016-03-09 19:00 - 2016-01-24 19:19 - 00378712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2016-03-09 19:00 - 2016-01-24 19:19 - 00331608 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2016-03-09 19:00 - 2016-01-24 12:57 - 01335296 _____ (Microsoft Corporation) C:\windows\system32\mispace.dll
2016-03-09 19:00 - 2016-01-24 12:45 - 01063424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mispace.dll
2016-03-09 19:00 - 2016-01-10 17:41 - 01707008 _____ (Microsoft Corporation) C:\windows\system32\comsvcs.dll
2016-03-09 19:00 - 2016-01-10 17:31 - 01344512 _____ (Microsoft Corporation) C:\windows\SysWOW64\comsvcs.dll
2016-03-09 19:00 - 2016-01-09 02:49 - 00218448 _____ (Microsoft Corporation) C:\windows\system32\rsaenh.dll
2016-03-09 19:00 - 2016-01-09 02:49 - 00192120 _____ (Microsoft Corporation) C:\windows\SysWOW64\rsaenh.dll
2016-03-09 19:00 - 2016-01-09 02:38 - 00091992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2016-03-09 19:00 - 2016-01-07 00:46 - 00148752 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscapi.dll
2016-03-09 19:00 - 2016-01-07 00:45 - 00177712 _____ (Microsoft Corporation) C:\windows\system32\wscapi.dll
2016-03-09 19:00 - 2016-01-06 17:47 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\wscsvc.dll
2016-03-09 19:00 - 2015-12-30 21:49 - 00470360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2016-03-09 19:00 - 2015-12-20 15:57 - 00839168 _____ (Microsoft Corporation) C:\windows\system32\netlogon.dll
2016-03-09 19:00 - 2015-12-20 15:43 - 00696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\netlogon.dll
2016-03-09 19:00 - 2015-11-19 15:33 - 00994760 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2016-03-09 19:00 - 2015-11-19 15:26 - 00922432 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2016-03-09 18:59 - 2016-02-04 18:24 - 00603648 _____ (Microsoft Corporation) C:\windows\system32\mfds.dll
2016-03-09 18:59 - 2016-02-04 18:02 - 00483328 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfds.dll
2016-03-09 18:59 - 2016-01-15 17:56 - 02487296 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2016-03-09 18:59 - 2016-01-15 17:45 - 01482240 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2016-03-09 18:59 - 2016-01-05 16:00 - 00570880 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2016-03-09 18:59 - 2015-12-20 15:56 - 00616960 _____ (Microsoft Corporation) C:\windows\system32\msra.exe
2016-03-05 20:10 - 2016-03-05 20:10 - 00000043 _____ C:\Users\Hubert\Desktop\Ulož.to.url
2016-03-04 05:34 - 2016-03-04 05:34 - 00290013 _____ C:\Users\Hubert\Downloads\Pavouci-sit---Niedl,-Frantisek.epub
2016-03-03 20:44 - 2016-03-03 20:59 - 455268589 _____ C:\Users\Hubert\Downloads\Nepotvrzeno 811143.crdownload
2016-03-03 17:49 - 2016-03-03 17:49 - 00147109 _____ C:\Users\Hubert\Downloads\cenik_2016-03-03.html
2016-02-28 11:10 - 2016-02-28 11:58 - 1627216117 _____ C:\Users\Hubert\Downloads\Vladimír-Neff---Královny-nemají-nohy-1.díl-trilogie-(čte-Jan-Hyhlík-2002).rar
2016-02-27 20:24 - 2016-02-27 20:50 - 364902400 _____ C:\Users\Hubert\Downloads\The-Blacklist-S03E15-cz.tit..avi
2016-02-27 13:34 - 2016-02-27 13:38 - 43828448 _____ C:\Users\Hubert\Downloads\Seznam.cz.exe
2016-02-26 15:23 - 2016-02-26 16:02 - 721564890 _____ C:\Users\Hubert\Downloads\Most-3-9.díl-CZ-titulky.avi
2016-02-26 15:23 - 2016-02-26 15:57 - 480710528 _____ C:\Users\Hubert\Downloads\Most-3-10.díl-CZ-titulky.avi
2016-02-26 15:23 - 2016-02-26 15:56 - 430083182 _____ C:\Users\Hubert\Downloads\Most-3-8.díl-CZ-titulky.avi
2016-02-25 20:23 - 2016-02-25 20:23 - 00000000 ____D C:\Users\Hubert\Tracing
2016-02-25 20:22 - 2016-03-01 15:16 - 00000000 ____D C:\Users\Hubert\AppData\Roaming\Skype
2016-02-25 20:22 - 2016-03-01 15:16 - 00000000 ____D C:\ProgramData\Skype
2016-02-25 20:21 - 2016-02-25 20:21 - 01503872 _____ (Skype Technologies S.A.) C:\Users\Hubert\Downloads\SkypeSetup (1).exe
2016-02-25 20:21 - 2016-02-25 20:21 - 00003136 _____ C:\windows\System32\Tasks\{42CB0D8C-E593-4B6A-80B9-7AFC05A36368}
2016-02-25 20:20 - 2016-02-25 20:20 - 01503872 _____ (Skype Technologies S.A.) C:\Users\Hubert\Downloads\SkypeSetup.exe
2016-02-25 14:49 - 2016-02-25 15:00 - 462190856 _____ C:\Users\Hubert\Downloads\Most-3-7.díl-CZ-titulky.avi
2016-02-25 14:48 - 2016-02-25 15:00 - 462565644 _____ C:\Users\Hubert\Downloads\Most-3-5.díl-CZ-titulky.avi
2016-02-25 14:48 - 2016-02-25 14:58 - 448959322 _____ C:\Users\Hubert\Downloads\Most-3-6.díl-CZ-titulky.avi
2016-02-25 14:48 - 2016-02-25 14:58 - 422238998 _____ C:\Users\Hubert\Downloads\Most-3-4.díl-CZ-titulky.avi
2016-02-24 20:48 - 2016-02-24 20:53 - 434253402 _____ C:\Users\Hubert\Downloads\Most-3-2.díl-CZ-titulky.avi
2016-02-24 15:14 - 2016-02-24 15:35 - 2061885947 _____ C:\Users\Hubert\Downloads\Peaky-Blinders-–-Gangy-z-Birminghamu-S01E02-FullHD-CZ-EN-dabing-2014-by-Pretorian.mkv
2016-02-24 15:14 - 2016-02-24 15:22 - 617580719 _____ C:\Users\Hubert\Downloads\Peaky-Blinders-–-Gangy-z-Birminghamu-S01E01-CZ-dabing-2014-by-Pretorian.mkv
2016-02-21 12:35 - 2016-02-21 12:35 - 00000000 ____D C:\_OTM
2016-02-21 12:34 - 2016-02-21 12:34 - 00522240 _____ (OldTimer Tools) C:\Users\Hubert\Downloads\OTM.exe
2016-02-21 12:30 - 2016-02-21 12:30 - 00005892 _____ C:\Users\Hubert\Desktop\AdwCleaner[C1].txt
2016-02-21 12:20 - 2016-02-21 12:28 - 00000000 ____D C:\AdwCleaner
2016-02-21 12:19 - 2016-02-21 12:19 - 01511424 _____ C:\Users\Hubert\Downloads\adwcleaner_5.035.exe
2016-02-20 20:58 - 2016-02-20 20:58 - 00002054 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2016-02-20 20:58 - 2016-02-20 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-02-20 20:58 - 2016-02-20 20:58 - 00000000 ____D C:\ProgramData\ESET
2016-02-20 20:58 - 2016-02-20 20:58 - 00000000 ____D C:\Program Files\ESET
2016-02-20 20:40 - 2016-02-20 20:40 - 02861880 _____ (ESET) C:\Users\Hubert\Downloads\eset_smart_security_live_installer_.exe
2016-02-20 20:02 - 2016-02-20 20:35 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-20 20:01 - 2016-02-20 20:02 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-20 20:01 - 2016-02-20 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-20 20:01 - 2016-02-20 20:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-20 20:01 - 2016-02-20 20:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-20 20:01 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-02-20 20:01 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-02-20 20:01 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-02-20 20:00 - 2016-02-20 20:00 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Hubert\Downloads\mbam-setup-2.1.4.1018.exe
2016-02-20 19:45 - 2016-02-20 19:45 - 00001287 _____ C:\Users\Hubert\Desktop\Revo Uninstaller.lnk
2016-02-20 19:45 - 2016-02-20 19:45 - 00000000 ____D C:\Users\Hubert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-02-20 19:45 - 2016-02-20 19:45 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-02-20 19:44 - 2016-02-20 19:44 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Hubert\Downloads\revosetup.exe
2016-02-20 19:34 - 2016-03-12 21:58 - 00003338 _____ C:\windows\System32\Tasks\SpyHunter4Startup
2016-02-20 19:33 - 2016-02-20 19:34 - 00000000 ____D C:\sh4ldr
2016-02-20 19:33 - 2016-02-20 19:33 - 00022704 _____ C:\windows\system32\Drivers\EsgScanner.sys
2016-02-20 19:33 - 2016-02-20 19:33 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-02-20 19:32 - 2016-02-20 19:32 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Hubert\Downloads\SpyHunter-Installer (1).exe
2016-02-20 14:11 - 2016-02-20 14:11 - 05207096 _____ (AVAST Software) C:\Users\Hubert\Downloads\avast_free_antivirus_setup_online.exe
2016-02-19 21:02 - 2015-12-09 04:39 - 00301728 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2016-02-19 20:57 - 2016-02-19 20:57 - 02861880 _____ (ESET) C:\Users\Hubert\Downloads\eset_nod32_antivirus_live_installer_.exe
2016-02-19 19:00 - 2016-02-19 23:19 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-02-19 19:00 - 2016-02-19 19:00 - 00000000 ____D C:\Users\Hubert\AppData\Roaming\TeamViewer
2016-02-19 18:59 - 2016-02-19 19:00 - 09789392 _____ (TeamViewer GmbH) C:\Users\Hubert\Downloads\TeamViewer_Setup_cs.exe
2016-02-19 16:58 - 2016-02-19 16:58 - 00009728 ___SH C:\Users\Hubert\Desktop\Thumbs.db
2016-02-19 16:20 - 2016-03-04 18:18 - 00000000 ____D C:\ProgramData\a9bfe22
2016-02-19 11:05 - 2016-02-19 11:05 - 00027235 _____ C:\Users\Hubert\Downloads\The.Big.Bang.Theory.S09E15.HDTV.x264-LOL.srt
2016-02-17 20:26 - 2016-02-17 20:26 - 379735606 _____ C:\Users\Hubert\Downloads\The-Blacklist-S03E14---CZ-titulky,-1176620 (1).avi
2016-02-17 20:18 - 2016-02-17 20:23 - 379735606 _____ C:\Users\Hubert\Downloads\The-Blacklist-S03E14---CZ-titulky,-1176620.avi
2016-02-17 18:41 - 2016-02-17 18:41 - 00285889 _____ C:\Users\Hubert\Downloads\Platner---Niedl,-Frantisek.epub
2016-02-17 17:27 - 2016-02-17 17:33 - 691248394 _____ C:\Users\Hubert\Downloads\Most.01x03.DVB-T.CZ.avi
2016-02-16 19:25 - 2016-02-16 19:25 - 00309698 _____ C:\Users\Hubert\Downloads\pisecka-cetnicka-patracka.www.palmknihy.cz.159985.epub
2016-02-16 17:39 - 2016-02-16 17:39 - 00352991 _____ C:\Users\Hubert\Downloads\Krajina-nocnich-jezdcu---Niedl,-Frantisek.epub
2016-02-14 13:40 - 2016-02-14 13:46 - 712721468 _____ C:\Users\Hubert\Downloads\Babička-pozdravuje-a-omlouvá-se-2015-MP3.rar
2016-02-13 22:22 - 2016-02-13 22:22 - 00294745 _____ C:\Users\Hubert\Downloads\Navrat-mistra---Niedl,-Frantisek.epub

