Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

jak mam odstranit viry z pc?

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
jirka.358
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 29 srp 2016 16:52

jak mam odstranit viry z pc?

#1 Příspěvek od jirka.358 »

dobry den chtel bych poradit jak odstranit viry nebo co udelat s pc aby mi pořad nepadaly soubory + začal padat i windows.
Před tím jsem to nejak neřešil až dnes kdy se mi začal nekdo dostavat do her,emailu a mnenit mi hesla a odstranovat fotky a
a spomalovat pc při restartu než se nastartuje tak to strašne dlouho trva nekdy to i při přihlašovaní do windows spadne.
Snad jste se v tom vyznali a z me gramatiky vam nevypdali vlasy.. budu rad za rychlou odpoved :)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: jak mam odstranit viry z pc?

#2 Příspěvek od Rudy »

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
jirka.358
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 29 srp 2016 16:52

Re: jak mam odstranit viry z pc?

#3 Příspěvek od jirka.358 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jiří at 2016-09-01 22:52:28
Microsoft Windows 8.1
System drive C: has 81 GB (54%) free of 149 GB
Total RAM: 3912 MB (25% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:52:40, on 1. 9. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jiří.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = search.mpc.am
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = search.mpc.am
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = search.mpc.am
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = search.mpc.am
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: Dashlane BHO - {42D79B50-CC4A-4A8E-860F-BE674AF053A2} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - (no file)
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - Startup: Sound Booster.lnk = C:\Program Files (x86)\Letasoft Sound Booster\SoundBooster.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe
O23 - Service: MPC Core Protect Service (MPCProtectService) - DotC United Inc - C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SuperBoost Software Updater (sgbupt) - SuperBoost Software - C:\Program Files (x86)\SuperBoost\SuperBoost Software Updater\SuperBoostUpdater.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7966 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {33ef478a-f92f-43da-b6dfb7d76dc05f76}
"C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe"
C:\WINDOWS\SysWOW64\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe" -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" search.mpc.am
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=52.0.2743.116 --handshake-handle=0x144
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6616.0.1048796918\728517812" --mojo-application-channel-token=F7A6AF1974D69E9B5F1D175360D75E36 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/DisallowFetchForDocWrittenScriptsInMainFrame/Control/EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_99/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/NoChecks/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,12,13,27,47,55 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4229 --gpu-driver-date=5-28-2015 --mojo-platform-channel-handle=1248 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Control/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_99/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=8F57C490EBDECA7A93F0F061F8904F02 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=ED97318AA3B9227CADEE8AE51DD99744 --mojo-application-channel-token=0EF6F15D77109BAD2746CE610B259BF0 --channel="6616.3.2111334250\1004402150" --mojo-platform-channel-handle=3264 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Control/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_99/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=FDF2864A89FE95984C16A1BE102E86F5 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=6C8D71FC278FE465DDC717C7B928E1E5 --mojo-application-channel-token=5537F9B3AFCEB28CA04748BF1309B22F --channel="6616.4.979096509\397462173" --mojo-platform-channel-handle=3272 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Control/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_99/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=A85D370B014583D275C881B0351D2269 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=7BE2D01B9DB3C9466FC1A775AFD8EC89 --mojo-application-channel-token=BD03B75F57FF1D49D050862A2DE7C582 --channel="6616.7.1521346654\1012299313" --mojo-platform-channel-handle=3928 /prefetch:1

"C:\Program Files\Java\jre1.8.0_101\bin\javaw.exe" -Xms256m -Xmx512m -jar "C:\Users\Jiří\AppData\Roaming\.minecraft\minecraft launcher\Minecraft Launcher.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Control/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_99/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=0A57896A995A3CB347E3614D1B3F0A12 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=C049D9A8C6EC30E7F2142EF8B485F5E0 --mojo-application-channel-token=EA1C9988F32E8FDE0834DBD1C8F923DD --channel="6616.29.479825034\390398387" --mojo-platform-channel-handle=8796 /prefetch:1
"C:\Program Files\Java\jre1.8.0_101\bin\javaw.exe" -XX:HeapDumpPath=MojangTricksIntelDriversForPerformance_javaw.exe_minecraft.exe.heapdump -Xmx1G -XX:+UseConcMarkSweepGC -XX:+CMSIncrementalMode -XX:-UseAdaptiveSizePolicy -Xmn128M -Djava.library.path=C:\Users\Jiří\AppData\Roaming\.minecraft\versions\1.8.8-OptiFine_HD_U_G9\1.8.8-OptiFine_HD_U_G9-natives-235486600883760 -cp C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\optifine\OptiFine\1.8.8_HD_U_G9\OptiFine-1.8.8_HD_U_G9.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\net\minecraft\launchwrapper\1.7\launchwrapper-1.7.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\mojang\netty\1.6\netty-1.6.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\oshi-project\oshi-core\1.1\oshi-core-1.1.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\net\java\dev\jna\jna\3.4.0\jna-3.4.0.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\net\java\dev\jna\platform\3.4.0\platform-3.4.0.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\ibm\icu\icu4j-core-mojang\51.2\icu4j-core-mojang-51.2.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\net\sf\jopt-simple\jopt-simple\4.6\jopt-simple-4.6.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\paulscode\codecjorbis\20101023\codecjorbis-20101023.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\paulscode\codecwav\20101023\codecwav-20101023.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\paulscode\libraryjavasound\20101123\libraryjavasound-20101123.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\paulscode\librarylwjglopenal\20100824\librarylwjglopenal-20100824.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\paulscode\soundsystem\20120107\soundsystem-20120107.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\io\netty\netty-all\4.0.23.Final\netty-all-4.0.23.Final.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\google\guava\guava\17.0\guava-17.0.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\org\apache\commons\commons-lang3\3.3.2\commons-lang3-3.3.2.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\commons-io\commons-io\2.4\commons-io-2.4.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\commons-codec\commons-codec\1.9\commons-codec-1.9.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\net\java\jinput\jinput\2.0.5\jinput-2.0.5.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\net\java\jutils\jutils\1.0.0\jutils-1.0.0.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\google\code\gson\gson\2.2.4\gson-2.2.4.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\mojang\authlib\1.5.21\authlib-1.5.21.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\mojang\realms\1.7.39\realms-1.7.39.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\org\apache\commons\commons-compress\1.8.1\commons-compress-1.8.1.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\org\apache\httpcomponents\httpclient\4.3.3\httpclient-4.3.3.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\commons-logging\commons-logging\1.1.3\commons-logging-1.1.3.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\org\apache\httpcomponents\httpcore\4.3.2\httpcore-4.3.2.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\org\apache\logging\log4j\log4j-api\2.0-beta9\log4j-api-2.0-beta9.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\org\apache\logging\log4j\log4j-core\2.0-beta9\log4j-core-2.0-beta9.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\org\lwjgl\lwjgl\lwjgl\2.9.4-nightly-20150209\lwjgl-2.9.4-nightly-20150209.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\org\lwjgl\lwjgl\lwjgl_util\2.9.4-nightly-20150209\lwjgl_util-2.9.4-nightly-20150209.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\tv\twitch\twitch\6.5\twitch-6.5.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\versions\1.8.8-OptiFine_HD_U_G9\1.8.8-OptiFine_HD_U_G9.jar net.minecraft.launchwrapper.Launch --username xpro --version 1.8.8-OptiFine_HD_U_G9 --gameDir C:\Users\Jiří\AppData\Roaming\.minecraft --assetsDir C:\Users\Jiří\AppData\Roaming\.minecraft\assets --assetIndex 1.8 --uuid 4dcadbc04a4a3ffe9c9c9d74fa9fd34e --accessToken 1337535510N --userProperties {} --userType legacy --tweakClass optifine.OptiFineTweaker
"C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Control/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_99/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=CC4EA47A5309411634BE26FDA5710A2B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=91315508991C8B52829DD45C4AA7B793 --mojo-application-channel-token=EBD7DF588610410872BB976A70F71289 --channel="6616.48.1184264373\1882608868" --mojo-platform-channel-handle=10344 /prefetch:1
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WerFault.exe -u -p 2256 -s 6156
explorer.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe209_ Global\UsGthrCtrlFltPipeMssGthrPipe209 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Users\Jiří\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-20 571456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-09 901600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25 2111616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-20 234560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42D79B50-CC4A-4A8E-860F-BE674AF053A2}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-20 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-09 678656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25 1637504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-20 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{669695BC-A811-4A9D-8CDF-BA8C795F261C}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2015-06-01 411056]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-23 7139256]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2016-06-28 5976864]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe

