﻿Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:19-12-2015
Ran by Tereza (administrator) on TEREZA-PC (19-12-2015 11:40:55)
Running from C:\Users\Tereza\Desktop
Loaded Profiles: Tereza (Available Profiles: Tereza)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files\Maxthon\Bin\Maxthon.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Maxthon) C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(forum.viry.cz) C:\Users\Tereza\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1725736 2010-04-22] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-16] (AVAST Software)
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\...\MountPoints2: {c1c7c1c0-abae-11e3-b299-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2013-02-06] (Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-12-16] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3548167528-2827145398-2739216196-1000] => http=http://127.0.0.1:9880
AutoConfigURL: [S-1-5-21-3548167528-2827145398-2739216196-1000] => http=hxxp://127.0.0.1:9880
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{1E3D00AE-2B3B-4A4F-9489-B4BDB1C2B7BC}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{3C592A8A-5550-4259-825B-7FA3D8DC7156}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{55BDEA94-476C-48DB-999B-0C7BC00F2CEB}: [DhcpNameServer] 10.100.0.1 10.0.0.1 8.8.8.8
Tcpip\..\Interfaces\{BB53FAD7-AECC-431C-A94F-5A1F2DA1CDC1}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1439563227&z=cfbdd3101838d0c40175018g5z4cct4wdqec2g1zew&from=cor&uid=WDCXWD2500BEVT-75A23T0_WD-WX61AC03804738047
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1439563227&z=cfbdd3101838d0c40175018g5z4cct4wdqec2g1zew&from=cor&uid=WDCXWD2500BEVT-75A23T0_WD-WX61AC03804738047&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1439563227&z=cfbdd3101838d0c40175018g5z4cct4wdqec2g1zew&from=cor&uid=WDCXWD2500BEVT-75A23T0_WD-WX61AC03804738047
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1439563227&z=cfbdd3101838d0c40175018g5z4cct4wdqec2g1zew&from=cor&uid=WDCXWD2500BEVT-75A23T0_WD-WX61AC03804738047&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1439563227&z=cfbdd3101838d0c40175018g5z4cct4wdqec2g1zew&from=cor&uid=WDCXWD2500BEVT-75A23T0_WD-WX61AC03804738047&q={searchTerms}
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60747
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1439563227&z=cfbdd3101838d0c40175018g5z4cct4wdqec2g1zew&from=cor&uid=WDCXWD2500BEVT-75A23T0_WD-WX61AC03804738047
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1439563227&z=cfbdd3101838d0c40175018g5z4cct4wdqec2g1zew&from=cor&uid=WDCXWD2500BEVT-75A23T0_WD-WX61AC03804738047&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3548167528-2827145398-2739216196-1000 -> DefaultScope {059BFEDB-4384-49BA-9F75-2EEB6203D173} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
SearchScopes: HKU\S-1-5-21-3548167528-2827145398-2739216196-1000 -> {059BFEDB-4384-49BA-9F75-2EEB6203D173} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
SearchScopes: HKU\S-1-5-21-3548167528-2827145398-2739216196-1000 -> {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = hxxp://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60747
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-16] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-02-19] (Google Inc.)
BHO: No Name -> {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} -> No File
Toolbar: HKLM - No Name - {4B4D5056-3763-006A-76A7-7A786E7484D7} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-02-19] (Google Inc.)
Toolbar: HKU\S-1-5-21-3548167528-2827145398-2739216196-1000 -> No Name - {4B4D5056-3763-006A-76A7-7A786E7484D7} -  No File
Toolbar: HKU\S-1-5-21-3548167528-2827145398-2739216196-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-02-19] (Google Inc.)

FireFox:
========
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-07-11] (Google, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [No File]
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-12-19] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-12-19] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [No File]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2015-04-26] [not signed]
FF Extension: Pirrit Suggestor - C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\profiles\extensions\suggestor@suggestor.pirrit.com.xpi [2014-02-20] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-16]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-16]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-16]

