Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.02.2018
Ran by micha (administrator) on DESKTOP-73FH5QT (25-02-2018 00:03:24)
Running from C:\Users\micha\Desktop
Loaded Profiles: micha (Available Profiles: micha)
Platform: Windows 10 Home Version 1709 16299.125 (X64) Language: Tcheco (Tchéquia)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122461.inf_amd64_ac02a4363c345cef\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Dell Dock Update\DUWrapperService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
() C:\Program Files\Cold Turkey\ServiceHub.Power.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122461.inf_amd64_ac02a4363c345cef\igfxEM.exe
(Cold Turkey Software Inc.) C:\Program Files\Cold Turkey\Cold Turkey Blocker.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Oracle Corporation) C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe
(Spotify Ltd) C:\Users\micha\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(RescueTime, Inc.) C:\Program Files (x86)\RescueTime\RescueTime.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Cold Turkey Software Inc.) C:\Program Files\Cold Turkey\CTMsgHostFirefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1802.311.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8822528 2016-05-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1429248 2016-05-25] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [243496 2018-02-24] (AVAST Software)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [718256 2015-12-22] (Waves Audio Ltd.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-09-04] (Intel Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-02-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-435010139-1116817143-633309206-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd)
HKU\S-1-5-21-435010139-1116817143-633309206-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [41100328 2018-01-29] ()
HKU\S-1-5-21-435010139-1116817143-633309206-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2016-12-22] (Disc Soft Ltd)
HKU\S-1-5-21-435010139-1116817143-633309206-1001\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe [754176 2016-07-29] (Oracle Corporation)
HKU\S-1-5-21-435010139-1116817143-633309206-1001\...\Run: [Spotify Web Helper] => C:\Users\micha\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-12] (Spotify Ltd)
HKU\S-1-5-21-435010139-1116817143-633309206-1001\...\Run: [AceStream] => C:\Users\micha\AppData\Roaming\ACEStream\engine\ace_engine.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RescueTime.lnk [2017-01-13]
ShortcutTarget: RescueTime.lnk -> C:\Program Files (x86)\RescueTime\RescueTime.exe (RescueTime, Inc.)
Startup: C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2016-12-12]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{51d3f46a-d791-4665-ac3b-ac3b02e99c23}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-435010139-1116817143-633309206-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
HKU\S-1-5-21-435010139-1116817143-633309206-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10315__180120__yaie
SearchScopes: HKU\S-1-5-21-435010139-1116817143-633309206-1001 -> DefaultScope {1D0FC58A-4C82-45E5-A15E-97637BECBC99} URL = 
SearchScopes: HKU\S-1-5-21-435010139-1116817143-633309206-1001 -> {1D0FC58A-4C82-45E5-A15E-97637BECBC99} URL = 
SearchScopes: HKU\S-1-5-21-435010139-1116817143-633309206-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10315__180120__yaie&p={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-04-12] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2017-12-13] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-12] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: 9uvb9oc6.default-1515431061176
FF ProfilePath: C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\9uvb9oc6.default-1515431061176 [2018-02-25]
FF Homepage: Mozilla\Firefox\Profiles\9uvb9oc6.default-1515431061176 -> hxxps://www.google.cz/
FF NewTab: Mozilla\Firefox\Profiles\9uvb9oc6.default-1515431061176 -> hxxps://br.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10315__180120__yaff
FF Session Restore: Mozilla\Firefox\Profiles\9uvb9oc6.default-1515431061176 -> is enabled.