C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sound Booster.lnk - C:\Program Files (x86)\Letasoft Sound Booster\SoundBooster.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2015-06-01 451584]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2016-08-29 17:40:28 ----D---- C:\ProgramData\ESET
2016-08-29 17:40:28 ----D---- C:\Program Files\ESET
2016-08-29 17:27:54 ----D---- C:\Program Files\trend micro
2016-08-29 17:27:53 ----D---- C:\rsit
2016-08-10 12:41:53 ----D---- C:\.oracle_jre_usage
2016-08-09 20:53:32 ----A---- C:\WINDOWS\system32\sppsvc.exe
2016-08-09 20:53:27 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-09 20:53:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-08-09 20:53:18 ----A---- C:\WINDOWS\system32\shell32.dll
2016-08-09 20:53:15 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-08-09 20:53:11 ----A---- C:\WINDOWS\system32\sppobjs.dll
2016-08-09 20:53:08 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-08-09 20:53:08 ----A---- C:\WINDOWS\system32\crypt32.dll
2016-08-09 20:53:04 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2016-08-09 20:53:02 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2016-08-09 20:53:02 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2016-08-09 20:53:01 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2016-08-09 20:53:00 ----A---- C:\WINDOWS\system32\sppwinob.dll
2016-08-09 20:53:00 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-08-09 20:53:00 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-08-09 20:52:58 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-08-09 20:52:57 ----A---- C:\WINDOWS\system32\winhttp.dll
2016-08-09 20:52:55 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2016-08-09 20:52:55 ----A---- C:\WINDOWS\system32\rpcss.dll
2016-08-09 20:52:55 ----A---- C:\WINDOWS\system32\ole32.dll
2016-08-09 20:52:54 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-08-09 20:52:54 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-08-09 20:52:53 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-08-09 20:52:53 ----A---- C:\WINDOWS\system32\drivers\mup.sys
2016-08-09 20:52:51 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-08-09 20:52:51 ----A---- C:\WINDOWS\system32\drivers\ndiswan.sys
2016-08-09 20:52:48 ----A---- C:\WINDOWS\system32\webio.dll
2016-08-09 20:52:47 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-08-09 20:52:47 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2016-08-09 20:52:47 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2016-08-09 20:52:45 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-08-09 20:52:45 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-08-09 20:52:44 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2016-08-09 20:52:44 ----A---- C:\WINDOWS\system32\wucltux.dll
2016-08-09 20:52:43 ----A---- C:\WINDOWS\system32\tpmvsc.dll
2016-08-09 20:52:43 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2016-08-09 20:52:42 ----A---- C:\WINDOWS\system32\rdpcore.dll
2016-08-09 20:52:41 ----A---- C:\WINDOWS\system32\Windows.Devices.Geolocation.dll
2016-08-09 20:52:41 ----A---- C:\WINDOWS\system32\schannel.dll
2016-08-09 20:52:40 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2016-08-09 20:52:39 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2016-08-09 20:52:39 ----A---- C:\WINDOWS\system32\certutil.exe
2016-08-09 20:52:38 ----A---- C:\WINDOWS\system32\msi.dll
2016-08-09 20:52:32 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2016-08-09 20:52:32 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-08-09 20:52:32 ----A---- C:\WINDOWS\system32\drivers\dumpfve.sys
2016-08-09 20:52:31 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2016-08-09 20:52:31 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2016-08-09 20:52:30 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2016-08-09 20:52:30 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2016-08-09 20:52:29 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2016-08-09 20:52:27 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2016-08-09 20:52:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Geolocation.dll
2016-08-09 20:52:26 ----A---- C:\WINDOWS\system32\LocationApi.dll
2016-08-09 20:52:26 ----A---- C:\WINDOWS\system32\gpresult.exe
2016-08-09 20:52:20 ----A---- C:\WINDOWS\system32\cryptxml.dll
2016-08-09 20:52:19 ----A---- C:\WINDOWS\SYSWOW64\cryptxml.dll
2016-08-09 20:52:15 ----A---- C:\WINDOWS\SYSWOW64\UserAccountBroker.exe
2016-08-09 20:52:15 ----A---- C:\WINDOWS\SYSWOW64\msiexec.exe
2016-08-09 20:52:15 ----A---- C:\WINDOWS\SYSWOW64\LocationApi.dll
2016-08-09 20:52:15 ----A---- C:\WINDOWS\system32\UserAccountBroker.exe
2016-08-09 20:52:15 ----A---- C:\WINDOWS\system32\msiexec.exe
2016-08-09 20:52:14 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-08-09 20:52:13 ----A---- C:\WINDOWS\system32\WebClnt.dll
2016-08-09 20:52:12 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2016-08-09 20:52:11 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2016-08-09 20:52:11 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-08-09 20:52:10 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2016-08-09 20:52:10 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2016-08-09 20:52:09 ----A---- C:\WINDOWS\system32\wfapigp.dll
2016-08-09 20:52:09 ----A---- C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-08-09 20:52:03 ----A---- C:\WINDOWS\system32\hbaapi.dll
2016-08-09 20:52:02 ----A---- C:\WINDOWS\system32\fveapi.dll
2016-08-09 20:51:46 ----A---- C:\WINDOWS\SYSWOW64\wfapigp.dll
2016-08-09 20:51:44 ----A---- C:\WINDOWS\SYSWOW64\gpresult.exe
2016-08-09 20:51:44 ----A---- C:\WINDOWS\system32\bdesvc.dll
2016-08-09 20:51:42 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-08-09 20:51:40 ----A---- C:\WINDOWS\SYSWOW64\hbaapi.dll
2016-08-09 20:51:39 ----A---- C:\WINDOWS\system32\httpprxm.dll
2016-08-09 20:51:38 ----A---- C:\WINDOWS\SYSWOW64\certenc.dll
2016-08-09 20:51:38 ----A---- C:\WINDOWS\system32\certenc.dll
2016-08-09 20:51:38 ----A---- C:\WINDOWS\system32\adhsvc.dll
2016-08-09 20:51:37 ----A---- C:\WINDOWS\SYSWOW64\certutil.exe
2016-08-09 20:51:37 ----A---- C:\WINDOWS\system32\httpprxp.dll
2016-08-09 20:51:37 ----A---- C:\WINDOWS\system32\fvecpl.dll
2016-08-09 20:51:36 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2016-08-09 20:51:36 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2016-08-09 20:51:36 ----A---- C:\WINDOWS\system32\wuwebv.dll
2016-08-09 20:51:36 ----A---- C:\WINDOWS\system32\wudriver.dll
2016-08-09 20:51:36 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2016-08-09 20:51:36 ----A---- C:\WINDOWS\system32\authui.dll
2016-08-09 20:51:35 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2016-08-09 20:51:35 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-08-09 20:51:35 ----A---- C:\WINDOWS\system32\wuapp.exe
2016-08-09 20:41:25 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-08-09 20:41:23 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-08-09 20:41:20 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-08-09 20:41:18 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-08-09 20:41:18 ----A---- C:\WINDOWS\system32\wininet.dll
2016-08-09 20:41:17 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-08-09 20:41:17 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-08-09 20:41:16 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-08-09 20:41:16 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-08-09 20:41:16 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-08-09 20:41:15 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-08-09 20:41:15 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-08-09 20:41:14 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-08-09 20:41:14 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-08-09 20:41:13 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-08-09 20:41:13 ----A---- C:\WINDOWS\system32\webcheck.dll
2016-08-09 20:41:13 ----A---- C:\WINDOWS\system32\ieui.dll
2016-08-09 20:41:12 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-08-09 20:41:12 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-08-09 20:41:12 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-08-09 20:41:12 ----A---- C:\WINDOWS\system32\jscript.dll
2016-08-09 20:41:12 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-08-09 20:41:12 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-08-09 20:41:12 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-08-09 20:41:11 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-08-09 20:41:11 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-08-09 20:41:10 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-08-09 20:41:10 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-08-09 20:37:59 ----A---- C:\WINDOWS\system32\win32k.sys
2016-08-09 20:37:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-08-09 20:37:36 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-09 20:37:36 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2016-08-09 20:37:35 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2016-08-09 20:37:34 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-08-09 20:37:33 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-08-09 20:37:30 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2016-08-09 20:37:30 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-08-09 20:37:30 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-08-09 20:37:30 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-08-09 20:37:27 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-08-09 20:37:26 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2016-08-09 20:37:26 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2016-08-09 20:37:26 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-08-09 20:37:26 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-08-09 20:37:26 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2016-08-09 20:37:25 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-08-09 20:37:25 ----A---- C:\WINDOWS\system32\certcli.dll
2016-08-09 20:37:14 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2016-08-09 18:45:01 ----D---- C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-08-09 18:44:19 ----D---- C:\ProgramData\SuperBoost
2016-08-09 18:44:12 ----A---- C:\WINDOWS\SYSWOW64\EasyHook32.dll
2016-08-09 18:44:12 ----A---- C:\WINDOWS\SYSWOW64\D3DX8Wrapper.dll
2016-08-09 18:44:11 ----D---- C:\Users\Jiří\AppData\Roaming\SuperBoost
2016-08-09 18:44:11 ----D---- C:\Program Files (x86)\SuperBoost
2016-08-08 10:19:16 ----A---- C:\WINDOWS\system32\drivers\ehdrv.sys
2016-08-08 10:19:16 ----A---- C:\WINDOWS\system32\drivers\eelam.sys
2016-08-08 10:19:16 ----A---- C:\WINDOWS\system32\drivers\eamonm.sys
2016-08-07 00:06:32 ----D---- C:\Users\Jiří\AppData\Roaming\Seznam.cz
2016-08-07 00:06:23 ----D---- C:\Users\Jiří\AppData\Roaming\NCH Software
2016-08-07 00:05:55 ----D---- C:\ProgramData\NCH Software
2016-08-07 00:05:55 ----D---- C:\Program Files (x86)\NCH Software
2016-07-30 20:23:35 ----A---- C:\WINDOWS\system32\drivers\k57nd60a.sys
2016-07-30 20:21:41 ----A---- C:\WINDOWS\system32\drivers\bScsiMSa.sys
2016-07-30 20:14:34 ----A---- C:\WINDOWS\system32\drivers\athwbx.sys
2016-07-30 20:08:41 ----D---- C:\WINDOWS\IObit
2016-07-30 20:08:30 ----A---- C:\WINDOWS\SYSWOW64\drivers\HWiNFO64A.SYS
2016-07-30 20:08:14 ----A---- C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2016-07-30 20:08:08 ----A---- C:\WINDOWS\system32\SmartDefragBootTime.exe
2016-07-30 20:08:08 ----A---- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys
2016-07-30 20:07:29 ----D---- C:\Program Files (x86)\Dashlane
2016-07-30 19:49:04 ----D---- C:\Users\Jiří\AppData\Roaming\Battle.net
2016-07-30 19:41:23 ----D---- C:\ProgramData\ProductData
2016-07-30 19:41:14 ----D---- C:\Users\Jiří\AppData\Roaming\ProductData
2016-07-30 19:40:21 ----D---- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-07-30 19:39:24 ----D---- C:\Users\Jiří\AppData\Roaming\IObit
2016-07-30 19:39:19 ----D---- C:\ProgramData\IObit
2016-07-30 19:39:19 ----D---- C:\Program Files (x86)\IObit
2016-07-29 20:37:05 ----D---- C:\Users\Jiří\AppData\Roaming\discord
2016-07-28 22:10:11 ----A---- C:\WINDOWS\SYSWOW64\ws.db
2016-07-25 16:07:36 ----SHD---- C:\ProgramData\ms-drivers
2016-07-25 16:07:36 ----SHD---- C:\ProgramData\icsxml
2016-07-25 16:07:36 ----SHD---- C:\ProgramData\DIBsection
2016-07-25 16:05:30 ----D---- C:\Users\Jiří\AppData\Roaming\Letasoft
2016-07-25 16:05:16 ----D---- C:\Program Files (x86)\Letasoft Sound Booster
2016-07-25 12:19:51 ----D---- C:\Users\Jiří\AppData\Roaming\MPC Cleaner
2016-07-20 20:29:08 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-64.dll
2016-07-20 12:04:44 ----AH---- C:\WINDOWS\system32\drivers\Hamdrv.sys
2016-07-20 11:56:13 ----D---- C:\Program Files\McAfee Security Scan
2016-07-20 04:46:57 ----D---- C:\WINDOWS\EOONotify
2016-07-17 11:55:33 ----D---- C:\ProgramData\McAfee Security Scan
2016-07-17 11:55:32 ----D---- C:\ProgramData\McAfee
2016-07-17 11:55:32 ----D---- C:\Program Files (x86)\McAfee Security Scan
2016-07-14 06:47:59 ----A---- C:\WINDOWS\SYSWOW64\msvcr120_clr0400.dll
2016-07-14 06:47:59 ----A---- C:\WINDOWS\SYSWOW64\msvcp120_clr0400.dll
2016-07-14 06:47:59 ----A---- C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-07-14 06:47:59 ----A---- C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-07-13 08:51:35 ----A---- C:\WINDOWS\system32\invagent.dll
2016-07-13 08:51:35 ----A---- C:\WINDOWS\system32\devinv.dll
2016-07-13 08:51:35 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-07-13 08:51:35 ----A---- C:\WINDOWS\system32\aepic.dll
2016-07-13 08:51:35 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-07-13 08:51:34 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-07-13 08:51:34 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-07-13 08:51:34 ----A---- C:\WINDOWS\system32\centel.dll
2016-07-13 08:51:34 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-07-13 08:51:32 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2016-07-13 08:51:32 ----A---- C:\WINDOWS\SYSWOW64\puiapi.dll
2016-07-13 08:51:32 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2016-07-13 08:51:32 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-07-13 08:51:32 ----A---- C:\WINDOWS\system32\puiobj.dll
2016-07-13 08:51:32 ----A---- C:\WINDOWS\system32\puiapi.dll
2016-07-13 08:51:32 ----A---- C:\WINDOWS\system32\ntprint.dll
2016-07-13 08:51:32 ----A---- C:\WINDOWS\system32\localspl.dll
2016-07-13 08:51:32 ----A---- C:\WINDOWS\system32\inetpp.dll
2016-07-13 08:51:32 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2016-07-13 08:51:31 ----A---- C:\WINDOWS\SYSWOW64\ntprint.dll
2016-07-13 08:51:28 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-07-13 08:51:12 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2016-07-13 08:51:12 ----A---- C:\WINDOWS\system32\poqexec.exe
2016-07-13 08:50:44 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-07-13 08:50:43 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-07-13 08:50:42 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2016-07-13 08:50:42 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-07-13 08:50:42 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-07-13 08:50:41 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2016-06-14 20:22:34 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2016-06-14 20:22:34 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2016-06-14 20:22:32 ----A---- C:\WINDOWS\system32\pcasvc.dll
2016-06-14 20:22:25 ----A---- C:\WINDOWS\system32\twinui.dll
2016-06-14 20:22:24 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-06-14 20:20:24 ----A---- C:\WINDOWS\SYSWOW64\polstore.dll
2016-06-14 20:20:24 ----A---- C:\WINDOWS\SYSWOW64\gpapi.dll
2016-06-14 20:20:24 ----A---- C:\WINDOWS\system32\polstore.dll
2016-06-14 20:20:24 ----A---- C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-14 20:20:24 ----A---- C:\WINDOWS\system32\gpsvc.dll
2016-06-14 20:20:24 ----A---- C:\WINDOWS\system32\gpapi.dll
2016-06-14 20:20:23 ----A---- C:\WINDOWS\SYSWOW64\FwRemoteSvr.dll
2016-06-14 20:20:23 ----A---- C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-14 20:19:41 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2016-06-14 20:19:41 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2016-06-14 20:19:41 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2016-06-14 20:19:29 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-06-14 20:19:29 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-06-14 20:19:29 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-06-14 20:19:29 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-06-14 20:19:25 ----A---- C:\WINDOWS\system32\consent.exe
2016-06-14 20:19:25 ----A---- C:\WINDOWS\system32\appinfo.dll
2016-06-14 20:11:06 ----A---- C:\WINDOWS\SYSWOW64\ws2_32.dll
2016-06-14 20:11:06 ----A---- C:\WINDOWS\SYSWOW64\mswsock.dll
2016-06-14 20:11:06 ----A---- C:\WINDOWS\system32\ws2_32.dll
2016-06-14 20:11:06 ----A---- C:\WINDOWS\system32\mswsock.dll
2016-06-14 20:11:06 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2016-06-14 20:10:51 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2016-06-14 20:10:51 ----A---- C:\WINDOWS\system32\gdi32.dll

======List of files/folders modified in the last 3 months======

2016-09-01 22:44:03 ----D---- C:\Users\Jiří\AppData\Roaming\TS3Client
2016-09-01 22:00:00 ----D---- C:\WINDOWS\system32\sru
2016-09-01 20:40:10 ----D---- C:\Users\Jiří\AppData\Roaming\.minecraft
2016-09-01 20:33:07 ----D---- C:\WINDOWS\Temp
2016-09-01 18:20:56 ----D---- C:\WINDOWS\Prefetch
2016-09-01 17:28:56 ----D---- C:\WINDOWS\system32\drivers
2016-09-01 05:24:47 ----D---- C:\WINDOWS\system32\config
2016-09-01 05:22:42 ----D---- C:\WINDOWS\Microsoft.NET
2016-09-01 03:45:58 ----D---- C:\Program Files (x86)\MPC AdCleaner
2016-08-31 07:52:37 ----SHD---- C:\System Volume Information
2016-08-31 07:39:11 ----HD---- C:\Program Files\WindowsApps
2016-08-31 07:38:58 ----D---- C:\WINDOWS\AppReadiness
2016-08-30 03:14:38 ----D---- C:\WINDOWS\debug
2016-08-30 03:14:33 ----D---- C:\Windows
2016-08-30 03:02:48 ----D---- C:\WINDOWS\system32\Tasks
2016-08-30 00:01:34 ----D---- C:\WINDOWS\Tasks
2016-08-29 23:08:39 ----D---- C:\Users\Jiří\AppData\Roaming\Skype
2016-08-29 22:15:48 ----SHD---- C:\WINDOWS\Installer
2016-08-29 22:15:47 ----D---- C:\ProgramData\Skype
2016-08-29 22:15:46 ----SHD---- C:\Config.Msi
2016-08-29 22:15:11 ----RD---- C:\Program Files (x86)\Skype
2016-08-29 17:43:44 ----D---- C:\WINDOWS\system32\DriverStore
2016-08-29 17:43:44 ----D---- C:\WINDOWS\Inf
2016-08-29 17:43:36 ----HD---- C:\WINDOWS\ELAMBKUP
2016-08-29 17:43:32 ----D---- C:\WINDOWS\system32\catroot2
2016-08-29 17:40:28 ----RD---- C:\Program Files
2016-08-29 17:40:28 ----HD---- C:\ProgramData
2016-08-18 15:46:28 ----D---- C:\WINDOWS\SoftwareDistribution
2016-08-17 12:40:55 ----D---- C:\WINDOWS\CbsTemp
2016-08-17 12:40:43 ----D---- C:\WINDOWS\WinSxS
2016-08-10 12:39:03 ----D---- C:\WINDOWS\SysWOW64
2016-08-10 12:39:03 ----D---- C:\WINDOWS\System32
2016-08-10 12:39:03 ----D---- C:\Program Files\Internet Explorer
2016-08-10 12:39:03 ----D---- C:\Program Files (x86)\Internet Explorer
2016-08-10 12:39:01 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 12:39:00 ----RD---- C:\WINDOWS\ToastData
2016-08-10 12:38:51 ----D---- C:\WINDOWS\SYSWOW64\wbem
2016-08-10 12:38:51 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-08-10 12:38:51 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-08-10 12:38:50 ----D---- C:\WINDOWS\system32\wbem
2016-08-10 12:38:50 ----D---- C:\WINDOWS\system32\migration
2016-08-10 12:38:50 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2016-08-10 12:38:50 ----D---- C:\WINDOWS\system32\cs-CZ
2016-08-10 12:38:42 ----D---- C:\WINDOWS\apppatch
2016-08-09 22:03:16 ----D---- C:\WINDOWS\system32\MRT
2016-08-09 21:53:20 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-08-09 18:44:11 ----RD---- C:\Program Files (x86)
2016-07-30 20:31:37 ----D---- C:\WINDOWS\system32\catroot
2016-07-30 20:10:41 ----D---- C:\Program Files\Common Files\microsoft shared
2016-07-30 20:08:30 ----D---- C:\WINDOWS\SYSWOW64\drivers
2016-07-30 19:54:41 ----D---- C:\Program Files (x86)\Razer
2016-07-30 19:54:13 ----D---- C:\ProgramData\Razer
2016-07-30 19:50:49 ----D---- C:\ProgramData\Battle.net
2016-07-30 19:39:59 ----D---- C:\Program Files (x86)\Common Files
2016-07-27 10:52:59 ----D---- C:\ProgramData\BlueStacksSetup
2016-07-20 20:58:49 ----D---- C:\ProgramData\Oracle
2016-07-20 20:29:28 ----D---- C:\Program Files (x86)\Java
2016-07-20 20:29:02 ----D---- C:\Program Files\Java
2016-07-20 20:27:19 ----A---- C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-07-20 20:25:09 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2016-07-20 19:41:31 ----D---- C:\Program Files\TeamSpeak 3 Client
2016-07-20 04:48:27 ----SD---- C:\WINDOWS\SYSWOW64\GWX
2016-07-20 04:48:27 ----SD---- C:\WINDOWS\system32\GWX
2016-07-17 12:00:54 ----D---- C:\Users\Jiří\AppData\Roaming\MCorp
2016-07-17 11:55:19 ----D---- C:\WINDOWS\system32\Macromed
2016-07-17 11:55:16 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-07-17 11:09:11 ----RSD---- C:\WINDOWS\assembly
2016-07-17 10:42:43 ----D---- C:\WINDOWS\system32\appraiser
2016-07-17 10:42:42 ----D---- C:\WINDOWS\system32\CodeIntegrity
2016-07-17 10:42:42 ----D---- C:\Program Files\Windows Journal
2016-07-02 06:29:27 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-06-07 21:09:21 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-02-09 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-08-05 292704]
R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2016-03-22 21360]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-11-21 157016]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-02-09 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-02-09 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-03-09 1070904]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-02-25 463744]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2016-08-08 176288]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2016-07-30 27552]
R1 MPCKpt;MPCKpt; C:\WINDOWS\system32\DRIVERS\MPCKpt.sys [2016-03-24 60136]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-02-09 37656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-03-09 107792]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-02-09 165344]
R3 athr;@oem7.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2016-07-30 4297216]
R3 bScsiMSa;bScsiMSa; C:\WINDOWS\System32\drivers\bScsiMSa.sys [2016-07-30 59088]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-06-01 5384176]
R3 IMFFilter;IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [2016-04-01 22208]
R3 k57nd60a;@oem15.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\system32\DRIVERS\k57nd60a.sys [2016-07-30 458960]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2016-01-11 34848]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-11-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2016-08-08 15488]
S3 dg_ssudbus;@oem1.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2016-08-08 227456]
S3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2016-07-20 45680]
S3 MEIx64;@oem2.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-17 62784]
S3 ssudmdm;@oem5.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\system32\DRIVERS\WinUsb.sys [2015-10-10 78848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-02-09 237096]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-05-25 1364096]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-05-25 1687680]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-08-05 2816032]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2016-06-13 1597728]
R2 MPCProtectService;MPC Core Protect Service; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [2016-03-24 350688]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2015-12-16 76888]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-06 107848]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-06-14 2960672]
S2 sgbupt;SuperBoost Software Updater; C:\Program Files (x86)\SuperBoost\SuperBoost Software Updater\SuperBoostUpdater.exe [2016-04-21 2600256]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-07-25 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-17 270016]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-06 107848]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [2016-07-19 327944]