Opera: 
=======
OPR StartupUrls:  "hxxp://www.istartsurf.com/?type=hp&ts=1439563227&z=cfbdd3101838d0c40175018g5z4cct4wdqec2g1zew&from=cor&uid=WDCXWD2500BEVT-75A23T0_WD-WX61AC03804738047" 
OPR Session Restore: -> is enabled.
StartMenuInternet: (HKLM) OperaStable - C:\Users\Tereza\Desktop\Launcher.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-16] (AVAST Software)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
R2 MaxthonUpdateSvc; C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-12-18] (Maxthon)
S2 SetupARService; C:\Program Files\Realtek\Audio\SetupAfterRebootService.exe [24576 2014-02-20] (Realtek Semiconductor.) [File not signed]
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-12-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [81168 2015-12-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-12-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-12-16] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-12-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436360 2015-12-18] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [117712 2015-12-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209432 2015-12-16] (AVAST Software)
R3 RTL8192Ce; C:\Windows\System32\DRIVERS\rtl8192Ce.sys [853536 2010-06-11] (Realtek Semiconductor Corporation                           )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [329384 2015-08-14] (Duplex Secure Ltd.)
U3 avjgn63s; C:\Windows\system32\Drivers\avjgn63s.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 btmaudio; system32\drivers\btmaud.sys [X]
S3 BTMCOM; System32\Drivers\btmcom.sys [X]
S3 BTMMODEM; system32\DRIVERS\btmcom.sys [X]
S3 BTMNET; system32\DRIVERS\btmnet.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-19 11:40 - 2015-12-19 11:42 - 00012729 _____ C:\Users\Tereza\Desktop\FRST.txt
2015-12-19 11:40 - 2015-12-19 11:40 - 00000000 ____D C:\FRST
2015-12-19 11:39 - 2015-12-19 11:39 - 00112640 _____ (forum.viry.cz) C:\Users\Tereza\Desktop\FRSTLauncher.exe
2015-12-19 11:36 - 2015-12-19 11:36 - 01721344 _____ (Farbar) C:\Users\Tereza\Desktop\FRST.exe
2015-12-19 00:26 - 2015-12-19 00:52 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-18 23:59 - 2015-12-18 23:59 - 00000000 ___HD C:\$Windows.~WS
2015-12-18 21:50 - 2015-12-18 21:51 - 00000000 ____D C:\Users\Tereza\AppData\Roaming\Maxthon3
2015-12-18 21:50 - 2015-12-18 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
2015-12-18 21:50 - 2015-12-18 21:50 - 00001043 _____ C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
2015-12-18 21:50 - 2015-12-18 21:50 - 00000000 ____D C:\Program Files\Maxthon
2015-12-17 17:18 - 2015-12-17 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2015-12-17 17:18 - 2015-12-17 17:18 - 00000000 ____D C:\Program Files\HD Tune
2015-12-17 17:16 - 2015-12-17 17:16 - 00642632 _____ (EFD Software ) C:\Users\Tereza\Downloads\hdtune_255.exe
2015-12-17 10:17 - 2015-12-17 10:17 - 00000000 ____D C:\Windows\CheckSur
2015-12-17 09:54 - 2015-12-17 09:54 - 00286158 _____ C:\Users\Tereza\Desktop\cc_20151217_095419.reg
2015-12-16 23:55 - 2015-12-19 00:52 - 00001908 _____ C:\Windows\diagwrn.xml
2015-12-16 23:55 - 2015-12-19 00:52 - 00001908 _____ C:\Windows\diagerr.xml
2015-12-16 23:40 - 2015-12-19 00:13 - 00000000 ____D C:\ESD
2015-12-16 23:26 - 2015-12-19 00:51 - 00000000 ____D C:\Windows\Panther
2015-12-16 23:23 - 2015-12-16 23:24 - 07635472 _____ (Microsoft Corporation) C:\Users\Tereza\Downloads\GetWindows10-Web_Default_Attr.exe
2015-12-16 23:09 - 2015-12-16 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-12-16 22:56 - 2015-12-16 22:42 - 00322760 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-12-16 22:42 - 2015-12-16 22:42 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-12-16 22:23 - 2015-12-16 22:23 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-16 20:37 - 2015-12-18 22:39 - 00000000 ____D C:\Program Files\CCleaner
2015-12-16 20:37 - 2015-12-16 20:37 - 00000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-12-16 20:37 - 2015-12-16 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-12-16 20:30 - 2015-12-16 20:33 - 06801752 _____ (Piriform Ltd) C:\Users\Tereza\Downloads\ccsetup512.exe
2015-12-09 05:37 - 2015-12-09 05:37 - 00000000 ____D C:\Users\Tereza\Desktop\filmy od erži
2015-12-09 05:23 - 2015-12-14 19:45 - 00000000 ____D C:\Users\Tereza\Desktop\porno
2015-12-09 04:56 - 2015-12-09 04:58 - 00000000 ____D C:\Users\Tereza\Desktop\hudba era
2015-12-09 04:55 - 2015-12-09 04:56 - 00000000 ____D C:\Users\Tereza\Desktop\Don.Jon.2013.BDRip.XviD.CZ-TreZzoR

