Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2016
Ran by Adamek (administrator) on ADAMEK-PC (14-09-2016 15:19:11)
Running from C:\Users\Adamek\Desktop
Loaded Profiles: Adamek (Available Profiles: Adamek & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1511 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-21] ()
HKLM\...\Run: [CNAP2 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\CNAP2LAK.EXE [226784 2010-10-15] (CANON INC.)
HKU\S-1-5-21-2779904772-960423456-2732241709-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2779904772-960423456-2732241709-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6851288 2016-07-13] (Piriform Ltd)
HKU\S-1-5-21-2779904772-960423456-2732241709-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [135168 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
Startup: C:\Users\Adamek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2016-02-01]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7ace9ad0-dd2b-4afe-91e6-abb4996c5121}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a3e57897-35b6-4a16-a0dd-3838aabe06e4}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2779904772-960423456-2732241709-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2779904772-960423456-2732241709-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-2779904772-960423456-2732241709-1000 -> {73503289-7822-4C03-ABC9-E55D3839A546} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
BHO: Podpora odkazu pro Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)

FireFox:
========
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2779904772-960423456-2732241709-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Adamek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-04-03] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2779904772-960423456-2732241709-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-10-30] ()

Chrome: 
=======
CHR Profile: C:\Users\Adamek\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Adamek\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Prezentace Google) - C:\Users\Adamek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-03]
CHR Extension: (Dokumenty Google) - C:\Users\Adamek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-03]
CHR Extension: (Disk Google) - C:\Users\Adamek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-03]
CHR Extension: (YouTube) - C:\Users\Adamek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-03]
CHR Extension: (Tabulky Google) - C:\Users\Adamek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Adamek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-03]
CHR Extension: (AdBlock) - C:\Users\Adamek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-09-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Adamek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-03]
CHR Extension: (Gmail) - C:\Users\Adamek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-03]
CHR Extension: (Chrome Media Router) - C:\Users\Adamek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-12-03] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2016-07-01] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 athur; C:\WINDOWS\System32\drivers\athur.sys [1500160 2010-01-05] (Atheros Communications, Inc.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [243128 2014-10-10] (Disc Soft Ltd)
R0 JRAID; C:\WINDOWS\System32\drivers\jraid.sys [83296 2008-11-04] (JMicron Technology Corp.)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [25416 2014-10-18] ()
S3 RTHDMIAzAudService; C:\WINDOWS\System32\drivers\RtHDMIV.sys [204432 2012-06-05] (Realtek Semiconductor Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x86.sys [242688 2015-10-30] (Marvell)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-14 15:19 - 2016-09-14 15:19 - 00009808 _____ C:\Users\Adamek\Desktop\FRST.txt
2016-09-14 15:19 - 2016-09-14 15:19 - 00000000 ____D C:\FRST
2016-09-14 15:17 - 2016-09-14 15:17 - 01748992 _____ (Farbar) C:\Users\Adamek\Desktop\FRST.exe
2016-09-13 02:49 - 2016-09-13 02:51 - 00000000 ____D C:\AdwCleaner
2016-09-13 02:48 - 2016-09-13 02:49 - 03826240 _____ C:\Users\Adamek\Desktop\adwcleaner_6.010.exe
2016-09-11 13:25 - 2016-09-11 13:25 - 01954265 _____ C:\Users\Adamek\Downloads\14735346490902_usa_A63_M46_Patton_north_america.wotreplay
2016-09-11 07:05 - 2016-09-11 07:05 - 01107968 _____ C:\Users\Adamek\Downloads\RSIT.exe
2016-09-11 07:05 - 2016-09-11 07:05 - 00000000 ____D C:\rsit
2016-09-11 07:05 - 2016-09-11 07:05 - 00000000 ____D C:\Program Files\trend micro
2016-09-10 13:46 - 2016-09-10 13:46 - 02032586 _____ C:\Users\Adamek\Downloads\14726444029379_usa_A69_T110E5_tundra.wotreplay
2016-09-10 13:32 - 2016-09-10 13:32 - 01759710 _____ C:\Users\Adamek\Downloads\14719574438004_usa_A69_T110E5_tundra.wotreplay
2016-09-10 06:11 - 2016-09-10 06:11 - 01647297 _____ C:\Users\Adamek\Downloads\14728464161997_ussr_R53_Object_704_prohorovka_defense.wotreplay
2016-09-10 05:54 - 2016-09-10 05:54 - 02210766 _____ C:\Users\Adamek\Downloads\14704852496476_ussr_R53_Object_704_prohorovka.wotreplay
2016-09-10 05:45 - 2016-09-10 05:45 - 01394404 _____ C:\Users\Adamek\Downloads\14705768283637_germany_G55_E-75_ruinberg.wotreplay
2016-09-10 05:32 - 2016-09-10 05:32 - 01344810 _____ C:\Users\Adamek\Downloads\14733349280981_ussr_R53_Object_704_ruinberg.wotreplay
2016-09-10 05:22 - 2016-09-10 05:23 - 01319299 _____ C:\Users\Adamek\Downloads\14730712639976_ussr_R53_Object_704_fjord.wotreplay
2016-09-10 05:21 - 2016-09-10 05:21 - 01859461 _____ C:\Users\Adamek\Downloads\14709554713473_germany_G55_E-75_fjord.wotreplay
2016-09-10 05:10 - 2016-09-10 05:10 - 01664831 _____ C:\Users\Adamek\Downloads\14721404878787_ussr_R53_Object_704_fjord.wotreplay
2016-09-10 04:55 - 2016-09-10 04:55 - 01281471 _____ C:\Users\Adamek\Downloads\14721957054118_ussr_R53_Object_704_dday.wotreplay
2016-09-10 04:41 - 2016-09-10 04:41 - 01539506 _____ C:\Users\Adamek\Downloads\14713692795439_germany_G55_E-75_malinovka.wotreplay
2016-09-09 15:20 - 2016-09-09 15:20 - 01426594 _____ C:\Users\Adamek\Downloads\14696565121364_usa_A63_M46_Patton_KR_desert.wotreplay
2016-09-07 18:26 - 2016-09-07 18:34 - 532782454 _____ C:\Users\Adamek\Downloads\152CA_2016.91114.part5.rar
2016-09-07 18:05 - 2016-09-07 18:21 - 1073741824 _____ C:\Users\Adamek\Downloads\152CA_2016.91114.part4.rar
2016-09-07 17:52 - 2016-09-07 18:05 - 1073741824 _____ C:\Users\Adamek\Downloads\152CA_2016.91114.part3.rar
2016-09-07 17:28 - 2016-09-07 17:50 - 1073741824 _____ C:\Users\Adamek\Downloads\152CA_2016.91114.part2.rar
2016-09-07 17:03 - 2016-09-07 17:23 - 1073741824 _____ C:\Users\Adamek\Downloads\152CA_2016.91114.part1.rar
2016-09-07 05:49 - 2016-09-07 05:49 - 01793299 _____ C:\Users\Adamek\Downloads\14726848717493_usa_A31_M36_Slagger_hills.wotreplay
2016-09-03 17:52 - 2016-09-03 17:52 - 01505754 _____ C:\Users\Adamek\Downloads\14718103230134_france_F64_AMX_50Fosh_155_monastery.wotreplay
2016-09-03 17:41 - 2016-09-03 17:41 - 00943785 _____ C:\Users\Adamek\Downloads\14724931300056_france_F64_AMX_50Fosh_155_prohorovka.wotreplay
2016-09-03 17:26 - 2016-09-03 17:26 - 01681232 _____ C:\Users\Adamek\Downloads\14719841005697_france_F64_AMX_50Fosh_155_malinovka.wotreplay
2016-09-03 17:16 - 2016-09-03 17:16 - 01215653 _____ C:\Users\Adamek\Downloads\14705668480657_france_F64_AMX_50Fosh_155_hills.wotreplay
2016-08-28 11:23 - 2016-08-28 11:23 - 00000769 _____ C:\Users\Adamek\Desktop\World of Tanks.lnk
2016-08-27 20:34 - 2016-08-28 11:49 - 00000000 ___RD C:\Users\Adamek\Desktop\Plocha