-----------------EOF-----------------
Nahoru
jirka.358
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 29 srp 2016 16:52

Re: jak mam odstranit viry z pc?

#4 Příspěvek od jirka.358 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jiří at 2016-09-01 22:52:28
Microsoft Windows 8.1
System drive C: has 81 GB (54%) free of 149 GB
Total RAM: 3912 MB (25% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:52:40, on 1. 9. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jiří.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = search.mpc.am
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = search.mpc.am
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = search.mpc.am
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = search.mpc.am
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: Dashlane BHO - {42D79B50-CC4A-4A8E-860F-BE674AF053A2} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - (no file)
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - Startup: Sound Booster.lnk = C:\Program Files (x86)\Letasoft Sound Booster\SoundBooster.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe
O23 - Service: MPC Core Protect Service (MPCProtectService) - DotC United Inc - C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SuperBoost Software Updater (sgbupt) - SuperBoost Software - C:\Program Files (x86)\SuperBoost\SuperBoost Software Updater\SuperBoostUpdater.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7966 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {33ef478a-f92f-43da-b6dfb7d76dc05f76}
"C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe"
C:\WINDOWS\SysWOW64\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe" -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" search.mpc.am
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=52.0.2743.116 --handshake-handle=0x144
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6616.0.1048796918\728517812" --mojo-application-channel-token=F7A6AF1974D69E9B5F1D175360D75E36 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/DisallowFetchForDocWrittenScriptsInMainFrame/Control/EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_99/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/NoChecks/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,12,13,27,47,55 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4229 --gpu-driver-date=5-28-2015 --mojo-platform-channel-handle=1248 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Control/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_99/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=8F57C490EBDECA7A93F0F061F8904F02 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=ED97318AA3B9227CADEE8AE51DD99744 --mojo-application-channel-token=0EF6F15D77109BAD2746CE610B259BF0 --channel="6616.3.2111334250\1004402150" --mojo-platform-channel-handle=3264 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Control/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_99/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=FDF2864A89FE95984C16A1BE102E86F5 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=6C8D71FC278FE465DDC717C7B928E1E5 --mojo-application-channel-token=5537F9B3AFCEB28CA04748BF1309B22F --channel="6616.4.979096509\397462173" --mojo-platform-channel-handle=3272 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Control/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_99/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=A85D370B014583D275C881B0351D2269 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=7BE2D01B9DB3C9466FC1A775AFD8EC89 --mojo-application-channel-token=BD03B75F57FF1D49D050862A2DE7C582 --channel="6616.7.1521346654\1012299313" --mojo-platform-channel-handle=3928 /prefetch:1

"C:\Program Files\Java\jre1.8.0_101\bin\javaw.exe" -Xms256m -Xmx512m -jar "C:\Users\Jiří\AppData\Roaming\.minecraft\minecraft launcher\Minecraft Launcher.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Control/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_99/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=0A57896A995A3CB347E3614D1B3F0A12 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=C049D9A8C6EC30E7F2142EF8B485F5E0 --mojo-application-channel-token=EA1C9988F32E8FDE0834DBD1C8F923DD --channel="6616.29.479825034\390398387" --mojo-platform-channel-handle=8796 /prefetch:1
"C:\Program Files\Java\jre1.8.0_101\bin\javaw.exe" -XX:HeapDumpPath=MojangTricksIntelDriversForPerformance_javaw.exe_minecraft.exe.heapdump -Xmx1G -XX:+UseConcMarkSweepGC -XX:+CMSIncrementalMode -XX:-UseAdaptiveSizePolicy -Xmn128M -Djava.library.path=C:\Users\Jiří\AppData\Roaming\.minecraft\versions\1.8.8-OptiFine_HD_U_G9\1.8.8-OptiFine_HD_U_G9-natives-235486600883760 -cp C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\optifine\OptiFine\1.8.8_HD_U_G9\OptiFine-1.8.8_HD_U_G9.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\net\minecraft\launchwrapper\1.7\launchwrapper-1.7.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\mojang\netty\1.6\netty-1.6.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\oshi-project\oshi-core\1.1\oshi-core-1.1.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\net\java\dev\jna\jna\3.4.0\jna-3.4.0.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\net\java\dev\jna\platform\3.4.0\platform-3.4.0.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\ibm\icu\icu4j-core-mojang\51.2\icu4j-core-mojang-51.2.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\net\sf\jopt-simple\jopt-simple\4.6\jopt-simple-4.6.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\paulscode\codecjorbis\20101023\codecjorbis-20101023.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\paulscode\codecwav\20101023\codecwav-20101023.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\paulscode\libraryjavasound\20101123\libraryjavasound-20101123.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\paulscode\librarylwjglopenal\20100824\librarylwjglopenal-20100824.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\paulscode\soundsystem\20120107\soundsystem-20120107.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\io\netty\netty-all\4.0.23.Final\netty-all-4.0.23.Final.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\google\guava\guava\17.0\guava-17.0.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\org\apache\commons\commons-lang3\3.3.2\commons-lang3-3.3.2.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\commons-io\commons-io\2.4\commons-io-2.4.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\commons-codec\commons-codec\1.9\commons-codec-1.9.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\net\java\jinput\jinput\2.0.5\jinput-2.0.5.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\net\java\jutils\jutils\1.0.0\jutils-1.0.0.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\google\code\gson\gson\2.2.4\gson-2.2.4.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\mojang\authlib\1.5.21\authlib-1.5.21.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\com\mojang\realms\1.7.39\realms-1.7.39.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\org\apache\commons\commons-compress\1.8.1\commons-compress-1.8.1.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\org\apache\httpcomponents\httpclient\4.3.3\httpclient-4.3.3.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\commons-logging\commons-logging\1.1.3\commons-logging-1.1.3.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\org\apache\httpcomponents\httpcore\4.3.2\httpcore-4.3.2.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\org\apache\logging\log4j\log4j-api\2.0-beta9\log4j-api-2.0-beta9.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\org\apache\logging\log4j\log4j-core\2.0-beta9\log4j-core-2.0-beta9.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\org\lwjgl\lwjgl\lwjgl\2.9.4-nightly-20150209\lwjgl-2.9.4-nightly-20150209.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\org\lwjgl\lwjgl\lwjgl_util\2.9.4-nightly-20150209\lwjgl_util-2.9.4-nightly-20150209.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\libraries\tv\twitch\twitch\6.5\twitch-6.5.jar;C:\Users\Jiří\AppData\Roaming\.minecraft\versions\1.8.8-OptiFine_HD_U_G9\1.8.8-OptiFine_HD_U_G9.jar net.minecraft.launchwrapper.Launch --username xpro --version 1.8.8-OptiFine_HD_U_G9 --gameDir C:\Users\Jiří\AppData\Roaming\.minecraft --assetsDir C:\Users\Jiří\AppData\Roaming\.minecraft\assets --assetIndex 1.8 --uuid 4dcadbc04a4a3ffe9c9c9d74fa9fd34e --accessToken 1337535510N --userProperties {} --userType legacy --tweakClass optifine.OptiFineTweaker
"C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Control/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_99/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=CC4EA47A5309411634BE26FDA5710A2B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=91315508991C8B52829DD45C4AA7B793 --mojo-application-channel-token=EBD7DF588610410872BB976A70F71289 --channel="6616.48.1184264373\1882608868" --mojo-platform-channel-handle=10344 /prefetch:1
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WerFault.exe -u -p 2256 -s 6156
explorer.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe209_ Global\UsGthrCtrlFltPipeMssGthrPipe209 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Users\Jiří\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-20 571456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-09 901600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25 2111616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-20 234560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42D79B50-CC4A-4A8E-860F-BE674AF053A2}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-20 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-09 678656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25 1637504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-20 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{669695BC-A811-4A9D-8CDF-BA8C795F261C}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2015-06-01 411056]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-23 7139256]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2016-06-28 5976864]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe