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-19 11:40 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
2015-12-19 11:30 - 2014-02-20 18:42 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-19 11:00 - 2009-07-14 05:34 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-19 11:00 - 2009-07-14 05:34 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-19 10:53 - 2014-02-21 00:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-19 10:53 - 2014-02-20 20:23 - 00001498 _____ C:\Windows\Tasks\Plus-HD-7.6-updater.job
2015-12-19 10:53 - 2014-02-20 20:23 - 00001352 _____ C:\Windows\Tasks\Plus-HD-7.6-enabler.job
2015-12-19 10:53 - 2014-02-20 20:22 - 00002382 _____ C:\Windows\Tasks\Plus-HD-7.6-validator.job
2015-12-19 10:53 - 2014-02-20 20:22 - 00002304 _____ C:\Windows\Tasks\Plus-HD-7.6-firefoxinstaller.job
2015-12-19 10:53 - 2014-02-20 20:22 - 00001454 _____ C:\Windows\Tasks\Plus-HD-7.6-codedownloader.job
2015-12-19 10:53 - 2014-02-14 15:41 - 00016384 _____ C:\Windows\system32\Ikeext.etl
2015-12-19 10:53 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-19 10:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\tracing
2015-12-19 01:03 - 2015-08-13 09:52 - 00000000 ____D C:\Users\Tereza\AppData\Local\ElevatedDiagnostics
2015-12-18 23:14 - 2014-01-25 16:20 - 00004564 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-18 23:14 - 2009-07-14 09:44 - 01032982 _____ C:\Windows\system32\perfh005.dat
2015-12-18 23:14 - 2009-07-14 09:44 - 00263148 _____ C:\Windows\system32\perfc005.dat
2015-12-18 22:27 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2015-12-18 22:26 - 2014-02-19 18:39 - 00000000 ____D C:\Program Files\7-Zip
2015-12-18 19:46 - 2014-02-19 17:11 - 00436360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-12-18 19:46 - 2014-02-19 17:11 - 00081168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-12-17 17:42 - 2009-07-14 05:53 - 00032590 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-17 17:30 - 2014-02-20 18:42 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-12-17 17:30 - 2014-02-20 18:42 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-12-17 10:02 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2015-12-16 23:11 - 2014-02-19 17:07 - 00000000 ____D C:\ProgramData\AVAST Software
2015-12-16 22:42 - 2014-02-19 17:11 - 00209432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-12-16 22:42 - 2014-02-19 17:11 - 00117712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-12-16 22:42 - 2014-02-19 17:11 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-12-16 22:42 - 2014-02-19 17:11 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-12-16 22:42 - 2008-03-14 17:00 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-12-16 22:41 - 2014-02-19 17:11 - 00794952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-12-16 22:41 - 2014-02-19 17:08 - 00000000 ____D C:\Program Files\AVAST Software
2015-12-16 22:12 - 2014-01-25 19:21 - 00000000 ____D C:\Users\Tereza\AppData\Local\Deployment
2015-12-16 21:02 - 2015-08-14 15:40 - 00000000 ____D C:\Users\Tereza\AppData\Roaming\istartsurf
2015-12-16 21:01 - 2014-02-20 21:21 - 00000000 ____D C:\Users\Tereza\AppData\Local\PirritSuggestor
2015-12-16 20:57 - 2015-08-14 15:41 - 00000000 ____D C:\ProgramData\gWinManProg
2015-12-16 20:40 - 2015-08-12 20:49 - 00000000 ____D C:\Users\Tereza\AppData\Roaming\AIMP3
2015-12-16 20:40 - 2014-02-19 17:46 - 00000000 ____D C:\Users\Tereza\AppData\Roaming\MPC-HC
2015-12-09 05:01 - 2014-01-25 19:07 - 00000000 ____D C:\Users\Tereza\Documents\Mé přijaté soubory
2015-12-02 13:25 - 2014-01-25 20:22 - 00247976 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2015-08-12 17:53 - 2015-07-10 17:05 - 0000318 _____ () C:\Program Files\launcher.visualelementsmanifest.xml
2015-08-12 17:53 - 2015-07-10 17:05 - 0003072 _____ () C:\Program Files\Resources.pri
2015-01-17 23:36 - 2015-01-17 23:41 - 0087608 _____ () C:\Users\Tereza\AppData\Roaming\inst.exe
2015-01-17 23:36 - 2015-01-17 23:41 - 0007887 _____ () C:\Users\Tereza\AppData\Roaming\pcouffin.cat
2015-01-17 23:36 - 2015-01-17 23:41 - 0001144 _____ () C:\Users\Tereza\AppData\Roaming\pcouffin.inf
2015-01-17 23:37 - 2015-04-18 02:49 - 0000033 _____ () C:\Users\Tereza\AppData\Roaming\pcouffin.log
2015-01-17 23:36 - 2015-01-17 23:41 - 0047360 _____ (VSO Software) C:\Users\Tereza\AppData\Roaming\pcouffin.sys
2014-03-03 14:45 - 2015-07-21 22:45 - 0001057 _____ () C:\Users\Tereza\AppData\Roaming\vso_ts_preview.xml
2014-02-19 21:18 - 2014-02-21 17:56 - 0005632 _____ () C:\Users\Tereza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-14 15:21 - 2015-11-11 15:59 - 0004000 _____ () C:\Users\Tereza\AppData\Local\mbt-actwiz.log
2015-08-12 20:07 - 2015-09-10 22:21 - 0065552 ___SH () C:\ProgramData\Desktop.lnk

