VIRY.CZ

Dobrý den,

mám problém se svým notebookem, není starý natolik, aby najíždění trvalo několik minut a reakce na kliknutí trvala několik sekund, jsem už docela zoufalý, tak prosím kohokoliv o pomoc. Nejspíš se bude jednat o nějaký vir, proto vkládám důvěru ve vás. ¨

Děkuji předem všem za pomoc!

Zde je RSIT log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Toshiba at 2018-01-11 18:09:26
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 52 GB (17%) free of 305 GB
Total RAM: 4078 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:09:39, on 11.1.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18860)
Boot mode: Normal

Running processes:
C:\Users\Toshiba\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Toshiba.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Toshiba\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Toshiba\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Adobe] C:\ProgramData\Adobe\Reader\Adobe.vbs
O4 - HKCU\..\Run: [CPU32] C:\ProgramData\Adobe\Reader\CPU32.exe
O4 - HKCU\..\Run: [CPU64] C:\ProgramData\Adobe\Reader\CPU64.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.667\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 82.163.143.171 82.163.142.173
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 82.163.143.171 82.163.142.173
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 82.163.143.171 82.163.142.173
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Service Installer TrueKey (InstallerService) - Unknown owner - C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.667\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Ochrana HDD TOSHIBA (Thpsrv) - Unknown owner - C:\Windows\system32\ThpSrv.exe (file missing)
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: TrueKeyServiceHelper - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10926 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 29539344
\??\C:\Windows\system32\conhost.exe "-1108785064-20609362981589833319-1621674556986043232-1359875644-21389447671460671046
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\ThpSrv.exe" /logon
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
szndesktop.exe default start
AvastUI.exe /nogui
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Users\Toshiba\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "-1054863785-1239370459-1204839633-170074201072446106-1491925086422248628-1842127926
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\ThpSrv.exe
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
\??\C:\Windows\system32\conhost.exe "-720260746-741179894-5301190-2130657540-1259766929-1876397126-13480151721072793198
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=63.0.3239.84 --initial-client-data=0x88,0x8c,0x90,0x84,0x94,0x7fee1a65720,0x7fee1a65760,0x7fee1a65738
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=1372 --on-initialized-event-handle=444 --parent-handle=456 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1444,10942913461548654352,1737392735862793600,131072 --gpu-vendor-id=0x10de --gpu-device-id=0x0a7a --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4144 --gpu-driver-date=2-3-2015 --service-request-channel-token=94EB30A19DB8BB06D12C8BB59CDB2304 --mojo-platform-channel-handle=1452 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1444,10942913461548654352,1737392735862793600,131072 --service-pipe-token=BCF557F50CA7CEB76632D93281C7E8E4 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=BCF557F50CA7CEB76632D93281C7E8E4 --renderer-client-id=13 --mojo-platform-channel-handle=2960 /prefetch:1
"taskhost.exe"
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --locale=cs_cz --backgroundcolor=16448250
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --primordial-pipe-token=F7297A745BFE47BF31F9202C569EEF93 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/18.9.20044 Chrome/59.0.3071.15" --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=F7297A745BFE47BF31F9202C569EEF93 --renderer-client-id=2 --mojo-platform-channel-handle=1256 --allow-no-sandbox-job /prefetch:1
C:\Users\Toshiba\AppData\Local\Temp\CPU\CPU_64.exe -o stratum+tcp://xmr.pool.minergate.com:45560 -u u25@hotmail.fr -p x
"C:\Program Files\McAfee Security Scan\3.11.667\SSScheduler.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=renderer --disable-gpu-compositing --disable-pinch --no-sandbox --primordial-pipe-token=9CEAAE5354E84E152A395701084B98F9 --lang=en-US --lang=en-US --log-file="C:\Users\Toshiba\AppData\Roaming\AVAST Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.3.2987.1601 Safari/537.36 Avastium (17.9.2322)" --proxy-auto-detect --disable-webaudio --mute-audio --force-wave-audio --disable-gpu --disable-software-rasterizer --no-sandbox --disable-webgl --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=9CEAAE5354E84E152A395701084B98F9 --renderer-client-id=13 --mojo-platform-channel-handle=4284 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1444,10942913461548654352,1737392735862793600,131072 --service-pipe-token=649C63128037322233182B5E4AC47CBE --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=649C63128037322233182B5E4AC47CBE --renderer-client-id=369 --mojo-platform-channel-handle=3924 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1444,10942913461548654352,1737392735862793600,131072 --service-pipe-token=18963411B3FB44BB6DBFB00C563EAFD9 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=18963411B3FB44BB6DBFB00C563EAFD9 --renderer-client-id=389 --mojo-platform-channel-handle=6840 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1444,10942913461548654352,1737392735862793600,131072 --service-pipe-token=0EA1A61BD51E9F0859963EE097355573 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=0EA1A61BD51E9F0859963EE097355573 --renderer-client-id=392 --mojo-platform-channel-handle=8276 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1444,10942913461548654352,1737392735862793600,131072 --service-pipe-token=88297E84D0776898C9B0C76A3DFFD976 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=88297E84D0776898C9B0C76A3DFFD976 --renderer-client-id=400 --mojo-platform-channel-handle=2536 /prefetch:1
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1444,10942913461548654352,1737392735862793600,131072 --service-pipe-token=810B3089A6036A510952A00E66225131 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=810B3089A6036A510952A00E66225131 --renderer-client-id=456 --mojo-platform-channel-handle=7864 /prefetch:1
taskeng.exe {7F2EB9DB-B4E9-4FE0-A60F-A94D1007701A}
taskhost.exe $(Arg0)

"D:\MIX\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26 1429728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-01-06 210112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-11-29 958328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-01-06 1061544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-01-06 3229864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26 1056992]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-01-06 149696]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-29 820672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-01-06 660648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26 1429728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26 1056992]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"=C:\Windows\system32\thpsrv /logon []
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2010-12-14 316032]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-12-25 246120]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
"cz.seznam.software.autoupdate"=C:\Users\Toshiba\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Toshiba\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Adobe"=C:\ProgramData\Adobe\Reader\Adobe.vbs [2017-11-24 61718]
"CPU32"=C:\ProgramData\Adobe\Reader\CPU32.exe []
"CPU64"=C:\ProgramData\Adobe\Reader\CPU64.exe [2017-11-24 3206656]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.667\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
"C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.mjpg"=pvmjpgx40.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-01-11 18:09:26 ----D---- C:\Program Files\trend micro
2018-01-11 17:54:27 ----D---- C:\ProgramData\Corel
2018-01-11 17:54:14 ----A---- C:\Users\Toshiba\AppData\Roaming\TOSHIBA-PC.MTBF.txt
2018-01-11 17:54:06 ----D---- C:\ProgramData\UniqueId
2018-01-11 17:41:24 ----D---- C:\Program Files\Pinnacle
2018-01-11 17:31:21 ----D---- C:\Users\Toshiba\AppData\Roaming\WinRAR
2018-01-11 17:30:40 ----D---- C:\Program Files\WinRAR
2018-01-10 17:40:07 ----D---- C:\ProgramData\McAfee Security Scan
2018-01-09 12:27:48 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2018-01-06 13:24:26 ----D---- C:\Program Files (x86)\Microsoft OneDrive
2018-01-06 13:22:59 ----D---- C:\Users\Toshiba\AppData\Roaming\Skype
2018-01-06 13:22:58 ----D---- C:\ProgramData\Microsoft OneDrive
2018-01-06 13:17:42 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-01-06 12:20:20 ----D---- C:\Program Files (x86)\Microsoft Office
2018-01-06 12:20:05 ----D---- C:\Program Files\Microsoft Office 15
2018-01-06 11:45:08 ----D---- C:\ProgramData\SWCUTemp
2017-12-25 19:37:31 ----A---- C:\Windows\system32\drivers\aswNetSec.sys
2017-12-25 19:37:11 ----A---- C:\Windows\system32\aswBoot.exe
2017-12-25 19:36:25 ----A---- C:\Windows\system32\drivers\aswNetNd6.sys
2017-12-15 14:44:39 ----D---- C:\Users\Toshiba\AppData\Roaming\InstalujDownloader
2017-12-15 10:22:10 ----A---- C:\Windows\system32\mshtml.dll
2017-12-15 10:22:08 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-12-15 10:22:05 ----A---- C:\Windows\system32\ieframe.dll
2017-12-15 10:22:03 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-12-15 10:22:02 ----A---- C:\Windows\system32\jscript9.dll
2017-12-15 10:22:01 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-12-15 10:21:59 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-12-15 10:21:59 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-12-15 10:21:59 ----A---- C:\Windows\system32\win32k.sys
2017-12-15 10:21:59 ----A---- C:\Windows\system32\urlmon.dll
2017-12-15 10:21:59 ----A---- C:\Windows\system32\jscript.dll
2017-12-15 10:21:58 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-12-15 10:21:58 ----A---- C:\Windows\SYSWOW64\gpedit.dll
2017-12-15 10:21:58 ----A---- C:\Windows\system32\vbscript.dll
2017-12-15 10:21:58 ----A---- C:\Windows\system32\gpedit.dll
2017-12-15 10:21:58 ----A---- C:\Windows\system32\drivers\rdbss.sys
2017-12-15 10:21:57 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2017-12-15 10:21:57 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-12-15 10:21:57 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-15 10:21:57 ----A---- C:\Windows\system32\iprtrmgr.dll
2017-12-15 10:21:57 ----A---- C:\Windows\system32\iedkcs32.dll
2017-12-15 10:21:56 ----A---- C:\Windows\SYSWOW64\rtm.dll
2017-12-15 10:21:56 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-12-15 10:21:56 ----A---- C:\Windows\SYSWOW64\mprdim.dll
2017-12-15 10:21:56 ----A---- C:\Windows\SYSWOW64\itss.dll
2017-12-15 10:21:56 ----A---- C:\Windows\system32\rtm.dll
2017-12-15 10:21:56 ----A---- C:\Windows\system32\mprdim.dll
2017-12-15 10:21:56 ----A---- C:\Windows\system32\itss.dll
2017-12-15 10:21:56 ----A---- C:\Windows\system32\itircl.dll
2017-12-15 10:21:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-12-15 10:21:55 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-12-15 10:21:55 ----A---- C:\Windows\SYSWOW64\itircl.dll
2017-12-15 10:21:55 ----A---- C:\Windows\SYSWOW64\iprtprio.dll
2017-12-15 10:21:55 ----A---- C:\Windows\system32\wininet.dll
2017-12-15 10:21:55 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-12-15 10:21:55 ----A---- C:\Windows\system32\iprtprio.dll
2017-12-15 10:21:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-12-15 10:21:54 ----A---- C:\Windows\system32\msfeeds.dll
2017-12-15 10:21:54 ----A---- C:\Windows\system32\iertutil.dll
2017-12-15 10:21:53 ----A---- C:\Windows\system32\ieui.dll
2017-12-15 10:21:53 ----A---- C:\Windows\system32\ieapfltr.dll
2017-12-15 10:21:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-12-15 10:21:51 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-12-15 10:21:51 ----A---- C:\Windows\system32\webcheck.dll
2017-12-15 10:21:50 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-12-15 10:21:50 ----A---- C:\Windows\system32\mshtmled.dll
2017-12-15 10:21:49 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-12-15 10:21:49 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-12-15 10:21:49 ----A---- C:\Windows\system32\msrating.dll
2017-12-15 10:21:49 ----A---- C:\Windows\system32\dxtmsft.dll
2017-12-15 10:21:48 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-12-15 10:21:48 ----A---- C:\Windows\system32\jscript9diag.dll
2017-12-15 10:21:48 ----A---- C:\Windows\system32\dxtrans.dll
2017-12-15 10:21:47 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-12-15 10:21:47 ----A---- C:\Windows\system32\occache.dll
2017-12-15 10:21:46 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-12-15 10:21:46 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-12-15 10:21:46 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-12-15 10:21:46 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-12-15 10:21:46 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-12-15 10:21:46 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-12-15 10:21:46 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-12-15 10:21:46 ----A---- C:\Windows\system32\jsproxy.dll
2017-12-15 10:21:46 ----A---- C:\Windows\system32\inseng.dll
2017-12-15 10:21:46 ----A---- C:\Windows\system32\ieUnatt.exe
2017-12-15 10:21:46 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-12-15 10:21:45 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-12-15 10:21:45 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-12-15 10:21:45 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-12-15 10:21:45 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-15 10:21:45 ----A---- C:\Windows\system32\iesetup.dll
2017-12-15 10:21:44 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-12-15 10:21:44 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-12-15 10:21:44 ----A---- C:\Windows\system32\tzres.dll
2017-12-15 10:21:44 ----A---- C:\Windows\system32\iernonce.dll
2017-12-15 10:21:44 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-12-15 10:21:44 ----A---- C:\Windows\system32\ie4uinit.exe
2017-12-15 10:21:42 ----A---- C:\Windows\system32\ieetwcollectorres.dll

