﻿Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
Ran by Jožin (administrator) on JOŽIN-PC (15-01-2017 10:13:30)
Running from C:\Users\Jožin\Downloads
Loaded Profiles: Jožin (Available Profiles: Jožin)
Platform: Windows 10 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_960c1f056a541068\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_960c1f056a541068\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Validity Sensors, Inc.) C:\Windows\System32\vfsFPService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Genius\ioCentre\GMouseService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
() C:\Windows\Temp\gB5B2.tmp.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
() C:\Genius\ioCentre\gTaskBar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Genius\ioCentre\gMouseTask.exe
() C:\Genius\ioCentre\gKbdTask.exe
(ioCentre) C:\Genius\ioCentre\gIoCentreFunMgm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Users\Jožin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jožin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jožin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jožin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jožin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jožin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jožin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jožin\AppData\Local\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Users\Jožin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jožin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jožin\AppData\Local\Google\Chrome\Application\chrome.exe
(Ghisler Software GmbH) C:\Program Files (x86)\totalcmd\TOTALCMD.EXE
() C:\Users\Jožin\Downloads\adwcleaner_6.042.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Users\Jožin\AppData\Local\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Farbar) C:\Users\Jožin\Downloads\FRST64_setup.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [KONICA MINOLTA PagePro 1350WStatusDisplay] => C:\WINDOWS\system32\MSTM64_Q.EXE [247736 2011-03-25] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-03-30] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM-x32\...\Run: [HPCam_Menu] => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-10-05] (Apple Inc.)
HKLM-x32\...\Run: [PowerDVD13Agent] => C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe [517144 2013-07-05] (CyberLink Corp.)
HKLM-x32\...\Run: [DpAgent] => C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe [842816 2009-12-01] (DigitalPersona, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1994752 2014-02-20] (Wondershare)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [917576 2016-12-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61640 2016-11-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [TaskTray] => [X]
HKLM-x32\...\Run: [ioCentre] => C:\Genius\ioCentre\gTaskBar.exe [61440 2012-04-23] ()
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3695787775-2199685802-2270573759-1001\...\Run: [Google Update] => C:\Users\Jožin\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-17] (Google Inc.)
HKU\S-1-5-21-3695787775-2199685802-2270573759-1001\...\Run: [] => [X]
HKU\S-1-5-21-3695787775-2199685802-2270573759-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-09] (Valve Corporation)
HKU\S-1-5-21-3695787775-2199685802-2270573759-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
Lsa: [Notification Packages] scecli DPPWDFLT
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-10-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-10-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-10-16] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [SmartFTP Drop] -> {EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD} => C:\Program Files\SmartFTP Client\ShellTools.dll [2016-07-13] (SmartSoft Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2016-02-01]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2016-02-01]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
Startup: C:\Users\Jožin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Degoo .lnk [2016-06-27]
ShortcutTarget: Degoo .lnk -> C:\Users\Jožin\AppData\Local\Degoo\Degoo.exe (Degoo Backup AB)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1e77603b-25ad-4d26-8058-d36f5767a6f9}: [DhcpNameServer] 147.251.6.10 147.251.4.33
Tcpip\..\Interfaces\{2338ccb5-0a1b-462b-b430-0b7c2d6f4e08}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{80f243a1-9c52-4760-8918-7076ba261646}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-3695787775-2199685802-2270573759-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3695787775-2199685802-2270573759-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3695787775-2199685802-2270573759-1001 -> DefaultScope {D7BEF56E-4DB8-4599-A1FC-A9DEA9DF1F0E} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3695787775-2199685802-2270573759-1001 -> {4AD43A14-AA87-4d4b-A345-B0BC1C61BC76} URL = hxxp://www.google.cn/search?hl=zh-CN&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3695787775-2199685802-2270573759-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-3695787775-2199685802-2270573759-1001 -> {C3BBCD0B-9234-4d36-9151-EC49EE32FCE3} URL = hxxp://www.baidu.com/s?wd={searchTerms}&tn=28026190_dg&ie=utf-8
SearchScopes: HKU\S-1-5-21-3695787775-2199685802-2270573759-1001 -> {D7BEF56E-4DB8-4599-A1FC-A9DEA9DF1F0E} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: DigitalPersona Personal Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-12-01] (DigitalPersona, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: DigitalPersona Personal Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-12-01] (DigitalPersona, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-09] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-09] (Oracle Corporation)
DPF: HKLM-x32 {45830FF9-D9E6-4F41-86ED-B266933D8E90} hxxp://90.178.13.203/RtspVaPgDec.cab
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2016-03-29] (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-03-29] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Jožin\AppData\Roaming\Mozilla\Firefox\Profiles\J2cMOfMU.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2013-11-05] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-09] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2013-11-05] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3695787775-2199685802-2270573759-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jožin\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3695787775-2199685802-2270573759-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jožin\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\Jožin\AppData\Roaming\Mozilla\Firefox\Profiles\J2cMOfMU.default\Extensions\abs@avira.com.xpi [2016-04-09]
FF Extension: Avira SafeSearch Plus - C:\Users\Jožin\AppData\Roaming\Mozilla\Firefox\Profiles\J2cMOfMU.default\Extensions\safesearchplus2@avira.com.xpi [2016-04-09]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2013-09-01]
FF HKU\S-1-5-21-3695787775-2199685802-2270573759-1001\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext

Chrome: 
=======
CHR HomePage: ChromeDefaultData -> hxxp://www.google.com
CHR Profile: C:\Users\Jožin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Jožin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-03-27]
CHR Extension: (Duolingo on the Web) - C:\Users\Jožin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2013-11-07]
CHR Extension: (Dokumenty Google) - C:\Users\Jožin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-24]
CHR Extension: (Disk Google) - C:\Users\Jožin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-24]