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-13 19:55 - 2016-01-06 16:36 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-03-13 18:00 - 2015-11-06 20:00 - 00003592 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-416052096-752880450-10621532-1001
2016-03-13 17:50 - 2015-11-06 20:02 - 00000000 ___DO C:\Users\Hubert\OneDrive
2016-03-13 17:49 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-03-13 17:49 - 2013-08-22 14:25 - 00262144 ___SH C:\windows\system32\config\BBI
2016-03-13 17:48 - 2015-11-07 17:34 - 00000000 ____D C:\Users\Hubert\AppData\Local\Steam
2016-03-13 12:43 - 2013-08-22 16:36 - 00000000 ____D C:\windows\rescache
2016-03-13 12:26 - 2015-05-26 23:29 - 00738666 _____ C:\windows\system32\perfh005.dat
2016-03-13 12:26 - 2015-05-26 23:29 - 00151408 _____ C:\windows\system32\perfc005.dat
2016-03-13 12:26 - 2014-03-18 10:53 - 01745984 _____ C:\windows\system32\PerfStringBackup.INI
2016-03-13 12:26 - 2013-08-22 14:36 - 00000000 ____D C:\windows\Inf
2016-03-12 21:53 - 2013-08-22 16:36 - 00000000 ____D C:\windows\AppReadiness
2016-03-12 13:40 - 2015-11-14 22:06 - 00003094 _____ C:\windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-416052096-752880450-10621532-1001
2016-03-11 15:21 - 2015-11-11 16:07 - 00000000 ____D C:\windows\system32\appraiser
2016-03-11 15:21 - 2015-11-06 19:52 - 00000000 ____D C:\Users\Hubert
2016-03-11 12:38 - 2013-08-22 16:20 - 00000000 ____D C:\windows\CbsTemp
2016-03-11 11:55 - 2016-01-06 16:36 - 00003802 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-03-11 11:43 - 2016-01-31 22:04 - 00000000 ____D C:\Users\Hubert\AppData\Local\ElevatedDiagnostics
2016-03-11 11:29 - 2013-08-22 15:44 - 00483288 _____ C:\windows\system32\FNTCACHE.DAT
2016-03-09 19:11 - 2015-11-09 01:53 - 00000000 ____D C:\windows\system32\MRT
2016-03-09 19:04 - 2015-11-09 01:53 - 143659408 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-03-09 18:58 - 2015-12-09 10:33 - 00718336 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-03-09 18:58 - 2015-12-09 10:33 - 00372224 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-03-09 18:58 - 2015-12-09 10:33 - 00325632 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-03-09 18:56 - 2015-12-26 14:48 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-08 16:37 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-08 08:00 - 2015-11-11 16:21 - 00829944 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:00 - 2015-11-11 16:21 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-07 21:41 - 2015-11-06 20:06 - 00000000 ____D C:\Program Files (x86)\Google
2016-03-04 05:23 - 2015-11-21 18:06 - 00000000 ____D C:\Users\Hubert\AppData\Roaming\AIMP3
2016-03-01 18:01 - 2015-11-19 18:06 - 00000000 ____D C:\Program Files (x86)\FastShare
2016-03-01 17:13 - 2015-12-05 09:00 - 00000000 ____D C:\Users\Hubert\Desktop\Stahování
2016-02-28 19:40 - 2015-11-11 09:08 - 00369152 ___SH C:\Users\Hubert\Downloads\Thumbs.db
2016-02-28 17:31 - 2015-12-23 19:31 - 00000000 ____D C:\Users\Hubert\Desktop\Martin Záloha
2016-02-26 10:11 - 2015-11-06 19:53 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-02-26 10:11 - 2015-11-06 19:53 - 00000000 ___SD C:\windows\system32\GWX
2016-02-25 20:04 - 2016-02-07 00:13 - 00000000 ____D C:\Users\Hubert\AppData\Roaming\vlc
2016-02-23 16:52 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-23 16:50 - 2015-05-26 23:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-02-20 20:59 - 2013-08-22 16:36 - 00000000 ___HD C:\windows\ELAMBKUP
2016-02-20 20:44 - 2015-11-11 19:18 - 00000000 ____D C:\Users\Hubert\AppData\Roaming\AVAST Software
2016-02-20 20:44 - 2015-11-11 19:13 - 00000000 ____D C:\ProgramData\AVAST Software
2016-02-20 20:24 - 2015-05-26 22:45 - 00000000 ____D C:\windows\jmesoft
2016-02-20 19:34 - 2013-08-22 16:44 - 00285747 _____ C:\bootmgr
2016-02-19 20:43 - 2016-01-27 20:11 - 00000879 _____ C:\Users\Hubert\Desktop\KMPlayer.lnk
2016-02-19 17:01 - 2015-11-06 20:05 - 00000000 ____D C:\Users\Hubert\AppData\Local\Deployment
2016-02-19 16:24 - 2015-12-18 11:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-17 17:34 - 2015-11-06 21:01 - 00000000 ____D C:\Users\Hubert\Downloads\Ripper Street 1.Serie
2016-02-15 07:24 - 2016-01-07 20:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-14 14:11 - 2015-11-22 10:33 - 00000000 ____D C:\Users\Hubert\Downloads\Audioknihy
2016-02-12 05:13 - 2015-05-26 23:14 - 00000000 ____D C:\windows\System32\Tasks\Lenovo