======List of files/folders modified in the last 1 month======

2018-01-11 18:09:26 ----RD---- C:\Program Files
2018-01-11 18:07:20 ----D---- C:\Windows\Temp
2018-01-11 18:01:07 ----D---- C:\Windows\system32\config
2018-01-11 17:54:27 ----HD---- C:\ProgramData
2018-01-11 17:50:30 ----SHD---- C:\Windows\Installer
2018-01-11 17:50:28 ----SHD---- C:\Config.Msi
2018-01-11 17:50:01 ----D---- C:\Windows\winsxs
2018-01-11 17:48:01 ----D---- C:\Windows\SysWOW64
2018-01-11 17:47:57 ----D---- C:\Windows\System32
2018-01-11 17:46:00 ----D---- C:\ProgramData\Pinnacle
2018-01-11 17:42:31 ----RSD---- C:\Windows\Fonts
2018-01-11 17:41:24 ----D---- C:\Program Files (x86)\Common Files
2018-01-11 17:38:21 ----SHD---- C:\System Volume Information
2018-01-11 17:30:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-01-11 17:26:53 ----D---- C:\Windows\Prefetch
2018-01-11 17:25:50 ----RSD---- C:\Windows\assembly
2018-01-11 17:25:47 ----D---- C:\Program Files (x86)\LibreOffice 4
2018-01-11 17:19:31 ----D---- C:\Program Files (x86)\Opera
2018-01-11 17:18:53 ----D---- C:\Windows\system32\Tasks
2018-01-11 17:18:17 ----D---- C:\Windows\system32\DriverStore
2018-01-11 17:18:16 ----D---- C:\Windows\inf
2018-01-11 17:18:15 ----D---- C:\Windows\system32\catroot
2018-01-11 17:16:56 ----RD---- C:\Program Files (x86)
2018-01-11 14:40:13 ----SD---- C:\Users\Toshiba\AppData\Roaming\Microsoft
2018-01-10 22:42:01 ----D---- C:\KMPlayer
2018-01-10 19:38:51 ----D---- C:\Windows\system32\drivers
2018-01-10 17:40:24 ----D---- C:\Program Files\McAfee Security Scan
2018-01-09 12:37:06 ----D---- C:\Users\Toshiba\AppData\Roaming\Seznam.cz
2018-01-09 12:30:27 ----D---- C:\ProgramData\NVIDIA
2018-01-09 12:28:06 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-01-09 12:27:55 ----D---- C:\Windows\system32\Macromed
2018-01-09 12:27:50 ----D---- C:\Windows\SYSWOW64\Macromed
2018-01-09 12:21:30 ----D---- C:\Windows\LiveKernelReports
2018-01-08 10:24:21 ----D---- C:\Windows\Microsoft.NET
2018-01-08 08:23:54 ----D---- C:\Windows
2018-01-06 13:22:39 ----D---- C:\Windows\SoftwareDistribution
2018-01-06 13:21:06 ----D---- C:\Program Files (x86)\Microsoft.NET
2018-01-06 13:17:41 ----SD---- C:\ProgramData\Microsoft
2018-01-06 13:17:41 ----D---- C:\Program Files\Common Files\Microsoft Shared
2018-01-06 12:10:17 ----D---- C:\AdwCleaner
2018-01-06 11:49:13 ----D---- C:\Windows\system32\MRT
2017-12-22 09:45:05 ----D---- C:\Windows\system32\NDF
2017-12-21 08:02:20 ----D---- C:\Toshiba
2017-12-16 11:07:41 ----D---- C:\Windows\rescache
2017-12-16 09:26:29 ----D---- C:\Program Files\Internet Explorer
2017-12-16 09:26:28 ----D---- C:\Program Files (x86)\Internet Explorer
2017-12-16 09:26:27 ----D---- C:\Windows\SYSWOW64\Setup
2017-12-16 09:26:27 ----D---- C:\Windows\SYSWOW64\en-US
2017-12-16 09:26:27 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-12-16 09:26:24 ----D---- C:\Windows\system32\Setup
2017-12-16 09:26:24 ----D---- C:\Windows\system32\en-US
2017-12-16 09:26:24 ----D---- C:\Windows\system32\cs-CZ
2017-12-15 03:02:47 ----D---- C:\Windows\debug
2017-12-15 03:02:20 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-12-15 03:01:28 ----AC---- C:\Windows\system32\MRT.exe
2017-12-14 21:28:40 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2017-12-25 199448]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2017-12-25 343768]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2017-12-25 57696]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-12-25 84384]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-12-25 358672]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 Thpdrv;TOSHIBA HDD Protection Driver; C:\Windows\system32\DRIVERS\thpdrv.sys [2009-06-29 34880]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver; C:\Windows\system32\DRIVERS\Thpevm.SYS [2009-06-29 14784]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 26968]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2017-12-25 185096]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2017-12-25 321512]
R1 aswNetSec;aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [2017-12-25 580480]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-12-25 110336]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-12-25 1025176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-01-10 457896]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-01-10 146648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-12-25 204456]
R3 aswNetNd6;Avast Firewall NDIS6 Helper; C:\Windows\system32\DRIVERS\aswNetNd6.sys [2017-12-25 38152]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-12-17 2675712]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2011-01-27 1577088]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-11-08 76912]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-11-12 155752]
S3 AR9271;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athuwx.sys [2011-07-28 2224160]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-12-25 46976]
S3 BtFilter;Bluetooth LowerFilter Class Filter Driver; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-18 42096]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 cpuz134;cpuz134; \??\C:\Users\Toshiba\AppData\Local\Temp\cpuz134\cpuz134_x64.sys []
S3 E1G60;Intel(R) PRO/1000 NDIS 6 – ovladač adaptéru; C:\Windows\system32\DRIVERS\E1G6032E.sys [2009-06-10 145792]
S3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-12-01 250984]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2010-11-30 307304]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2013-10-02 29696]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-12-25 301168]
R2 avast! Firewall;Avast Firewall Service; C:\Program Files\AVAST Software\Avast\afwServ.exe [2017-12-25 351552]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-12-02 7761576]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-02-04 932040]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-02-04 409800]
R2 Thpsrv;Ochrana HDD TOSHIBA; C:\Windows\system32\ThpSrv.exe [2010-12-24 526848]
R2 TrueKey;Intel Security True Key; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-06-26 1001920]
R2 TrueKeyScheduler;Intel Security True Key Scheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [2017-06-26 16928]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-12-25 7538536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-12 153752]
S2 InstallerService;Service Installer TrueKey; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-09 272384]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-12 153752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-11-14 116224]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.667\McCHSvc.exe [2018-01-05 404376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-03-25 167880]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-12-02 213672]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2017-12-01 5132888]
S3 TrueKeyServiceHelper;TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-06-26 87760]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-30 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

Krasny den Vam preju


Odinstalujte

• McAfee Security Scan - adware z instalace Adobe Flash Playeru http://forum.viry.cz/viewtopic.php?p=1374437#p1374437
• Seznam Software - pokud nepouzivate, protoze velice casto byva instalovan jako adware

V ramci cisteni Vam budou vyprazdneny docasne adresare (vysypani Kose a tempu, vyprazdneni cache prohlizecu apod.).


Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan (Skenovani), pote na Clean (Cisteni)
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah zkopirujte do pristi odpovedi

Dobrý den, děkuji, že jste se ujal mého tématu. Provedl jsem scan pomocí AdwCleaneru, nic nenašel, i přesto vám posílám vygenerovaný log. Nedávno jsem však dělal kontrolu pomocí AdwCleaneru a něco mi to našlo, posílám i tento log ve druhé odpovědi.

log bez nalezených problémů:

# AdwCleaner 7.0.6.0 - Logfile created on Sat Jan 13 13:18:48 2018
# Updated on 2017/21/12 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C1].txt - [1654 B] - [2016/5/19 8:41:51]
C:/AdwCleaner/AdwCleaner[S0].txt - [56185 B] - [2015/1/23 18:48:13]
C:/AdwCleaner/AdwCleaner[S1].txt - [15962 B] - [2015/1/25 19:26:25]
C:/AdwCleaner/AdwCleaner[S2].txt - [1518 B] - [2018/1/6 10:42:10]
C:/AdwCleaner/AdwCleaner[S3].txt - [1224 B] - [2018/1/13 13:17:8]


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

Scan z minulého týdne:

# AdwCleaner 7.0.6.0 - Logfile created on Sat Jan 06 10:42:10 2018
# Updated on 2017/21/12 by Malwarebytes
# Database: 01-05-2018.1
# Running on Windows 7 Home Premium (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C1].txt - [12059 B] - [2016/5/19 8:41:51]
C:/AdwCleaner/AdwCleaner[S0].txt - [56185 B] - [2015/1/23 18:48:13]
C:/AdwCleaner/AdwCleaner[S1].txt - [15962 B] - [2015/1/25 19:26:25]


########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt ##########

Vyborne, dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pokud budete mit problemy se stazenim FRSTLauncheru, staci kdyz pouzijete samotny FRST.exe/FRST64.exe.

