Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02.01.2018
Ran by Michal (administrator) on MICHAL-PC (04-01-2018 17:33:32)
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Platform: Microsoft Windows 7 Ultimate  (X86) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(PS Media s.r.o.) C:\Windows\System32\ssins.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\Users\Michal\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(© 2015 Microsoft Corporation) C:\Users\Michal\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1486848 2009-08-28] (VIA)
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [85160 2009-06-17] (Elaborate Bytes AG)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2017-12-24] (AVAST Software)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2705825513-2259607036-276810854-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Michal\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2705825513-2259607036-276810854-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Michal\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2705825513-2259607036-276810854-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-2705825513-2259607036-276810854-1000\...\Run: [BingSvc] => C:\Users\Michal\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2705825513-2259607036-276810854-1000\...\MountPoints2: {59c696ea-d94f-11e4-8057-002354578bfd} - F:\Autorun.exe
HKU\S-1-5-21-2705825513-2259607036-276810854-1000\...\MountPoints2: {7a4220d6-d94e-11e4-95b1-002354578bfd} - K:\SETUP.EXE
HKU\S-1-5-21-2705825513-2259607036-276810854-1000\...\MountPoints2: {7a4220ec-d94e-11e4-95b1-002354578bfd} - L:\Autorun.exe
HKU\S-1-5-21-2705825513-2259607036-276810854-1000\...\MountPoints2: {7a422103-d94e-11e4-95b1-002354578bfd} - L:\Autorun.exe
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2016-02-20]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{9CCC64D7-6103-4647-A46D-F86EDE5AE4DC}: [DhcpNameServer] 10.0.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2705825513-2259607036-276810854-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
HKU\S-1-5-21-2705825513-2259607036-276810854-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://seznam.cz/
SearchScopes: HKU\S-1-5-21-2705825513-2259607036-276810854-1000 -> {08EF5516-474C-4511-8F35-1B7D93DCA53B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2705825513-2259607036-276810854-1000 -> {0F76AAC6-42BC-4610-9C8A-9399E3D398D4} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2705825513-2259607036-276810854-1000 -> {2D82F268-D05D-4321-8ADF-206C97868EB1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2705825513-2259607036-276810854-1000 -> {36CAF0EF-AE29-4F42-AA9B-328786A78C46} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2705825513-2259607036-276810854-1000 -> {473529CB-C48A-4E45-868A-595703AE7999} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2705825513-2259607036-276810854-1000 -> {7D3327A4-BB99-4643-850A-314D65661B33} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2705825513-2259607036-276810854-1000 -> {9E132F0B-C4FA-4729-819F-E2815DC6350C} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2705825513-2259607036-276810854-1000 -> {BB3FB6E5-61CB-4C3C-8473-82C2025BDADF} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2705825513-2259607036-276810854-1000 -> {C87E3BD7-57AC-49BA-B99B-E0482F9E25A6} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12902
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-17] (AVAST Software)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-26] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\d89bb2cp.default [2018-01-04]
FF Homepage: Mozilla\Firefox\Profiles\d89bb2cp.default -> hxxps://www.seznam.cz/
FF NewTabOverride: Mozilla\Firefox\Profiles\d89bb2cp.default -> Enabled: "id":"{ea614400-e918-4741-9a97-7a972ff7c30b
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\d89bb2cp.default\Extensions\sko-extension@firma.seznam.cz.xpi [2017-12-25]
FF Extension: (Avast SafePrice) - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\d89bb2cp.default\Extensions\sp@avast.com.xpi [2017-11-17]
FF Extension: (Avast Online Security) - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\d89bb2cp.default\Extensions\wrc@avast.com.xpi [2017-11-17]
FF SearchPlugin: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\d89bb2cp.default\searchplugins\ask-web-search.xml [2016-02-27]
FF SearchPlugin: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\d89bb2cp.default\searchplugins\bing-.xml [2015-10-31]
FF SearchPlugin: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\d89bb2cp.default\searchplugins\firmycz.xml [2015-04-03]
FF SearchPlugin: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\d89bb2cp.default\searchplugins\zbocz.xml [2015-04-03]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-13] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2705825513-2259607036-276810854-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Michal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-22] (Unity Technologies ApS)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR NewTab: Default -> "active": true,
            "entry": "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
          