CHR Extension: (YouTube) - C:\Users\Jožin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Jožin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-24]
CHR Extension: (Avira Browser Safety) - C:\Users\Jožin\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-04-09]
CHR Extension: (GIVT.cz) - C:\Users\Jožin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggfjoibkmcdpipebclkmekplmdjhmkop [2016-11-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jožin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-29]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\Jožin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2013-10-17]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\Jožin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2016-04-09]
CHR Extension: (Citace PRO) - C:\Users\Jožin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncpfaidppllikakgbjppnjfidjkpafmp [2014-03-31]
CHR Extension: (Mailtrack for Gmail: email tracking) - C:\Users\Jožin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2016-11-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jožin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Fast search) - C:\Users\Jožin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-01-10]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Jožin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2014-05-20]
CHR Extension: (Gmail) - C:\Users\Jožin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-24]
CHR Extension: (Chrome Media Router) - C:\Users\Jožin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-22]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.XODTEJPIAS5PM4B2IC7GITNDWE - C:\Users\Jožin\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1089592 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1490296 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [344064 2009-04-09] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [405504 2008-12-10] () [File not signed]
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350528 2016-11-24] (Avira Operations GmbH & Co. KG)
R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-07-05] (CyberLink)
R2 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-07-05] (CyberLink)
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [11776 2012-05-19] () [File not signed]
R2 DpHost; C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe [322624 2009-12-01] (DigitalPersona, Inc.) [File not signed]
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 GeniusMouseService; C:\Genius\ioCentre\GMouseService.exe [16384 2010-03-11] () [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S3 MessagingService; C:\Windows\System32\MessagingService.dll [52736 2015-10-30] (Microsoft Corporation)
U3 MessagingService_489f4; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_489f4; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
S3 MessagingService_49708; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S3 MessagingService_49708; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_497dc; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_497dc; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_58acaf; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_58acaf; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_6057bdd; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_6057bdd; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_64b2e; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_64b2e; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_e052da; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_e052da; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26624 2016-01-31] (Microsoft Corporation)
S2 Nunesstither; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S2 Nunesstither; C:\Windows\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
U2 OneSyncSvc_489f4; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_489f4; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
R2 OneSyncSvc_49708; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
R2 OneSyncSvc_49708; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_497dc; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_497dc; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_58acaf; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_58acaf; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_6057bdd; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_6057bdd; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_64b2e; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_64b2e; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_e052da; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_e052da; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38240 2016-02-01] (The OpenVPN Project)
U3 PimIndexMaintenanceSvc_489f4; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_489f4; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_49708; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_49708; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_497dc; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_497dc; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_58acaf; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_58acaf; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_6057bdd; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_6057bdd; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_64b2e; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_64b2e; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_e052da; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_e052da; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
R2 STacSV; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
S2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [290304 2015-10-30] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [87040 2016-07-01] (Microsoft Corporation)
U3 UnistoreSvc_489f4; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_489f4; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
S3 UnistoreSvc_49708; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S3 UnistoreSvc_49708; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_497dc; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_497dc; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_58acaf; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_58acaf; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_6057bdd; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_6057bdd; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_64b2e; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_64b2e; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_e052da; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_e052da; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_489f4; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_489f4; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
S3 UserDataSvc_49708; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S3 UserDataSvc_49708; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_497dc; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_497dc; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_58acaf; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_58acaf; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_6057bdd; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_6057bdd; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_64b2e; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_64b2e; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_e052da; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_e052da; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 vfsFPService; c:\Windows\system32\vfsFPService.exe [721712 2009-03-26] (Validity Sensors, Inc.)