==================== Files in the root of some directories =======

2015-05-26 22:44 - 2015-05-26 22:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Hubert\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================


Available physical RAM: 3195.99 MB
Total physical RAM: 3988.63 MB
Percentage of memory in use: 19%

==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET Smart Security 9.0.351.2 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus a Antispyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 9.0.351.2 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
AS: McAfee Anti-Virus a Antispyware (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
FW: McAfee Firewall (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Hubert\Desktop" je 90383 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Hubert (administrator) on HUBERT (13-03-2016 19:59:32)
Running from C:\Users\Hubert\Desktop
Loaded Profiles: Hubert (Available Profiles: Hubert)
Platform: Windows 8.1 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
() C:\Windows\jmesoft\Service.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
() C:\Windows\jmesoft\JME_LOAD.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSYNC.EXE
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(forum.viry.cz) C:\Users\Hubert\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo)
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\MountPoints2: {52bc56ca-04a9-11e5-825c-806e6f6e6963} - "Explorer.exe" monitor.htm
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\MountPoints2: {5c93f1a5-855c-11e5-8262-b8aeed9b7871} - "E:\Launcher.exe"
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\MountPoints2: {5c93f1ab-855c-11e5-8262-b8aeed9b7871} - "G:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\MountPoints2: {83dc61f2-8ba1-11e5-8268-b8aeed9b7871} - "E:\Launcher.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\Users\Hubert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KooBits 4.lnk [2016-02-01]
ShortcutTarget: KooBits 4.lnk -> C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\Parameters: [NameServer] 82.163.143.171 82.163.142.173
Tcpip\..\Interfaces\{1FF38049-A0DB-4132-BD26-852F7FEC605C}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
URLSearchHook: [S-1-5-21-416052096-752880450-10621532-1001] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope {7765FA40-9EF3-49EA-A705-FE7AF4CBD466} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-02-05] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Filter: application/x-mfe-ipt - No CLSID Value