Dobrý večer,

omlouvám se za pozdní reakci, bohužel jsem teď neměl možnost dostat se k tomuto notebooku. FRSTLauncher mi bohužel nešel, proto posílám logy z FRT64.exe. Snad je vše v pořádku.

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.01.2018 01
Ran by Toshiba (administrator) on TOSHIBA-PC (18-01-2018 20:05:00)
Running from C:\Users\Toshiba\Desktop
Loaded Profiles: Toshiba (Available Profiles: Toshiba)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(PandoraTV) C:\KMPlayer\KMPlayer.exe
() C:\Users\Toshiba\AppData\Local\Temp\CPU\CPU_64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv /logon
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2017-12-25] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3784979911-3349424784-1352719787-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-3784979911-3349424784-1352719787-1002\...\Run: [Adobe] => C:\ProgramData\Adobe\Reader\Adobe.vbs [61718 2017-11-24] ()
HKU\S-1-5-21-3784979911-3349424784-1352719787-1002\...\Run: [CPU32] => C:\ProgramData\Adobe\Reader\CPU32.exe
HKU\S-1-5-21-3784979911-3349424784-1352719787-1002\...\Run: [CPU64] => C:\ProgramData\Adobe\Reader\CPU64.exe [3206656 2017-11-24] ()
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 91.228.45.254 91.228.46.254
Tcpip\Parameters: [NameServer] 82.163.143.171 82.163.142.173
Tcpip\..\Interfaces\{A73F6A78-2988-4470-81EC-63E802289DFF}: [DhcpNameServer] 91.228.45.254 91.228.46.254
Tcpip\..\Interfaces\{E22DDE1A-079D-4E47-97EE-B05AB8384C04}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> OldSearch URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {C2D21AC0-5D16-40AF-B0D4-9AFFAC55F3DA} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {C2D21AC0-5D16-40AF-B0D4-9AFFAC55F3DA} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3784979911-3349424784-1352719787-1002 -> OldSearch URL =
SearchScopes: HKU\S-1-5-21-3784979911-3349424784-1352719787-1002 -> {B8454CCB-F18F-4F91-ACEE-30CF88CA5529} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-01-06] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-11-29] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-01-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-01-06] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-01-06] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-29] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-01-06] (Microsoft Corporation)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-06] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 0hkn9r0t.default
FF ProfilePath: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\0hkn9r0t.default [2018-01-18]
FF user.js: detected! => C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\0hkn9r0t.default\user.js [2016-02-21]
FF Homepage: Mozilla\Firefox\Profiles\0hkn9r0t.default -> hxxp://www.google.cz/
FF Extension: (Money Viking) - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\0hkn9r0t.default\Extensions\{6794bc74-078a-41fa-93e0-6fab12c43771}.xpi [2016-02-19] [Legacy] [not signed]
FF Extension: (Adblock Plus) - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\0hkn9r0t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-09] [Legacy]
FF Extension: (No Name) - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\0hkn9r0t.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Extension: (No Name) - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\0hkn9r0t.default\extensions\sko-extension@firma.seznam.cz [not found]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-09] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-06] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://google.cz/
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/hm?eq=U0EeCFZVBB8SRggbIwoPUABCFhgaIlwBTA1CFVcOIQxbVxRAElYQJA0PAgBCQwUFIk0FA1oDB0VXfV5bFElXTwhuL1ddGG8YSlxNJw=="
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR NewTab: Default -> Not-active:"chrome-extension://jffjjdoccjiflmckicphblggbppfgklk/newtab.html"
CHR Profile: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default [2018-01-18]
CHR Extension: (Prezentace) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-10]
CHR Extension: (YouTube) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-10]
CHR Extension: (Vyhledávání Google) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-10]
CHR Extension: (Adobe Acrobat) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-06]
CHR Extension: (Avast SafePrice) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-23]
CHR Extension: (Tabulky) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Sweets) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheekmgekhahpaelhpkginoipahinfnk [2017-11-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-14]
CHR Extension: (New Tab Theme Installer) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\jffjjdoccjiflmckicphblggbppfgklk [2017-11-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-10]
CHR Extension: (Chrome Media Router) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-13]
CHR HKU\S-1-5-21-3784979911-3349424784-1352719787-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR StartupUrls: "hxxp://searchinterneat-a.akamaihd.net/hm?eq=U0EeCFZVBB8SRggbIwoPUABCFhgaIlwBTA1CFVcOIQxbVxRAElYQJA0PAgBCQwUFIk0FA1oDB0VXfV5bFElXTwhuL1ddGG8YSlxNJw=="
OPR Extension: (Money Viking) - C:\Users\Toshiba\AppData\Roaming\Opera Software\Opera Stable\Extensions\lcpkhndbkjplinhmffdkajbpeiioicjl [2016-04-08]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2017-12-25] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2017-12-25] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761584 2017-12-23] (Microsoft Corporation)
R2 Thpsrv; C:\Windows\system32\ThpSrv.exe [526848 2010-12-24] (TOSHIBA Corporation) [File not signed]
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-06-26] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-06-26] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-06-26] (McAfee, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AR9271; C:\Windows\System32\DRIVERS\athuwx.sys [2224160 2011-07-28] (Atheros Communications, Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [185096 2017-12-25] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321512 2017-12-25] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199448 2017-12-25] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343768 2017-12-25] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57696 2017-12-25] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [149344 2018-01-13] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2017-12-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [146648 2018-01-10] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110336 2017-12-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84384 2017-12-25] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1025176 2017-12-25] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [457896 2018-01-10] (AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [204456 2017-12-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [358672 2017-12-25] (AVAST Software)
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
S3 cpuz134; \??\C:\Users\Toshiba\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-18 20:05 - 2018-01-18 20:05 - 000017749 _____ C:\Users\Toshiba\Desktop\FRST.txt
2018-01-18 20:04 - 2018-01-18 20:05 - 000000000 ____D C:\FRST
2018-01-18 20:03 - 2018-01-18 20:03 - 002393088 _____ (Farbar) C:\Users\Toshiba\Desktop\FRST64.exe
2018-01-18 20:02 - 2018-01-18 20:02 - 000015327 _____ C:\Users\Toshiba\Desktop\LM.bat
2018-01-18 19:51 - 2018-01-18 20:02 - 000029696 _____ C:\Users\Toshiba\AppData\Local\MSGBOX.EXE
2018-01-17 14:20 - 2018-01-17 14:20 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-01-17 13:48 - 2018-01-17 14:07 - 340543496 _____ C:\Users\Toshiba\Downloads\Ulice 3382 (Bat24).avi
2018-01-16 20:31 - 2018-01-16 22:21 - 1344784384 _____ C:\Users\Toshiba\Downloads\Room-Cz-Dabing-NOVINKA-2015.avi
2018-01-16 16:15 - 2018-01-01 03:21 - 005581544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-01-16 16:15 - 2018-01-01 03:21 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-01-16 16:15 - 2018-01-01 03:21 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-01-16 16:15 - 2018-01-01 03:19 - 001665384 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-01-16 16:15 - 2018-01-01 03:18 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-01-16 16:15 - 2018-01-01 03:18 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-01-16 16:15 - 2018-01-01 03:18 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-01-16 16:15 - 2018-01-01 03:18 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-01-16 16:15 - 2018-01-01 03:13 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-01-16 16:15 - 2018-01-01 03:00 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-01-16 16:15 - 2018-01-01 03:00 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-01-16 16:15 - 2018-01-01 02:54 - 004013800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-01-16 16:15 - 2018-01-01 02:54 - 003959016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-01-16 16:15 - 2018-01-01 02:42 - 000460288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-01-16 16:15 - 2017-12-29 19:39 - 020274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-01-16 16:15 - 2017-12-29 19:13 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-01-16 16:15 - 2017-12-29 19:09 - 002294272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-01-16 16:15 - 2017-12-29 19:03 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-01-16 16:15 - 2017-12-29 18:45 - 004508160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-01-16 16:15 - 2017-12-29 18:38 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-01-16 16:15 - 2017-12-29 18:19 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-01-16 16:15 - 2017-12-29 18:15 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-01-16 16:15 - 2017-12-29 10:15 - 025737728 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-01-16 16:15 - 2017-12-29 09:52 - 002900480 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-01-16 16:15 - 2017-12-29 09:51 - 005796352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-01-16 16:15 - 2017-12-29 09:40 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-01-16 16:15 - 2017-12-29 09:39 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-01-16 16:15 - 2017-12-29 09:32 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-01-16 16:15 - 2017-12-29 09:04 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-01-16 16:15 - 2017-12-29 09:03 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-01-16 16:15 - 2017-12-29 08:50 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-01-16 16:15 - 2017-12-29 08:39 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-01-16 16:15 - 2017-12-29 08:27 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-01-16 16:15 - 2017-12-21 07:27 - 000634312 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-01-16 16:14 - 2018-01-01 03:21 - 000948968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-01-16 16:14 - 2018-01-01 03:21 - 000288488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-01-16 16:14 - 2018-01-01 03:21 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-01-16 16:14 - 2018-01-01 03:21 - 000213736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-01-16 16:14 - 2018-01-01 03:21 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-01-16 16:14 - 2018-01-01 03:21 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-01-16 16:14 - 2018-01-01 03:21 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-01-16 16:14 - 2018-01-01 03:18 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-01-16 16:14 - 2018-01-01 03:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-01-16 16:14 - 2018-01-01 03:18 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2018-01-16 16:14 - 2018-01-01 03:18 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2018-01-16 16:14 - 2018-01-01 03:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2018-01-16 16:14 - 2018-01-01 03:18 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2018-01-16 16:14 - 2018-01-01 03:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
2018-01-16 16:14 - 2018-01-01 03:04 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-01-16 16:14 - 2018-01-01 03:02 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2018-01-16 16:14 - 2018-01-01 03:00 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2018-01-16 16:14 - 2018-01-01 03:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2018-01-16 16:14 - 2018-01-01 03:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll
2018-01-16 16:14 - 2018-01-01 02:59 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-01-16 16:14 - 2018-01-01 02:59 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-01-16 16:14 - 2018-01-01 02:59 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-01-16 16:14 - 2018-01-01 02:59 - 000309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-01-16 16:14 - 2018-01-01 02:55 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2018-01-16 16:14 - 2018-01-01 02:55 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2018-01-16 16:14 - 2018-01-01 02:55 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2018-01-16 16:14 - 2018-01-01 02:55 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-01-16 16:14 - 2018-01-01 02:55 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2018-01-16 16:14 - 2018-01-01 02:54 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-01-16 16:14 - 2018-01-01 02:50 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-01-16 16:14 - 2018-01-01 02:49 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-01-16 16:14 - 2018-01-01 02:46 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-01-16 16:14 - 2018-01-01 02:43 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2018-01-16 16:14 - 2018-01-01 02:43 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2018-01-16 16:14 - 2018-01-01 02:43 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2018-01-16 16:14 - 2018-01-01 02:43 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2018-01-16 16:14 - 2018-01-01 02:43 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapPeerProxy.dll
2018-01-16 16:14 - 2018-01-01 02:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapAuthProxy.dll
2018-01-16 16:14 - 2018-01-01 02:43 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-01-16 16:14 - 2018-01-01 02:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll
2018-01-16 16:14 - 2018-01-01 02:42 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-01-16 16:14 - 2018-01-01 02:42 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-01-16 16:14 - 2018-01-01 02:42 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-01-16 16:14 - 2018-01-01 02:41 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-01-16 16:14 - 2018-01-01 02:41 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-01-16 16:14 - 2018-01-01 02:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-01-16 16:14 - 2018-01-01 02:41 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-01-16 16:14 - 2018-01-01 02:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-01-16 16:14 - 2018-01-01 02:36 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-01-16 16:14 - 2017-12-30 08:29 - 000395968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-01-16 16:14 - 2017-12-30 07:42 - 000347328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-01-16 16:14 - 2017-12-29 19:12 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-01-16 16:14 - 2017-12-29 19:06 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-01-16 16:14 - 2017-12-29 19:04 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-01-16 16:14 - 2017-12-29 19:03 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-01-16 16:14 - 2017-12-29 19:03 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-01-16 16:14 - 2017-12-29 18:55 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-01-16 16:14 - 2017-12-29 18:50 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-01-16 16:14 - 2017-12-29 18:47 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-01-16 16:14 - 2017-12-29 18:47 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-01-16 16:14 - 2017-12-29 18:46 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-01-16 16:14 - 2017-12-29 18:44 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-01-16 16:14 - 2017-12-29 18:39 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-01-16 16:14 - 2017-12-29 18:38 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-01-16 16:14 - 2017-12-29 18:37 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-01-16 16:14 - 2017-12-29 18:36 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-01-16 16:14 - 2017-12-29 18:13 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-01-16 16:14 - 2017-12-29 09:51 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-01-16 16:14 - 2017-12-29 09:50 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-01-16 16:14 - 2017-12-29 09:50 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-01-16 16:14 - 2017-12-29 09:50 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-01-16 16:14 - 2017-12-29 09:50 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-01-16 