C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sound Booster.lnk - C:\Program Files (x86)\Letasoft Sound Booster\SoundBooster.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2015-06-01 451584]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2016-08-29 17:40:28 ----D---- C:\ProgramData\ESET
2016-08-29 17:40:28 ----D---- C:\Program Files\ESET
2016-08-29 17:27:54 ----D---- C:\Program Files\trend micro
2016-08-29 17:27:53 ----D---- C:\rsit
2016-08-10 12:41:53 ----D---- C:\.oracle_jre_usage
2016-08-09 20:53:32 ----A---- C:\WINDOWS\system32\sppsvc.exe
2016-08-09 20:53:27 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-09 20:53:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-08-09 20:53:18 ----A---- C:\WINDOWS\system32\shell32.dll
2016-08-09 20:53:15 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-08-09 20:53:11 ----A---- C:\WINDOWS\system32\sppobjs.dll
2016-08-09 20:53:08 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-08-09 20:53:08 ----A---- C:\WINDOWS\system32\crypt32.dll
2016-08-09 20:53:04 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2016-08-09 20:53:02 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2016-08-09 20:53:02 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2016-08-09 20:53:01 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2016-08-09 20:53:00 ----A---- C:\WINDOWS\system32\sppwinob.dll
2016-08-09 20:53:00 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-08-09 20:53:00 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-08-09 20:52:58 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-08-09 20:52:57 ----A---- C:\WINDOWS\system32\winhttp.dll
2016-08-09 20:52:55 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2016-08-09 20:52:55 ----A---- C:\WINDOWS\system32\rpcss.dll
2016-08-09 20:52:55 ----A---- C:\WINDOWS\system32\ole32.dll
2016-08-09 20:52:54 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-08-09 20:52:54 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-08-09 20:52:53 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-08-09 20:52:53 ----A---- C:\WINDOWS\system32\drivers\mup.sys
2016-08-09 20:52:51 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-08-09 20:52:51 ----A---- C:\WINDOWS\system32\drivers\ndiswan.sys
2016-08-09 20:52:48 ----A---- C:\WINDOWS\system32\webio.dll
2016-08-09 20:52:47 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-08-09 20:52:47 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2016-08-09 20:52:47 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2016-08-09 20:52:45 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-08-09 20:52:45 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-08-09 20:52:44 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2016-08-09 20:52:44 ----A---- C:\WINDOWS\system32\wucltux.dll
2016-08-09 20:52:43 ----A---- C:\WINDOWS\system32\tpmvsc.dll
2016-08-09 20:52:43 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2016-08-09 20:52:42 ----A---- C:\WINDOWS\system32\rdpcore.dll
2016-08-09 20:52:41 ----A---- C:\WINDOWS\system32\Windows.Devices.Geolocation.dll
2016-08-09 20:52:41 ----A---- C:\WINDOWS\system32\schannel.dll
2016-08-09 20:52:40 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2016-08-09 20:52:39 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2016-08-09 20:52:39 ----A---- C:\WINDOWS\system32\certutil.exe
2016-08-09 20:52:38 ----A---- C:\WINDOWS\system32\msi.dll
2016-08-09 20:52:32 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2016-08-09 20:52:32 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-08-09 20:52:32 ----A---- C:\WINDOWS\system32\drivers\dumpfve.sys
2016-08-09 20:52:31 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2016-08-09 20:52:31 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2016-08-09 20:52:30 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2016-08-09 20:52:30 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2016-08-09 20:52:29 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2016-08-09 20:52:27 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2016-08-09 20:52:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Geolocation.dll
2016-08-09 20:52:26 ----A---- C:\WINDOWS\system32\LocationApi.dll
2016-08-09 20:52:26 ----A---- C:\WINDOWS\system32\gpresult.exe
2016-08-09 20:52:20 ----A---- C:\WINDOWS\system32\cryptxml.dll
2016-08-09 20:52:19 ----A---- C:\WINDOWS\SYSWOW64\cryptxml.dll
2016-08-09 20:52:15 ----A---- C:\WINDOWS\SYSWOW64\UserAccountBroker.exe
2016-08-09 20:52:15 ----A---- C:\WINDOWS\SYSWOW64\msiexec.exe
2016-08-09 20:52:15 ----A---- C:\WINDOWS\SYSWOW64\LocationApi.dll
2016-08-09 20:52:15 ----A---- C:\WINDOWS\system32\UserAccountBroker.exe
2016-08-09 20:52:15 ----A---- C:\WINDOWS\system32\msiexec.exe
2016-08-09 20:52:14 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-08-09 20:52:13 ----A---- C:\WINDOWS\system32\WebClnt.dll
2016-08-09 20:52:12 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2016-08-09 20:52:11 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2016-08-09 20:52:11 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-08-09 20:52:10 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2016-08-09 20:52:10 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2016-08-09 20:52:09 ----A---- C:\WINDOWS\system32\wfapigp.dll
2016-08-09 20:52:09 ----A---- C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-08-09 20:52:03 ----A---- C:\WINDOWS\system32\hbaapi.dll
2016-08-09 20:52:02 ----A---- C:\WINDOWS\system32\fveapi.dll
2016-08-09 20:51:46 ----A---- C:\WINDOWS\SYSWOW64\wfapigp.dll
2016-08-09 20:51:44 ----A---- C:\WINDOWS\SYSWOW64\gpresult.exe
2016-08-09 20:51:44 ----A---- C:\WINDOWS\system32\bdesvc.dll
2016-08-09 20:51:42 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-08-09 20:51:40 ----A---- C:\WINDOWS\SYSWOW64\hbaapi.dll
2016-08-09 20:51:39 ----A---- C:\WINDOWS\system32\httpprxm.dll
2016-08-09 20:51:38 ----A---- C:\WINDOWS\SYSWOW64\certenc.dll
2016-08-09 20:51:38 ----A---- C:\WINDOWS\system32\certenc.dll
2016-08-09 20:51:38 ----A---- C:\WINDOWS\system32\adhsvc.dll
2016-08-09 20:51:37 ----A---- C:\WINDOWS\SYSWOW64\certutil.exe
2016-08-09 20:51:37 ----A---- C:\WINDOWS\system32\httpprxp.dll
2016-08-09 20:51:37 ----A---- C:\WINDOWS\system32\fvecpl.dll
2016-08-09 20:51:36 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2016-08-09 20:51:36 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2016-08-09 20:51:36 ----A---- C:\WINDOWS\system32\wuwebv.dll
2016-08-09 20:51:36 ----A---- C:\WINDOWS\system32\wudriver.dll
2016-08-09 20:51:36 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2016-08-09 20:51:36 ----A---- C:\WINDOWS\system32\authui.dll
2016-08-09 20:51:35 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2016-08-09 20:51:35 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-08-09 20:51:35 ----A---- C:\WINDOWS\system32\wuapp.exe
2016-08-09 20:41:25 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-08-09 20:41:23 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-08-09 20:41:20 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-08-09 20:41:18 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-08-09 20:41:18 ----A---- C:\WINDOWS\system32\wininet.dll
2016-08-09 20:41:17 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-08-09 20:41:17 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-08-09 20:41:16 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-08-09 20:41:16 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-08-09 20:41:16 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-08-09 20:41:15 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-08-09 20:41:15 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-08-09 20:41:14 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-08-09 20:41:14 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-08-09 20:41:13 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-08-09 20:41:13 ----A---- C:\WINDOWS\system32\webcheck.dll
2016-08-09 20:41:13 ----A---- C:\WINDOWS\system32\ieui.dll
2016-08-09 20:41:12 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-08-09 20:41:12 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-08-09 20:41:12 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-08-09 20:41:12 ----A---- C:\WINDOWS\system32\jscript.dll
2016-08-09 20:41:12 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-08-09 20:41:12 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-08-09 20:41:12 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-08-09 20:41:11 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-08-09 20:41:11 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-08-09 20:41:10 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-08-09 20:41:10 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-08-09 20:37:59 ----A---- C:\WINDOWS\system32\win32k.sys
2016-08-09 20:37:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-08-09 20:37:36 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-09 20:37:36 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2016-08-09 20:37:35 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2016-08-09 20:37:34 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-08-09 20:37:33 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-08-09 20:37:30 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2016-08-09 20:37:30 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-08-09 20:37:30 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-08-09 20:37:30 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-08-09 20:37:27 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-08-09 20:37:26 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2016-08-09 20:37:26 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2016-08-09 20:37:26 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-08-09 20:37:26 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-08-09 20:37:26 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2016-08-09 20:37:25 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-08-09 20:37:25 ----A---- C:\WINDOWS\system32\certcli.dll
2016-08-09 20:37:14 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2016-08-09 18:45:01 ----D---- C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-08-09 18:44:19 ----D---- C:\ProgramData\SuperBoost
2016-08-09 18:44:12 ----A---- C:\WINDOWS\SYSWOW64\EasyHook32.dll
2016-08-09 18:44:12 ----A---- C:\WINDOWS\SYSWOW64\D3DX8Wrapper.dll
2016-08-09 18:44:11 ----D---- C:\Users\Jiří\AppData\Roaming\SuperBoost
2016-08-09 18:44:11 ----D---- C:\Program Files (x86)\SuperBoost
2016-08-08 10:19:16 ----A---- C:\WINDOWS\system32\drivers\ehdrv.sys
2016-08-08 10:19:16 ----A---- C:\WINDOWS\system32\drivers\eelam.sys
2016-08-08 10:19:16 ----A---- C:\WINDOWS\system32\drivers\eamonm.sys
2016-08-07 00:06:32 ----D---- C:\Users\Jiří\AppData\Roaming\Seznam.cz
2016-08-07 00:06:23 ----D---- C:\Users\Jiří\AppData\Roaming\NCH Software
2016-08-07 00:05:55 ----D---- C:\ProgramData\NCH Software
2016-08-07 00:05:55 ----D---- C:\Program Files (x86)\NCH Software
2016-07-30 20:23:35 ----A---- C:\WINDOWS\system32\drivers\k57nd60a.sys
2016-07-30 20:21:41 ----A---- C:\WINDOWS\system32\drivers\bScsiMSa.sys
2016-07-30 20:14:34 ----A---- C:\WINDOWS\system32\drivers\athwbx.sys
2016-07-30 20:08:41 ----D---- C:\WINDOWS\IObit
2016-07-30 20:08:30 ----A---- C:\WINDOWS\SYSWOW64\drivers\HWiNFO64A.SYS
2016-07-30 20:08:14 ----A---- C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2016-07-30 20:08:08 ----A---- C:\WINDOWS\system32\SmartDefragBootTime.exe
2016-07-30 20:08:08 ----A---- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys
2016-07-30 20:07:29 ----D---- C:\Program Files (x86)\Dashlane
2016-07-30 19:49:04 ----D---- C:\Users\Jiří\AppData\Roaming\Battle.net
2016-07-30 19:41:23 ----D---- C:\ProgramData\ProductData
2016-07-30 19:41:14 ----D---- C:\Users\Jiří\AppData\Roaming\ProductData
2016-07-30 19:40:21 ----D---- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-07-30 19:39:24 ----D---- C:\Users\Jiří\AppData\Roaming\IObit
2016-07-30 19:39:19 ----D---- C:\ProgramData\IObit
2016-07-30 19:39:19 ----D---- C:\Program Files (x86)\IObit
2016-07-29 20:37:05 ----D---- C:\Users\Jiří\AppData\Roaming\discord
2016-07-28 22:10:11 ----A---- C:\WINDOWS\SYSWOW64\ws.db
2016-07-25 16:07:36 ----SHD---- C:\ProgramData\ms-drivers
2016-07-25 16:07:36 ----SHD---- C:\ProgramData\icsxml
2016-07-25 16:07:36 ----SHD---- C:\ProgramData\DIBsection
2016-07-25 16:05:30 ----D---- C:\Users\Jiří\AppData\Roaming\Letasoft
2016-07-25 16:05:16 ----D---- C:\Program Files (x86)\Letasoft Sound Booster
2016-07-25 12:19:51 ----D---- C:\Users\Jiří\AppData\Roaming\MPC Cleaner
2016-07-20 20:29:08 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-64.dll
2016-07-20 12:04:44 ----AH---- C:\WINDOWS\system32\drivers\Hamdrv.sys
2016-07-20 11:56:13 ----D---- C:\Program Files\McAfee Security Scan
2016-07-20 04:46:57 ----D---- C:\WINDOWS\EOONotify
2016-07-17 11:55:33 ----D---- C:\ProgramData\McAfee Security Scan
2016-07-17 11:55:32 ----D---- C:\ProgramData\McAfee
2016-07-17 11:55:32 ----D---- C:\Program Files (x86)\McAfee Security Scan
2016-07-14 06:47:59 ----A---- C:\WINDOWS\SYSWOW64\msvcr120_clr0400.dll
2016-07-14 06:47:59 ----A---- C:\WINDOWS\SYSWOW64\msvcp120_clr0400.dll
2016-07-14 06:47:59 ----A---- C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-07-14 06:47:59 ----A---- C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-07-13 08:51:35 ----A---- C:\WINDOWS\system32\invagent.dll
2016-07-13 08:51:35 ----A---- C:\WINDOWS\system32\devinv.dll
2016-07-13 08:51:35 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-07-13 08:51:35 ----A---- C:\WINDOWS\system32\aepic.dll
2016-07-13 08:51:35 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-07-13 08:51:34 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-07-13 08:51:34 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-07-13 08:51:34 ----A---- C:\WINDOWS\system32\centel.dll
2016-07-13 08:51:34 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-07-13 08:51:32 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2016-07-13 08:51:32 ----A---- C:\WINDOWS\SYSWOW64\puiapi.dll
2016-07-13 08:51:32 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2016-07-13 08:51:32 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-07-13 08:51:32 ----A---- C:\WINDOWS\system32\puiobj.dll
2016-07-13 08:51:32 ----A---- C:\WINDOWS\system32\puiapi.dll
2016-07-13 08:51:32 ----A---- C:\WINDOWS\system32\ntprint.dll
2016-07-13 08:51:32 ----A---- C:\WINDOWS\system32\localspl.dll
2016-07-13 08:51:32 ----A---- C:\WINDOWS\system32\inetpp.dll
2016-07-13 08:51:32 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2016-07-13 08:51:31 ----A---- C:\WINDOWS\SYSWOW64\ntprint.dll
2016-07-13 08:51:28 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-07-13 08:51:12 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2016-07-13 08:51:12 ----A---- C:\WINDOWS\system32\poqexec.exe
2016-07-13 08:50:44 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-07-13 08:50:43 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-07-13 08:50:42 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2016-07-13 08:50:42 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-07-13 08:50:42 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-07-13 08:50:41 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2016-06-14 20:22:34 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2016-06-14 20:22:34 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2016-06-14 20:22:32 ----A---- C:\WINDOWS\system32\pcasvc.dll
2016-06-14 20:22:25 ----A---- C:\WINDOWS\system32\twinui.dll
2016-06-14 20:22:24 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-06-14 20:20:24 ----A---- C:\WINDOWS\SYSWOW64\polstore.dll
2016-06-14 20:20:24 ----A---- C:\WINDOWS\SYSWOW64\gpapi.dll
2016-06-14 20:20:24 ----A---- C:\WINDOWS\system32\polstore.dll
2016-06-14 20:20:24 ----A---- C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-14 20:20:24 ----A---- C:\WINDOWS\system32\gpsvc.dll
2016-06-14 20:20:24 ----A---- C:\WINDOWS\system32\gpapi.dll
2016-06-14 20:20:23 ----A---- C:\WINDOWS\SYSWOW64\FwRemoteSvr.dll
2016-06-14 20:20:23 ----A---- C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-14 20:19:41 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2016-06-14 20:19:41 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2016-06-14 20:19:41 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2016-06-14 20:19:29 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-06-14 20:19:29 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-06-14 20:19:29 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-06-14 20:19:29 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-06-14 20:19:25 ----A---- C:\WINDOWS\system32\consent.exe
2016-06-14 20:19:25 ----A---- C:\WINDOWS\system32\appinfo.dll
2016-06-14 20:11:06 ----A---- C:\WINDOWS\SYSWOW64\ws2_32.dll
2016-06-14 20:11:06 ----A---- C:\WINDOWS\SYSWOW64\mswsock.dll
2016-06-14 20:11:06 ----A---- C:\WINDOWS\system32\ws2_32.dll
2016-06-14 20:11:06 ----A---- C:\WINDOWS\system32\mswsock.dll
2016-06-14 20:11:06 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2016-06-14 20:10:51 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2016-06-14 20:10:51 ----A---- C:\WINDOWS\system32\gdi32.dll