FireFox:
========
FF ProfilePath: C:\Users\Hubert\AppData\Roaming\Mozilla\Firefox\Profiles\n3uguvu9.default
FF NewTab:
FF SelectedSearchEngine: Default
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-02-04] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Hubert\AppData\Roaming\Mozilla\Firefox\Profiles\n3uguvu9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]

Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-13]
CHR Extension: (Dokumenty Google) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-13]
CHR Extension: (Disk Google) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-13]
CHR Extension: (YouTube) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-13]
CHR Extension: (Tabulky Google) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-13]
CHR Extension: (AdBlock) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-21]
CHR Extension: (Avast Online Security) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-03-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-13]
CHR Extension: (Gmail) - C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-13]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2804976 2016-02-04] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2522616 2015-11-20] (ESET)
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-17] () [File not signed]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [619776 2014-12-06] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-12-02] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.)
S4 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-10-08] ()
R2 ssinstall; C:\windows\SysWOW64\ssins.exe [2324216 2015-12-17] (PS Media s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
S3 McODS; "C:\ProgramData\McAfee\Update\Installs\pkg_default\Download_Files\default\vso\vso_li_cat\%VSINSTALL_DIR64%\mcods.exe" [X]
S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe" [X]
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-11-08] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [263528 2015-11-20] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2015-11-20] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2015-11-20] (ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [142976 2015-11-20] (ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [206312 2015-11-20] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [52872 2015-11-20] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [69840 2015-11-20] (ESET)
S2 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-02-20] ()
S2 EsgScanner; C:\Windows\SysWOW64\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
R3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [103656 2013-10-21] (GenesysLogic)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-20] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3071704 2014-02-07] (Realtek Semiconductor Corporation )
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-02] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-13 19:59 - 2016-03-13 19:59 - 00015020 _____ C:\Users\Hubert\Desktop\FRST.txt
2016-03-13 19:58 - 2016-03-13 19:58 - 00044301 _____ C:\Users\Hubert\Desktop\FRST3.txt
2016-03-13 17:45 - 2016-03-13 17:48 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-13 17:45 - 2016-03-13 17:43 - 01527296 _____ C:\Users\Hubert\Desktop\adwcleaner_5.102.exe
2016-03-13 12:30 - 2016-03-13 19:59 - 00000000 ____D C:\FRST
2016-03-13 12:23 - 2016-03-13 10:36 - 02374144 _____ (Farbar) C:\Users\Hubert\Desktop\FRST64.exe
2016-03-13 12:23 - 2016-03-13 10:36 - 00112640 _____ (forum.viry.cz) C:\Users\Hubert\Desktop\FRSTLauncher.exe
2016-03-12 22:52 - 2016-03-13 12:10 - 00042495 _____ C:\spyhunter.fix
2016-03-12 22:52 - 2016-02-20 19:34 - 00285747 _____ C:\shldr
2016-03-12 22:52 - 2016-02-20 19:34 - 00008192 _____ C:\shldr.mbr
2016-03-12 21:58 - 2016-03-12 21:58 - 00002309 _____ C:\Users\Hubert\Desktop\SpyHunter.lnk
2016-03-12 21:58 - 2016-03-12 21:58 - 00000000 ____D C:\Users\Hubert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2016-03-12 21:58 - 2016-03-12 21:58 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2016-03-12 21:57 - 2016-03-12 21:58 - 00000000 ____D C:\windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP
2016-03-09 19:01 - 2016-02-20 16:45 - 01373184 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-03-09 19:01 - 2016-02-20 16:45 - 01168896 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-03-09 19:01 - 2016-02-20 16:45 - 00696832 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-03-09 19:01 - 2016-02-20 16:45 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-03-09 19:01 - 2016-02-20 16:45 - 00499200 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-03-09 19:01 - 2016-02-20 16:45 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-03-09 19:01 - 2016-02-08 22:05 - 20352512 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-03-09 19:01 - 2016-02-08 21:39 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-03-09 19:01 - 2016-02-08 21:34 - 02280448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-03-09 19:01 - 2016-02-08 21:29 - 00099328 _____ (Microsoft Corporation) C:\windows\SysWOW64\hlink.dll
2016-03-09 19:01 - 2016-02-08 21:28 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-03-09 19:01 - 2016-02-08 21:10 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-03-09 19:01 - 2016-02-08 21:07 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2016-03-09 19:01 - 2016-02-08 21:05 - 25816576 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-03-09 19:01 - 2016-02-08 21:03 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-03-09 19:01 - 2016-02-08 21:02 - 13012480 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-03-09 19:01 - 2016-02-08 21:02 - 00687104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-03-09 19:01 - 2016-02-08 21:01 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-03-09 19:01 - 2016-02-08 20:43 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-03-09 19:01 - 2016-02-08 20:39 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-03-09 19:01 - 2016-02-08 20:38 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-03-09 19:01 - 2016-02-08 19:27 - 02887680 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-03-09 19:01 - 2016-02-08 19:26 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-03-09 19:01 - 2016-02-08 19:16 - 06052352 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-03-09 19:01 - 2016-02-08 19:14 - 00108544 _____ (Microsoft Corporation) C:\windows\system32\hlink.dll
