Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-11-2016
Ran by Jiřà (administrator) on JIRKA-PC (01-12-2016 13:30:24)
Running from C:\Users\JiĹ™Ă\Desktop
Loaded Profiles: Jiřà (Available Profiles: JiĹ™Ă)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(hxxps://tortoisegit.org/) C:\Program Files\TortoiseGit\bin\TGitCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Spotify Ltd) C:\Users\JiĹ™Ă\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(forum.viry.cz) C:\Users\JiĹ™Ă\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7165000 2015-10-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2015-09-03] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-05-20] (Oracle Corporation)
HKLM-x32\...\RunOnce: [20161125] => "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" "C:\Program Files\AVAST Software\Avast\034de182-e0e7-4fa2-9e9f-070e197350b4\d08b0104-8188-4f9b-8a6e-2ba5a78e928e.dll",_stage2@16
HKU\S-1-5-21-4203654990-4029317522-1473924504-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27219928 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-4203654990-4029317522-1473924504-1002\...\Run: [Spotify Web Helper] => C:\Users\JiĹ™Ă\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1523312 2016-09-01] (Spotify Ltd)
HKU\S-1-5-21-4203654990-4029317522-1473924504-1002\...\Run: [Spotify] => C:\Users\JiĹ™Ă\AppData\Roaming\Spotify\Spotify.exe [6930544 2016-09-01] (Spotify Ltd)
HKU\S-1-5-21-4203654990-4029317522-1473924504-1002\...\MountPoints2: {a68c8f2f-88a2-11e5-be85-a0481c06ee7a} - "F:\setup.exe"
HKU\S-1-5-21-4203654990-4029317522-1473924504-1002\...\MountPoints2: {f5dd5ec7-897c-11e6-bebc-a0481c06ee7a} - "F:\LG_PC_Programs.exe"
HKU\S-1-5-18\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1728952 2015-06-22] (CyberLink Corp.)
ShellIconOverlayIdentifiers: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-17] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5DC4E4F1-25DF-4ED4-AAD8-42BAB1776301}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{D6529A6A-57C6-4E3D-A324-5194960F61C2}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.bing.com?pc=HPNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://
www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-4203654990-4029317522-1473924504-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-4203654990-4029317522-1473924504-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://
www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {F0422BA8-3C73-482A-8206-C92A15A296EB} URL = hxxp://
www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {F0422BA8-3C73-482A-8206-C92A15A296EB} URL = hxxp://
www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-4203654990-4029317522-1473924504-1002 -> {F0422BA8-3C73-482A-8206-C92A15A296EB} URL = hxxp://
www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-21] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-26] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-21] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-30] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-26] (AVAST Software)
BHO-x32: Microsoft Web Test Recorder 14.0 Helper -> {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} -> C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2015-07-07] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-30] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Toolbar: HKU\S-1-5-21-4203654990-4029317522-1473924504-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FireFox:
========
FF DefaultProfile: 0di3ghnj.default
FF ProfilePath: C:\Users\JiĹ™Ă\AppData\Roaming\Mozilla\Firefox\Profiles\0di3ghnj.default [2016-12-01]
FF Session Restore: Mozilla\Firefox\Profiles\0di3ghnj.default -> is enabled.