FF Extension: (Cold Turkey) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\9uvb9oc6.default-1515431061176\Extensions\coldturkey@getcoldturkey.com.xpi [2018-01-15]
FF Extension: (Unlimited Free VPN - Hola) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\9uvb9oc6.default-1515431061176\Extensions\jid1-4P0kohSJxU1qGg@jetpack.xpi [2018-02-14]
FF Extension: (Avast Online Security) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\9uvb9oc6.default-1515431061176\Extensions\wrc@avast.com.xpi [2017-11-19]
FF Extension: (Adblock Plus) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\9uvb9oc6.default-1515431061176\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-01-08]
FF Extension: (No Name) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\9uvb9oc6.default-1515431061176\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2018-01-17]
FF HKU\S-1-5-21-435010139-1116817143-633309206-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\micha\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-07] ()
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-07] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-12] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-435010139-1116817143-633309206-1001: @acestream.net/acestreamplugin,version=3.1.20.4 -> C:\Users\micha\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default [2018-02-24]
CHR Extension: (Google Slides) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-20]
CHR Extension: (Google Docs) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-20]
CHR Extension: (Google Drive) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-20]
CHR Extension: (YouTube) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-20]
CHR Extension: (Avast SafePrice) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-06-21]
CHR Extension: (Google Sheets) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-20]
CHR Extension: (Google Docs Offline) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-17]
CHR Extension: (Download Vimeo Videos, Premium) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\phpaiffimemgakmakpcehgbophkbllkf [2017-07-15]
CHR Extension: (Evernote Web Clipper) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2017-06-21]
CHR Extension: (Gmail) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-20]
CHR Extension: (Chrome Media Router) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-15]
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-02-24]
CHR Extension: (Slides) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Docs) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Google Drive) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-15]
CHR Extension: (YouTube) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-15]
CHR Extension: (Avast SafePrice) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-02-21]
CHR Extension: (Sheets) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (Google Docs Offline) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-25]
CHR Extension: (Avast Online Security) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-17]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-07-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-25]
CHR Extension: (Cold Turkey) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pganeibhckoanndahmnfggfoeofncnii [2018-02-13]
CHR Extension: (Download Vimeo Videos, Premium) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\phpaiffimemgakmakpcehgbophkbllkf [2018-01-18]
CHR Extension: (Gmail) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-15]
CHR Extension: (Chrome Media Router) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-13]
CHR HKU\S-1-5-21-435010139-1116817143-633309206-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-435010139-1116817143-633309206-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7564512 2018-02-24] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [300600 2018-02-24] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-12] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-12] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-02-08] (Dropbox, Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [85216 2015-06-10] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [122400 2017-10-13] (Dell)
R2 DellDockUpdate; C:\Program Files (x86)\Dell Dock Update\DUWrapperService.exe [125808 2017-01-10] ()
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [232320 2017-11-21] (Dell Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-12-22] (Disc Soft Ltd)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1392792 2015-10-30] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-22] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515768 2017-04-14] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-16] (Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [396992 2015-07-06] (Intel)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-09-04] (Intel Corporation)