16:14 - 2017-12-29 09:44 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-01-16 16:14 - 2017-12-29 09:39 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-01-16 16:14 - 2017-12-29 09:39 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-01-16 16:14 - 2017-12-29 09:39 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-01-16 16:14 - 2017-12-29 09:28 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-01-16 16:14 - 2017-12-29 09:22 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-01-16 16:14 - 2017-12-29 09:22 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-01-16 16:14 - 2017-12-29 09:21 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-01-16 16:14 - 2017-12-29 09:18 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-01-16 16:14 - 2017-12-29 09:18 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-01-16 16:14 - 2017-12-29 09:16 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-01-16 16:14 - 2017-12-29 09:14 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-01-16 16:14 - 2017-12-29 09:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-01-16 16:14 - 2017-12-29 09:03 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-01-16 16:14 - 2017-12-29 09:01 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-01-16 16:14 - 2017-12-29 09:01 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-01-16 16:14 - 2017-12-13 17:31 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-01-16 16:14 - 2017-12-13 17:27 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-01-16 16:14 - 2017-12-13 17:15 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-01-16 16:14 - 2017-12-13 17:11 - 000071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-01-16 16:14 - 2017-12-13 16:50 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-01-16 16:14 - 2017-12-05 18:36 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-01-16 16:14 - 2017-12-05 18:36 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-01-16 16:14 - 2017-12-05 18:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2018-01-16 16:14 - 2017-12-05 18:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2018-01-16 16:14 - 2017-12-05 18:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2018-01-16 16:14 - 2017-12-05 16:59 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-01-16 16:14 - 2017-12-05 16:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 03:18 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-01-16 16:13 - 2018-01-01 03:00 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-01-16 16:13 - 2018-01-01 03:00 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-01-16 16:13 - 2018-01-01 03:00 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-01-16 16:13 - 2018-01-01 03:00 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-01-16 16:13 - 2018-01-01 03:00 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-01-16 16:13 - 2018-01-01 03:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-01-16 16:13 - 2018-01-01 03:00 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-01-16 16:13 - 2018-01-01 03:00 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-01-16 16:13 - 2018-01-01 03:00 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-01-16 16:13 - 2018-01-01 03:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-01-16 16:13 - 2018-01-01 03:00 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-01-16 16:13 - 2018-01-01 03:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:49 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-01-16 16:13 - 2018-01-01 02:49 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-01-16 16:13 - 2018-01-01 02:49 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-01-16 16:13 - 2018-01-01 02:45 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-01-16 16:13 - 2018-01-01 02:41 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-01-16 16:13 - 2018-01-01 02:41 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-01-16 16:13 - 2018-01-01 02:39 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-01-16 16:13 - 2018-01-01 02:36 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-01-16 16:13 - 2018-01-01 02:36 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-01-16 16:13 - 2018-01-01 02:36 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-01-16 16:13 - 2018-01-01 02:35 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-01-16 16:13 - 2018-01-01 02:35 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-01-16 16:13 - 2018-01-01 02:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-01-16 16:13 - 2017-12-29 19:24 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-01-16 16:13 - 2017-12-29 19:13 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-01-16 16:13 - 2017-12-29 19:12 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-01-16 16:13 - 2017-12-29 19:11 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-01-16 16:13 - 2017-12-29 19:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-01-16 16:13 - 2017-12-29 18:51 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-01-16 16:13 - 2017-12-29 18:50 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-01-16 16:13 - 2017-12-29 10:04 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-01-16 16:13 - 2017-12-29 10:04 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-01-16 16:13 - 2017-12-29 09:43 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-01-16 16:13 - 2017-12-13 17:27 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-01-16 16:13 - 2017-12-13 17:27 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-01-16 16:13 - 2017-12-13 17:27 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-01-16 16:13 - 2017-12-13 17:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-01-16 16:13 - 2017-12-13 17:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-01-16 12:12 - 2018-01-16 12:31 - 333066304 _____ C:\Users\Toshiba\Downloads\Ulice 3381 (Bat24).avi
2018-01-15 08:58 - 2018-01-15 08:58 - 000206224 _____ C:\Users\Toshiba\Desktop\order-181577539610884.pdf
2018-01-15 08:57 - 2018-01-15 08:57 - 000206224 _____ C:\Users\Toshiba\Downloads\order-181577539610884.pdf
2018-01-13 14:57 - 2018-01-13 15:08 - 220317946 _____ C:\Users\Toshiba\Desktop\48pfs6609_12_fus_eng.zip
2018-01-13 14:43 - 2018-01-13 14:43 - 000000000 ____D C:\Users\Toshiba\Downloads\aktualizace
2018-01-13 14:43 - 2017-11-24 04:19 - 220317790 _____ C:\Users\Toshiba\Downloads\autorun.upg
2018-01-13 14:33 - 2018-01-13 14:42 - 220317946 _____ C:\Users\Toshiba\Desktop\48pfs6609_12_fus_ces.zip
2018-01-13 14:27 - 2018-01-13 14:27 - 000001933 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-01-13 14:27 - 2018-01-13 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2018-01-13 14:25 - 2018-01-13 14:24 - 000149344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-01-13 14:25 - 2017-12-25 19:37 - 000365680 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-01-13 14:11 - 2018-01-13 14:12 - 001325367 _____ C:\Users\Toshiba\Downloads\Nepotvrzeno 920705.crdownload
2018-01-12 13:09 - 2018-01-12 13:48 - 681157470 _____ C:\Users\Toshiba\Downloads\Ulice 3380.avi
2018-01-11 18:09 - 2018-01-11 18:09 - 000000000 ____D C:\Program Files\trend micro
2018-01-11 17:58 - 2018-01-11 17:58 - 001222144 _____ C:\Users\Toshiba\Downloads\RSITx64.exe
2018-01-11 17:55 - 2018-01-11 17:55 - 000003584 _____ C:\Users\Toshiba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-01-11 17:54 - 2018-01-11 17:55 - 000000000 ____D C:\Users\Toshiba\temp
2018-01-11 17:54 - 2018-01-11 17:54 - 000000221 _____ C:\Users\Toshiba\AppData\Roaming\TOSHIBA-PC.MTBF.txt
2018-01-11 17:54 - 2018-01-11 17:54 - 000000000 ____D C:\Users\Toshiba\Documents\Projekty aplikace Pinnacle
2018-01-11 17:54 - 2018-01-11 17:54 - 000000000 ____D C:\ProgramData\UniqueId
2018-01-11 17:54 - 2018-01-11 17:54 - 000000000 ____D C:\ProgramData\Corel
2018-01-11 17:53 - 2018-01-11 17:55 - 000000000 ____D C:\Users\Toshiba\AppData\Local\Pinnacle_Studio_20
2018-01-11 17:48 - 2018-01-11 17:48 - 000002215 _____ C:\Users\Public\Desktop\Pinnacle Studio 20.lnk
2018-01-11 17:48 - 2018-01-11 17:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 20
2018-01-11 17:41 - 2018-01-11 17:41 - 000000000 ____D C:\Users\Public\Documents\Pinnacle
2018-01-11 17:41 - 2018-01-11 17:41 - 000000000 ____D C:\Program Files\Pinnacle
2018-01-11 17:37 - 2018-01-11 18:13 - 000000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2018-01-11 17:31 - 2018-01-11 17:31 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\WinRAR
2018-01-11 17:30 - 2018-01-11 17:30 - 002411920 _____ C:\Users\Toshiba\Downloads\winrar-x64-550cz.exe
2018-01-11 17:30 - 2018-01-11 17:30 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-01-11 17:30 - 2018-01-11 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-01-11 17:30 - 2018-01-11 17:30 - 000000000 ____D C:\Program Files\WinRAR
2018-01-11 14:01 - 2018-01-11 14:39 - 691444730 _____ C:\Users\Toshiba\Downloads\Ulice 3379.avi
2018-01-10 22:02 - 2018-01-10 22:23 - 324129630 _____ C:\Users\Toshiba\Downloads\Ulice 3378 (Bat24).avi
2018-01-10 13:44 - 2018-01-10 13:44 - 000550475 _____ C:\Users\Toshiba\Desktop\odstoupení od smlouvy elektřina.pdf
2018-01-10 13:43 - 2018-01-10 13:43 - 000490274 _____ C:\Users\Toshiba\Desktop\odstoupení od smlouvy.pdf
2018-01-10 13:22 - 2018-01-10 13:44 - 399233448 _____ C:\Users\Toshiba\Downloads\Ulice 3377.avi
2018-01-09 13:26 - 2018-01-09 14:04 - 690587492 _____ C:\Users\Toshiba\Downloads\Ulice 3376.avi
2018-01-09 12:36 - 2018-01-09 13:14 - 688379058 _____ C:\Users\Toshiba\Downloads\Ulice 3375.avi
2018-01-09 12:27 - 2018-01-09 12:27 - 005845504 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2018-01-08 21:40 - 2018-01-08 21:55 - 190398328 _____ C:\Users\Toshiba\Downloads\Ulice-3374.mp4
2018-01-08 20:43 - 2018-01-08 21:08 - 414965220 _____ C:\Users\Toshiba\Downloads\ulice 3373.mp4
2018-01-08 11:04 - 2018-01-08 11:04 - 000000000 ____D C:\Users\Toshiba\Documents\Vlastní šablony Office
2018-01-08 10:16 - 2018-01-08 10:38 - 393385220 _____ C:\Users\Toshiba\Downloads\Ulice 3372.avi
2018-01-08 09:50 - 2018-01-08 09:57 - 000003180 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3784979911-3349424784-1352719787-1002
2018-01-08 08:51 - 2018-01-08 09:13 - 394837876 _____ C:\Users\Toshiba\Downloads\Ulice-3371.avi
2018-01-06 13:24 - 2018-01-08 09:57 - 000002200 _____ C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-01-06 13:24 - 2018-01-08 09:57 - 000000000 ___RD C:\Users\Toshiba\OneDrive
2018-01-06 13:24 - 2018-01-06 13:24 - 000002145 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-01-06 13:24 - 2018-01-06 13:24 - 000002145 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-01-06 13:24 - 2018-01-06 13:24 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2018-01-06 13:22 - 2018-01-06 13:22 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\Skype
2018-01-06 13:22 - 2018-01-06 13:22 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-01-06 13:18 - 2018-01-06 13:18 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-01-06 13:18 - 2018-01-06 13:18 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2018-01-06 13:18 - 2018-01-06 13:18 - 000002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2018-01-06 13:18 - 2018-01-06 13:18 - 000002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2018-01-06 13:18 - 2018-01-06 13:18 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy 2016.lnk
2018-01-06 13:18 - 2018-01-06 13:18 - 000002426 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2018-01-06 13:18 - 2018-01-06 13:18 - 000002391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2018-01-06 13:18 - 2018-01-06 13:18 - 000002387 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2018-01-06 13:18 - 2018-01-06 13:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2018-01-06 13:17 - 2018-01-13 14:59 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-01-06 13:17 - 2018-01-06 13:17 - 000000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2018-01-06 12:20 - 2018-01-13 14:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-01-06 12:20 - 2018-01-06 12:20 - 000000000 ____D C:\Program Files\Microsoft Office 15
2018-01-06 12:15 - 2018-01-06 12:15 - 004369176 _____ (Microsoft Corporation) C:\Users\Toshiba\Downloads\Setup.X86.cs-cz_O365ProPlusRetail_0ed30fb5-95c9-4d3b-a45f-88febed031c1_TX_PR_b_48_.exe
2018-01-06 12:01 - 2018-01-06 12:01 - 000000634 _____ C:\Users\Toshiba\Desktop\MIX – zástupce.lnk
2018-01-06 11:46 - 2018-01-06 12:06 - 000000698 _____ C:\Users\Toshiba\Desktop\Fotky + videa – zástupce.lnk
2018-01-06 11:36 - 2018-01-06 11:37 - 008198432 _____ (Malwarebytes) C:\Users\Toshiba\Desktop\adwcleaner_7.0.6.0.exe
2017-12-22 13:23 - 2017-12-23 23:53 - 000026112 ___SH C:\Users\Toshiba\Downloads\Thumbs.db
2017-12-20 09:59 - 2017-12-20 09:59 - 000260839 _____ C:\Users\Toshiba\Downloads\20161134.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-18 16:35 - 2009-07-14 05:45 - 000023056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-01-18 16:35 - 2009-07-14 05:45 - 000023056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-17 16:54 - 2016-12-23 20:48 - 000000000 ____D C:\Windows\rescache
2018-01-17 16:27 - 2009-07-14 16:18 - 004489622 _____ C:\Windows\system32\perfh005.dat
2018-01-17 16:27 - 2009-07-14 16:18 - 001473408 _____ C:\Windows\system32\perfc005.dat
2018-01-17 16:27 - 2009-07-14 06:13 - 000006224 _____ C:\Windows\system32\PerfStringBackup.INI
2018-01-17 14:34 - 2016-02-17 22:30 - 000000000 ____D C:\KMPlayer
2018-01-17 14:18 - 2016-02-10 14:57 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-17 14:18 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-17 14:18 - 2009-07-14 05:45 - 000508424 _____ C:\Windows\system32\FNTCACHE.DAT
2018-01-17 14:14 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-01-17 13:28 - 2014-07-30 21:05 - 000000000 ____D C:\Windows\system32\MRT
2018-01-17 13:19 - 2017-11-29 17:57 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-01-17 13:19 - 2017-10-12 07:06 - 129365736 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-01-17 13:18 - 2014-07-30 21:04 - 129365736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-01-13 14:28 - 2015-01-23 19:44 - 000000000 ____D C:\AdwCleaner
2018-01-13 14:10 - 2016-02-20 20:10 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\Seznam.cz
2018-01-13 14:10 - 2016-02-20 20:10 - 000000000 ____D C:\Program Files (x86)\Seznam.cz
2018-01-11 18:13 - 2017-02-16 22:56 - 000000000 ____D C:\Users\Toshiba\AppData\Local\Pinnacle
2018-01-11 17:54 - 2016-02-10 14:32 - 000000000 ____D C:\Users\Toshiba
2018-01-11 17:46 - 2017-02-16 22:43 - 000000000 ____D C:\ProgramData\Pinnacle
2018-01-11 17:25 - 2014-11-29 22:47 - 000000000 ____D C:\Program Files (x86)\LibreOffice 4
2018-01-11 17:19 - 2016-02-17 22:31 - 000000000 ____D C:\Program Files (x86)\Opera
2018-01-10 19:38 - 2017-11-29 17:57 - 000457896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-01-10 19:38 - 2017-11-29 17:57 - 000146648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-01-10 14:16 - 2017-04-12 18:16 - 000002212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-10 14:16 - 2017-04-12 18:16 - 000002200 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-01-09 12:28 - 2016-02-21 01:39 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-01-09 12:28 - 2016-02-21 01:39 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-01-09 12:28 - 2016-02-21 01:39 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-01-09 12:27 - 2016-02-21 01:39 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-01-09 12:27 - 2016-02-21 01:39 - 000000000 ____D C:\Windows\system32\Macromed
2018-01-09 12:21 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\LiveKernelReports
2018-01-08 08:48 - 2016-02-10 14:40 - 000163008 _____ C:\Users\Toshiba\AppData\Local\GDIPFONTCACHEV1.DAT
2018-01-06 13:17 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-12-25 19:37 - 2017-11-29 17:57 - 000358672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-12-25 19:37 - 2017-11-29 17:57 - 000204456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-12-25 19:37 - 2017-11-29 17:57 - 000185096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2017-12-25 19:37 - 2017-11-29 17:57 - 000110336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-12-25 19:37 - 2017-11-29 17:57 - 000084384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-12-25 19:37 - 2017-11-29 17:57 - 000046976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-12-25 19:36 - 2017-11-29 17:57 - 001025176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-12-25 19:36 - 2017-11-29 17:57 - 000343768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2017-12-25 19:36 - 2017-11-29 17:57 - 000321512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-12-25 19:36 - 2017-11-29 17:57 - 000199448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2017-12-25 19:36 - 2017-11-29 17:57 - 000057696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2017-12-24 19:08 - 2016-08-22 16:51 - 000003312 _____ C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
2017-12-22 09:45 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2017-12-21 08:02 - 2011-05-04 16:08 - 000000000 ____D C:\Toshiba
2017-12-20 22:47 - 2017-02-16 22:54 - 000000000 ____D C:\Users\Public\Documents\My Projects