R2 vfsFPService; c:\Windows\SysWOW64\vfsFPService.exe [599344 2009-03-26] (Validity Sensors, Inc.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2016-01-31] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [579072 2016-01-31] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AVerAF15; C:\Windows\System32\Drivers\AVerAF15.sys [311424 2009-05-22] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [151352 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [153904 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-02-22] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-23] (Avira Operations GmbH & Co. KG)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2015-10-30] (Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 Dokan; C:\WINDOWS\system32\drivers\dokan.sys [106888 2012-05-19] (Windows (R) Win 7 DDK provider)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [16776 2010-07-15] () [File not signed]
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14216 2010-07-15] () [File not signed]
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [9096 2010-07-15] () [File not signed]
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [8456 2010-07-15] () [File not signed]
R3 gHidPnp; C:\Windows\System32\Drivers\gHidPnp.Sys [25600 2011-10-26] ()
R3 gMouUsb; C:\Windows\System32\drivers\gMouUsb.sys [14336 2009-11-02] ()
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [81408 2015-10-30] (Intel(R) Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [165888 2015-10-30] (Intel Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-01-14] (Malwarebytes)
S2 MLPTDR_Q; \??\C:\WINDOWS\system32\ [0 ] () <==== ATTENTION (zero byte File/Folder)
S2 MLPTDR_Q; \??\C:\WINDOWS\SysWOW64\ [0 ] () <==== ATTENTION (zero byte File/Folder)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175616 2016-01-31] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-03-30] (Synaptics Incorporated)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-08-24] (Duplex Secure Ltd.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45056 2015-10-30] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-07-05] (CyberLink Corp.)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-15 10:15 - 2017-01-15 10:15 - 00000000 _____ C:\Users\Jožin\Downloads\SpywareTerminatorSetup.exe
2017-01-15 10:13 - 2017-01-15 10:16 - 00036822 _____ C:\Users\Jožin\Downloads\FRST.txt
2017-01-15 10:12 - 2017-01-15 10:13 - 00000000 ____D C:\FRST
2017-01-15 10:11 - 2017-01-15 10:12 - 02193920 _____ (Farbar) C:\Users\Jožin\Downloads\FRST64_setup.exe
2017-01-15 10:01 - 2017-01-15 10:01 - 00021005 _____ C:\Users\Jožin\Downloads\FRST_forum.zip
2017-01-14 23:07 - 2017-01-14 23:07 - 03988944 _____ C:\Users\Jožin\Downloads\adwcleaner_6.042.exe
2017-01-10 18:20 - 2017-01-10 18:29 - 00000000 ____D C:\Users\Jožin\AppData\Roaming\TS3Client
2017-01-10 18:20 - 2017-01-10 18:20 - 00001013 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2017-01-10 18:20 - 2017-01-10 18:20 - 00000975 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-01-10 18:20 - 2017-01-10 18:20 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-01-10 07:06 - 2017-01-10 07:06 - 00000000 ____D C:\ProgramData\Avg
2017-01-10 07:05 - 2017-01-10 07:18 - 00000000 ____D C:\Users\Joﾞin\AppData\Local\Clcughtdupersy
2017-01-10 07:05 - 2017-01-10 07:05 - 00006108 _____ C:\WINDOWS\System32\Tasks\Shawosataleent Cloud
2017-01-10 07:05 - 2017-01-10 07:05 - 00000000 ____D C:\Users\Joﾞin
2017-01-10 07:03 - 2017-01-10 14:29 - 00000000 ____D C:\Users\Jožin\AppData\Roaming\Terlcultclhach
2017-01-10 07:03 - 2017-01-10 07:03 - 00016812 _____ C:\WINDOWS\System32\Tasks\270051v3a62h24
2017-01-10 07:03 - 2017-01-10 07:03 - 00000000 ___HD C:\ProgramData\270051v3a62h24
2017-01-10 07:03 - 2017-01-10 07:03 - 00000000 ____D C:\Users\Jožin\AppData\Local\Clcughtdupersy
2017-01-08 17:32 - 2017-01-10 07:10 - 00000000 ____D C:\Program Files\Guild Wars 2
2017-01-08 17:32 - 2017-01-08 17:32 - 00000999 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2017-01-08 17:32 - 2017-01-08 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2017-01-08 17:29 - 2017-01-08 17:32 - 00000000 ____D C:\Users\Jožin\AppData\Roaming\Guild Wars 2
2017-01-08 17:29 - 2017-01-08 17:29 - 30035624 _____ (ArenaNet) C:\Users\Jožin\Downloads\Gw2Setup-64.tmp
2017-01-08 17:29 - 2017-01-08 17:29 - 00000000 ____D C:\Users\Jožin\Downloads\bin64