FF Extension: (Firefox Hotfix) - C:\Users\JiĹ™Ă\AppData\Roaming\Mozilla\Firefox\Profiles\0di3ghnj.default\Extensions\
firefox-hotfix@mozilla.org.xpi [2016-08-31]
FF Extension: (MEGA) - C:\Users\JiĹ™Ă\AppData\Roaming\Mozilla\Firefox\Profiles\0di3ghnj.default\Extensions\
firefox@mega.co.nz.xpi [2016-11-23]
FF Extension: (Adblock Plus) - C:\Users\JiĹ™Ă\AppData\Roaming\Mozilla\Firefox\Profiles\0di3ghnj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF HKLM\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-17]
FF HKLM\...\Firefox\Extensions: [
sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-17]
FF HKLM-x32\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [
sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-18] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-21] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-18] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4203654990-4029317522-1473924504-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\JiĹ™Ă\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-11-15] (Unity Technologies ApS)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-17] (AVAST Software)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2015-09-03] (Hewlett-Packard Development Company, L.P.)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21744 2015-07-09] (Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-20] (Realtek Semiconductor)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [134656 2015-07-09] (Microsoft Corporation) [File not signed]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-10-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-10-10] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-17] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-17] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-17] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-17] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-17] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-28] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdW86.sys [94208 2013-02-15] (Advanced Micro Devices)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [100624 2015-06-08] (CyberLink)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-11-14] (Disc Soft Ltd)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [290008 2016-04-13] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [2944216 2016-04-13] (Realtek Semiconductor Corporation )
R3 RTWlanE; C:\Windows\SysWOW64\DRIVERS\rtwlane.sys [2944216 2016-04-13] (Realtek Semiconductor Corporation )
R3 SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-02-06] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [31984 2013-02-06] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-10-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-10-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-10-10] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
S3 RTSPER; system32\DRIVERS\RtsPer.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-01 13:30 - 2016-12-01 13:32 - 00021955 _____ C:\Users\JiĹ™Ă\Desktop\FRST.txt
2016-12-01 13:29 - 2016-12-01 13:30 - 00000000 ____D C:\FRST
2016-12-01 13:28 - 2016-12-01 13:28 - 00112640 _____ (forum.viry.cz) C:\Users\JiĹ™Ă\Desktop\FRSTLauncher.exe
2016-12-01 13:19 - 2016-12-01 13:19 - 02411520 _____ (Farbar) C:\Users\JiĹ™Ă\Desktop\FRST64.exe
2016-12-01 11:59 - 2016-12-01 12:19 - 61839955 _____ C:\Users\JiĹ™Ă\Downloads\Nancyy-6000px.zip
2016-11-30 23:08 - 2016-11-30 23:28 - 62028489 _____ C:\Users\JiĹ™Ă\Downloads\Lalka-4200px.zip
2016-11-30 14:39 - 2016-11-30 15:00 - 62612194 _____ C:\Users\JiĹ™Ă\Downloads\Felis-4200px.zip
2016-11-30 07:54 - 2016-11-30 08:13 - 59607835 _____ C:\Users\JiĹ™Ă\Downloads\Evancia-4200px.zip
2016-11-29 17:36 - 2016-11-29 17:56 - 60009569 _____ C:\Users\JiĹ™Ă\Downloads\Nandadiva-4000px.zip
2016-11-28 22:41 - 2016-11-28 22:54 - 40185147 _____ C:\Users\JiĹ™Ă\Downloads\Tutuguerra-5600px.zip
2016-11-28 17:51 - 2016-11-28 18:29 - 116173990 _____ C:\Users\JiĹ™Ă\Downloads\Shimi-5700px.zip
2016-11-27 21:05 - 2016-11-27 21:24 - 59819806 _____ C:\Users\JiĹ™Ă\Downloads\Tais-5100px.zip
2016-11-27 15:00 - 2016-11-27 15:38 - 115759364 _____ C:\Users\JiĹ™Ă\Downloads\Stormyent-5700px.zip
2016-11-27 10:44 - 2016-11-27 11:53 - 1200776298 _____ C:\Users\JiĹ™Ă\Downloads\Skála---The-Rock-.1996-CZ-Dab.avi
2016-11-27 10:16 - 2016-11-27 10:54 - 114868555 _____ C:\Users\JiĹ™Ă\Downloads\Venom-4000px.zip
2016-11-25 18:26 - 2016-11-25 18:47 - 62985622 _____ C:\Users\JiĹ™Ă\Downloads\Shantis-4000px.zip
2016-11-25 10:56 - 2016-11-25 13:12 - 1793605632 _____ C:\Users\JiĹ™Ă\Downloads\ÚžasĹákovi.avi
2016-11-24 14:21 - 2016-11-24 19:08 - 2058059292 _____ C:\Users\JiĹ™Ă\Downloads\Terminator-4Salvation-2009-FHD.mkv
