﻿Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2017
Ran by demoniaco (administrator) on DEMONIACO-PC (18-12-2017 15:55:49)
Running from C:\Users\demoniaco\Downloads
Loaded Profiles: demoniaco (Available Profiles: demoniaco)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8305664 2016-01-26] (Realtek Semiconductor)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3948216178-4230814366-3817361795-1000\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-3948216178-4230814366-3817361795-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [568904 2017-01-09] (ZONER software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0328A4CB-FD59-4CBA-9BE7-553430266F5E}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3948216178-4230814366-3817361795-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/

FireFox:
========
FF DefaultProfile: d9nevbql.default
FF ProfilePath: C:\Users\demoniaco\AppData\Roaming\Mozilla\Firefox\Profiles\d9nevbql.default [2017-12-18]
FF Homepage: Mozilla\Firefox\Profiles\d9nevbql.default -> moz-extension://ee4e033f-544b-4814-8b0e-982398c13e3c/dynamicHomePage.html
FF NewTabOverride: Mozilla\Firefox\Profiles\d9nevbql.default -> Enabled: _j7Members_@www.convertdocsonline.com
FF Extension: (ConvertDocsOnline) - C:\Users\demoniaco\AppData\Roaming\Mozilla\Firefox\Profiles\d9nevbql.default\Extensions\_j7Members_@www.convertdocsonline.com.xpi [2017-12-17]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)

Chrome: 
=======
CHR NewTab: Default ->  Active:"chrome-extension://hfabogadkbndhkibepllmkfgmfgfafjc/product.html"
CHR Profile: C:\Users\demoniaco\AppData\Local\Google\Chrome\User Data\Default [2017-12-18]
CHR Extension: (Prezentace) - C:\Users\demoniaco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Dokumenty) - C:\Users\demoniaco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Disk Google) - C:\Users\demoniaco\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-07]
CHR Extension: (YouTube) - C:\Users\demoniaco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-07]
CHR Extension: (Tabulky) - C:\Users\demoniaco\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\demoniaco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-07]
CHR Extension: (FromDocToPDF) - C:\Users\demoniaco\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfabogadkbndhkibepllmkfgmfgfafjc [2017-12-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\demoniaco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-07]
CHR Extension: (Gmail) - C:\Users\demoniaco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-07]
CHR Extension: (Chrome Media Router) - C:\Users\demoniaco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-09]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 cphs; C:\Windows\SysWow64\IntelCpHeciSvc.exe [269312 2016-01-26] (Intel Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [99936 2006-11-10] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [X]
R4 cm_km; system32\DRIVERS\cm_km.sys [X]
R4 kl1; system32\DRIVERS\kl1.sys [X]
R4 klbackupdisk; system32\DRIVERS\klbackupdisk.sys [X]
R4 klbackupflt; system32\DRIVERS\klbackupflt.sys [X]
R4 kldisk; system32\DRIVERS\kldisk.sys [X]
R4 klflt; system32\DRIVERS\klflt.sys [X]
R4 klhk; system32\DRIVERS\klhk.sys [X]
R4 KLIF; system32\DRIVERS\klif.sys [X]
R4 klkbdflt; system32\DRIVERS\klkbdflt.sys [X]
R4 klmouflt; system32\DRIVERS\klmouflt.sys [X]
R4 klpd; system32\DRIVERS\klpd.sys [X]
R4 kltdi; system32\DRIVERS\kltdi.sys [X]
R4 kneps; system32\DRIVERS\kneps.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-18 15:55 - 2017-12-18 15:56 - 000007789 _____ C:\Users\demoniaco\Downloads\FRST.txt
2017-12-18 15:55 - 2017-12-18 15:55 - 002392064 _____ (Farbar) C:\Users\demoniaco\Downloads\FRST64.exe
2017-12-18 15:55 - 2017-12-18 15:55 - 000000000 ____D C:\FRST
2017-12-18 15:38 - 2017-12-18 15:38 - 001222144 _____ C:\Users\demoniaco\Downloads\RSITx64.exe
2017-12-18 15:38 - 2017-12-18 15:38 - 000000000 ____D C:\rsit
2017-12-18 15:38 - 2017-12-18 15:38 - 000000000 ____D C:\Program Files\trend micro
2017-12-18 15:04 - 2017-12-18 15:04 - 000331327 _____ C:\Users\demoniaco\Downloads\prilohy_765.zip
2017-12-17 19:28 - 2017-12-17 19:59 - 000248950 _____ C:\Windows\ntbtlog.txt