======List of files/folders modified in the last 3 months======

2016-09-01 22:44:03 ----D---- C:\Users\Jiří\AppData\Roaming\TS3Client
2016-09-01 22:00:00 ----D---- C:\WINDOWS\system32\sru
2016-09-01 20:40:10 ----D---- C:\Users\Jiří\AppData\Roaming\.minecraft
2016-09-01 20:33:07 ----D---- C:\WINDOWS\Temp
2016-09-01 18:20:56 ----D---- C:\WINDOWS\Prefetch
2016-09-01 17:28:56 ----D---- C:\WINDOWS\system32\drivers
2016-09-01 05:24:47 ----D---- C:\WINDOWS\system32\config
2016-09-01 05:22:42 ----D---- C:\WINDOWS\Microsoft.NET
2016-09-01 03:45:58 ----D---- C:\Program Files (x86)\MPC AdCleaner
2016-08-31 07:52:37 ----SHD---- C:\System Volume Information
2016-08-31 07:39:11 ----HD---- C:\Program Files\WindowsApps
2016-08-31 07:38:58 ----D---- C:\WINDOWS\AppReadiness
2016-08-30 03:14:38 ----D---- C:\WINDOWS\debug
2016-08-30 03:14:33 ----D---- C:\Windows
2016-08-30 03:02:48 ----D---- C:\WINDOWS\system32\Tasks
2016-08-30 00:01:34 ----D---- C:\WINDOWS\Tasks
2016-08-29 23:08:39 ----D---- C:\Users\Jiří\AppData\Roaming\Skype
2016-08-29 22:15:48 ----SHD---- C:\WINDOWS\Installer
2016-08-29 22:15:47 ----D---- C:\ProgramData\Skype
2016-08-29 22:15:46 ----SHD---- C:\Config.Msi
2016-08-29 22:15:11 ----RD---- C:\Program Files (x86)\Skype
2016-08-29 17:43:44 ----D---- C:\WINDOWS\system32\DriverStore
2016-08-29 17:43:44 ----D---- C:\WINDOWS\Inf
2016-08-29 17:43:36 ----HD---- C:\WINDOWS\ELAMBKUP
2016-08-29 17:43:32 ----D---- C:\WINDOWS\system32\catroot2
2016-08-29 17:40:28 ----RD---- C:\Program Files
2016-08-29 17:40:28 ----HD---- C:\ProgramData
2016-08-18 15:46:28 ----D---- C:\WINDOWS\SoftwareDistribution
2016-08-17 12:40:55 ----D---- C:\WINDOWS\CbsTemp
2016-08-17 12:40:43 ----D---- C:\WINDOWS\WinSxS
2016-08-10 12:39:03 ----D---- C:\WINDOWS\SysWOW64
2016-08-10 12:39:03 ----D---- C:\WINDOWS\System32
2016-08-10 12:39:03 ----D---- C:\Program Files\Internet Explorer
2016-08-10 12:39:03 ----D---- C:\Program Files (x86)\Internet Explorer
2016-08-10 12:39:01 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 12:39:00 ----RD---- C:\WINDOWS\ToastData
2016-08-10 12:38:51 ----D---- C:\WINDOWS\SYSWOW64\wbem
2016-08-10 12:38:51 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-08-10 12:38:51 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-08-10 12:38:50 ----D---- C:\WINDOWS\system32\wbem
2016-08-10 12:38:50 ----D---- C:\WINDOWS\system32\migration
2016-08-10 12:38:50 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2016-08-10 12:38:50 ----D---- C:\WINDOWS\system32\cs-CZ
2016-08-10 12:38:42 ----D---- C:\WINDOWS\apppatch
2016-08-09 22:03:16 ----D---- C:\WINDOWS\system32\MRT
2016-08-09 21:53:20 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-08-09 18:44:11 ----RD---- C:\Program Files (x86)
2016-07-30 20:31:37 ----D---- C:\WINDOWS\system32\catroot
2016-07-30 20:10:41 ----D---- C:\Program Files\Common Files\microsoft shared
2016-07-30 20:08:30 ----D---- C:\WINDOWS\SYSWOW64\drivers
2016-07-30 19:54:41 ----D---- C:\Program Files (x86)\Razer
2016-07-30 19:54:13 ----D---- C:\ProgramData\Razer
2016-07-30 19:50:49 ----D---- C:\ProgramData\Battle.net
2016-07-30 19:39:59 ----D---- C:\Program Files (x86)\Common Files
2016-07-27 10:52:59 ----D---- C:\ProgramData\BlueStacksSetup
2016-07-20 20:58:49 ----D---- C:\ProgramData\Oracle
2016-07-20 20:29:28 ----D---- C:\Program Files (x86)\Java
2016-07-20 20:29:02 ----D---- C:\Program Files\Java
2016-07-20 20:27:19 ----A---- C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-07-20 20:25:09 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2016-07-20 19:41:31 ----D---- C:\Program Files\TeamSpeak 3 Client
2016-07-20 04:48:27 ----SD---- C:\WINDOWS\SYSWOW64\GWX
2016-07-20 04:48:27 ----SD---- C:\WINDOWS\system32\GWX
2016-07-17 12:00:54 ----D---- C:\Users\Jiří\AppData\Roaming\MCorp
2016-07-17 11:55:19 ----D---- C:\WINDOWS\system32\Macromed
2016-07-17 11:55:16 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-07-17 11:09:11 ----RSD---- C:\WINDOWS\assembly
2016-07-17 10:42:43 ----D---- C:\WINDOWS\system32\appraiser
2016-07-17 10:42:42 ----D---- C:\WINDOWS\system32\CodeIntegrity
2016-07-17 10:42:42 ----D---- C:\Program Files\Windows Journal
2016-07-02 06:29:27 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-06-07 21:09:21 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-02-09 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-08-05 292704]
R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2016-03-22 21360]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-11-21 157016]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-02-09 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-02-09 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-03-09 1070904]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-02-25 463744]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2016-08-08 176288]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2016-07-30 27552]
R1 MPCKpt;MPCKpt; C:\WINDOWS\system32\DRIVERS\MPCKpt.sys [2016-03-24 60136]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-02-09 37656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-03-09 107792]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-02-09 165344]
R3 athr;@oem7.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2016-07-30 4297216]
R3 bScsiMSa;bScsiMSa; C:\WINDOWS\System32\drivers\bScsiMSa.sys [2016-07-30 59088]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-06-01 5384176]
R3 IMFFilter;IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [2016-04-01 22208]
R3 k57nd60a;@oem15.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\system32\DRIVERS\k57nd60a.sys [2016-07-30 458960]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2016-01-11 34848]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-11-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2016-08-08 15488]
S3 dg_ssudbus;@oem1.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2016-08-08 227456]
S3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2016-07-20 45680]
S3 MEIx64;@oem2.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-17 62784]
S3 ssudmdm;@oem5.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\system32\DRIVERS\WinUsb.sys [2015-10-10 78848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-02-09 237096]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-05-25 1364096]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-05-25 1687680]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-08-05 2816032]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2016-06-13 1597728]
R2 MPCProtectService;MPC Core Protect Service; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [2016-03-24 350688]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2015-12-16 76888]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-06 107848]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-06-14 2960672]
S2 sgbupt;SuperBoost Software Updater; C:\Program Files (x86)\SuperBoost\SuperBoost Software Updater\SuperBoostUpdater.exe [2016-04-21 2600256]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-07-25 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-17 270016]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-06 107848]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [2016-07-19 327944]

-----------------EOF-----------------
Nahoru
jirka.358
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 29 srp 2016 16:52

Re: jak mam odstranit viry z pc?