2016-03-09 19:01 - 2016-02-08 19:13 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-03-09 19:01 - 2016-02-08 18:51 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-03-09 19:01 - 2016-02-08 18:42 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2016-03-09 19:01 - 2016-02-08 18:37 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-03-09 19:01 - 2016-02-08 18:34 - 00798720 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-03-09 19:01 - 2016-02-08 18:33 - 14613504 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-03-09 19:01 - 2016-02-08 18:33 - 02123264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-03-09 19:01 - 2016-02-08 18:19 - 02597376 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-03-09 19:01 - 2016-02-08 18:15 - 02880000 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2016-03-09 19:01 - 2016-02-08 18:07 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-03-09 19:01 - 2016-02-08 17:55 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-03-09 19:01 - 2016-02-05 20:06 - 00046768 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-03-09 19:01 - 2016-01-06 19:25 - 00416768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2016-03-09 19:01 - 2015-12-30 22:53 - 02017624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2016-03-09 19:00 - 2016-02-12 20:14 - 00136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2016-03-09 19:00 - 2016-02-12 16:14 - 03708416 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-03-09 19:00 - 2016-02-12 15:55 - 00409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2016-03-09 19:00 - 2016-02-12 15:54 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2016-03-09 19:00 - 2016-02-12 15:54 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2016-03-09 19:00 - 2016-02-12 15:54 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2016-03-09 19:00 - 2016-02-12 15:51 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2016-03-09 19:00 - 2016-02-12 15:51 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2016-03-09 19:00 - 2016-02-12 15:51 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2016-03-09 19:00 - 2016-02-12 15:48 - 02244096 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2016-03-09 19:00 - 2016-02-12 15:47 - 00897024 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2016-03-09 19:00 - 2016-02-12 15:46 - 00726528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2016-03-09 19:00 - 2016-02-11 15:21 - 00869576 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll
2016-03-09 19:00 - 2016-02-11 15:21 - 00678600 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll
2016-03-09 19:00 - 2016-02-11 15:20 - 00875720 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2016-03-09 19:00 - 2016-02-11 15:20 - 00536776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp120_clr0400.dll
2016-03-09 19:00 - 2016-02-06 19:08 - 00031744 _____ (Microsoft Corporation) C:\windows\system32\seclogon.dll
2016-03-09 19:00 - 2016-02-06 17:58 - 00987648 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-03-09 19:00 - 2016-02-06 17:32 - 00801792 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-03-09 19:00 - 2016-02-05 20:07 - 00292696 _____ (Microsoft Corporation) C:\windows\system32\WMASF.DLL
2016-03-09 19:00 - 2016-02-05 20:07 - 00243032 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMASF.DLL
2016-03-09 19:00 - 2016-02-05 16:03 - 15432704 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2016-03-09 19:00 - 2016-02-05 16:00 - 13318144 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2016-03-09 19:00 - 2016-02-05 15:59 - 07784960 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2016-03-09 19:00 - 2016-02-05 15:55 - 05264384 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 19:00 - 2016-02-05 15:48 - 07075840 _____ (Microsoft Corporation) C:\windows\system32\glcndFilter.dll
2016-03-09 19:00 - 2016-02-05 15:47 - 05268480 _____ (Microsoft Corporation) C:\windows\SysWOW64\glcndFilter.dll
2016-03-09 19:00 - 2016-02-04 19:18 - 04174336 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-03-09 19:00 - 2016-02-04 19:18 - 00358912 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-03-09 19:00 - 2016-02-04 19:12 - 00044032 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-03-09 19:00 - 2016-02-04 18:44 - 00301568 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-03-09 19:00 - 2016-02-04 18:39 - 00035840 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-03-09 19:00 - 2016-02-03 21:37 - 01661576 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-03-09 19:00 - 2016-02-03 21:36 - 01212248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-03-09 19:00 - 2016-02-03 16:09 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll
2016-03-09 19:00 - 2016-02-03 16:00 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
2016-03-09 19:00 - 2016-02-03 16:00 - 00077824 _____ (Microsoft Corporation) C:\windows\SysWOW64\asycfilt.dll
2016-03-09 19:00 - 2016-01-31 20:16 - 00148832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2016-03-09 19:00 - 2016-01-24 19:19 - 00419160 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2016-03-09 19:00 - 2016-01-24 19:19 - 00378712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2016-03-09 19:00 - 2016-01-24 19:19 - 00331608 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2016-03-09 19:00 - 2016-01-24 12:57 - 01335296 _____ (Microsoft Corporation) C:\windows\system32\mispace.dll
2016-03-09 19:00 - 2016-01-24 12:45 - 01063424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mispace.dll
2016-03-09 19:00 - 2016-01-10 17:41 - 01707008 _____ (Microsoft Corporation) C:\windows\system32\comsvcs.dll
2016-03-09 19:00 - 2016-01-10 17:31 - 01344512 _____ (Microsoft Corporation) C:\windows\SysWOW64\comsvcs.dll
2016-03-09 19:00 - 2016-01-09 02:49 - 00218448 _____ (Microsoft Corporation) C:\windows\system32\rsaenh.dll
2016-03-09 19:00 - 2016-01-09 02:49 - 00192120 _____ (Microsoft Corporation) C:\windows\SysWOW64\rsaenh.dll
2016-03-09 19:00 - 2016-01-09 02:38 - 00091992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2016-03-09 19:00 - 2016-01-07 00:46 - 00148752 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscapi.dll
2016-03-09 19:00 - 2016-01-07 00:45 - 00177712 _____ (Microsoft Corporation) C:\windows\system32\wscapi.dll
2016-03-09 19:00 - 2016-01-06 17:47 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\wscsvc.dll
2016-03-09 19:00 - 2015-12-30 21:49 - 00470360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2016-03-09 19:00 - 2015-12-20 15:57 - 00839168 _____ (Microsoft Corporation) C:\windows\system32\netlogon.dll
2016-03-09 19:00 - 2015-12-20 15:43 - 00696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\netlogon.dll
2016-03-09 19:00 - 2015-11-19 15:33 - 00994760 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2016-03-09 19:00 - 2015-11-19 15:26 - 00922432 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2016-03-09 18:59 - 2016-02-04 18:24 - 00603648 _____ (Microsoft Corporation) C:\windows\system32\mfds.dll
2016-03-09 18:59 - 2016-02-04 18:02 - 00483328 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfds.dll
2016-03-09 18:59 - 2016-01-15 17:56 - 02487296 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2016-03-09 18:59 - 2016-01-15 17:45 - 01482240 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2016-03-09 18:59 - 2016-01-05 16:00 - 00570880 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2016-03-09 18:59 - 2015-12-20 15:56 - 00616960 _____ (Microsoft Corporation) C:\windows\system32\msra.exe