==================== Files in the root of some directories =======

2018-01-11 17:54 - 2018-01-11 17:54 - 000000221 _____ () C:\Users\Toshiba\AppData\Roaming\TOSHIBA-PC.MTBF.txt
2018-01-11 17:55 - 2018-01-11 17:55 - 000003584 _____ () C:\Users\Toshiba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-01-18 19:51 - 2018-01-18 20:02 - 000029696 _____ () C:\Users\Toshiba\AppData\Local\MSGBOX.EXE
2017-12-04 10:23 - 2017-12-04 10:23 - 000000000 _____ () C:\Users\Toshiba\AppData\Local\{34A1E442-EA69-4FF8-936A-269FD8A8F457}

Some files in TEMP:
====================
2017-12-20 21:15 - 2010-10-26 14:55 - 000247120 _____ (Pinnacle Systems, Inc.) C:\Users\Toshiba\AppData\Local\Temp\Welcome.exe
2018-01-13 14:10 - 2018-01-13 14:10 - 000534528 _____ () C:\Users\Toshiba\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-18 11:42

==================== End of FRST.txt ============================

Adition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.01.2018 01
Ran by Toshiba (18-01-2018 20:07:17)
Running from C:\Users\Toshiba\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-02-10 13:32:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3784979911-3349424784-1352719787-500 - Administrator - Disabled)
Guest (S-1-5-21-3784979911-3349424784-1352719787-501 - Limited - Disabled)
Toshiba (S-1-5-21-3784979911-3349424784-1352719787-1002 - Administrator - Enabled) => C:\Users\Toshiba