R2 MySQL57; C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe [39918080 2016-11-28] () [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268968 2017-10-24] ()
R2 Power_a17007; C:\Program Files\Cold Turkey\\ServiceHub.Power.exe [31944 2018-01-24] ()
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312576 2016-05-25] (Realtek Semiconductor)
S3 ThunderboltService; c:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [1831064 2015-11-04] (Intel Corporation)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [613296 2015-12-22] (Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3758760 2017-10-24] (Intel® Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{4BF4F8FD-1D37-4DDF-A8E7-58D75F1F9C45}

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [192944 2018-02-24] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321512 2018-01-05] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199448 2018-01-05] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343768 2018-01-05] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57696 2018-01-05] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [190440 2018-02-24] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-02-24] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-11] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146648 2018-02-24] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110328 2018-02-24] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84368 2018-02-24] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026696 2018-02-24] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [459952 2018-02-24] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205464 2018-02-24] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379448 2018-02-24] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55784 2015-10-30] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2015-10-30] (Intel Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-01-03] (Disc Soft Ltd)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260072 2015-10-30] (Intel Corporation)
R3 HidEventFilter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [43512 2015-06-10] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [129032 2017-04-14] (Intel Corporation)
S3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2017-09-29] (Intel Corporation)
R3 Netwtw06; C:\WINDOWS\system32\DRIVERS\Netwtw06.sys [7737344 2017-11-22] (Intel Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [752856 2015-05-29] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [45024 2017-12-13] (The OpenVPN Project)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-07-06] (Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-25 00:03 - 2018-02-25 00:03 - 000027041 _____ C:\Users\micha\Desktop\FRST.txt
2018-02-25 00:02 - 2018-02-25 00:02 - 002403328 _____ (Farbar) C:\Users\micha\Desktop\FRST64.exe
2018-02-24 23:23 - 2018-02-24 23:23 - 008222496 _____ (Malwarebytes) C:\Users\micha\Desktop\adwcleaner_7.0.8.0.exe
2018-02-24 22:22 - 2018-02-24 22:22 - 001222144 _____ C:\Users\micha\Downloads\RSITx64.exe
2018-02-24 20:40 - 2018-02-24 20:40 - 000380768 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-02-24 17:15 - 2018-02-24 17:15 - 000000591 _____ C:\Users\micha\Desktop\sfsfsff.txt
2018-02-23 12:02 - 2018-02-24 00:00 - 000002780 _____ C:\WINDOWS\System32\Tasks\Power_a17007
2018-02-23 12:01 - 2018-02-25 00:03 - 000000000 ____D C:\ProgramData\Cold Turkey
2018-02-23 12:01 - 2018-02-23 12:01 - 000000931 _____ C:\Users\Public\Desktop\Cold Turkey Blocker.lnk
2018-02-21 13:15 - 2018-02-21 13:16 - 003559780 _____ C:\Users\micha\Desktop\Case in Point - Marc P. Cosentino.pdf
2018-02-20 23:47 - 2018-02-20 23:47 - 000580656 _____ C:\Users\micha\Desktop\Writing Economics - Tomáš Havránek.pdf
2018-02-20 17:13 - 2018-02-21 01:13 - 000000225 _____ C:\Users\micha\Desktop\consulting.txt
2018-02-19 21:59 - 2018-02-21 10:51 - 000032946 _____ C:\Users\micha\Desktop\vzdy.txt
2018-02-19 21:40 - 2018-02-19 21:42 - 057380272 _____ (Cold Turkey Software, Inc. ) C:\Users\micha\Downloads\Cold_Turkey_Installer.exe
2018-02-19 13:59 - 2018-02-19 14:35 - 000609280 _____ C:\Users\micha\Desktop\Roční poplatky 2018.xls
2018-02-19 13:59 - 2018-02-19 13:59 - 000402432 _____ C:\Users\micha\Desktop\Vodostav 2018.XLS
2018-02-14 19:43 - 2018-02-24 22:09 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2018-02-14 18:53 - 2018-02-14 19:06 - 000000000 ____D C:\Users\micha\Documents\TmForever
2018-02-14 18:53 - 2018-02-14 19:06 - 000000000 ____D C:\ProgramData\TmForever