2016-03-05 20:10 - 2016-03-05 20:10 - 00000043 _____ C:\Users\Hubert\Desktop\Ulož.to.url
2016-03-04 05:34 - 2016-03-04 05:34 - 00290013 _____ C:\Users\Hubert\Downloads\Pavouci-sit---Niedl,-Frantisek.epub
2016-03-03 20:44 - 2016-03-03 20:59 - 455268589 _____ C:\Users\Hubert\Downloads\Nepotvrzeno 811143.crdownload
2016-03-03 17:49 - 2016-03-03 17:49 - 00147109 _____ C:\Users\Hubert\Downloads\cenik_2016-03-03.html
2016-02-28 11:10 - 2016-02-28 11:58 - 1627216117 _____ C:\Users\Hubert\Downloads\Vladimír-Neff---Královny-nemají-nohy-1.díl-trilogie-(čte-Jan-Hyhlík-2002).rar
2016-02-27 20:24 - 2016-02-27 20:50 - 364902400 _____ C:\Users\Hubert\Downloads\The-Blacklist-S03E15-cz.tit..avi
2016-02-27 13:34 - 2016-02-27 13:38 - 43828448 _____ C:\Users\Hubert\Downloads\Seznam.cz.exe
2016-02-26 15:23 - 2016-02-26 16:02 - 721564890 _____ C:\Users\Hubert\Downloads\Most-3-9.díl-CZ-titulky.avi
2016-02-26 15:23 - 2016-02-26 15:57 - 480710528 _____ C:\Users\Hubert\Downloads\Most-3-10.díl-CZ-titulky.avi
2016-02-26 15:23 - 2016-02-26 15:56 - 430083182 _____ C:\Users\Hubert\Downloads\Most-3-8.díl-CZ-titulky.avi
2016-02-25 20:23 - 2016-02-25 20:23 - 00000000 ____D C:\Users\Hubert\Tracing
2016-02-25 20:22 - 2016-03-01 15:16 - 00000000 ____D C:\Users\Hubert\AppData\Roaming\Skype
2016-02-25 20:22 - 2016-03-01 15:16 - 00000000 ____D C:\ProgramData\Skype
2016-02-25 20:21 - 2016-02-25 20:21 - 01503872 _____ (Skype Technologies S.A.) C:\Users\Hubert\Downloads\SkypeSetup (1).exe
2016-02-25 20:21 - 2016-02-25 20:21 - 00003136 _____ C:\windows\System32\Tasks\{42CB0D8C-E593-4B6A-80B9-7AFC05A36368}
2016-02-25 20:20 - 2016-02-25 20:20 - 01503872 _____ (Skype Technologies S.A.) C:\Users\Hubert\Downloads\SkypeSetup.exe
2016-02-25 14:49 - 2016-02-25 15:00 - 462190856 _____ C:\Users\Hubert\Downloads\Most-3-7.díl-CZ-titulky.avi
2016-02-25 14:48 - 2016-02-25 15:00 - 462565644 _____ C:\Users\Hubert\Downloads\Most-3-5.díl-CZ-titulky.avi
2016-02-25 14:48 - 2016-02-25 14:58 - 448959322 _____ C:\Users\Hubert\Downloads\Most-3-6.díl-CZ-titulky.avi
2016-02-25 14:48 - 2016-02-25 14:58 - 422238998 _____ C:\Users\Hubert\Downloads\Most-3-4.díl-CZ-titulky.avi
2016-02-24 20:48 - 2016-02-24 20:53 - 434253402 _____ C:\Users\Hubert\Downloads\Most-3-2.díl-CZ-titulky.avi
2016-02-24 15:14 - 2016-02-24 15:35 - 2061885947 _____ C:\Users\Hubert\Downloads\Peaky-Blinders-–-Gangy-z-Birminghamu-S01E02-FullHD-CZ-EN-dabing-2014-by-Pretorian.mkv
2016-02-24 15:14 - 2016-02-24 15:22 - 617580719 _____ C:\Users\Hubert\Downloads\Peaky-Blinders-–-Gangy-z-Birminghamu-S01E01-CZ-dabing-2014-by-Pretorian.mkv
2016-02-21 12:35 - 2016-02-21 12:35 - 00000000 ____D C:\_OTM
2016-02-21 12:34 - 2016-02-21 12:34 - 00522240 _____ (OldTimer Tools) C:\Users\Hubert\Downloads\OTM.exe
2016-02-21 12:30 - 2016-02-21 12:30 - 00005892 _____ C:\Users\Hubert\Desktop\AdwCleaner[C1].txt
2016-02-21 12:20 - 2016-02-21 12:28 - 00000000 ____D C:\AdwCleaner
2016-02-21 12:19 - 2016-02-21 12:19 - 01511424 _____ C:\Users\Hubert\Downloads\adwcleaner_5.035.exe
2016-02-20 20:58 - 2016-02-20 20:58 - 00002054 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2016-02-20 20:58 - 2016-02-20 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-02-20 20:58 - 2016-02-20 20:58 - 00000000 ____D C:\ProgramData\ESET
2016-02-20 20:58 - 2016-02-20 20:58 - 00000000 ____D C:\Program Files\ESET
2016-02-20 20:40 - 2016-02-20 20:40 - 02861880 _____ (ESET) C:\Users\Hubert\Downloads\eset_smart_security_live_installer_.exe
2016-02-20 20:02 - 2016-02-20 20:35 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-20 20:01 - 2016-02-20 20:02 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-20 20:01 - 2016-02-20 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-20 20:01 - 2016-02-20 20:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-20 20:01 - 2016-02-20 20:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-20 20:01 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-02-20 20:01 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-02-20 20:01 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-02-20 20:00 - 2016-02-20 20:00 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Hubert\Downloads\mbam-setup-2.1.4.1018.exe
2016-02-20 19:45 - 2016-02-20 19:45 - 00001287 _____ C:\Users\Hubert\Desktop\Revo Uninstaller.lnk
2016-02-20 19:45 - 2016-02-20 19:45 - 00000000 ____D C:\Users\Hubert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-02-20 19:45 - 2016-02-20 19:45 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-02-20 19:44 - 2016-02-20 19:44 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Hubert\Downloads\revosetup.exe
2016-02-20 19:34 - 2016-03-12 21:58 - 00003338 _____ C:\windows\System32\Tasks\SpyHunter4Startup
2016-02-20 19:33 - 2016-02-20 19:34 - 00000000 ____D C:\sh4ldr
2016-02-20 19:33 - 2016-02-20 19:33 - 00022704 _____ C:\windows\system32\Drivers\EsgScanner.sys
2016-02-20 19:33 - 2016-02-20 19:33 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-02-20 19:32 - 2016-02-20 19:32 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Hubert\Downloads\SpyHunter-Installer (1).exe
2016-02-20 14:11 - 2016-02-20 14:11 - 05207096 _____ (AVAST Software) C:\Users\Hubert\Downloads\avast_free_antivirus_setup_online.exe
2016-02-19 21:02 - 2015-12-09 04:39 - 00301728 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2016-02-19 20:57 - 2016-02-19 20:57 - 02861880 _____ (ESET) C:\Users\Hubert\Downloads\eset_nod32_antivirus_live_installer_.exe
2016-02-19 19:00 - 2016-02-19 23:19 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-02-19 19:00 - 2016-02-19 19:00 - 00000000 ____D C:\Users\Hubert\AppData\Roaming\TeamViewer
2016-02-19 18:59 - 2016-02-19 19:00 - 09789392 _____ (TeamViewer GmbH) C:\Users\Hubert\Downloads\TeamViewer_Setup_cs.exe
2016-02-19 16:58 - 2016-02-19 16:58 - 00009728 ___SH C:\Users\Hubert\Desktop\Thumbs.db
2016-02-19 16:20 - 2016-03-04 18:18 - 00000000 ____D C:\ProgramData\a9bfe22
2016-02-19 11:05 - 2016-02-19 11:05 - 00027235 _____ C:\Users\Hubert\Downloads\The.Big.Bang.Theory.S09E15.HDTV.x264-LOL.srt
2016-02-17 20:26 - 2016-02-17 20:26 - 379735606 _____ C:\Users\Hubert\Downloads\The-Blacklist-S03E14---CZ-titulky,-1176620 (1).avi
2016-02-17 20:18 - 2016-02-17 20:23 - 379735606 _____ C:\Users\Hubert\Downloads\The-Blacklist-S03E14---CZ-titulky,-1176620.avi
2016-02-17 18:41 - 2016-02-17 18:41 - 00285889 _____ C:\Users\Hubert\Downloads\Platner---Niedl,-Frantisek.epub
2016-02-17 17:27 - 2016-02-17 17:33 - 691248394 _____ C:\Users\Hubert\Downloads\Most.01x03.DVB-T.CZ.avi
2016-02-16 19:25 - 2016-02-16 19:25 - 00309698 _____ C:\Users\Hubert\Downloads\pisecka-cetnicka-patracka.www.palmknihy.cz.159985.epub
2016-02-16 17:39 - 2016-02-16 17:39 - 00352991 _____ C:\Users\Hubert\Downloads\Krajina-nocnich-jezdcu---Niedl,-Frantisek.epub
2016-02-14 13:40 - 2016-02-14 13:46 - 712721468 _____ C:\Users\Hubert\Downloads\Babička-pozdravuje-a-omlouvá-se-2015-MP3.rar
2016-02-13 22:22 - 2016-02-13 22:22 - 00294745 _____ C:\Users\Hubert\Downloads\Navrat-mistra---Niedl,-Frantisek.epub