2017-01-08 17:29 - 2017-01-08 17:29 - 00000000 _____ C:\Users\Jožin\Downloads\Gw2.tmp
2017-01-08 17:29 - 2017-01-08 17:29 - 00000000 _____ C:\Users\Jožin\Downloads\Gw2.dat
2017-01-08 17:27 - 2017-01-08 17:29 - 30035624 _____ (ArenaNet) C:\Users\Jožin\Downloads\Gw2Setup-64.exe
2016-12-22 18:43 - 2016-12-22 18:49 - 183484416 _____ C:\Users\Jožin\Downloads\The-big-bang-theory-S10E11-CZ-tit-v-obraze.avi
2016-12-20 23:16 - 2016-12-20 23:23 - 00000000 ____D C:\ProgramData\AutoKMS

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-15 10:13 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\sru
2017-01-15 10:00 - 2014-10-10 18:29 - 00000000 ____D C:\AdwCleaner
2017-01-15 09:40 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-14 23:36 - 2016-09-26 20:55 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2017-01-14 23:34 - 2016-01-31 16:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-14 23:33 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2017-01-14 23:16 - 2016-10-01 06:21 - 00029770 _____ C:\WINDOWS\PFRO.log
2017-01-14 23:14 - 2016-02-29 18:54 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-01-14 23:13 - 2016-01-31 15:46 - 00000000 ___RD C:\Users\Jožin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2017-01-14 22:52 - 2016-03-06 15:42 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-14 17:28 - 2016-01-31 15:43 - 02048174 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-14 17:28 - 2015-10-30 19:31 - 00848218 _____ C:\WINDOWS\system32\perfh005.dat
2017-01-14 17:28 - 2015-10-30 19:31 - 00194132 _____ C:\WINDOWS\system32\perfc005.dat
2017-01-14 17:24 - 2016-09-28 09:03 - 00014825 _____ C:\WINDOWS\setupact.log
2017-01-14 15:02 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-11 22:49 - 2016-01-31 15:46 - 00000000 ____D C:\Users\Jožin
2017-01-11 21:48 - 2015-12-02 17:26 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-11 21:46 - 2015-07-16 21:16 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-10 18:15 - 2013-08-24 11:57 - 00000000 ____D C:\SwSetup
2017-01-10 14:29 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\ShellNew
2017-01-10 07:06 - 2016-07-18 17:56 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2017-01-10 07:06 - 2016-04-09 11:40 - 00000000 ____D C:\ProgramData\Avira
2017-01-10 07:06 - 2016-03-07 15:54 - 00000000 ____D C:\ProgramData\AVAST Software
2017-01-10 07:06 - 2015-11-03 14:53 - 00000000 ____D C:\Program Files (x86)\ClockworkMod
2017-01-10 07:06 - 2015-02-01 14:58 - 00000000 ____D C:\Program Files (x86)\OpenOMR
2017-01-10 07:06 - 2013-08-24 14:01 - 00000000 ____D C:\Program Files (x86)\Daum
2017-01-09 21:43 - 2016-01-31 20:23 - 00000000 ____D C:\Users\Jožin\AppData\Local\Deployment
2017-01-08 17:59 - 2013-08-24 16:16 - 00000000 ____D C:\Hudba
2016-12-23 17:57 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-12-20 23:15 - 2016-01-31 15:33 - 07183504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-20 23:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-20 17:42 - 2013-08-24 11:18 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-20 17:20 - 2013-08-24 11:15 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-18 17:49 - 2013-09-25 18:06 - 00000000 ____D C:\Users\Jožin\Downloads\Škola
2016-12-17 10:17 - 2014-01-12 22:45 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 10:17 - 2014-01-12 22:45 - 00003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-17 10:09 - 2013-08-24 11:44 - 00003734 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3695787775-2199685802-2270573759-1001UA
2016-12-17 10:09 - 2013-08-24 11:44 - 00003466 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3695787775-2199685802-2270573759-1001Core

==================== Files in the root of some directories =======

2015-02-01 16:32 - 2015-02-01 16:32 - 0000604 ____H () C:\Program Files (x86)\_Z2
2014-04-16 18:58 - 2016-08-26 20:04 - 0000132 _____ () C:\Users\Jožin\AppData\Roaming\Formát PNG Adobe CC – předvolby
2016-02-29 17:54 - 2016-02-29 17:54 - 0005120 _____ () C:\Users\Jožin\AppData\Roaming\GiftBag.db
2016-12-01 22:40 - 2016-12-01 22:40 - 0000017 _____ () C:\Users\Jožin\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
C:\Users\Jožin\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2017-01-07 10:24

==================== End of FRST.txt ============================