Some files in TEMP:
====================
C:\Users\Tereza\AppData\Local\Temp\GetWindows10-Web_Default_Attr.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-7.6-codedownloader.job => C:\Program Files\Plus-HD-7.6\Plus-HD-7.6-codedownloader.exeȵ/reinstallapp /runfrom=task /agentregpath='Plus-HD-7.6' /appid=50778 /srcid='001106' /subid='0' /zdata='0' /bic=A77972B2E7024558AF970CE9C8D18E43IE /verifier=0f7b4f2f70bbafb4ebae32ec79818097 /installerversion=1_34_2_13 /installerfullversion=1.34.2.13 /installationtime=1392924129 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /codedownloaddomain=hxxp:/app-static.crossrider.com /defbro=ie /allusers /autoupdateulr='hxxp:/update.srvstatsdata.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-7.6-enabler.job => C:\Program Files\Plus-HD-7.6\Plus-HD-7.6-enabler.exeȉ/enablebho /agentregpath='Plus-HD-7.6' /appid=50778 /srcid='001106' /subid='0' /zdata='0' /bic=A77972B2E7024558AF970CE9C8D18E43IE /verifier=0f7b4f2f70bbafb4ebae32ec79818097 /installerversion=1_34_2_13 /installationtime=1392924129 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /bhoguid=11111111-1111-1111-1111-110511071178 /defbro=ie /useiepol /allusers /autoupdateulr='hxxp:/update.srvstatsdata.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-7.6-firefoxinstaller.job => C:\Program Files\Plus-HD-7.6\Plus-HD-7.6-firefoxinstaller.exeϜ/installxpi /agentregpath='Plus-HD-7.6' /extensionfilepath C:\Program Files\Plus-HD-7.6\50778.xpi' /appid=50778 /srcid='001106' /subid='0' /zdata='0' /bic=A77972B2E7024558AF970CE9C8D18E43IE /verifier=0f7b4f2f70bbafb4ebae32ec79818097 /installerversion=1_34_2_13 /installerfullversion=1.34.2.13 /installationtime=1392924129 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /waitforbrowser=300 /extensionid=1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com /extensionversion=0.93 /prefsbranch=a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778 /updateurl=hxxps:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/50778.rdf /extensionname='Plus-HD-7.6' /extensiondesc='Turn YouTube videos to High Definition by default' /publishername='Plus HD' /defbro=ie /allusers /allprofiles /checkfflist /autoupdateulr='hxxp:/update.srvstatsdata.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-7.6-updater.job => C:\Program Files\Plus-HD-7.6\Plus-HD-7.6-updater.exeɒ/runupdater /agentregpath='Plus-HD-7.6' /appid=50778 /srcid='001106' /subid='0' /zdata='0' /bic=A77972B2E7024558AF970CE9C8D18E43IE /verifier=0f7b4f2f70bbafb4ebae32ec79818097 /installerversion=1_34_2_13 /installationtime=1392924129 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /geoserviceurl=hxxp:/ipgeoapi.com/ /updatejsondomain=hxxp:/update.srvstatsdata.com /updaterversion=2 /monetizationdomain=hxxp:/stats.mstatsserv.com /autoupdateulr='hxxp:/update.srvstatsdata.com/updater_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-7.6-validator.job => C:\Program Files\Plus-HD-7.6\Plus-HD-7.6-validator.exe <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Tereza\Desktop" je 5981 MB.
 
 
***** Startup Programs *****
 
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount
"C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTMTrayAgent
rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSystemDetect
C:\Users\Tereza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive
C:\Windows\system32\rundll32.exe "C:\Users\Tereza\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SFAUpdater
"C:\Program Files\Smart File Advisor\SFAUpdater.exe" 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smart File Advisor
"C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe 

 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

 
==================== End Of Log ==============================