#5 Příspěvek od jirka.358 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Jiří (administrator) on ACER (01-09-2016 23:14:43)
Running from C:\Users\Jiří\Downloads
Loaded Profiles: Jiří (Available Profiles: Jiří)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_101\bin\javaw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_101\bin\javaw.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-23] (AVAST Software)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5976864 2016-06-28] (IObit)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\...\MountPoints2: {3f7e9bd7-2209-11e6-be96-20898470d4d1} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\...\MountPoints2: {3f7e9c0e-2209-11e6-be96-20898470d4d1} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\lol.scr
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-09] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-08-18]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sound Booster.lnk [2016-08-06]
ShortcutTarget: Sound Booster.lnk -> C:\Program Files (x86)\Letasoft Sound Booster\SoundBooster.exe (Letasoft)
BootExecute: autocheck autochk * SmartDefragBootTime.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A03F68B6-5D04-4DC2-86D4-AF82E038C9F5}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{F7C16682-F560-4D19-86EF-AC38AEEF7F0F}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = search.mpc.am
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = search.mpc.am
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = search.mpc.am
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = search.mpc.am
HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\Software\Microsoft\Internet Explorer\Main,Start Page = search.mpc.am
SearchScopes: HKLM -> DefaultScope {0644EE93-D778-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1869465252-3687877546-3391860672-1001 -> DefaultScope {0644EE93-D778-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.mpc.am?q={searchTerms}&cx=partner-pub-3796753109442372:3837783968
SearchScopes: HKU\S-1-5-21-1869465252-3687877546-3391860672-1001 -> {0644EE93-D778-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.mpc.am?q={searchTerms}&cx=partner-pub-3796753109442372:3837783968
SearchScopes: HKU\S-1-5-21-1869465252-3687877546-3391860672-1001 -> {26F52C51-EC7A-48B2-8A37-1019C5CAF50B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_27368
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-20] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-09] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-20] (Oracle Corporation)
BHO-x32: No Name -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-20] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-09] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-20] (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-20] (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-20] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-04-18]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-04-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.cz/
CHR StartupUrls: Default -> "search.mpc.am"
CHR DefaultSearchURL: Default -> hxxp://search.mpc.am?q={searchTerms}&cx=partner-pub-3796753109442372:3837783968
CHR DefaultSearchKeyword: Default -> mpc safe search
CHR Profile: C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-06]
CHR Extension: (Dokumenty Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-06]
CHR Extension: (Disk Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabulky Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-06]
CHR Extension: (Avast Online Security) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-31]
CHR Extension: (Gmail) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-30]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-02-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-09]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-09] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2816032 2016-08-05] (ESET)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1597728 2016-06-13] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-06-14] (IObit)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [327944 2016-07-19] (McAfee, Inc.)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-03-24] (DotC United Inc) <==== ATTENTION
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-12-16] ()
S2 sgbupt; C:\Program Files (x86)\SuperBoost\SuperBoost Software Updater\SuperBoostUpdater.exe [2600256 2016-04-21] (SuperBoost Software)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-11-21] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-02-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4297216 2016-07-30] (Qualcomm Atheros Communications, Inc.)
S3 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [227456 2016-08-08] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15488 2016-08-08] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [176288 2016-08-08] (ESET)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-07-30] (REALiX(tm))
R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22208 2016-04-01] (IObit)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-03-24] (DotC United Inc) <==== ATTENTION
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2016-01-11] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-01 23:14 - 2016-09-01 23:15 - 00016246 _____ C:\Users\Jiří\Downloads\FRST.txt
2016-09-01 23:13 - 2016-09-01 23:14 - 00000000 ____D C:\FRST
2016-09-01 23:13 - 2016-09-01 23:13 - 02397696 _____ (Farbar) C:\Users\Jiří\Downloads\FRST64.exe
2016-08-30 03:15 - 2016-08-30 03:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-08-29 18:02 - 2016-08-29 18:03 - 00067789 _____ C:\Users\Jiří\Desktop\vypis.txt
2016-08-29 17:40 - 2016-08-29 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-08-29 17:40 - 2016-08-29 17:40 - 00000000 ____D C:\ProgramData\ESET
2016-08-29 17:40 - 2016-08-29 17:40 - 00000000 ____D C:\Program Files\ESET
2016-08-29 17:27 - 2016-09-01 22:52 - 00000000 ____D C:\Program Files\trend micro
2016-08-29 17:27 - 2016-08-29 17:28 - 00000000 ____D C:\rsit
2016-08-29 17:27 - 2016-08-29 17:27 - 01222144 _____ C:\Users\Jiří\Downloads\RSITx64.exe
2016-08-29 17:16 - 2016-08-29 17:17 - 03124352 _____ (ESET) C:\Users\Jiří\Downloads\eset_nod32_antivirus_live_installer.exe
2016-08-28 22:37 - 2016-08-28 22:37 - 00000000 ____D C:\Users\Jiří\Desktop\schematick
2016-08-28 22:36 - 2016-08-28 22:37 - 00786558 _____ C:\Users\Jiří\Downloads\Schematic2Blueprint (1).zip
2016-08-28 22:34 - 2016-08-28 22:35 - 00786558 _____ C:\Users\Jiří\Downloads\Schematic2Blueprint.zip
2016-08-26 15:02 - 2016-08-26 15:03 - 08000292 _____ C:\Users\Jiří\Downloads\Lavria.zip
2016-08-26 14:56 - 2016-08-26 14:58 - 28185756 _____ C:\Users\Jiří\Downloads\server-spawn (1).zip
2016-08-26 14:51 - 2016-08-26 14:53 - 28185756 _____ C:\Users\Jiří\Downloads\server-spawn.zip
2016-08-26 14:08 - 2016-08-26 14:08 - 01537507 _____ C:\Users\Jiří\Downloads\Hubria.zip
2016-08-26 00:25 - 2016-08-26 00:26 - 15934060 _____ C:\Users\Jiří\Downloads\fr-minecraft_Kanos.zip
2016-08-25 23:53 - 2016-08-25 23:54 - 00760799 _____ C:\Users\Jiří\Downloads\alectrees.rar
2016-08-21 00:54 - 2016-08-21 00:54 - 03958716 _____ C:\Users\Jiří\Downloads\Treebundle-copie.zip
2016-08-21 00:42 - 2016-08-21 00:43 - 18828014 _____ C:\Users\Jiří\Downloads\Castle-of-WhiteCliff.zip
2016-08-18 14:12 - 2016-08-18 14:12 - 00001980 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-08-18 14:12 - 2016-08-18 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-08-17 18:50 - 2016-08-17 18:51 - 06282036 _____ C:\Users\Jiří\Downloads\chateau - Copie.zip
2016-08-17 16:43 - 2016-08-17 16:43 - 00000000 ____D C:\Users\Jiří\Desktop\Hobbit palace
2016-08-14 20:28 - 2016-08-14 20:28 - 00003004 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Startup
2016-08-14 20:28 - 2016-08-14 20:28 - 00003002 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Update
2016-08-13 21:17 - 2016-08-13 21:17 - 02104188 _____ C:\Users\Jiří\Downloads\minecraft_Skyblock2.1.zip
2016-08-10 12:41 - 2016-08-10 12:41 - 00000000 ____D C:\.oracle_jre_usage
2016-08-09 20:53 - 2016-06-18 22:06 - 00590688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-08-09 20:53 - 2016-06-10 20:11 - 06521800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-09 20:53 - 2016-06-10 20:11 - 01487992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-09 20:53 - 2016-06-10 20:11 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-09 20:53 - 2016-06-04 02:38 - 01613528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-08-09 20:53 - 2016-06-04 02:37 - 01970968 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-08-09 20:53 - 2016-05-29 09:08 - 22361344 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-09 20:53 - 2016-05-28 20:31 - 19788688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-09 20:53 - 2016-05-18 22:28 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-08-09 20:53 - 2016-05-13 23:42 - 03667968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-09 20:53 - 2016-05-06 19:13 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-08-09 20:53 - 2016-04-16 15:56 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-08-09 20:53 - 2016-04-06 20:20 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-09 20:53 - 2016-04-06 20:17 - 18825216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-09 20:53 - 2016-04-06 18:25 - 15158272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-09 20:52 - 2016-06-18 22:06 - 00072408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2016-08-09 20:52 - 2016-06-11 21:52 - 00379232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-09 20:52 - 2016-06-11 21:52 - 00057184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-09 20:52 - 2016-06-11 20:05 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpresult.exe
2016-08-09 20:52 - 2016-06-11 18:50 - 00987136 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-09 20:52 - 2016-06-11 18:46 - 00482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2016-08-09 20:52 - 2016-06-11 18:44 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-08-09 20:52 - 2016-06-11 18:37 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-08-09 20:52 - 2016-06-11 18:24 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-09 20:52 - 2016-06-11 18:20 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-08-09 20:52 - 2016-06-11 18:16 - 00626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-08-09 20:52 - 2016-06-11 05:44 - 00107984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-08-09 20:52 - 2016-06-11 05:44 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-08-09 20:52 - 2016-06-10 22:07 - 03820544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-08-09 20:52 - 2016-06-10 22:03 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-08-09 20:52 - 2016-06-10 21:04 - 03547136 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-09 20:52 - 2016-06-10 20:11 - 00125024 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptxml.dll
2016-08-09 20:52 - 2016-06-10 20:10 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptxml.dll
2016-08-09 20:52 - 2016-06-10 20:07 - 03273728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-08-09 20:52 - 2016-06-10 20:04 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-08-09 20:52 - 2016-06-09 21:32 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2016-08-09 20:52 - 2016-06-09 20:18 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2016-08-09 20:52 - 2016-06-07 20:10 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\hbaapi.dll
2016-08-09 20:52 - 2016-05-18 22:56 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2016-08-09 20:52 - 2016-05-18 22:16 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-08-09 20:52 - 2016-05-14 22:26 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-09 20:52 - 2016-05-14 07:19 - 01134768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-08-09 20:52 - 2016-05-14 01:08 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-09 20:52 - 2016-05-14 01:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-09 20:52 - 2016-05-14 00:24 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-08-09 20:52 - 2016-05-13 23:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-08-09 20:52 - 2016-05-13 23:26 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-08-09 20:52 - 2016-05-13 23:26 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-09 20:52 - 2016-05-13 23:16 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-09 20:52 - 2016-05-12 20:36 - 00034600 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2016-08-09 20:52 - 2016-05-12 19:39 - 00030984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountBroker.exe
2016-08-09 20:52 - 2016-05-06 23:59 - 00331608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-08-09 20:52 - 2016-05-05 20:28 - 01661072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-09 20:52 - 2016-05-05 19:39 - 01212256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-09 20:52 - 2016-05-05 19:18 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2016-08-09 20:52 - 2016-05-05 19:02 - 03320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-08-09 20:52 - 2016-05-05 18:37 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2016-08-09 20:52 - 2016-05-05 18:29 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-08-09 20:52 - 2016-04-10 07:35 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-08-09 20:52 - 2016-04-10 00:15 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-08-09 20:52 - 2016-04-10 00:14 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Geolocation.dll
2016-08-09 20:52 - 2016-04-10 00:10 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-08-09 20:52 - 2016-04-10 00:09 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-08-09 20:52 - 2016-04-10 00:02 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2016-08-09 20:52 - 2016-04-09 23:59 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Geolocation.dll
2016-08-09 20:52 - 2016-04-09 23:56 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-08-09 20:52 - 2016-04-09 23:55 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-08-09 20:52 - 2016-04-09 23:52 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2016-08-09 20:52 - 2016-04-07 18:06 - 00927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-08-09 20:52 - 2016-04-06 23:21 - 00114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2016-08-09 20:52 - 2016-04-06 00:37 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2016-08-09 20:52 - 2016-04-02 15:58 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-08-09 20:52 - 2016-04-01 18:50 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-08-09 20:51 - 2016-06-11 19:14 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpresult.exe
2016-08-09 20:51 - 2016-06-07 19:13 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hbaapi.dll
2016-08-09 20:51 - 2016-05-18 23:54 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\certenc.dll
2016-08-09 20:51 - 2016-05-18 23:15 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certenc.dll
2016-08-09 20:51 - 2016-05-18 22:33 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2016-08-09 20:51 - 2016-05-14 01:08 - 00032512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-08-09 20:51 - 2016-05-13 23:30 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-08-09 20:51 - 2016-05-13 23:29 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-08-09 20:51 - 2016-05-13 23:27 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-08-09 20:51 - 2016-05-13 23:18 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-08-09 20:51 - 2016-05-13 23:18 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-08-09 20:51 - 2016-05-13 23:16 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-08-09 20:51 - 2016-05-05 18:34 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-08-09 20:51 - 2016-05-05 17:28 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-08-09 20:51 - 2016-05-05 17:16 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-08-09 20:51 - 2016-04-09 23:59 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-08-09 20:51 - 2016-04-01 19:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-08-09 20:51 - 2016-04-01 18:53 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-08-09 20:51 - 2016-02-04 18:57 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-08-09 20:51 - 2016-02-04 18:49 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-08-09 20:51 - 2016-02-04 18:39 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-08-09 20:41 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-09 20:41 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-09 20:41 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-08-09 20:41 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2016-08-09 20:41 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-09 20:41 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-08-09 20:41 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-08-09 20:41 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-09 20:41 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-08-09 20:41 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-09 20:41 - 2016-08-02 07:46 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-08-09 20:41 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-08-09 20:41 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-08-09 20:41 - 2016-08-02 07:39 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-09 20:41 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-09 20:41 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-09 20:41 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-09 20:41 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-09 20:41 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-09 20:41 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-09 20:41 - 2016-08-02 07:20 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-08-09 20:41 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-09 20:41 - 2016-08-02 07:15 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-09 20:41 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-09 20:41 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-09 20:41 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-09 20:41 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-09 20:41 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-09 20:41 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-09 20:41 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-09 20:37 - 2016-07-12 16:08 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-09 20:37 - 2016-07-09 02:09 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-08-09 20:37 - 2016-07-09 02:08 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-08-09 20:37 - 2016-07-08 16:32 - 01753600 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-09 20:37 - 2016-07-08 16:25 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-09 20:37 - 2016-07-08 16:22 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-09 20:37 - 2016-07-08 16:19 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-08-09 20:37 - 2016-07-08 16:18 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-09 20:37 - 2016-07-08 16:17 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-08-09 20:37 - 2016-07-08 00:33 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-09 20:37 - 2016-07-07 23:53 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-08-09 20:37 - 2016-07-07 22:06 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-08-09 20:37 - 2016-07-06 16:26 - 07793152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-09 20:37 - 2016-07-06 16:26 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-08-09 20:37 - 2016-07-06 16:23 - 05270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-08-09 20:37 - 2016-07-06 16:21 - 05265920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-09 20:37 - 2016-05-19 01:18 - 00563024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-09 20:37 - 2016-05-19 01:18 - 00397232 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-08-09 20:37 - 2016-05-19 01:16 - 00178016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-09 20:37 - 2016-05-19 00:28 - 00340880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-08-09 18:45 - 2016-08-09 18:45 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-08-09 18:44 - 2016-08-09 18:44 - 00003264 _____ C:\WINDOWS\System32\Tasks\SuperbGameBoost
2016-08-09 18:44 - 2016-08-09 18:44 - 00001270 _____ C:\Users\Public\Desktop\Superb Game Boost.lnk
2016-08-09 18:44 - 2016-08-09 18:44 - 00001193 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2016-08-09 18:44 - 2016-08-09 18:44 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\SuperBoost
2016-08-09 18:44 - 2016-08-09 18:44 - 00000000 ____D C:\ProgramData\SuperBoost
2016-08-09 18:44 - 2016-08-09 18:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Superb Game Boost
2016-08-09 18:44 - 2016-08-09 18:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2016-08-09 18:44 - 2016-08-09 18:44 - 00000000 ____D C:\Program Files (x86)\SuperBoost
2016-08-09 18:44 - 2016-01-29 15:21 - 00276800 _____ C:\WINDOWS\SysWOW64\D3DX8Wrapper.dll
2016-08-09 18:44 - 2016-01-29 15:21 - 00229184 _____ (easyhook.codeplex.com) C:\WINDOWS\SysWOW64\EasyHook32.dll
2016-08-08 10:19 - 2016-08-08 10:19 - 00227456 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2016-08-08 10:19 - 2016-08-08 10:19 - 00176288 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2016-08-08 10:19 - 2016-08-08 10:19 - 00015488 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2016-08-08 00:00 - 2016-08-08 00:00 - 00000000 ____D C:\Users\Jiří\AppData\LocalLow\Dashlane
2016-08-07 22:02 - 2016-08-07 22:02 - 01952962 _____ C:\Users\Jiří\Downloads\Ideal_Cathedral.rar
2016-08-07 21:43 - 2016-08-07 21:44 - 02517394 _____ C:\Users\Jiří\Downloads\projetcommun3.rar
2016-08-07 02:32 - 2016-08-07 02:32 - 05327457 _____ C:\Users\Jiří\Downloads\TheGreatCologneCathedral.rar
2016-08-07 02:13 - 2016-08-07 02:15 - 13143267 _____ C:\Users\Jiří\Downloads\AopenckCathedral.zip
2016-08-07 00:06 - 2016-08-30 03:22 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Seznam.cz
2016-08-07 00:06 - 2016-08-14 00:06 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2016-08-07 00:06 - 2016-08-07 02:41 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\NCH Software
2016-08-07 00:05 - 2016-08-30 03:16 - 00000000 ____D C:\Program Files (x86)\NCH Software
2016-08-07 00:05 - 2016-08-30 03:10 - 00000000 ____D C:\ProgramData\NCH Software
2016-08-07 00:05 - 2016-08-07 00:05 - 00001288 _____ C:\Users\Public\Desktop\NCH Suite.lnk
2016-08-07 00:05 - 2016-08-07 00:05 - 00001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk
2016-08-07 00:05 - 2016-08-07 00:05 - 00001138 _____ C:\Users\Public\Desktop\WavePad Sound Editor.lnk
2016-08-06 17:43 - 2016-08-06 17:43 - 01045498 _____ C:\Users\Jiří\Downloads\XVII Century Cathedral.zip
2016-08-06 14:08 - 2016-08-06 14:08 - 01990542 _____ C:\Users\Jiří\Downloads\bigest catedral 0.11.0 COMPLITE.zip
2016-08-04 17:00 - 2016-08-06 14:10 - 00000000 ____D C:\Users\Jiří\Desktop\dapch

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-01 23:14 - 2015-08-08 23:37 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\TS3Client
2016-09-01 22:56 - 2015-08-06 20:42 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1869465252-3687877546-3391860672-1001
2016-09-01 22:55 - 2015-08-15 00:43 - 02452480 ___SH C:\Users\Jiří\Desktop\Thumbs.db
2016-09-01 22:32 - 2015-08-06 21:32 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-01 20:40 - 2015-08-16 18:58 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\.minecraft
2016-09-01 03:45 - 2016-02-02 08:53 - 00000000 ____D C:\Program Files (x86)\MPC AdCleaner
2016-09-01 01:32 - 2015-08-06 21:31 - 00000966 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-31 07:39 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-31 07:39 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-30 03:19 - 2015-08-15 18:12 - 00000000 ___DO C:\Users\Jiří\OneDrive
2016-08-30 03:15 - 2016-07-30 19:39 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\IObit
2016-08-30 03:15 - 2016-04-18 12:14 - 00001741 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-08-30 03:14 - 2016-07-30 19:39 - 00000000 ____D C:\Program Files (x86)\IObit
2016-08-30 03:14 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-30 03:13 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-08-30 03:02 - 2016-07-30 19:41 - 00000000 ____D C:\ProgramData\ProductData
2016-08-29 23:13 - 2016-07-29 20:36 - 00000000 ____D C:\Users\Jiří\AppData\Local\Discord
2016-08-29 23:12 - 2016-07-24 15:22 - 00000000 ____D C:\Users\Jiří\AppData\Local\vghd
2016-08-29 23:08 - 2015-08-08 23:34 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Skype
2016-08-29 22:15 - 2015-08-08 23:34 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-29 22:15 - 2015-08-08 23:34 - 00000000 ____D C:\ProgramData\Skype
2016-08-29 17:43 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-08-29 17:43 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-08-28 02:19 - 2015-08-06 21:31 - 00000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-08-18 14:12 - 2016-07-20 11:56 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-08-17 12:40 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-16 19:58 - 2016-07-30 20:08 - 00002864 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Jiří)
2016-08-10 15:44 - 2015-08-06 21:27 - 00000000 ____D C:\Users\Jiří\AppData\Local\Adobe
2016-08-10 12:45 - 2015-08-15 17:39 - 00000000 ____D C:\Users\Jiří
2016-08-10 12:44 - 2013-08-22 16:44 - 00337768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-10 12:39 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-08-10 12:39 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-09 22:03 - 2015-08-09 18:27 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-09 21:53 - 2015-08-09 18:27 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-09 18:44 - 2016-07-30 19:39 - 00000000 ____D C:\ProgramData\IObit
2016-08-09 18:41 - 2016-02-25 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
2016-08-09 15:34 - 2015-09-08 15:25 - 00003952 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{48DEBDAE-774D-4F85-8BF1-27CD60AE589D}
2016-08-08 22:42 - 2015-08-06 21:32 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-08 22:42 - 2015-08-06 21:32 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-07 21:42 - 2015-09-10 23:24 - 00000000 ____D C:\Users\Jiří\Downloads\koš plus
2016-08-07 17:44 - 2016-07-30 20:07 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane
2016-08-06 18:08 - 2015-09-10 23:44 - 00332288 ___SH C:\Users\Jiří\Downloads\Thumbs.db
2016-08-05 12:16 - 2015-08-07 22:57 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys

==================== Files in the root of some directories =======

2016-07-25 16:05 - 2016-07-25 16:05 - 0000037 ___SH () C:\Users\Jiří\AppData\Local\20986331705021ca58edc424.96250074

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-26 07:47

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: jak mam odstranit viry z pc?

#6 Příspěvek od Rudy »

FRST by postačil. Teď spusťte tuto utiltu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
jirka.358
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 29 srp 2016 16:52

Re: jak mam odstranit viry z pc?