2016-11-21 19:59 - 2016-11-22 21:48 - 00000000 ____D C:\Users\JiĹ™Ă\Desktop\Nová sloĹľka (3)
2016-11-20 21:59 - 2016-11-21 18:20 - 1136525336 _____ C:\Users\JiĹ™Ă\Downloads\Nahradnici-(2009)-sci-fi,B.Willis,R.Mitchell,R.Pike,CZ-dab,DTVMir,81'.avi
2016-11-18 15:52 - 2016-11-18 15:54 - 00000000 ____D C:\Users\JiĹ™Ă\Documents\Visual Studio 2015
2016-11-18 11:01 - 2016-11-30 20:36 - 00000000 ____D C:\Users\JiĹ™Ă\AppData\LocalLow\Mozilla
2016-11-17 12:06 - 2016-11-17 13:13 - 1205230352 _____ C:\Users\JiĹ™Ă\Downloads\terminator-3-pres-MultiLoad.cz.mkv
2016-11-15 19:00 - 2016-11-30 18:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-13 13:25 - 2016-10-28 22:04 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-11-13 13:25 - 2016-10-28 22:04 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-10 17:15 - 2016-11-10 19:04 - 1945445550 _____ C:\Users\JiĹ™Ă\Downloads\Terminátor-2---Den-zúčtovánĂ-CZ-[Krtkin].avi
2016-11-10 10:28 - 2016-11-10 12:29 - 1128974584 _____ C:\Users\JiĹ™Ă\Downloads\Terminátor-1-(1984)-cz.avi
2016-11-10 00:25 - 2016-11-02 21:48 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-10 00:25 - 2016-11-02 21:48 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-10 00:25 - 2016-10-27 19:51 - 02896384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-10 00:25 - 2016-10-27 19:28 - 25763328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-10 00:25 - 2016-10-27 19:19 - 06047744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-10 00:25 - 2016-10-27 18:57 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-10 00:25 - 2016-10-27 18:49 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-11-10 00:25 - 2016-10-27 18:47 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-11-10 00:25 - 2016-10-27 18:46 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-11-10 00:25 - 2016-10-27 18:46 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-11-10 00:25 - 2016-10-27 18:44 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-11-10 00:25 - 2016-10-27 18:17 - 15257088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-10 00:25 - 2016-10-27 18:16 - 02920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-10 00:25 - 2016-10-27 18:03 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-10 00:25 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-10 00:25 - 2016-10-25 15:11 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-10 00:25 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-10 00:25 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-10 00:25 - 2016-10-22 17:51 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-10 00:25 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-11-10 00:25 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-11-10 00:25 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-10 00:25 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-11-10 00:25 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-10 00:25 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-10 00:25 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-10 00:25 - 2016-10-13 20:06 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-10 00:25 - 2016-10-13 20:06 - 01124376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-10 00:25 - 2016-10-12 09:01 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-10 00:25 - 2016-10-11 21:21 - 00497448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-10 00:25 - 2016-10-11 21:21 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-10 00:25 - 2016-10-11 19:34 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-10 00:25 - 2016-10-11 18:47 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-10 00:25 - 2016-10-11 17:55 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-10 00:25 - 2016-10-10 22:17 - 00444248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-10 00:25 - 2016-10-10 22:17 - 00333656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-10 00:25 - 2016-10-09 23:59 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-10 00:25 - 2016-10-08 23:53 - 03754496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-10 00:25 - 2016-10-08 23:21 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-10 00:25 - 2016-10-08 23:07 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-10 00:25 - 2016-10-08 22:49 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-10 00:25 - 2016-10-08 22:21 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-10 00:25 - 2016-10-08 02:34 - 01660040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-10 00:25 - 2016-10-08 02:34 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-10 00:25 - 2016-10-04 21:39 