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default [2017-12-24]
CHR Extension: (Prezentace Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-02]
CHR Extension: (Dokumenty Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-02]
CHR Extension: (Disk Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-05-20]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-04-09]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-08]
CHR Extension: (Vyhledávání Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2017-08-08]
CHR Extension: (Adobe Acrobat) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-20]
CHR Extension: (Avast SafePrice) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-04-09]
CHR Extension: (Tabulky Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-09]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-05-20]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-08]
CHR HKLM\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2705825513-2259607036-276810854-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2705825513-2259607036-276810854-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5906816 2017-12-24] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2017-12-24] (AVAST Software)
R2 ssinstall; C:\Windows\System32\ssins.exe [4696960 2016-11-24] (PS Media s.r.o.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S2 Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [158224 2017-12-24] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [255584 2017-12-24] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [157376 2017-12-24] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [276696 2017-12-24] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [50344 2017-12-24] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [118144 2017-12-24] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42824 2017-12-24] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [39784 2017-09-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [124408 2017-12-24] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [99528 2017-12-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [70832 2017-12-24] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783104 2017-12-24] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [390272 2017-12-24] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [151328 2017-12-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [294680 2017-12-24] (AVAST Software)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [26024 2009-12-17] (Elaborate Bytes AG)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1077760 2009-08-17] (VIA Technologies, Inc.)
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwusb_cdcacm; system32\DRIVERS\ew_cdcacm.sys [X]
S3 hwusb_wwanecm; system32\DRIVERS\ew_wwanecm.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-04 17:33 - 2018-01-04 17:33 - 000017178 _____ C:\Users\Michal\Desktop\FRST.txt
2018-01-04 17:32 - 2018-01-04 17:33 - 000000000 ____D C:\FRST
2018-01-04 17:31 - 2018-01-04 17:27 - 002393088 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2018-01-04 17:31 - 2018-01-04 17:27 - 001753600 _____ (Farbar) C:\Users\Michal\Desktop\FRST.exe
2018-01-04 17:16 - 2018-01-04 17:16 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-12-26 21:03 - 2017-12-24 11:54 - 000305840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-12-24 11:55 - 2017-12-24 11:54 - 000118144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2017-12-06 14:22 - 2017-12-06 14:22 - 000000000 ____D C:\Program Files\Common Files\Avast Software

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-04 17:33 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2018-01-04 17:32 - 2015-04-02 16:44 - 001478586 _____ C:\Windows\system32\PerfStringBackup.INI
2018-01-04 17:32 - 2009-07-26 18:53 - 000634308 _____ C:\Windows\system32\perfh005.dat
2018-01-04 17:32 - 2009-07-26 18:53 - 000122898 _____ C:\Windows\system32\perfc005.dat
2018-01-04 17:21 - 2015-04-03 13:40 - 000000000 ____D C:\Users\Michal\AppData\Roaming\Seznam.cz
2018-01-04 17:21 - 2009-07-14 05:34 - 000016160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-01-04 17:21 - 2009-07-14 05:34 - 000016160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-04 17:16 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-26 21:04 - 2016-06-09 17:52 - 000002003 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-12-26 21:02 - 2015-04-02 16:30 - 000000000 ____D C:\Users\Michal
2017-12-26 21:01 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\registration
2017-12-26 20:42 - 2016-11-16 08:22 - 000000000 ____D C:\Users\Michal\AppData\LocalLow\Mozilla
2017-12-25 19:48 - 2015-05-01 17:49 - 000000000 ____D C:\Users\Michal\AppData\Roaming\vlc
2017-12-24 12:13 - 2016-08-11 18:53 - 000001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-12-24 11:54 - 2017-11-17 14:22 - 000158224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2017-12-24 11:54 - 2017-04-05 10:32 - 000276696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblogx.sys
2017-12-24 11:54 - 2017-04-05 10:32 - 000255584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2017-12-24 11:54 - 2017-04-05 10:32 - 000157376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidshx.sys
2017-12-24 11:54 - 2017-04-05 10:32 - 000050344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbunivx.sys
2017-12-24 11:54 - 2015-04-02 17:48 - 000783104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-12-24 11:54 - 2015-04-02 17:48 - 000390272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-12-24 11:54 - 2015-04-02 17:48 - 000294680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-12-24 11:54 - 2015-04-02 17:48 - 000151328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-12-24 11:54 - 2015-04-02 17:48 - 000124408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-12-24 11:54 - 2015-04-02 17:48 - 000099528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-12-24 11:54 - 2015-04-02 17:48 - 000070832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-12-24 11:54 - 2015-04-02 17:48 - 000042824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-12-13 13:06 - 2015-04-02 18:03 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-12-13 13:06 - 2015-04-02 17:28 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-12-13 13:06 - 2015-04-02 17:28 - 000000000 ____D C:\Windows\system32\Macromed
2017-12-11 08:22 - 2015-04-03 13:39 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-12-10 16:56 - 2016-11-15 20:00 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-12-07 07:56 - 2015-04-02 16:52 - 000002141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Files in the root of some directories =======

2016-04-26 19:24 - 2016-04-27 09:34 - 000000202 _____ () C:\Users\Michal\AppData\Roaming\pdfshaper.ini
2015-11-07 17:40 - 2015-11-07 17:40 - 000003584 _____ () C:\Users\Michal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-12-19 19:48

==================== End of FRST.txt ============================