2018-02-14 18:53 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2018-02-14 18:53 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2018-02-14 18:53 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2018-02-14 18:53 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2018-02-14 18:53 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2018-02-14 18:53 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2018-02-14 18:53 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2018-02-14 18:53 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2018-02-14 18:53 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2018-02-14 18:53 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2018-02-14 18:53 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2018-02-14 18:53 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2018-02-14 18:53 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2018-02-14 18:53 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2018-02-14 18:53 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2018-02-14 18:53 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2018-02-14 18:53 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2018-02-14 18:53 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2018-02-14 18:53 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2018-02-14 18:53 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2018-02-14 18:53 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2018-02-14 18:53 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2018-02-14 18:53 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2018-02-14 18:53 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2018-02-14 00:46 - 2018-02-24 00:00 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-02-14 00:46 - 2018-02-19 00:15 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-14 00:32 - 2018-02-14 00:32 - 000000000 ____D C:\Program Files\Common Files\Intel
2018-02-14 00:32 - 2018-02-14 00:32 - 000000000 ____D C:\Program Files (x86)\Cisco
2018-02-14 00:21 - 2018-02-14 00:21 - 000000034 _____ C:\Users\micha\Desktop\sfada.txt
2018-02-13 23:17 - 2018-02-13 23:18 - 000000000 ____D C:\Users\micha\Downloads\German Language Learning Pack
2018-02-13 22:45 - 2018-02-13 22:45 - 000000040 ____H C:\B42A54C7D006
2018-02-13 22:34 - 2018-02-13 22:36 - 000000000 ____D C:\Users\micha\Downloads\Adobe Acrobat Pro DC 2018.009.20050 + Pre-Cracked - [CrackzSoft]
2018-02-13 22:03 - 2018-02-14 02:25 - 000000000 ____D C:\Users\micha\Downloads\German knihy
2018-02-13 18:30 - 2018-02-13 19:05 - 000000000 ____D C:\Users\micha\Downloads\German Graded Readers Collection - 88 Books
2018-02-13 14:10 - 2018-02-13 14:10 - 000000244 _____ C:\Users\micha\Desktop\sfsdfs.txt
2018-02-13 14:10 - 2018-02-13 14:10 - 000000012 _____ C:\Users\micha\Desktop\tata linkedin.txt
2018-02-13 09:36 - 2018-02-13 09:36 - 000000168 _____ C:\Users\micha\Desktop\sfdsfs.txt
2018-02-13 08:27 - 2018-02-13 08:29 - 000000000 ____D C:\Users\micha\Downloads\Management Consulting
2018-02-12 13:37 - 2018-02-12 13:37 - 000000108 _____ C:\Users\micha\Desktop\jhkh.txt
2018-02-12 02:57 - 2018-02-12 13:03 - 000001730 _____ C:\Users\micha\Desktop\mckinsey.txt
2018-02-11 18:20 - 2018-02-11 18:25 - 000000000 ____D C:\Users\micha\Desktop\Nova pasta
2018-02-09 02:34 - 2018-02-09 02:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-02-08 21:10 - 2018-02-08 21:10 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-02-08 21:10 - 2018-02-08 21:10 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-02-08 21:10 - 2018-02-08 21:10 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-02-08 21:10 - 2018-02-08 21:10 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-25 00:03 - 2017-06-09 20:05 - 000000000 ____D C:\FRST
2018-02-24 23:57 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-02-24 23:49 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-24 23:38 - 2018-01-10 15:02 - 003639032 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-24 23:38 - 2018-01-10 11:41 - 000917126 _____ C:\WINDOWS\system32\prfh0416.dat
2018-02-24 23:38 - 2018-01-10 11:41 - 000255196 _____ C:\WINDOWS\system32\prfc0416.dat
2018-02-24 23:38 - 2017-09-30 15:31 - 001089182 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-24 23:38 - 2017-09-30 15:31 - 000254126 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-24 23:33 - 2016-12-26 10:21 - 000000000 ___RD C:\Users\micha\Disk Google
2018-02-24 23:32 - 2018-01-10 14:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-24 23:32 - 2016-12-12 18:13 - 000000000 ____D C:\Users\micha\AppData\LocalLow\Mozilla
2018-02-24 23:32 - 2016-12-12 18:03 - 000000000 __SHD C:\Users\micha\IntelGraphicsProfiles
2018-02-24 23:31 - 2018-01-20 16:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-02-24 23:31 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-02-24 23:31 - 2017-06-09 18:19 - 000000000 ____D C:\AdwCleaner
2018-02-24 23:31 - 2017-05-26 19:43 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-02-24 22:23 - 2017-06-08 15:01 - 000000000 ____D C:\Program Files\trend micro