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-10 00:25 - 2016-10-04 21:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-10 00:25 - 2016-10-04 21:08 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-10 00:25 - 2016-10-04 21:08 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-10 00:25 - 2016-09-09 23:52 - 00921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2016-11-10 00:25 - 2016-09-09 23:14 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2016-11-10 00:25 - 2016-09-09 15:15 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2016-11-10 00:25 - 2016-09-09 15:09 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2016-11-10 00:25 - 2016-09-09 15:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-11-10 00:25 - 2016-09-09 15:03 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-11-10 00:25 - 2016-09-09 15:02 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2016-11-10 00:25 - 2016-09-03 19:20 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsidsc.dll
2016-11-10 00:25 - 2016-09-03 19:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2016-11-10 00:25 - 2016-09-03 18:21 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsidsc.dll
2016-11-10 00:25 - 2016-09-03 17:12 - 00512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-11-10 00:25 - 2016-09-03 17:05 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-11-10 00:25 - 2016-09-03 16:58 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-11-10 00:25 - 2016-09-02 15:05 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-11-10 00:25 - 2016-09-02 15:05 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2016-11-10 00:25 - 2016-09-01 15:33 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-11-10 00:25 - 2016-09-01 15:33 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-11-10 00:25 - 2016-09-01 15:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2016-11-10 00:25 - 2016-08-30 15:11 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-10 00:25 - 2016-08-30 03:45 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xolehlp.dll
2016-11-10 00:25 - 2016-08-30 03:18 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-11-10 00:25 - 2016-08-30 03:18 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-11-10 00:25 - 2016-08-30 03:03 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-11-10 00:25 - 2016-08-22 14:34 - 01628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-11-10 00:24 - 2016-11-02 15:03 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-10 00:24 - 2016-11-02 15:00 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-10 00:24 - 2016-10-27 19:53 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-11-10 00:24 - 2016-10-27 19:37 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-11-10 00:24 - 2016-10-27 19:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-10 00:24 - 2016-10-27 19:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-10 00:24 - 2016-10-27 19:05 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-10 00:24 - 2016-10-27 17:54 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-10 00:24 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-11-10 00:24 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-11-10 00:24 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-11-10 00:24 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-10 00:24 - 2016-10-22 17:57 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-10 00:24 - 2016-10-22 17:45 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-11-10 00:24 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-10 00:24 - 2016-10-09 00:12 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-11-10 00:24 - 2016-10-08 23:18 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-11-10 00:24 - 2016-10-08 23:02 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-11-10 00:24 - 2016-09-09 14:38 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-05 20:41 - 2016-11-05 22:33 - 1037978696 _____ C:\Users\JiĹ™Ă\Downloads\Závod-s-ÄŤasem.avi
2016-11-02 17:48 - 2016-11-02 17:48 - 00000000 ____D C:\Users\JiĹ™Ă\AppData\Roaming\Wireshark
2016-11-01 17:56 - 2016-11-01 17:56 - 00001805 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2016-11-01 17:56 - 2016-11-01 17:56 - 00001793 _____ C:\Users\Public\Desktop\Wireshark.lnk
2016-11-01 17:56 - 2016-11-01 17:56 - 00001607 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark Legacy.lnk
2016-11-01 17:56 - 2016-11-01 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2016-11-01 17:56 - 2016-11-01 17:56 - 00000000 ____D C:\Program Files (x86)\WinPcap
2016-11-01 17:53 - 2016-11-01 17:56 - 00000000 ____D C:\Program Files\Wireshark