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 1.00.007 - Atheros Communications)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.51.1.0 - Conexant)
Fotolab Fotosvet (HKLM-x32\...\Fotolab Fotosvet) (Version: 6.1.5 - CEWE Stiftung u Co. KGaA)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HappyFoto-FOTO (HKLM\...\{7C4E125E-E08C-46B8-A7BF-C941F9BBE0C1}) (Version: 3.0.0 - HappyFoto GmbH)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.19.108.1 - Intel Security)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.0.1.5 - PandoraTV)
Ladicka (HKLM-x32\...\Ladicka) (Version: - )
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.8431.2153 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3784979911-3349424784-1352719787-1002\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Ovladač 3D Vision 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
Opera Stable 35.0.2066.68 (HKLM-x32\...\Opera 35.0.2066.68) (Version: 35.0.2066.68 - Opera Software)
Ovládací panel NVIDIA 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 341.44 - NVIDIA Corporation) Hidden
Pinnacle Studio 20 (HKLM\...\{4D548AFA-B83A-4C39-A474-AAE833B320AD}) (Version: 20.0.1.109 - Corel Corporation)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 1.0.0.12 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Sweet Home 3D version 4.6 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.1.12 - TOSHIBA Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3784979911-3349424784-1352719787-1002_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Toshiba\AppData\Local\Microsoft\OneDrive\17.3.6743.1212_1\amd64\FileCoAuthLib64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-25] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-25] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-25] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-25] (AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-04] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-25] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03CD4ACE-32B5-4BCE-940E-F7DC56A7FB81} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-12-25] (AVAST Software)
Task: {114C81E9-C486-450B-9D8E-5EC3615A54FD} - System32\Tasks\{A27E4379-DBC6-1092-F810-5D5344ACCB20} => C:\Windows\system32\regsvr32.exe /s /n /i:"/rt" "C:\ProgramData\6e002365\7a43ec69.dll" <==== ATTENTION
Task: {17A29C96-B76D-4390-A6CC-57EA5B015BD8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-23] (Microsoft Corporation)
Task: {21B227EA-0111-4C8D-AADB-8DE3DA533861} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-13] (Microsoft Corporation)
Task: {230B6D1F-0689-484D-8190-8A22AE7C2D7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-12] (Google Inc.)
Task: {348E5249-023A-409A-86FF-190400D4780B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {4917B897-B970-4832-96E4-E140DFD15217} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-09] (Adobe Systems Incorporated)
Task: {6C77627E-0277-4D1F-9575-732294E6A506} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-23] (Microsoft Corporation)
Task: {7AE48BE1-3B1B-41CF-81B6-F72F7A6813AF} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2017-12-11] (McAfee, Inc.)
Task: {8AC31F09-DD3C-412E-8FD4-2A4B7CC5FE36} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {9082B774-9EDC-4F98-8B56-3E1E7C52A9BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-12] (Google Inc.)
Task: {99C7B183-F52B-4399-80B4-77B79C514FF0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-06] ()
Task: {AA88983C-1EE6-474A-BC4B-1503C64A0B11} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-06] ()
Task: {D44E444D-6AF9-4305-AAFE-ABBC60299394} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-01-13] (Microsoft Corporation)
Task: {D94A1796-952A-4571-97C5-7CCDCB08FAF0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-06] (AVAST Software)
Task: {D9BCE56A-A5AB-4057-82E2-BC2F0A583683} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-13] (Microsoft Corporation)
Task: {DB18F4ED-28C2-4D54-8E04-9C68CB2BC396} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {FB26EE37-FE36-439A-9CEA-7E3F7AF016C9} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3784979911-3349424784-1352719787-1002

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-02-10 14:56 - 2015-02-04 03:21 - 000115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-01-15 21:44 - 2016-01-15 21:44 - 000047616 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2017-11-16 18:11 - 2018-01-17 14:22 - 002594816 _____ () C:\Users\Toshiba\AppData\Local\Temp\CPU\CPU_64.exe
2018-01-10 14:14 - 2018-01-03 10:20 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll
2018-01-10 14:14 - 2018-01-03 10:20 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll
2017-12-25 19:36 - 2017-12-25 19:36 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-12-25 19:36 - 2017-12-25 19:36 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll
2017-12-25 19:36 - 2017-12-25 19:36 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-12-25 19:36 - 2017-12-25 19:36 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-12-25 19:36 - 2017-12-25 19:36 - 000196248 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
2018-01-17 13:18 - 2018-01-17 13:18 - 005768336 _____ () C:\Program Files\AVAST Software\Avast\defs\18011706\algo.dll
2017-12-25 19:36 - 2017-12-25 19:36 - 000745408 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-12-25 19:36 - 2017-12-25 19:36 - 000148936 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2017-12-25 19:36 - 2017-12-25 19:36 - 000293944 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-01-18 19:52 - 2018-01-18 19:52 - 005779600 _____ () C:\Program Files\AVAST Software\Avast\defs\18011834\algo.dll
2017-11-29 17:56 - 2017-11-29 17:56 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-12-25 19:36 - 2017-12-25 19:36 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2008-02-25 07:05 - 2008-02-25 07:05 - 000646656 _____ () C:\KMPlayer\Plugins\IN_MP3.DLL
2008-02-25 07:05 - 2008-02-25 07:05 - 000073728 _____ () C:\KMPlayer\Plugins\in_mp4.dll
2008-02-25 07:05 - 2008-02-25 07:05 - 000179200 _____ () C:\KMPlayer\Plugins\in_nsv.dll
2008-02-25 07:05 - 2008-02-25 07:05 - 000231424 _____ () C:\KMPlayer\Plugins\in_vorbis.dll
2008-02-25 07:05 - 2008-02-25 07:05 - 000288256 _____ () C:\KMPlayer\Plugins\in_wm.dll
2015-10-08 06:49 - 2015-10-08 06:49 - 000259584 _____ () C:\KMPlayer\libbluray.dll
2012-10-31 09:59 - 2012-10-31 09:59 - 000538112 _____ () C:\KMPlayer\libmplay.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3784979911-3349424784-1352719787-1002\...\sharepoint.com -> hxxps://vse-files.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2018-01-13 14:08 - 000000850 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3784979911-3349424784-1352719787-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 91.228.45.254 - 91.228.46.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{92DB2C68-8DD8-4C3D-A6D0-7DFF9DB6483A}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe
FirewallRules: [{450B80C2-9998-4603-899F-0ED759CD799A}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe
FirewallRules: [{6229DFF8-EFFA-4C0E-9566-059103AAC4C7}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe
FirewallRules: [{A827B4D5-CB6D-4C7C-A3D3-1E539540A061}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe
FirewallRules: [{05F7F360-1421-4082-8483-3099B9B1A450}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe
FirewallRules: [{B1315B1B-7E5D-4AA8-B2E5-E9188716F9C5}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe
FirewallRules: [TCP Query User{207A51AE-12B9-4F15-B854-E283445B4AD0}C:\users\toshiba\desktop\counter strike source patch v16,v17,v18\hl2.exe] => (Allow) C:\users\toshiba\desktop\counter strike source patch v16,v17,v18\hl2.exe
FirewallRules: [UDP Query User{F5A7137F-74F8-4595-93A6-230B6CE49B2F}C:\users\toshiba\desktop\counter strike source patch v16,v17,v18\hl2.exe] => (Allow) C:\users\toshiba\desktop\counter strike source patch v16,v17,v18\hl2.exe
FirewallRules: [{58B36503-D329-44AB-BBC9-756A0A6A1803}] => (Allow) C:\Users\Toshiba\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{2429D081-5A48-4E80-A3D1-AEEFAA911E37}] => (Allow) C:\Users\Toshiba\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{C9B69485-5F2A-4BEC-92B7-B718377043CC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{18FC3FCB-4E90-4477-9214-C907DFC3F10A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{2FE699B2-6480-4493-8EE2-0D8442211675}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8F314043-4E92-4D57-84DD-059A791C0ED2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{93E0794C-E3D9-428F-B9B3-4BFA4A49BB48}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A7DA6CAB-0849-46B6-BA49-08ECD5505630}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{24EAECC9-C1EF-429F-B700-FFC0466B1BE8}] => (Allow) C:\Program Files\Pinnacle\Studio 20\programs\RM.exe
FirewallRules: [{251C8857-6A4C-4C9B-AC3D-B96CB4C98FFB}] => (Allow) C:\Program Files\Pinnacle\Studio 20\programs\RM.exe
FirewallRules: [{72F7081F-EC85-4441-AD7D-6BAAA4428729}] => (Allow) C:\Program Files\Pinnacle\Studio 20\programs\NGStudio.exe
FirewallRules: [{9E3792CE-A85A-4B75-8CB3-C898C11EB843}] => (Allow) C:\Program Files\Pinnacle\Studio 20\programs\NGStudio.exe
FirewallRules: [{5BEFD72F-BFE8-4AEB-BD17-8D41BDF5CF94}] => (Allow) C:\Program Files\Pinnacle\Studio 20\programs\UMI.exe
FirewallRules: [{F646EEBF-0CD3-41AC-BE91-87EAF616C4A7}] => (Allow) C:\Program Files\Pinnacle\Studio 20\programs\UMI.exe

==================== Restore Points =========================

29-12-2017 12:17:39 Naplánovaný kontrolní bod
08-01-2018 13:16:06 Naplánovaný kontrolní bod
11-01-2018 17:17:24 Removed Ovladače videa společnosti Pinnacle.
11-01-2018 17:20:32 Removed LibreOffice 4.3 Help Pack (Czech)
11-01-2018 17:22:06 Removed LibreOffice 4.3.4.1
11-01-2018 17:28:27 Removed 7-Zip 16.04 (x64 edition)
11-01-2018 17:38:20 Installed Pinnacle Studio 20.
17-01-2018 13:16:31 Windows Update

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/18/2018 07:55:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 63.0.3239.132 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 7e8

Čas spuštění: 01d38f962d2ffc9c

Čas ukončení: 20286

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: 12e60283-fc81-11e7-9dd7-e89a8f75f2de

Error: (01/17/2018 04:27:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error: (01/17/2018 04:27:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (01/17/2018 04:27:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (01/17/2018 02:26:13 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error: (01/17/2018 02:26:13 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (01/17/2018 02:26:13 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (01/13/2018 10:08:06 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error: (01/13/2018 10:08:06 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (01/13/2018 10:08:06 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.


System errors:
=============
Error: (01/17/2018 02:18:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Service Installer TrueKey neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/13/2018 02:22:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Intel Security True Key Scheduler neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/13/2018 02:22:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Intel Security True Key Scheduler bylo dosaženo časového limitu (30000 ms).

Error: (01/13/2018 02:21:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Intel Security True Key neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/13/2018 02:21:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Intel Security True Key bylo dosaženo časového limitu (30000 ms).

Error: (01/13/2018 02:21:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Service Installer TrueKey neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/13/2018 02:19:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\system32\athihvs.dll

Error: (01/13/2018 02:19:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\system32\athihvs.dll

Error: (01/13/2018 02:19:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Media Player Network Sharing neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (01/13/2018 02:19:10 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WMPNetworkSvc se nemohla přihlásit jako NT AUTHORITY\NetworkService s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 46%
Total physical RAM: 4077.86 MB
Available physical RAM: 2176.07 MB
Total Virtual: 8153.89 MB
Available Virtual: 6074.3 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:297.71 GB) (Free:45.51 GB) NTFS
Drive d: (Data) (Fixed) (Total:298.08 GB) (Free:244.37 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: D1CECC38)
Partition 1: (Active) - (Size=399 MB) - (Type=27)
Partition 2: (Not Active) - (Size=297.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Po restartu dejte vedet, jak se PC chova.