#7 Příspěvek od jirka.358 »

# AdwCleaner v6.010 - Log soubor vytvořen 03/09/2016 na 01:32:52
# Aktualizováno dne 12/08/2016 z ToolsLib
# Databáze : 2016-09-01.2 [Server]
# Operační systém : Windows 8.1 (X64)
# Uživatelské jméno : Jiří - ACER
# Beží od : C:\Users\Jiří\Downloads\adwcleaner_6.010.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum



***** [ Služby ] *****

[-] Služby smazány:MPCProtectService
[-] Služby smazány:MPCKpt


***** [ Adresáře ] *****

[-] Adresář smazán:C:\Users\Jiří\AppData\Local\vghd
[-] Adresář smazán:C:\Users\Jiří\AppData\Roaming\MPC Cleaner
[-] Adresář smazán:C:\Users\Jiří\AppData\Roaming\MCorp
[-] Adresář smazán:C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MPC AdCleaner
[-] Adresář smazán:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
[-] Adresář smazán:C:\Program Files (x86)\MPC AdCleaner
[#] Adresář nelze smazat:C:\Program Files (x86)\MPC Cleaner
[-] Adresář smazán:C:\Program Files (x86)\SearchesToYesbnd
[-] Adresář smazán:C:\Program Files (x86)\ACGPro
[-] Adresář smazán:C:\Program Files (x86)\GtkFree
[-] Adresář smazán:C:\Users\Public\Documents\dmp
[#] Adresář nelze smazat:C:\Users\Jiří\AppData\Roaming\MCorp


***** [ Soubory ] *****

[-] Soubor smazán:C:\Users\Jiří\Desktop\MPC AdCleaner.lnk
[!] Soubor nelze smazat:C:\WINDOWS\SysNative\drivers\MPCKpt.sys
[-] Soubor smazán:C:\Users\Public\Desktop\MPC Cleaner.lnk
[-] Soubor smazán:C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****

[-] Klíč smazán:[x64] HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klíč smazán:HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klíč smazán:HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\Software\PRODUCTSETUP
[-] Klíč smazán:HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\Software\csastats
[#] Klíč smazán po restartování:HKU\S-1-5-18\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[#] Klíč smazán po restartování:HKCU\Software\PRODUCTSETUP
[#] Klíč smazán po restartování:HKCU\Software\csastats
[-] Klíč smazán:HKLM\SOFTWARE\MPC
[-] Klíč smazán:HKLM\SOFTWARE\MPC AdCleaner
[-] Klíč smazán:HKLM\SOFTWARE\yessearchesSoftware
[-] Klíč smazán:HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klíč smazán:HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Klíč smazán:HKLM\SOFTWARE\{G6276374-DEEE-4AAA-A355-9016A2F98A2D}
[-] Klíč smazán:HKLM\SOFTWARE\MaxPower
[-] Data obnovena:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data obnovena:HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena:HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Klíč smazán:HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0644EE93-D778-472f-A0FF-E1416B8B2E3A}
[-] Data obnovena:HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0644EE93-D778-472f-A0FF-E1416B8B2E3A}
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mpc.am
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\DOMStorage\search.mpc.am
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mpc.am
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.mpc.am


***** [ Prohlížeče ] *****

[-] [yessearches] [Search Provider] Smazání:yessearches
[-] [mpc safe search] [Search Provider] Smazání:mpc safe search
[-] [adblock-chrome.en.softonic.com] [Search Provider] Smazání:adblock-chrome.en.softonic.com
[-] [bass-treble-booster.en.softonic.com] [Search Provider] Smazání:bass-treble-booster.en.softonic.com
[-] [C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Smazání:search.mpc.am


*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [5007 Bajtů] - [03/09/2016 01:32:52]
C:\AdwCleaner\AdwCleaner[S0].txt - [5434 Bajtů] - [03/09/2016 01:28:40]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [5155 Bajtů] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: jak mam odstranit viry z pc?

#8 Příspěvek od Rudy »

Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
jirka.358
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 29 srp 2016 16:52

Re: jak mam odstranit viry z pc?

#9 Příspěvek od jirka.358 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Jiří (administrator) on ACER (03-09-2016 14:46:54)
Running from C:\Users\Jiří\Downloads
Loaded Profiles: Jiří (Available Profiles: Jiří)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(SuperBoost Software) C:\Program Files (x86)\SuperBoost\SuperBoost Software Updater\SuperBoostUpdater.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCDesktop.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-23] (AVAST Software)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5976864 2016-06-28] (IObit)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\...\MountPoints2: {3f7e9bd7-2209-11e6-be96-20898470d4d1} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\...\MountPoints2: {3f7e9c0e-2209-11e6-be96-20898470d4d1} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\lol.scr
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-09] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-08-18]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sound Booster.lnk [2016-08-06]
ShortcutTarget: Sound Booster.lnk -> C:\Program Files (x86)\Letasoft Sound Booster\SoundBooster.exe (Letasoft)
BootExecute: autocheck autochk * SmartDefragBootTime.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A03F68B6-5D04-4DC2-86D4-AF82E038C9F5}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{F7C16682-F560-4D19-86EF-AC38AEEF7F0F}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-1869465252-3687877546-3391860672-1001 -> {26F52C51-EC7A-48B2-8A37-1019C5CAF50B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_27368
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-20] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-09] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-20] (Oracle Corporation)
BHO-x32: No Name -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-20] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-09] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-20] (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-20] (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-20] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-04-18]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-04-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.cz/
CHR DefaultSearchURL: Default -> hxxp://search.mpc.am?q={searchTerms}&cx=partner-pub-3796753109442372:3837783968
CHR DefaultSearchKeyword: Default -> mpc safe search
CHR Profile: C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-06]
CHR Extension: (Dokumenty Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-06]
CHR Extension: (Disk Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabulky Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-06]
CHR Extension: (Avast Online Security) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-31]
CHR Extension: (Gmail) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-30]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-02-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-09]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-09] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2816032 2016-08-05] (ESET)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1597728 2016-06-13] (IObit)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-06-14] (IObit)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [327944 2016-07-19] (McAfee, Inc.)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [355808 2016-09-01] (DotC United Inc) <==== ATTENTION
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-12-16] ()
R2 sgbupt; C:\Program Files (x86)\SuperBoost\SuperBoost Software Updater\SuperBoostUpdater.exe [2600256 2016-04-21] (SuperBoost Software)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-11-21] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-02-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4297216 2016-07-30] (Qualcomm Atheros Communications, Inc.)
S3 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [227456 2016-08-08] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15488 2016-08-08] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [176288 2016-08-08] (ESET)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-07-30] (REALiX(tm))
S4 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22208 2016-04-01] (IObit)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-09-01] (DotC United Inc) <==== ATTENTION
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2016-01-11] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-03 01:43 - 2016-09-03 01:43 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\MCorp
2016-09-03 01:38 - 2016-09-03 01:38 - 00001872 _____ C:\Users\Jiří\Desktop\MPC Desktop.lnk
2016-09-03 01:38 - 2016-09-03 01:38 - 00001796 _____ C:\Users\Public\Desktop\MPC Desktop.lnk
2016-09-03 01:38 - 2016-09-03 01:38 - 00001789 _____ C:\Users\Public\Desktop\MPC AdCleaner.lnk
2016-09-03 01:38 - 2016-09-03 01:38 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MPC Desktop
2016-09-03 01:38 - 2016-09-03 01:38 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MPC AdCleaner
2016-09-03 01:38 - 2016-09-03 01:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC Desktop
2016-09-03 01:38 - 2016-09-03 01:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC AdCleaner
2016-09-03 01:38 - 2016-09-03 01:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-09-03 01:36 - 2016-09-03 01:38 - 00001741 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-09-03 01:24 - 2016-09-03 01:32 - 00000000 ____D C:\AdwCleaner
2016-09-03 01:23 - 2016-09-03 01:24 - 03826240 _____ C:\Users\Jiří\Downloads\adwcleaner_6.010.exe
2016-09-01 23:16 - 2016-09-01 23:28 - 00028430 _____ C:\Users\Jiří\Downloads\Addition.txt
2016-09-01 23:14 - 2016-09-03 14:46 - 00015754 _____ C:\Users\Jiří\Downloads\FRST.txt
2016-09-01 23:13 - 2016-09-03 14:46 - 00000000 ____D C:\FRST
2016-09-01 23:13 - 2016-09-01 23:13 - 02397696 _____ (Farbar) C:\Users\Jiří\Downloads\FRST64.exe
2016-08-29 18:02 - 2016-08-29 18:03 - 00067789 _____ C:\Users\Jiří\Desktop\vypis.txt
2016-08-29 17:40 - 2016-08-29 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-08-29 17:40 - 2016-08-29 17:40 - 00000000 ____D C:\ProgramData\ESET
2016-08-29 17:40 - 2016-08-29 17:40 - 00000000 ____D C:\Program Files\ESET
2016-08-29 17:27 - 2016-09-01 22:52 - 00000000 ____D C:\Program Files\trend micro
2016-08-29 17:27 - 2016-08-29 17:28 - 00000000 ____D C:\rsit
2016-08-29 17:27 - 2016-08-29 17:27 - 01222144 _____ C:\Users\Jiří\Downloads\RSITx64.exe
2016-08-29 17:16 - 2016-08-29 17:17 - 03124352 _____ (ESET) C:\Users\Jiří\Downloads\eset_nod32_antivirus_live_installer.exe
2016-08-28 22:37 - 2016-08-28 22:37 - 00000000 ____D C:\Users\Jiří\Desktop\schematick
2016-08-28 22:36 - 2016-08-28 22:37 - 00786558 _____ C:\Users\Jiří\Downloads\Schematic2Blueprint (1).zip
2016-08-28 22:34 - 2016-08-28 22:35 - 00786558 _____ C:\Users\Jiří\Downloads\Schematic2Blueprint.zip
2016-08-26 15:02 - 2016-08-26 15:03 - 08000292 _____ C:\Users\Jiří\Downloads\Lavria.zip
2016-08-26 14:56 - 2016-08-26 14:58 - 28185756 _____ C:\Users\Jiří\Downloads\server-spawn (1).zip
2016-08-26 14:51 - 2016-08-26 14:53 - 28185756 _____ C:\Users\Jiří\Downloads\server-spawn.zip
2016-08-26 14:08 - 2016-08-26 14:08 - 01537507 _____ C:\Users\Jiří\Downloads\Hubria.zip
2016-08-26 00:25 - 2016-08-26 00:26 - 15934060 _____ C:\Users\Jiří\Downloads\fr-minecraft_Kanos.zip
2016-08-25 23:53 - 2016-08-25 23:54 - 00760799 _____ C:\Users\Jiří\Downloads\alectrees.rar
2016-08-21 00:54 - 2016-08-21 00:54 - 03958716 _____ C:\Users\Jiří\Downloads\Treebundle-copie.zip
2016-08-21 00:42 - 2016-08-21 00:43 - 18828014 _____ C:\Users\Jiří\Downloads\Castle-of-WhiteCliff.zip
2016-08-18 14:12 - 2016-08-18 14:12 - 00001980 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-08-18 14:12 - 2016-08-18 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-08-17 18:50 - 2016-08-17 18:51 - 06282036 _____ C:\Users\Jiří\Downloads\chateau - Copie.zip
2016-08-17 16:43 - 2016-08-17 16:43 - 00000000 ____D C:\Users\Jiří\Desktop\Hobbit palace
2016-08-14 20:28 - 2016-08-14 20:28 - 00003004 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Startup
2016-08-14 20:28 - 2016-08-14 20:28 - 00003002 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Update
2016-08-13 21:17 - 2016-08-13 21:17 - 02104188 _____ C:\Users\Jiří\Downloads\minecraft_Skyblock2.1.zip
2016-08-10 12:41 - 2016-08-10 12:41 - 00000000 ____D C:\.oracle_jre_usage
2016-08-09 20:53 - 2016-06-18 22:06 - 00590688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-08-09 20:53 - 2016-06-10 20:11 - 06521800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-09 20:53 - 2016-06-10 20:11 - 01487992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-09 20:53 - 2016-06-10 20:11 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-09 20:53 - 2016-06-04 02:38 - 01613528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-08-09 20:53 - 2016-06-04 02:37 - 01970968 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-08-09 20:53 - 2016-05-29 09:08 - 22361344 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-09 20:53 - 2016-05-28 20:31 - 19788688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-09 20:53 - 2016-05-18 22:28 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-08-09 20:53 - 2016-05-13 23:42 - 03667968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-09 20:53 - 2016-05-06 19:13 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-08-09 20:53 - 2016-04-16 15:56 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-08-09 20:53 - 2016-04-06 20:20 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-09 20:53 - 2016-04-06 20:17 - 18825216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-09 20:53 - 2016-04-06 18:25 - 15158272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-09 20:52 - 2016-06-18 22:06 - 00072408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2016-08-09 20:52 - 2016-06-11 21:52 - 00379232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-09 20:52 - 2016-06-11 21:52 - 00057184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-09 20:52 - 2016-06-11 20:05 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpresult.exe
2016-08-09 20:52 - 2016-06-11 18:50 - 00987136 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-09 20:52 - 2016-06-11 18:46 - 00482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2016-08-09 20:52 - 2016-06-11 18:44 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-08-09 20:52 - 2016-06-11 18:37 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-08-09 20:52 - 2016-06-11 18:24 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-09 20:52 - 2016-06-11 18:20 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-08-09 20:52 - 2016-06-11 18:16 - 00626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-08-09 20:52 - 2016-06-11 05:44 - 00107984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-08-09 20:52 - 2016-06-11 05:44 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-08-09 20:52 - 2016-06-10 22:07 - 03820544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-08-09 20:52 - 2016-06-10 22:03 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-08-09 20:52 - 2016-06-10 21:04 - 03547136 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-09 20:52 - 2016-06-10 20:11 - 00125024 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptxml.dll
2016-08-09 20:52 - 2016-06-10 20:10 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptxml.dll
2016-08-09 20:52 - 2016-06-10 20:07 - 03273728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-08-09 20:52 - 2016-06-10 20:04 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-08-09 20:52 - 2016-06-09 21:32 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2016-08-09 20:52 - 2016-06-09 20:18 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2016-08-09 20:52 - 2016-06-07 20:10 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\hbaapi.dll
2016-08-09 20:52 - 2016-05-18 22:56 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2016-08-09 20:52 - 2016-05-18 22:16 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-08-09 20:52 - 2016-05-14 22:26 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-09 20:52 - 2016-05-14 07:19 - 01134768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-08-09 20:52 - 2016-05-14 01:08 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-09 20:52 - 2016-05-14 01:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-09 20:52 - 2016-05-14 00:24 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-08-09 20:52 - 2016-05-13 23:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-08-09 20:52 - 2016-05-13 23:26 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-08-09 20:52 - 2016-05-13 23:26 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-09 20:52 - 2016-05-13 23:16 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-09 20:52 - 2016-05-12 20:36 - 00034600 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2016-08-09 20:52 - 2016-05-12 19:39 - 00030984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountBroker.exe
2016-08-09 20:52 - 2016-05-06 23:59 - 00331608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-08-09 20:52 - 2016-05-05 20:28 - 01661072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-09 20:52 - 2016-05-05 19:39 - 01212256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-09 20:52 - 2016-05-05 19:18 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2016-08-09 20:52 - 2016-05-05 19:02 - 03320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-08-09 20:52 - 2016-05-05 18:37 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2016-08-09 20:52 - 2016-05-05 18:29 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-08-09 20:52 - 2016-04-10 07:35 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-08-09 20:52 - 2016-04-10 00:15 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-08-09 20:52 - 2016-04-10 00:14 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Geolocation.dll
2016-08-09 20:52 - 2016-04-10 00:10 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-08-09 20:52 - 2016-04-10 00:09 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-08-09 20:52 - 2016-04-10 00:02 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2016-08-09 20:52 - 2016-04-09 23:59 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Geolocation.dll
2016-08-09 20:52 - 2016-04-09 23:56 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-08-09 20:52 - 2016-04-09 23:55 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-08-09 20:52 - 2016-04-09 23:52 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2016-08-09 20:52 - 2016-04-07 18:06 - 00927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-08-09 20:52 - 2016-04-06 23:21 - 00114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2016-08-09 20:52 - 2016-04-06 00:37 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2016-08-09 20:52 - 2016-04-02 15:58 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-08-09 20:52 - 2016-04-01 18:50 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-08-09 20:51 - 2016-06-11 19:14 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpresult.exe
2016-08-09 20:51 - 2016-06-07 19:13 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hbaapi.dll
2016-08-09 20:51 - 2016-05-18 23:54 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\certenc.dll
2016-08-09 20:51 - 2016-05-18 23:15 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certenc.dll
2016-08-09 20:51 - 2016-05-18 22:33 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2016-08-09 20:51 - 2016-05-14 01:08 - 00032512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-08-09 20:51 - 2016-05-13 23:30 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-08-09 20:51 - 2016-05-13 23:29 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-08-09 20:51 - 2016-05-13 23:27 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-08-09 20:51 - 2016-05-13 23:18 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-08-09 20:51 - 2016-05-13 23:18 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-08-09 20:51 - 2016-05-13 23:16 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-08-09 20:51 - 2016-05-05 18:34 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-08-09 20:51 - 2016-05-05 17:28 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-08-09 20:51 - 2016-05-05 17:16 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-08-09 20:51 - 2016-04-09 23:59 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-08-09 20:51 - 2016-04-01 19:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-08-09 20:51 - 2016-04-01 18:53 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-08-09 20:51 - 2016-02-04 18:57 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-08-09 20:51 - 2016-02-04 18:49 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-08-09 20:51 - 2016-02-04 18:39 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-08-09 20:41 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-09 20:41 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-09 20:41 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-08-09 20:41 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2016-08-09 20:41 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-09 20:41 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-08-09 20:41 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-08-09 20:41 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-09 20:41 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-08-09 20:41 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-09 20:41 - 2016-08-02 07:46 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-08-09 20:41 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-08-09 20:41 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-08-09 20:41 - 2016-08-02 07:39 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-09 20:41 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-09 20:41 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-09 20:41 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-09 20:41 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-09 20:41 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-09 20:41 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-09 20:41 - 2016-08-02 07:20 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-08-09 20:41 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-09 20:41 - 2016-08-02 07:15 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-09 20:41 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-09 20:41 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-09 20:41 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-09 20:41 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-09 20:41 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-09 20:41 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-09 20:41 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-09 20:37 - 2016-07-12 16:08 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-09 20:37 - 2016-07-09 02:09 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-08-09 20:37 - 2016-07-09 02:08 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-08-09 20:37 - 2016-07-08 16:32 - 01753600 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-09 20:37 - 2016-07-08 16:25 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-09 20:37 - 2016-07-08 16:22 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-09 20:37 - 2016-07-08 16:19 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-08-09 20:37 - 2016-07-08 16:18 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-09 20:37 - 2016-07-08 16:17 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-08-09 20:37 - 2016-07-08 00:33 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-09 20:37 - 2016-07-07 23:53 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-08-09 20:37 - 2016-07-07 22:06 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-08-09 20:37 - 2016-07-06 16:26 - 07793152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-09 20:37 - 2016-07-06 16:26 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-08-09 20:37 - 2016-07-06 16:23 - 05270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-08-09 20:37 - 2016-07-06 16:21 - 05265920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-09 20:37 - 2016-05-19 01:18 - 00563024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-09 20:37 - 2016-05-19 01:18 - 00397232 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-08-09 20:37 - 2016-05-19 01:16 - 00178016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-09 20:37 - 2016-05-19 00:28 - 00340880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-08-09 18:45 - 2016-08-09 18:45 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-08-09 18:44 - 2016-08-09 18:44 - 00003264 _____ C:\WINDOWS\System32\Tasks\SuperbGameBoost
2016-08-09 18:44 - 2016-08-09 18:44 - 00001270 _____ C:\Users\Public\Desktop\Superb Game Boost.lnk
2016-08-09 18:44 - 2016-08-09 18:44 - 00001193 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2016-08-09 18:44 - 2016-08-09 18:44 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\SuperBoost
2016-08-09 18:44 - 2016-08-09 18:44 - 00000000 ____D C:\ProgramData\SuperBoost
2016-08-09 18:44 - 2016-08-09 18:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Superb Game Boost
2016-08-09 18:44 - 2016-08-09 18:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2016-08-09 18:44 - 2016-08-09 18:44 - 00000000 ____D C:\Program Files (x86)\SuperBoost
2016-08-09 18:44 - 2016-01-29 15:21 - 00276800 _____ C:\WINDOWS\SysWOW64\D3DX8Wrapper.dll
2016-08-09 18:44 - 2016-01-29 15:21 - 00229184 _____ (easyhook.codeplex.com) C:\WINDOWS\SysWOW64\EasyHook32.dll
2016-08-08 10:19 - 2016-08-08 10:19 - 00227456 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2016-08-08 10:19 - 2016-08-08 10:19 - 00176288 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2016-08-08 10:19 - 2016-08-08 10:19 - 00015488 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2016-08-08 00:00 - 2016-08-08 00:00 - 00000000 ____D C:\Users\Jiří\AppData\LocalLow\Dashlane
2016-08-07 22:02 - 2016-08-07 22:02 - 01952962 _____ C:\Users\Jiří\Downloads\Ideal_Cathedral.rar
2016-08-07 21:43 - 2016-08-07 21:44 - 02517394 _____ C:\Users\Jiří\Downloads\projetcommun3.rar
2016-08-07 02:32 - 2016-08-07 02:32 - 05327457 _____ C:\Users\Jiří\Downloads\TheGreatCologneCathedral.rar
2016-08-07 02:13 - 2016-08-07 02:15 - 13143267 _____ C:\Users\Jiří\Downloads\AopenckCathedral.zip
2016-08-07 00:06 - 2016-08-30 03:22 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Seznam.cz
2016-08-07 00:06 - 2016-08-14 00:06 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2016-08-07 00:06 - 2016-08-07 02:41 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\NCH Software
2016-08-07 00:05 - 2016-08-30 03:16 - 00000000 ____D C:\Program Files (x86)\NCH Software
2016-08-07 00:05 - 2016-08-30 03:10 - 00000000 ____D C:\ProgramData\NCH Software
2016-08-07 00:05 - 2016-08-07 00:05 - 00001288 _____ C:\Users\Public\Desktop\NCH Suite.lnk
2016-08-07 00:05 - 2016-08-07 00:05 - 00001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk
2016-08-07 00:05 - 2016-08-07 00:05 - 00001138 _____ C:\Users\Public\Desktop\WavePad Sound Editor.lnk
2016-08-06 17:43 - 2016-08-06 17:43 - 01045498 _____ C:\Users\Jiří\Downloads\XVII Century Cathedral.zip
2016-08-06 14:08 - 2016-08-06 14:08 - 01990542 _____ C:\Users\Jiří\Downloads\bigest catedral 0.11.0 COMPLITE.zip
2016-08-04 17:00 - 2016-08-06 14:10 - 00000000 ____D C:\Users\Jiří\Desktop\dapch