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-13 19:55 - 2016-01-06 16:36 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-03-13 18:00 - 2015-11-06 20:00 - 00003592 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-416052096-752880450-10621532-1001
2016-03-13 17:50 - 2015-11-06 20:02 - 00000000 ___DO C:\Users\Hubert\OneDrive
2016-03-13 17:49 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-03-13 17:49 - 2013-08-22 14:25 - 00262144 ___SH C:\windows\system32\config\BBI
2016-03-13 17:48 - 2015-11-07 17:34 - 00000000 ____D C:\Users\Hubert\AppData\Local\Steam
2016-03-13 12:43 - 2013-08-22 16:36 - 00000000 ____D C:\windows\rescache
2016-03-13 12:26 - 2015-05-26 23:29 - 00738666 _____ C:\windows\system32\perfh005.dat
2016-03-13 12:26 - 2015-05-26 23:29 - 00151408 _____ C:\windows\system32\perfc005.dat
2016-03-13 12:26 - 2014-03-18 10:53 - 01745984 _____ C:\windows\system32\PerfStringBackup.INI
2016-03-13 12:26 - 2013-08-22 14:36 - 00000000 ____D C:\windows\Inf
2016-03-12 21:53 - 2013-08-22 16:36 - 00000000 ____D C:\windows\AppReadiness
2016-03-12 13:40 - 2015-11-14 22:06 - 00003094 _____ C:\windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-416052096-752880450-10621532-1001
2016-03-11 15:21 - 2015-11-11 16:07 - 00000000 ____D C:\windows\system32\appraiser
2016-03-11 15:21 - 2015-11-06 19:52 - 00000000 ____D C:\Users\Hubert
2016-03-11 12:38 - 2013-08-22 16:20 - 00000000 ____D C:\windows\CbsTemp
2016-03-11 11:55 - 2016-01-06 16:36 - 00003802 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-03-11 11:43 - 2016-01-31 22:04 - 00000000 ____D C:\Users\Hubert\AppData\Local\ElevatedDiagnostics
2016-03-11 11:29 - 2013-08-22 15:44 - 00483288 _____ C:\windows\system32\FNTCACHE.DAT
2016-03-09 19:11 - 2015-11-09 01:53 - 00000000 ____D C:\windows\system32\MRT
2016-03-09 19:04 - 2015-11-09 01:53 - 143659408 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-03-09 18:58 - 2015-12-09 10:33 - 00718336 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-03-09 18:58 - 2015-12-09 10:33 - 00372224 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-03-09 18:58 - 2015-12-09 10:33 - 00325632 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-03-09 18:56 - 2015-12-26 14:48 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-08 16:37 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-08 08:00 - 2015-11-11 16:21 - 00829944 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:00 - 2015-11-11 16:21 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-07 21:41 - 2015-11-06 20:06 - 00000000 ____D C:\Program Files (x86)\Google
2016-03-04 05:23 - 2015-11-21 18:06 - 00000000 ____D C:\Users\Hubert\AppData\Roaming\AIMP3
2016-03-01 18:01 - 2015-11-19 18:06 - 00000000 ____D C:\Program Files (x86)\FastShare
2016-03-01 17:13 - 2015-12-05 09:00 - 00000000 ____D C:\Users\Hubert\Desktop\Stahování
2016-02-28 19:40 - 2015-11-11 09:08 - 00369152 ___SH C:\Users\Hubert\Downloads\Thumbs.db
2016-02-28 17:31 - 2015-12-23 19:31 - 00000000 ____D C:\Users\Hubert\Desktop\Martin Záloha
2016-02-26 10:11 - 2015-11-06 19:53 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-02-26 10:11 - 2015-11-06 19:53 - 00000000 ___SD C:\windows\system32\GWX
2016-02-25 20:04 - 2016-02-07 00:13 - 00000000 ____D C:\Users\Hubert\AppData\Roaming\vlc
2016-02-23 16:52 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-23 16:50 - 2015-05-26 23:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-02-20 20:59 - 2013-08-22 16:36 - 00000000 ___HD C:\windows\ELAMBKUP
2016-02-20 20:44 - 2015-11-11 19:18 - 00000000 ____D C:\Users\Hubert\AppData\Roaming\AVAST Software
2016-02-20 20:44 - 2015-11-11 19:13 - 00000000 ____D C:\ProgramData\AVAST Software
2016-02-20 20:24 - 2015-05-26 22:45 - 00000000 ____D C:\windows\jmesoft
2016-02-20 19:34 - 2013-08-22 16:44 - 00285747 _____ C:\bootmgr
2016-02-19 20:43 - 2016-01-27 20:11 - 00000879 _____ C:\Users\Hubert\Desktop\KMPlayer.lnk
2016-02-19 17:01 - 2015-11-06 20:05 - 00000000 ____D C:\Users\Hubert\AppData\Local\Deployment
2016-02-19 16:24 - 2015-12-18 11:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-17 17:34 - 2015-11-06 21:01 - 00000000 ____D C:\Users\Hubert\Downloads\Ripper Street 1.Serie
2016-02-15 07:24 - 2016-01-07 20:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-14 14:11 - 2015-11-22 10:33 - 00000000 ____D C:\Users\Hubert\Downloads\Audioknihy
2016-02-12 05:13 - 2015-05-26 23:14 - 00000000 ____D C:\windows\System32\Tasks\Lenovo