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-14 15:14 - 2015-10-30 07:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-14 15:04 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-14 15:01 - 2016-05-11 16:36 - 00000964 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-13 18:46 - 2016-05-11 16:36 - 00000968 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-13 02:52 - 2016-05-20 16:56 - 00000000 ____D C:\Users\Adamek\AppData\Local\Packages
2016-09-13 02:52 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-01 19:40 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-31 17:42 - 2016-02-13 14:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-31 17:41 - 2015-10-30 07:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-08-28 11:45 - 2016-05-20 16:41 - 01996112 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-28 11:45 - 2016-02-13 13:52 - 00829308 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-28 11:45 - 2016-02-13 13:52 - 00185116 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-28 11:45 - 2015-10-30 07:47 - 00000000 ____D C:\WINDOWS\INF
2016-08-28 11:38 - 2015-04-18 16:06 - 00000000 ____D C:\ProgramData\Origin
2016-08-28 11:37 - 2015-04-18 14:54 - 00000000 ____D C:\Users\Adamek\AppData\Local\Dxtory Software
2016-08-28 11:34 - 2016-07-22 20:35 - 00000000 ____D C:\ProgramData\AVAST Software
2016-08-28 11:23 - 2014-10-10 23:36 - 00000000 ___RD C:\Users\Adamek\Desktop\Games
2016-08-27 21:07 - 2016-05-20 16:42 - 00000000 ____D C:\Users\Adamek
2016-08-27 14:51 - 2014-10-10 20:58 - 00000000 ____D C:\Users\Adamek\Desktop\Tapety
2016-08-26 15:43 - 2014-10-31 21:39 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-08-20 18:04 - 2014-11-07 22:25 - 00000000 ____D C:\Users\Adamek\AppData\Local\The Witcher

==================== Files in the root of some directories =======

2015-11-29 20:08 - 2015-11-29 20:08 - 0139152 _____ () C:\Users\Adamek\AppData\Roaming\PnkBstrK.sys

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-09-07 17:16

==================== End of FRST.txt ============================