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-03 14:19 - 2015-08-06 21:31 - 00000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-09-03 02:42 - 2015-08-06 20:42 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1869465252-3687877546-3391860672-1001
2016-09-03 01:41 - 2016-04-18 12:16 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-09-03 01:38 - 2016-01-24 22:31 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-09-03 01:38 - 2015-08-15 18:12 - 00000000 __RDO C:\Users\Jiří\OneDrive
2016-09-03 01:36 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-03 01:35 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-09-03 01:24 - 2015-08-08 23:37 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\TS3Client
2016-09-03 01:23 - 2015-08-16 18:58 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\.minecraft
2016-09-01 22:55 - 2015-08-15 00:43 - 02452480 ___SH C:\Users\Jiří\Desktop\Thumbs.db
2016-09-01 04:27 - 2016-01-24 22:31 - 00060136 _____ (DotC United Inc) C:\WINDOWS\system32\Drivers\MPCKpt.sys
2016-08-31 07:39 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-31 07:39 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-30 03:15 - 2016-07-30 19:39 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\IObit
2016-08-30 03:14 - 2016-07-30 19:39 - 00000000 ____D C:\Program Files (x86)\IObit
2016-08-30 03:02 - 2016-07-30 19:41 - 00000000 ____D C:\ProgramData\ProductData
2016-08-29 23:13 - 2016-07-29 20:36 - 00000000 ____D C:\Users\Jiří\AppData\Local\Discord
2016-08-29 23:08 - 2015-08-08 23:34 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Skype
2016-08-29 22:15 - 2015-08-08 23:34 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-29 22:15 - 2015-08-08 23:34 - 00000000 ____D C:\ProgramData\Skype
2016-08-29 17:43 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-08-29 17:43 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-08-18 14:12 - 2016-07-20 11:56 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-08-17 12:40 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-16 19:58 - 2016-07-30 20:08 - 00002864 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Jiří)
2016-08-10 15:44 - 2015-08-06 21:27 - 00000000 ____D C:\Users\Jiří\AppData\Local\Adobe
2016-08-10 12:45 - 2015-08-15 17:39 - 00000000 ____D C:\Users\Jiří
2016-08-10 12:44 - 2013-08-22 16:44 - 00337768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-10 12:39 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-08-10 12:39 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-09 22:03 - 2015-08-09 18:27 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-09 21:53 - 2015-08-09 18:27 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-09 18:44 - 2016-07-30 19:39 - 00000000 ____D C:\ProgramData\IObit
2016-08-09 18:41 - 2016-02-25 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
2016-08-09 15:34 - 2015-09-08 15:25 - 00003952 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{48DEBDAE-774D-4F85-8BF1-27CD60AE589D}
2016-08-08 22:42 - 2015-08-06 21:32 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-08 22:42 - 2015-08-06 21:32 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-07 21:42 - 2015-09-10 23:24 - 00000000 ____D C:\Users\Jiří\Downloads\koš plus
2016-08-07 17:44 - 2016-07-30 20:07 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane
2016-08-06 18:08 - 2015-09-10 23:44 - 00332288 ___SH C:\Users\Jiří\Downloads\Thumbs.db
2016-08-05 12:16 - 2015-08-07 22:57 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys

==================== Files in the root of some directories =======

2016-07-25 16:05 - 2016-07-25 16:05 - 0000037 ___SH () C:\Users\Jiří\AppData\Local\20986331705021ca58edc424.96250074

Some files in TEMP:
====================
C:\Users\Jiří\AppData\Local\Temp\libeay32.dll
C:\Users\Jiří\AppData\Local\Temp\msvcr120.dll
C:\Users\Jiří\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-26 07:47

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: jak mam odstranit viry z pc?

#10 Příspěvek od Rudy »

V PC jsou 3 antiviry. Ponechte si pouze jeden, zbylé odinstalujte.

Otevřte poznámkový blok a zkopírujte do něj:
Start
HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\...\MountPoints2: {3f7e9bd7-2209-11e6-be96-20898470d4d1} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\...\MountPoints2: {3f7e9c0e-2209-11e6-be96-20898470d4d1} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
BHO-x32: No Name -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> No File
Toolbar: HKLM-x32 - No Name - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - No File
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
C:\Program Files\McAfee Security Scan
C:\Users\Jiří\AppData\Local\Temp
End
Uložte do C:\Users\Jiří\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
jirka.358
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 29 srp 2016 16:52

Re: jak mam odstranit viry z pc?

#11 Příspěvek od jirka.358 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016
Ran by Jiří (03-09-2016 18:06:26) Run:1
Running from C:\Users\Jiří\Downloads
Loaded Profiles: Jiří (Available Profiles: Jiří)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\...\MountPoints2: {3f7e9bd7-2209-11e6-be96-20898470d4d1} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\...\MountPoints2: {3f7e9c0e-2209-11e6-be96-20898470d4d1} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
BHO-x32: No Name -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> No File
Toolbar: HKLM-x32 - No Name - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - No File
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
C:\Program Files\McAfee Security Scan
C:\Users\Jiří\AppData\Local\Temp
End

*****************

"HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3f7e9bd7-2209-11e6-be96-20898470d4d1}" => key removed successfully
HKCR\CLSID\{3f7e9bd7-2209-11e6-be96-20898470d4d1} => key not found.
"HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3f7e9c0e-2209-11e6-be96-20898470d4d1}" => key removed successfully
HKCR\CLSID\{3f7e9c0e-2209-11e6-be96-20898470d4d1} => key not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKU\S-1-5-21-1869465252-3687877546-3391860672-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42D79B50-CC4A-4A8E-860F-BE674AF053A2}" => key removed successfully
HKCR\Wow6432Node\CLSID\{42D79B50-CC4A-4A8E-860F-BE674AF053A2} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{669695BC-A811-4A9D-8CDF-BA8C795F261C} => value removed successfully
HKCR\Wow6432Node\CLSID\{669695BC-A811-4A9D-8CDF-BA8C795F261C} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
c2cautoupdatesvc => Unable to stop service.
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => Unable to stop service.
c2cpnrsvc => service removed successfully
"C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk" => not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus" => not found.
"C:\Program Files\McAfee Security Scan" => not found.
C:\Users\Jiří\AppData\Local\Temp => moved successfully


The system needed a reboot.

==== End of Fixlog 18:06:37 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: jak mam odstranit viry z pc?

#12 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
jirka.358
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 29 srp 2016 16:52

Re: jak mam odstranit viry z pc?

#13 Příspěvek od jirka.358 »

viditelne zrychlení nepada vyhledavač ani windosws. opravdu dekuji :)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: jak mam odstranit viry z pc?

#14 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“