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-01 13:21 - 2016-09-01 13:44 - 00000000 ____D C:\Users\JiĹ™Ă\AppData\Local\Spotify
2016-12-01 13:13 - 2016-09-01 13:43 - 00000000 ____D C:\Users\JiĹ™Ă\AppData\Roaming\Spotify
2016-12-01 12:45 - 2015-10-18 15:27 - 00000000 ____D C:\Users\JiĹ™Ă\AppData\Roaming\vlc
2016-11-29 21:08 - 2016-04-20 09:12 - 00000000 ____D C:\Users\JiĹ™Ă\AppData\Local\TortoiseGit
2016-11-27 17:37 - 2015-10-10 12:42 - 00000000 ___DO C:\Users\JiĹ™Ă\OneDrive
2016-11-27 17:36 - 2015-10-22 05:46 - 00000000 ____D C:\Users\JiĹ™Ă\AppData\Local\TSVNCache
2016-11-27 10:19 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-11-25 13:59 - 2015-10-15 11:42 - 00000000 ____D C:\Users\JiĹ™Ă\Desktop\Filmy
2016-11-24 15:47 - 2015-10-22 16:53 - 00000000 ____D C:\Users\JiĹ™Ă\Desktop\Nová sloĹľka (2)
2016-11-24 11:19 - 2015-11-23 22:01 - 00000000 ____D C:\Users\JiĹ™Ă\AppData\Roaming\uTorrent
2016-11-23 19:37 - 2015-10-09 16:39 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4203654990-4029317522-1473924504-1002
2016-11-23 17:21 - 2015-10-28 11:52 - 00000000 ____D C:\Users\JiĹ™Ă\AppData\Roaming\Skype
2016-11-23 17:20 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-23 17:20 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-23 17:12 - 2016-01-18 14:16 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-23 17:12 - 2015-10-28 11:52 - 00000000 ____D C:\ProgramData\Skype
2016-11-18 18:54 - 2015-10-11 12:47 - 00000000 ____D C:\Users\JiĹ™Ă\AppData\Local\Adobe
2016-11-18 18:54 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-11-18 18:54 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-11-18 16:37 - 2015-10-22 05:35 - 00000000 ____D C:\ProgramData\TDM-GCC
2016-11-18 16:37 - 2015-10-22 05:33 - 00000000 ____D C:\TDM-GCC-64
2016-11-18 15:56 - 2015-10-10 11:51 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-18 15:51 - 2015-11-15 18:08 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-11-18 15:42 - 2015-12-26 16:03 - 00000000 ____D C:\Program Files (x86)\hry
2016-11-18 15:42 - 2013-07-03 10:44 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-18 11:01 - 2015-10-10 20:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-18 11:01 - 2014-11-21 05:53 - 01935052 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-18 11:01 - 2014-11-21 05:10 - 00802206 _____ C:\WINDOWS\system32\perfh005.dat
2016-11-18 11:01 - 2014-11-21 05:10 - 00183700 _____ C:\WINDOWS\system32\perfc005.dat
2016-11-18 10:54 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-18 10:53 - 2015-10-10 12:02 - 00000000 ____D C:\Users\JiĹ™Ă
2016-11-18 10:53 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-11-15 22:29 - 2013-11-03 22:23 - 00000000 ____D C:\Users\JiĹ™Ă\Desktop\škola
2016-11-14 18:08 - 2016-10-13 15:54 - 00000246 _____ C:\Users\JiĹ™Ă\Desktop\reseni.txt
2016-11-13 16:07 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2016-11-13 13:22 - 2013-08-22 15:44 - 00387968 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-13 13:18 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-11-10 15:46 - 2015-08-27 15:11 - 00000000 ____D C:\Users\JiĹ™Ă\Documents\staĹľenĂ© soubory
2016-11-10 09:33 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-10 00:38 - 2015-10-09 18:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-10 00:31 - 2015-10-09 18:10 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-08 21:51 - 2015-10-11 15:18 - 00004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-11-05 20:42 - 2015-10-11 15:17 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories =======
2015-10-22 11:03 - 2016-10-24 19:57 - 0000600 _____ () C:\Users\JiĹ™Ă\AppData\Roaming\winscp.rnd
2016-03-25 01:43 - 2016-09-18 13:43 - 0005120 _____ () C:\Users\JiĹ™Ă\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-21 21:51 - 2016-10-24 19:53 - 0000600 _____ () C:\Users\JiĹ™Ă\AppData\Local\PUTTY.RND
Some files in TEMP:
====================
C:\Users\JiĹ™Ă\AppData\Local\Temp\299511942.exe
C:\Users\JiĹ™Ă\AppData\Local\Temp\3239114604.exe
C:\Users\JiĹ™Ă\AppData\Local\Temp\48275436.exe
C:\Users\JiĹ™Ă\AppData\Local\Temp\570528145.exe
C:\Users\JiĹ™Ă\AppData\Local\Temp\9961491.exe
C:\Users\JiĹ™Ă\AppData\Local\Temp\Au_.exe
C:\Users\JiĹ™Ă\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\JiĹ™Ă\AppData\Local\Temp\drm_dialogs.dll
C:\Users\JiĹ™Ă\AppData\Local\Temp\i4jdel0.exe
C:\Users\JiĹ™Ă\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\JiĹ™Ă\AppData\Local\Temp\ose00000.exe
C:\Users\JiĹ™Ă\AppData\Local\Temp\SIntf16.dll
C:\Users\JiĹ™Ă\AppData\Local\Temp\SIntf32.dll
C:\Users\JiĹ™Ă\AppData\Local\Temp\SIntfNT.dll
C:\Users\JiĹ™Ă\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Jiýˇ\Desktop" je 329130 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================