2018-02-24 22:16 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-24 22:15 - 2018-01-12 23:27 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-02-24 22:15 - 2018-01-10 14:59 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-02-24 22:10 - 2018-01-19 22:26 - 000000000 ____D C:\WINDOWS\Minidump
2018-02-24 22:10 - 2017-01-02 17:24 - 000000000 ____D C:\Users\micha\AppData\Roaming\DAEMON Tools Lite
2018-02-24 22:09 - 2018-01-10 14:52 - 000000000 ____D C:\Users\micha\AppData\Local\Packages
2018-02-24 22:09 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-24 22:09 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-24 22:09 - 2017-01-02 17:27 - 000000000 ____D C:\Program Files\Microsoft Office
2018-02-24 22:08 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-02-24 22:08 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-02-24 21:20 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-24 20:40 - 2018-01-05 12:56 - 000190440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-02-24 20:40 - 2018-01-05 12:56 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-02-24 20:40 - 2017-11-19 12:57 - 000192944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-02-24 20:40 - 2016-12-12 18:45 - 001026696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-02-24 20:40 - 2016-12-12 18:45 - 000459952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-02-24 20:40 - 2016-12-12 18:45 - 000379448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-02-24 20:40 - 2016-12-12 18:45 - 000205464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-02-24 20:40 - 2016-12-12 18:45 - 000146648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-02-24 20:40 - 2016-12-12 18:45 - 000110328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-02-24 20:40 - 2016-12-12 18:45 - 000084368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-02-24 20:40 - 2016-12-12 18:45 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-02-24 20:37 - 2018-01-10 14:52 - 000000000 ____D C:\Users\micha
2018-02-24 20:37 - 2016-06-07 22:53 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-02-24 20:37 - 2016-06-07 22:53 - 000000930 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-02-24 09:23 - 2018-01-10 14:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-24 00:53 - 2016-12-12 19:07 - 000000000 ____D C:\Users\micha\AppData\Roaming\deluge
2018-02-24 00:00 - 2018-01-25 01:50 - 000002764 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-michal.rezac@outlook.com
2018-02-24 00:00 - 2018-01-10 14:59 - 000003808 _____ C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask
2018-02-24 00:00 - 2018-01-10 14:59 - 000003448 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-02-24 00:00 - 2018-01-10 14:59 - 000003398 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-02-24 00:00 - 2018-01-10 14:59 - 000003370 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1481564755
2018-02-24 00:00 - 2018-01-10 14:59 - 000003362 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-02-24 00:00 - 2018-01-10 14:59 - 000003224 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-02-24 00:00 - 2018-01-10 14:59 - 000003174 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-02-24 00:00 - 2018-01-10 14:59 - 000003094 _____ C:\WINDOWS\System32\Tasks\PCDDataUploadTask
2018-02-24 00:00 - 2018-01-10 14:59 - 000003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2018-02-24 00:00 - 2018-01-10 14:59 - 000003040 _____ C:\WINDOWS\System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec
2018-02-24 00:00 - 2018-01-10 14:59 - 000002996 _____ C:\WINDOWS\System32\Tasks\PCDEventLauncherTask
2018-02-24 00:00 - 2018-01-10 14:59 - 000002980 _____ C:\WINDOWS\System32\Tasks\SystemToolsDailyTest
2018-02-24 00:00 - 2018-01-10 14:59 - 000002854 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2018-02-24 00:00 - 2018-01-10 14:59 - 000002852 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-435010139-1116817143-633309206-1001
2018-02-24 00:00 - 2018-01-10 14:59 - 000002804 _____ C:\WINDOWS\System32\Tasks\MySQLNotifierTask
2018-02-24 00:00 - 2018-01-10 14:59 - 000002736 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2018-02-24 00:00 - 2018-01-10 14:59 - 000002674 _____ C:\WINDOWS\System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon
2018-02-24 00:00 - 2018-01-10 14:59 - 000002304 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_PushButton
2018-02-24 00:00 - 2018-01-10 14:59 - 000002216 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-02-24 00:00 - 2018-01-10 14:59 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-02-23 12:01 - 2018-01-08 16:59 - 000000000 ____D C:\Program Files\Cold Turkey
2018-02-19 19:14 - 2017-11-22 17:40 - 000000000 ____D C:\Users\micha\Downloads\bordel
2018-02-18 19:45 - 2017-01-13 20:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RescueTime
2018-02-18 19:45 - 2017-01-13 20:55 - 000000000 ____D C:\Program Files (x86)\RescueTime