==================== Files in the root of some directories =======

2015-05-26 22:44 - 2015-05-26 22:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Hubert\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-11 11:42

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Windows8_OS) (Fixed) (Total:905.25 GB) (Free:675.75 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (KRISTINA FD) (Removable) (Total:14.51 GB) (Free:10.35 GB) FAT32

Available physical RAM: 3188.66 MB
Total physical RAM: 3988.63 MB
Percentage of memory in use: 20%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 931.5 GB) (Disk ID: B0C8CC5D)
Disk: 1 (Size: 14.5 GB) (Disk ID: 5331F1B0)
Partition 1: (Not Active) - (Size=14.5 GB) - (Type=0C)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET Smart Security 9.0.351.2 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus a Antispyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 9.0.351.2 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
AS: McAfee Anti-Virus a Antispyware (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
FW: McAfee Firewall (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Hubert\Desktop" je 90383 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\MountPoints2: {52bc56ca-04a9-11e5-825c-806e6f6e6963} - "Explorer.exe" monitor.htm
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\MountPoints2: {5c93f1a5-855c-11e5-8262-b8aeed9b7871} - "E:\Launcher.exe"
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\MountPoints2: {5c93f1ab-855c-11e5-8262-b8aeed9b7871} - "G:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-416052096-752880450-10621532-1001\...\MountPoints2: {83dc61f2-8ba1-11e5-8268-b8aeed9b7871} - "E:\Launcher.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShortcutTarget: KooBits 4.lnk -> C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe (No File)
URLSearchHook: [S-1-5-21-416052096-752880450-10621532-1001] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope {7765FA40-9EF3-49EA-A705-FE7AF4CBD466} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Filter: application/x-mfe-ipt - No CLSID Value
FF NewTab:
C:\windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP
C:\ProgramData\DP45977C.lfl
C:\Users\Hubert\AppData\Local\Temp
End

Z logu:

Velikost slozky "C:\Users\Hubert\Desktop" je 90383 MB.

To je příliš mnoho a může to zpomalovat start systému. Vytvořte v C:\Users\Hubert novou složka a přesuňte do ni všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.

[KrteCzech]

Tak udělal jsem vše dle návodu, co dál ?

[Rudy]

Ještě spusťte MBAM: http://www.malwarebytes.org/mbam.php . Udělejte kompletní sken, dejte log a předem nic nemažte.

[KrteCzech]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 13. 3. 2016
Čas skenování: 22:51
Protokol: mbam - scan.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.03.13.04
Databáze rootkitů: v2016.03.12.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Hubert

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 339784
Uplynulý čas: 14 min, 21 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4C6A9B8E-FBAC-4432-95A7-05F21A919F6F}, , [02464c3b306995a18b1ac1c28480748c],

Hodnoty registru: 1
PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4C6A9B8E-FBAC-4432-95A7-05F21A919F6F}|Path, \One System Care Run Delay, , [02464c3b306995a18b1ac1c28480748c]

Data registru: 1
Trojan.DNSChanger.DNSRst, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, 82.163.143.171 82.163.142.173, Dobré: (8.8.8.8), Špatné: (82.163.143.171 82.163.142.173),,[f4545136683159ddef31d83eee1712ee]

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 2
PUP.Optional.CrossRider, C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage, , [a3a52f585a3fb97d404baeced52fe11f],
PUP.Optional.CrossRider, C:\Users\Hubert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal, , [9eaa246319808ea84942126a46be8f71],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[KrteCzech]

Tady je log, držím se pokynů, po skenu nic nemažu.

[KrteCzech]

Tak co můžu udělat dále, nic jsem na tom počítači od včerejška, kde jsme přestali, nedělal.