2017-12-17 15:34 - 2017-12-18 15:49 - 000000000 ____D C:\Program Files\Common Files\AV
2017-12-17 15:34 - 2017-12-17 15:34 - 000003032 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2017-12-17 15:33 - 2017-12-18 15:50 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-12-17 15:33 - 2017-12-17 15:33 - 000149304 ____N (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll
2017-12-17 15:21 - 2017-12-17 15:21 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2017-12-17 15:17 - 2017-12-17 15:17 - 002381360 _____ (Kaspersky Lab) C:\Users\demoniaco\Downloads\kfa18.0.0.405abcs_13252.exe
2017-12-17 15:05 - 2017-12-17 15:05 - 011791896 _____ (rajce.net ) C:\Users\demoniaco\Downloads\rajce-269(1).exe
2017-12-17 14:56 - 2017-12-17 14:57 - 011791896 _____ (rajce.net ) C:\Users\demoniaco\Downloads\rajce-269.exe
2017-12-17 14:47 - 2017-12-17 14:54 - 083995480 _____ (ZONER software ) C:\Users\demoniaco\Downloads\zpsx_cz.exe
2017-12-17 08:28 - 2017-12-17 08:28 - 000454701 _____ C:\Users\demoniaco\Downloads\prilohy_767.zip
2017-12-16 06:24 - 2017-12-16 06:24 - 000335580 _____ C:\Users\demoniaco\Downloads\prilohy_771.zip
2017-12-15 19:30 - 2017-12-15 19:30 - 000220527 _____ C:\Users\demoniaco\Downloads\prilohy_814.zip
2017-12-14 20:48 - 2017-12-18 15:39 - 000000000 ____D C:\Users\demoniaco\AppData\LocalLow\Mozilla
2017-12-14 20:48 - 2017-12-14 20:53 - 000000000 ____D C:\Users\demoniaco\AppData\Local\Mozilla
2017-12-14 20:48 - 2017-12-14 20:48 - 000000000 ____D C:\Users\demoniaco\AppData\Roaming\Mozilla
2017-12-13 16:05 - 2017-12-13 16:05 - 000931507 _____ C:\Users\demoniaco\Downloads\e-ticket (6).pdf
2017-12-13 16:05 - 2017-12-13 16:05 - 000644656 _____ C:\Users\demoniaco\Downloads\e-ticket (8).pdf
2017-12-13 16:05 - 2017-12-13 16:05 - 000644656 _____ C:\Users\demoniaco\Downloads\e-ticket (7).pdf
2017-12-13 15:04 - 2017-11-17 05:23 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-12-13 15:04 - 2017-11-15 02:27 - 000395968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-12-13 15:04 - 2017-11-15 01:36 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-12-13 15:04 - 2017-11-14 04:57 - 025731072 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-12-13 15:04 - 2017-11-14 04:43 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-12-13 15:04 - 2017-11-14 04:43 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-12-13 15:04 - 2017-11-14 04:32 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-12-13 15:04 - 2017-11-14 04:31 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-12-13 15:04 - 2017-11-14 04:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-12-13 15:04 - 2017-11-14 04:30 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-12-13 15:04 - 2017-11-14 04:30 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-12-13 15:04 - 2017-11-14 04:30 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-12-13 15:04 - 2017-11-14 04:25 - 005925888 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-12-13 15:04 - 2017-11-14 04:24 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-12-13 15:04 - 2017-11-14 04:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-12-13 15:04 - 2017-11-14 04:21 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-12-13 15:04 - 2017-11-14 04:20 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-12-13 15:04 - 2017-11-14 04:20 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-12-13 15:04 - 2017-11-14 04:20 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-12-13 15:04 - 2017-11-14 04:20 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-12-13 15:04 - 2017-11-14 04:15 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-13 15:04 - 2017-11-14 04:12 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-12-13 15:04 - 2017-11-14 04:06 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-12-13 15:04 - 2017-11-14 04:06 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-13 15:04 - 2017-11-14 04:05 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-12-13 15:04 - 2017-11-14 04:03 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-12-13 15:04 - 2017-11-14 04:02 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-12-13 15:04 - 2017-11-14 04:00 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-12-13 15:04 - 2017-11-14 