• Znovu spustte FRST.exe/FRST64.exe
• stisknete Ctrl + y (obe klavesy zaroven)
• otevre se fixlist.txt, do nejz vlozte obsah bileho pole nize
• stisknete Ctrl + s (ulozite zmeny), pote fixlist zavrete
• kliknete na tlacitko Fix
• po restartu bude vedle FRST vytvoren fixlog, jehoz obsah vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CreateRestorePoint:
  CloseProcesses:
  HKU\S-1-5-21-3784979911-3349424784-1352719787-1002\...\Run: [Adobe] => C:\ProgramData\Adobe\Reader\Adobe.vbs [61718 2017-11-24] ()
  HKU\S-1-5-21-3784979911-3349424784-1352719787-1002\...\Run: [CPU32] => C:\ProgramData\Adobe\Reader\CPU32.exe
  HKU\S-1-5-21-3784979911-3349424784-1352719787-1002\...\Run: [CPU64] => C:\ProgramData\Adobe\Reader\CPU64.exe [3206656 2017-11-24] ()
  GroupPolicy: Restriction - Chrome <==== ATTENTION
  CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
  C:\ProgramData\Adobe\Reader\Adobe.vbs
  C:\ProgramData\Adobe\Reader\CPU32.exe
  C:\ProgramData\Adobe\Reader\CPU64.exe
  SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKLM -> OldSearch URL = hxxp://www.google.com/search?q={searchTerms}
  SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKLM-x32 -> DefaultScope {C2D21AC0-5D16-40AF-B0D4-9AFFAC55F3DA} URL = hxxp://www.google.com/search?q={searchTerms}
  SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKLM-x32 -> {C2D21AC0-5D16-40AF-B0D4-9AFFAC55F3DA} URL = hxxp://www.google.com/search?q={searchTerms}
  SearchScopes: HKU\S-1-5-21-3784979911-3349424784-1352719787-1002 -> OldSearch URL =
  SearchScopes: HKU\S-1-5-21-3784979911-3349424784-1352719787-1002 -> {B8454CCB-F18F-4F91-ACEE-30CF88CA5529} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
  FF user.js: detected! => C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\0hkn9r0t.default\user.js [2016-02-21]
  FF Extension: (No Name) - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\0hkn9r0t.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
  FF Extension: (No Name) - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\0hkn9r0t.default\extensions\sko-extension@firma.seznam.cz [not found]
  FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
  FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
  CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/hm?eq=U0EeCFZVBB8SRggbIwoPUABCFhgaIlwBTA1CFVcOIQxbVxRAElYQJA0PAgBCQwUFIk0FA1oDB0VXfV5bFElXTwhuL1ddGG8YSlxNJw=="
  CHR NewTab: Default -> Not-active:"chrome-extension://jffjjdoccjiflmckicphblggbppfgklk/newtab.html"
  OPR StartupUrls: "hxxp://searchinterneat-a.akamaihd.net/hm?eq=U0EeCFZVBB8SRggbIwoPUABCFhgaIlwBTA1CFVcOIQxbVxRAElYQJA0PAgBCQwUFIk0FA1oDB0VXfV5bFElXTwhuL1ddGG8YSlxNJw==" 
  OPR Extension: (Money Viking) - C:\Users\Toshiba\AppData\Roaming\Opera Software\Opera Stable\Extensions\lcpkhndbkjplinhmffdkajbpeiioicjl [2016-04-08]
  2018-01-18 20:02 - 2018-01-18 20:02 - 000015327 _____ C:\Users\Toshiba\Desktop\LM.bat
  2018-01-18 19:51 - 2018-01-18 20:02 - 000029696 _____ C:\Users\Toshiba\AppData\Local\MSGBOX.EXE
  2018-01-11 18:09 - 2018-01-11 18:09 - 000000000 ____D C:\Program Files\trend micro
  2018-01-11 17:58 - 2018-01-11 17:58 - 001222144 _____ C:\Users\Toshiba\Downloads\RSITx64.exe
  2017-12-04 10:23 - 2017-12-04 10:23 - 000000000 _____ () C:\Users\Toshiba\AppData\Local\{34A1E442-EA69-4FF8-936A-269FD8A8F457}
  CustomCLSID: HKU\S-1-5-21-3784979911-3349424784-1352719787-1002_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Toshiba\AppData\Local\Microsoft\OneDrive\17.3.6743.1212_1\amd64\FileCoAuthLib64.dll => No File
  Task: {114C81E9-C486-450B-9D8E-5EC3615A54FD} - System32\Tasks\{A27E4379-DBC6-1092-F810-5D5344ACCB20} => C:\Windows\system32\regsvr32.exe /s /n /i:"/rt" "C:\ProgramData\6e002365\7a43ec69.dll" <==== ATTENTION
  File: C:\ProgramData\6e002365\7a43ec69.dll
  C:\ProgramData\6e002365
  Task: {7AE48BE1-3B1B-41CF-81B6-F72F7A6813AF} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2017-12-11] (McAfee, Inc.)
  Task: {FB26EE37-FE36-439A-9CEA-7E3F7AF016C9} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3784979911-3349424784-1352719787-1002
  CMD: dir "C:\Windows\Inf" /AD
  CMD: dir "C:\PROGRA~1"
  CMD: dir "C:\PROGRA~2"
  CMD: dir "C:\PROGRA~3"
  CMD: dir "%localappdata%"
  CMD: dir "%appdata%"
  Hosts:
  EmptyTemp:
  End

Provedl jsem opravu a počítač je o mnoho rychlejší, vypadá to o mnoho lépe než předtím. Je ještě potřeba něco udělat? Mohl by se další vir schovávat někde jinde? Prozatím vám moc děkuji a posílám Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 21.01.2018
Ran by Toshiba (23-01-2018 18:22:39) Run:1
Running from C:\Users\Toshiba\Desktop
Loaded Profiles: Toshiba (Available Profiles: Toshiba)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3784979911-3349424784-1352719787-1002\...\Run: [Adobe] => C:\ProgramData\Adobe\Reader\Adobe.vbs [61718 2017-11-24] ()
HKU\S-1-5-21-3784979911-3349424784-1352719787-1002\...\Run: [CPU32] => C:\ProgramData\Adobe\Reader\CPU32.exe
HKU\S-1-5-21-3784979911-3349424784-1352719787-1002\...\Run: [CPU64] => C:\ProgramData\Adobe\Reader\CPU64.exe [3206656 2017-11-24] ()
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
C:\ProgramData\Adobe\Reader\Adobe.vbs
C:\ProgramData\Adobe\Reader\CPU32.exe
C:\ProgramData\Adobe\Reader\CPU64.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> OldSearch URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {C2D21AC0-5D16-40AF-B0D4-9AFFAC55F3DA} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {C2D21AC0-5D16-40AF-B0D4-9AFFAC55F3DA} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3784979911-3349424784-1352719787-1002 -> OldSearch URL =
SearchScopes: HKU\S-1-5-21-3784979911-3349424784-1352719787-1002 -> {B8454CCB-F18F-4F91-ACEE-30CF88CA5529} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
FF user.js: detected! => C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\0hkn9r0t.default\user.js [2016-02-21]
FF Extension: (No Name) - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\0hkn9r0t.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Extension: (No Name) - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\0hkn9r0t.default\extensions\sko-extension@firma.seznam.cz [not found]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/hm?eq=U0EeCFZVBB8SRggbIwoPUABCFhgaIlwBTA1CFVcOIQxbVxRAElYQJA0PAgBCQwUFIk0FA1oDB0VXfV5bFElXTwhuL1ddGG8YSlxNJw=="
CHR NewTab: Default -> Not-active:"chrome-extension://jffjjdoccjiflmckicphblggbppfgklk/newtab.html"
OPR StartupUrls: "hxxp://searchinterneat-a.akamaihd.net/hm?eq=U0EeCFZVBB8SRggbIwoPUABCFhgaIlwBTA1CFVcOIQxbVxRAElYQJA0PAgBCQwUFIk0FA1oDB0VXfV5bFElXTwhuL1ddGG8YSlxNJw=="
OPR Extension: (Money Viking) - C:\Users\Toshiba\AppData\Roaming\Opera Software\Opera Stable\Extensions\lcpkhndbkjplinhmffdkajbpeiioicjl [2016-04-08]
2018-01-18 20:02 - 2018-01-18 20:02 - 000015327 _____ C:\Users\Toshiba\Desktop\LM.bat
2018-01-18 19:51 - 2018-01-18 20:02 - 000029696 _____ C:\Users\Toshiba\AppData\Local\MSGBOX.EXE
2018-01-11 18:09 - 2018-01-11 18:09 - 000000000 ____D C:\Program Files\trend micro
2018-01-11 17:58 - 2018-01-11 17:58 - 001222144 _____ C:\Users\Toshiba\Downloads\RSITx64.exe
2017-12-04 10:23 - 2017-12-04 10:23 - 000000000 _____ () C:\Users\Toshiba\AppData\Local\{34A1E442-EA69-4FF8-936A-269FD8A8F457}
CustomCLSID: HKU\S-1-5-21-3784979911-3349424784-1352719787-1002_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Toshiba\AppData\Local\Microsoft\OneDrive\17.3.6743.1212_1\amd64\FileCoAuthLib64.dll => No File
Task: {114C81E9-C486-450B-9D8E-5EC3615A54FD} - System32\Tasks\{A27E4379-DBC6-1092-F810-5D5344ACCB20} => C:\Windows\system32\regsvr32.exe /s /n /i:"/rt" "C:\ProgramData\6e002365\7a43ec69.dll" <==== ATTENTION
File: C:\ProgramData\6e002365\7a43ec69.dll
C:\ProgramData\6e002365
Task: {7AE48BE1-3B1B-41CF-81B6-F72F7A6813AF} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2017-12-11] (McAfee, Inc.)
Task: {FB26EE37-FE36-439A-9CEA-7E3F7AF016C9} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3784979911-3349424784-1352719787-1002
CMD: dir "C:\Windows\Inf" /AD
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
Ends
*****************

Restore point was successfully created.
Processes closed successfully.
"HKU\S-1-5-21-3784979911-3349424784-1352719787-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe" => removed successfully
"HKU\S-1-5-21-3784979911-3349424784-1352719787-1002\Software\Microsoft\Windows\CurrentVersion\Run\\CPU32" => removed successfully
"HKU\S-1-5-21-3784979911-3349424784-1352719787-1002\Software\Microsoft\Windows\CurrentVersion\Run\\CPU64" => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => removed successfully
C:\ProgramData\Adobe\Reader\Adobe.vbs => moved successfully
"C:\ProgramData\Adobe\Reader\CPU32.exe" => not found
C:\ProgramData\Adobe\Reader\CPU64.exe => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\OldSearch" => removed successfully
HKLM\Software\Classes\CLSID\OldSearch => key not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{C2D21AC0-5D16-40AF-B0D4-9AFFAC55F3DA}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C2D21AC0-5D16-40AF-B0D4-9AFFAC55F3DA} => key not found
"HKU\S-1-5-21-3784979911-3349424784-1352719787-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\OldSearch" => removed successfully
HKLM\Software\Classes\CLSID\OldSearch => key not found
"HKU\S-1-5-21-3784979911-3349424784-1352719787-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B8454CCB-F18F-4F91-ACEE-30CF88CA5529}" => removed successfully
HKLM\Software\Classes\CLSID\{B8454CCB-F18F-4F91-ACEE-30CF88CA5529} => key not found
C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\0hkn9r0t.default\user.js => moved successfully
C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\0hkn9r0t.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => path removed successfully
C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\0hkn9r0t.default\extensions\sko-extension@firma.seznam.cz => path removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"Chrome RestoreOnStartup" => removed successfully
"Chrome NewTab" => removed successfully
"OPR StartupUrls: "hxxp://searchinterneat-a.akamaihd.net/hm?eq=U0EeCFZVBB8SRggbIwoPUABCFhgaIlwBTA1CFVcOIQxbVxRAElYQJA0PAgBCQwUFIk0FA1oDB0VXfV5bFElXTwhuL1ddGG8YSlxNJw=="" => removed successfully
C:\Users\Toshiba\AppData\Roaming\Opera Software\Opera Stable\Extensions\lcpkhndbkjplinhmffdkajbpeiioicjl => moved successfully
C:\Users\Toshiba\Desktop\LM.bat => moved successfully
C:\Users\Toshiba\AppData\Local\MSGBOX.EXE => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\Toshiba\Downloads\RSITx64.exe => moved successfully
C:\Users\Toshiba\AppData\Local\{34A1E442-EA69-4FF8-936A-269FD8A8F457} => moved successfully
"HKU\S-1-5-21-3784979911-3349424784-1352719787-1002_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{114C81E9-C486-450B-9D8E-5EC3615A54FD} => could not remove key. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{114C81E9-C486-450B-9D8E-5EC3615A54FD}" => removed successfully
C:\Windows\System32\Tasks\{A27E4379-DBC6-1092-F810-5D5344ACCB20} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A27E4379-DBC6-1092-F810-5D5344ACCB20}" => removed successfully