2018-02-15 14:13 - 2016-12-12 18:05 - 000002371 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-15 14:13 - 2016-12-12 18:05 - 000000000 ___RD C:\Users\micha\OneDrive
2018-02-14 19:43 - 2016-06-07 22:46 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-02-14 18:53 - 2017-09-29 14:41 - 000464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2018-02-14 18:53 - 2017-09-29 14:41 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2018-02-14 18:53 - 2017-09-29 14:41 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2018-02-14 18:53 - 2017-09-29 14:41 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2018-02-14 18:53 - 2017-09-29 14:41 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2018-02-14 18:53 - 2017-09-29 14:41 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2018-02-14 18:53 - 2017-09-29 14:41 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2018-02-14 18:53 - 2017-09-29 14:41 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2018-02-14 18:53 - 2017-09-29 14:41 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2018-02-14 18:53 - 2017-09-29 14:41 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2018-02-14 18:53 - 2017-09-29 14:41 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2018-02-14 18:53 - 2017-09-29 14:41 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2018-02-14 18:53 - 2017-09-29 14:41 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2018-02-14 18:53 - 2017-09-29 14:41 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2018-02-14 18:53 - 2017-09-29 14:41 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2018-02-14 18:53 - 2017-09-29 14:41 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2018-02-14 18:53 - 2017-09-29 14:41 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2018-02-14 18:53 - 2017-09-29 14:41 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2018-02-14 12:28 - 2017-01-20 16:30 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-14 01:13 - 2016-12-12 18:27 - 000000000 ____D C:\Users\micha\AppData\Roaming\Anki2
2018-02-14 00:58 - 2016-12-26 10:05 - 000000000 ___RD C:\Users\micha\Dropbox
2018-02-14 00:47 - 2016-12-12 18:55 - 000000000 ____D C:\Users\micha\AppData\Local\Adobe
2018-02-14 00:45 - 2016-12-12 18:56 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-02-14 00:33 - 2016-06-07 22:47 - 000000000 ____D C:\ProgramData\Intel
2018-02-14 00:33 - 2016-06-07 22:47 - 000000000 ____D C:\Intel
2018-02-14 00:33 - 2016-06-07 22:46 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-14 00:33 - 2015-10-30 07:28 - 000000000 ____D C:\Users\Default.migrated
2018-02-14 00:32 - 2017-07-06 19:30 - 000000000 ____D C:\Program Files (x86)\Intel
2018-02-14 00:31 - 2017-07-06 19:30 - 000000000 ____D C:\Program Files\Intel
2018-02-14 00:31 - 2016-12-12 19:03 - 000000000 ____D C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-02-14 00:31 - 2016-12-12 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-02-14 00:31 - 2016-12-12 19:03 - 000000000 ____D C:\Program Files\WinRAR
2018-02-14 00:13 - 2018-01-10 13:14 - 000000000 ____D C:\Program Files (x86)\GRETECH
2018-02-14 00:09 - 2018-01-10 14:50 - 000412744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-14 00:02 - 2016-12-12 18:56 - 000000000 ____D C:\ProgramData\Adobe
2018-02-13 23:05 - 2016-12-24 23:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-02-13 23:02 - 2017-10-11 02:19 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-13 23:02 - 2016-12-24 23:48 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-02-13 22:45 - 2016-12-12 18:03 - 000000000 ____D C:\Users\micha\AppData\Roaming\Adobe
2018-02-13 14:11 - 2017-10-29 15:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-13 14:06 - 2016-06-07 22:57 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-02-13 11:16 - 2017-10-29 15:31 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-02-12 20:08 - 2016-12-12 18:05 - 000000000 ____D C:\Users\micha\AppData\Roaming\Skype
2018-02-09 02:36 - 2017-09-20 19:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-02-09 02:34 - 2016-06-07 22:53 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-02-07 02:38 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-07 02:38 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-01-30 22:56 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports

==================== Files in the root of some directories =======

2017-07-18 14:04 - 2017-12-04 17:31 - 000000034 _____ () C:\Users\micha\AppData\Roaming\AdobeWLCMCache.dat
2018-01-16 04:56 - 2018-01-16 04:56 - 000000218 _____ () C:\Users\micha\AppData\Local\recently-used.xbel
2017-06-08 14:36 - 2017-06-08 14:36 - 000000000 _____ () C:\Users\micha\AppData\Local\{10188BB2-1112-4029-ABE6-E3AB517F9398}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-17 03:47

==================== End of FRST.txt ============================