03:59 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-12-13 15:04 - 2017-11-14 03:51 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-12-13 15:04 - 2017-11-14 03:48 - 015267328 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-12-13 15:04 - 2017-11-14 03:48 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-12-13 15:04 - 2017-11-14 03:48 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-12-13 15:04 - 2017-11-14 03:47 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-12-13 15:04 - 2017-11-14 03:46 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-12-13 15:04 - 2017-11-14 03:39 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-12-13 15:04 - 2017-11-14 03:27 - 001544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-12-13 15:04 - 2017-11-14 03:16 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-12-13 15:04 - 2017-11-14 02:37 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-12-13 15:04 - 2017-11-14 02:15 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-12-13 15:04 - 2017-11-14 02:15 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-12-13 15:04 - 2017-11-14 02:15 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-12-13 15:04 - 2017-11-14 02:10 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-12-13 15:04 - 2017-11-14 01:32 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-12-13 15:04 - 2017-11-14 01:31 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-12-13 15:04 - 2017-11-07 21:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-12-13 15:04 - 2017-11-07 21:46 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-12-13 15:04 - 2017-11-07 21:46 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-12-13 15:04 - 2017-11-07 21:46 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-12-13 15:04 - 2017-11-07 21:44 - 002293760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-12-13 15:04 - 2017-11-07 21:41 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-12-13 15:04 - 2017-11-07 21:41 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-12-13 15:04 - 2017-11-07 21:40 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-12-13 15:04 - 2017-11-07 21:39 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-12-13 15:04 - 2017-11-07 21:38 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-12-13 15:04 - 2017-11-07 21:38 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-12-13 15:04 - 2017-11-07 21:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-12-13 15:04 - 2017-11-07 21:28 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-12-13 15:04 - 2017-11-07 21:28 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-12-13 15:04 - 2017-11-07 21:27 - 004509696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-12-13 15:04 - 2017-11-07 21:26 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-12-13 15:04 - 2017-11-07 21:24 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-12-13 15:04 - 2017-11-07 21:19 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-12-13 15:04 - 2017-11-07 21:18 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-12-13 15:04 - 2017-11-07 21:17 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-12-13 15:04 - 2017-11-07 21:17 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-12-13 15:04 - 2017-11-07 21:04 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-12-13 15:04 - 2017-11-07 21:01 - 001313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-12-13 15:04 - 2017-11-07 20:58 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-12-13 15:04 - 2017-11-07 17:31 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-12-13 15:04 - 2017-11-07 17:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-12-13 15:04 - 2017-11-04 16:31 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2017-12-13 15:04 - 2017-11-04 16:31 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2017-12-13 15:04 - 2017-11-04 16:10 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2017-12-13 15:04 - 2017-11-04 16:10 - 000142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2017-12-13 15:04 - 2017-11-02 17:55 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2017-12-13 15:04 - 2017-11-02 17:55 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2017-12-13 15:04 - 2017-11-02 17:55 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2017-12-13 15:04 - 2017-11-02 17:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2017-12-13 15:04 - 2017-11-02 16:11 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2017-12-13 15:04 - 2017-11-02 16:11 - 000115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll
2017-12-13 15:04 - 2017-11-02 16:11 - 000075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2017-12-13 15:04 - 2017-11-02 15:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll
2017-12-13 15:04 - 2017-10-17 00:04 - 001001984 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2017-12-13 15:04 - 2017-10-16 23:46 - 000953344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2017-12-13 15:04 - 2017-10-12 01:20 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2017-12-13 14:55 - 2017-12-13 14:55 - 000336520 _____ C:\Users\demoniaco\Downloads\prilohy_773.zip
2017-12-12 17:17 - 2017-12-12 17:17 - 000931507 _____ C:\Users\demoniaco\Downloads\e-ticket (5).pdf
2017-12-12 17:16 - 2017-12-12 17:16 - 000931507 _____ C:\Users\demoniaco\Downloads\e-ticket (4).pdf
2017-12-12 17:16 - 2017-12-12 17:16 - 000644656 _____ C:\Users\demoniaco\Downloads\e-ticket (3).pdf
2017-12-12 14:52 - 2017-12-12 14:52 - 000221060 _____ C:\Users\demoniaco\Downloads\prilohy_775.zip
2017-12-11 13:49 - 2017-12-11 13:49 - 000644656 _____ C:\Users\demoniaco\Downloads\e-ticket (2).pdf
2017-12-11 13:48 - 2017-12-11 13:48 - 000931507 _____ C:\Users\demoniaco\Downloads\e-ticket (1).pdf
2017-12-11 13:41 - 2017-12-11 13:41 - 000931507 _____ C:\Users\demoniaco\Downloads\e-ticket.pdf
2017-12-11 07:03 - 2017-12-11 07:03 - 000335871 _____ C:\Users\demoniaco\Downloads\prilohy_769 (1).zip
2017-12-11 07:02 - 2017-12-11 07:02 - 000335871 _____ C:\Users\demoniaco\Downloads\prilohy_769.zip
2017-12-10 11:40 - 2017-12-17 14:35 - 000000000 ____D C:\Users\demoniaco\Desktop\2017 16.12. Hasiči
2017-12-10 07:37 - 2017-12-10 07:37 - 001110007 _____ C:\Users\demoniaco\Downloads\prilohy_777.zip
2017-12-08 09:07 - 2017-12-08 09:07 - 000440125 _____ C:\Users\demoniaco\Downloads\prilohy_740.zip
2017-12-07 09:06 - 2017-12-07 09:06 - 000334970 _____ C:\Users\demoniaco\Downloads\prilohy_581.zip
2017-12-07 09:06 - 2017-12-07 09:06 - 000334970 _____ C:\Users\demoniaco\Downloads\prilohy_581 (1).zip
2017-11-29 21:09 - 2017-11-29 21:09 - 000000000 ____D C:\Users\demoniaco\AppData\Local\CrashDumps
2017-11-27 15:24 - 2017-11-27 15:24 - 000172687 _____ C:\Users\demoniaco\Downloads\prilohy_670.zip
2017-11-22 14:54 - 2017-11-22 14:54 - 000329549 _____ C:\Users\demoniaco\Downloads\prilohy_601.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-18 15:50 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-12-18 15:13 - 2009-07-14 05:45 - 000015296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-18 15:13 - 2009-07-14 05:45 - 000015296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-18 15:06 - 2009-07-14 16:18 - 000668542 _____ C:\Windows\system32\perfh005.dat
2017-12-18 15:06 - 2009-07-14 16:18 - 000141202 _____ C:\Windows\system32\perfc005.dat
2017-12-18 15:06 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-18 15:00 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-17 15:34 - 2017-10-07 13:38 - 000058400 _____ C:\Users\demoniaco\AppData\Local\GDIPFONTCACHEV1.DAT
2017-12-17 14:40 - 2009-07-14 05:45 - 000268800 _____ C:\Windows\system32\FNTCACHE.DAT
2017-12-14 18:23 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2017-12-14 16:45 - 2017-10-05 10:46 - 000000000 ____D C:\Users\demoniaco
2017-12-14 16:45 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Setup
2017-12-14 16:45 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Setup
2017-12-14 16:02 - 2016-06-17 07:25 - 000000000 ____D C:\Windows\system32\MRT
2017-12-14 15:58 - 2017-10-11 20:30 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-12-14 15:57 - 2016-06-17 07:25 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-12-08 23:38 - 2017-10-07 13:21 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-05 08:00 - 2017-10-05 11:29 - 000000000 ____D C:\Users\demoniaco\Documents\zakázky

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-12-09 09:28

==================== End of FRST.txt ============================