========================= File: C:\ProgramData\6e002365\7a43ec69.dll ========================

"C:\ProgramData\6e002365\7a43ec69.dll" => not found
====== End of File: ======

"C:\ProgramData\6e002365" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7AE48BE1-3B1B-41CF-81B6-F72F7A6813AF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AE48BE1-3B1B-41CF-81B6-F72F7A6813AF}" => removed successfully
C:\Windows\System32\Tasks\McAfee Remediation (Prepare) => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee Remediation (Prepare)" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FB26EE37-FE36-439A-9CEA-7E3F7AF016C9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB26EE37-FE36-439A-9CEA-7E3F7AF016C9}" => removed successfully
C:\Windows\System32\Tasks\Games\UpdateCheck_S-1-5-21-3784979911-3349424784-1352719787-1002 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Games\UpdateCheck_S-1-5-21-3784979911-3349424784-1352719787-1002" => removed successfully

========= dir "C:\Windows\Inf" /AD =========

Svazek v jednotce C je WINDOWS.
S‚riov‚ źˇslo svazku je EAC0-1A81.

Věpis adres ýe C:\Windows\Inf

17.01.2018 14:14 <DIR> .
17.01.2018 14:14 <DIR> ..
14.07.2009 16:18 <DIR> .NET CLR Data
14.07.2009 16:18 <DIR> .NET CLR Networking
30.07.2014 23:14 <DIR> .NET CLR Networking 4.0.0.0
14.07.2009 16:18 <DIR> .NET Data Provider for Oracle
14.07.2009 16:18 <DIR> .NET Data Provider for SqlServer
31.07.2014 06:02 <DIR> .NET Memory Cache 4.0
14.07.2009 16:18 <DIR> .NETFramework
14.09.2017 06:08 <DIR> ASP.NET
31.07.2014 06:03 <DIR> ASP.NET_4.0.30319
14.09.2017 06:08 <DIR> aspnet_state
14.07.2009 16:18 <DIR> BITS
14.07.2009 16:18 <DIR> cs-CZ
14.07.2009 16:13 <DIR> en-US
14.07.2009 16:18 <DIR> ESENT
14.07.2009 16:18 <DIR> MSDTC
14.07.2009 16:18 <DIR> MSDTC Bridge 3.0.0.0
31.07.2014 06:05 <DIR> MSDTC Bridge 4.0.0.0
14.07.2009 16:18 <DIR> PERFLIB
14.07.2009 16:18 <DIR> PNRPSvc
14.07.2009 16:18 <DIR> rdyboost
14.07.2009 16:18 <DIR> RemoteAccess
14.07.2009 16:18 <DIR> ServiceModelEndpoint 3.0.0.0
14.07.2009 16:18 <DIR> ServiceModelOperation 3.0.0.0
14.07.2009 16:18 <DIR> ServiceModelService 3.0.0.0
14.07.2009 16:18 <DIR> SMSvcHost 3.0.0.0
31.07.2014 06:05 <DIR> SMSvcHost 4.0.0.0
14.07.2009 16:18 <DIR> TAPISRV
14.07.2009 16:18 <DIR> TermService
14.07.2009 16:18 <DIR> UGatherer
14.07.2009 16:18 <DIR> UGTHRSVC
14.07.2009 16:18 <DIR> usbhub
14.07.2009 16:18 <DIR> Windows Workflow Foundation 3.0.0.0
31.07.2014 06:05 <DIR> Windows Workflow Foundation 4.0.0.0
06.10.2017 12:58 <DIR> WmiApRpl
14.07.2009 16:18 <DIR> wsearchidxpi
Soubor…: 0, Bajt…: 0
Adres ý…: 37, Volněch bajt…: 50˙384˙678˙912

========= End of CMD: =========


========= dir "C:\PROGRA~1" =========

Svazek v jednotce C je WINDOWS.
S‚riov‚ źˇslo svazku je EAC0-1A81.

Věpis adres ýe C:\

Soubor nebyl nalezen.

========= End of CMD: =========


========= dir "C:\PROGRA~2" =========

Svazek v jednotce C je WINDOWS.
S‚riov‚ źˇslo svazku je EAC0-1A81.

Věpis adres ýe C:\

Soubor nebyl nalezen.

========= End of CMD: =========


========= dir "C:\PROGRA~3" =========

Svazek v jednotce C je WINDOWS.
S‚riov‚ źˇslo svazku je EAC0-1A81.

Věpis adres ýe C:\

Soubor nebyl nalezen.

========= End of CMD: =========


========= dir "%localappdata%" =========

Svazek v jednotce C je WINDOWS.
S‚riov‚ źˇslo svazku je EAC0-1A81.

Věpis adres ýe C:\Users\Toshiba\AppData\Local

23.01.2018 18:23 <DIR> .
23.01.2018 18:23 <DIR> ..
25.10.2016 09:53 <DIR> Adobe
24.03.2017 11:14 <DIR> bunkus.org
22.08.2016 16:55 <DIR> CEF
11.01.2018 17:55 3˙584 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
22.01.2018 19:52 <DIR> Diagnostics
16.02.2017 22:57 <DIR> Downloaded Installations
08.01.2018 08:48 163˙008 GDIPFONTCACHEV1.DAT
03.11.2016 19:07 <DIR> Google
01.03.2016 15:35 <DIR> GWX
11.05.2016 18:53 <DIR> HappyFoto-FOTO-CZ
06.01.2018 14:06 <DIR> Microsoft
21.02.2016 01:48 <DIR> Mozilla
17.02.2016 22:33 <DIR> Opera Software
11.01.2018 18:13 <DIR> Pinnacle
11.01.2018 17:55 <DIR> Pinnacle_Studio_20
10.02.2016 14:39 <DIR> Programs
23.01.2018 18:23 <DIR> Temp
21.02.2016 01:33 <DIR> Thunderbird
20.10.2016 17:37 <DIR> tkdata
02.07.2017 17:20 <DIR> Viber Media S.a r.l
10.02.2016 14:32 <DIR> VirtualStore
Soubor…: 2, Bajt…: 166˙592
Adres ý…: 21, Volněch bajt…: 50˙384˙674˙816

========= End of CMD: =========


========= dir "%appdata%" =========

Svazek v jednotce C je WINDOWS.
S‚riov‚ źˇslo svazku je EAC0-1A81.

Věpis adres ýe C:\Users\Toshiba\AppData\Roaming

11.01.2018 17:54 <DIR> .
11.01.2018 17:54 <DIR> ..
30.03.2016 17:17 <DIR> Adobe
29.11.2017 17:58 <DIR> AVAST Software
10.02.2016 14:32 <DIR> Identities
15.12.2017 14:44 <DIR> InstalujDownloader
24.02.2016 13:25 <DIR> LibreOffice
21.02.2016 01:44 <DIR> Macromedia
14.07.2009 16:36 <DIR> Media Center Programs
21.02.2016 01:36 <DIR> Mozilla
10.08.2016 18:27 <DIR> NVIDIA
17.02.2016 22:33 <DIR> Opera Software
13.01.2018 14:10 <DIR> Seznam.cz
06.01.2018 13:22 <DIR> Skype
21.02.2016 01:32 <DIR> Thunderbird
11.01.2018 17:54 221 TOSHIBA-PC.MTBF.txt
19.09.2017 11:22 <DIR> vlc
10.02.2016 14:52 <DIR> WinBatch
11.01.2018 17:31 <DIR> WinRAR
Soubor…: 1, Bajt…: 221
Adres ý…: 18, Volněch bajt…: 50˙384˙674˙816

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
Ends => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5299796 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 41136268 B
Edge => 0 B
Chrome => 420869803 B
Firefox => 13028104 B
Opera => 9921248 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16674 B
systemprofile32 => 69108 B
LocalService => 0 B
NetworkService => 6564 B
Uzivatel => 0 B
Toshiba => 2503196965 B

RecycleBin => 4889729793 B
EmptyTemp: => 7.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:25:18 ====

Prestal jste tezit BitCoiny, takze verim, ze se pocitaci znacne odlehcilo. Pokud mate cas, pustte tam jeste ESET Online Scanner - postup nemam zcela aktualizovany a muze se mirne lisit, za coz se omlouvam.


Ulozte na plochu ESET Online Scanner

• ulozeny esetonlinescanner_csy.exe dvojklikem spustte
• zaskrtnete Ano, souhlasim s podminkami uziti a kliknete na Spustit
• vyberte moznost Povolit detekci nechtenych aplikaci
• rozkliknete moznost Rozsirene nastaveni a
  • zruste zatrzitko u volby Odstranit nalezene infiltrace
  • ponechte zatrhnutou moznost Pouzit technologii Anti-Stealth
• kliknete na Kontrola, cimz se spusti az nekolikahodinovy sken
• po dokonceni skenu kliknete na Seznam nalezenych infiltraci (v pripade zadneho nalezu log nevytvorite)
• kliknete na Ulozit do textoveho souboru, log pojmenujte jako ESETlog a ulozte na plochu
• obsah logu vlozte do pristi odpovedi
• kliknete na << Zpet a zatrhnete moznost Odinstalovat
• klikem na Dokoncit ESET Online Scanner zavrete.

Tak to jste mě docela zarazil, jak je možné, že jsem těžil Bitcoiny? Nejsem si vědom nějaké aktivity, která by toto mohla způsobit, krom pár stažených souborů přes torrent.

Ocividne jste je netezil sobe, ale vas pocitac delal dobre skutky nekomu jinemu. Co jste na tech torrentech stahoval? Do jake miry to byly legalni veci?
Kdyz potrebuju malware pro studenty do skolky, googlim cracky, protoze to je jistotka