Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.09.2018 03
Ran by terka (administrator) on DESKTOP-FIDPKKM (02-09-2018 23:15:10)
Running from C:\Users\terka\Downloads
Loaded Profiles: terka (Available Profiles: terka)
Platform: Windows 10 Home Version 1709 16299.371 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\x64\aswidsagenta.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.1000_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8911872 2016-10-15] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corporation)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [291056 2018-09-02] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] ()
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795336 2015-06-22] (CyberLink Corp.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d7ce9ce-0b48-4035-903e-2cca60882b30}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-974956497-3382271586-2386951904-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=CMNTDFJS
HKU\S-1-5-21-974956497-3382271586-2386951904-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
SearchScopes: HKLM-x32 -> {A2F7ECF4-AFE0-44B2-B4AF-467FEC58D9DE} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-974956497-3382271586-2386951904-1001 -> {A2F7ECF4-AFE0-44B2-B4AF-467FEC58D9DE} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2018-09-02] (McAfee, Inc.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2018-09-02] (McAfee, Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2018-09-02]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\terka\AppData\Local\Google\Chrome\User Data\Default [2018-09-02]
CHR Extension: (Dokumenty) - C:\Users\terka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-11]
CHR Extension: (Disk Google) - C:\Users\terka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-22]
CHR Extension: (YouTube) - C:\Users\terka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-22]
CHR Extension: (Tabulky) - C:\Users\terka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-11]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\terka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-09-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\terka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-02]
CHR Extension: (AVG SafePrice | Comparison, deals, coupons) - C:\Users\terka\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2018-09-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\terka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Gmail) - C:\Users\terka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-22]
CHR Extension: (Chrome Media Router) - C:\Users\terka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [323512 2018-09-02] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\x64\aswidsagenta.exe [8043904 2018-09-02] (AVG Technologies CZ, s.r.o.)
S3 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [111040 2018-09-02] (AVG Technologies CZ, s.r.o.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [121560 2015-07-20] ()
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1385640 2015-08-18] (Intel Corporation)
R2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [350312 2015-07-13] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [675736 2018-09-02] (McAfee, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [326656 2016-10-15] (Realtek Semiconductor)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-06-23] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe [4632736 2018-05-15] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe [104680 2018-05-15] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [192104 2018-09-02] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdrivera.sys [222288 2018-09-02] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsha.sys [194224 2018-09-02] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgbloga.sys [339048 2018-09-02] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniva.sys [51952 2018-09-02] (AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [15344 2018-09-02] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [39352 2018-09-02] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [155664 2018-09-02] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [104256 2018-09-02] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [78864 2018-09-02] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1020112 2018-09-02] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [459624 2018-09-02] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [207192 2018-09-02] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [373944 2018-09-02] (AVG Technologies CZ, s.r.o.)
R3 clwvd6; C:\WINDOWS\system32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55816 2015-08-18] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-18] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-18] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-07-12] (Malwarebytes)
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [5744568 2015-07-13] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193256 2018-09-02] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [117472 2018-09-02] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [52328 2018-09-02] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [259360 2018-09-02] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [109872 2018-09-02] (Malwarebytes)
R3 mfesapsn; C:\Program Files\McAfee\WebAdvisor\mfesapsn.sys [111976 2018-09-02] (McAfee, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [723920 2017-07-20] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [6895984 2017-08-17] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-05-15] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [313888 2018-05-15] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61472 2018-05-15] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30368 2017-06-21] (HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-02 23:15 - 2018-09-02 23:16 - 000017519 _____ C:\Users\terka\Downloads\FRST.txt
2018-09-02 23:14 - 2018-09-02 23:15 - 000000000 ____D C:\FRST
2018-09-02 23:13 - 2018-09-02 23:13 - 002413056 _____ (Farbar) C:\Users\terka\Downloads\FRST64.exe
2018-09-02 23:11 - 2018-09-02 23:11 - 007567568 _____ (Malwarebytes) C:\Users\terka\Downloads\AdwCleaner.exe
2018-09-02 23:05 - 2018-09-02 23:05 - 000117472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-09-02 23:05 - 2018-09-02 23:05 - 000109872 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-09-02 23:05 - 2018-09-02 23:05 - 000052328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-09-02 23:00 - 2018-09-02 23:00 - 000259360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-09-02 23:00 - 2018-09-02 23:00 - 000193256 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-09-02 22:47 - 2018-09-02 22:48 - 000000000 ___HD C:\$WINDOWS.~BT
2018-09-02 22:41 - 2018-09-02 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DoNotSpy10
2018-09-02 22:41 - 2018-09-02 22:41 - 000000000 ____D C:\Program Files\McAfee
2018-09-02 22:41 - 2018-09-02 22:41 - 000000000 ____D C:\Program Files (x86)\DoNotSpy10
2018-09-02 22:40 - 2018-09-02 22:40 - 001831027 _____ (pXc-coding.com ) C:\Users\terka\Downloads\DoNotSpy10-4.0-Setup.exe
2018-09-02 21:07 - 2018-09-02 21:07 - 000000000 ____D C:\Users\terka\AppData\Roaming\AVG
2018-09-02 21:07 - 2018-09-02 21:07 - 000000000 ____D C:\Users\terka\AppData\Local\CEF
2018-09-02 21:06 - 2018-09-02 21:06 - 000001897 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2018-09-02 21:06 - 2018-09-02 21:06 - 000001885 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2018-09-02 21:06 - 2018-09-02 21:06 - 000000000 ____D C:\Users\terka\AppData\Local\Avg
2018-09-02 21:05 - 2018-09-02 21:05 - 000000000 ____D C:\Users\terka\AppData\Local\mbam
2018-09-02 20:57 - 2018-09-02 20:57 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-09-02 20:57 - 2018-09-02 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-09-02 20:57 - 2018-07-12 08:42 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-09-02 20:56 - 2018-09-02 20:56 - 000003992 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2018-09-02 20:56 - 2018-09-02 20:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-09-02 20:56 - 2018-09-02 20:56 - 000000000 ____D C:\Program Files\Malwarebytes
2018-09-02 20:53 - 2018-09-02 20:56 - 000078864 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2018-09-02 20:53 - 2018-09-02 20:52 - 000459624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2018-09-02 20:53 - 2018-09-02 20:52 - 000373944 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2018-09-02 20:53 - 2018-09-02 20:52 - 000207192 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2018-09-02 20:53 - 2018-09-02 20:52 - 000192104 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2018-09-02 20:53 - 2018-09-02 20:52 - 000155664 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2018-09-02 20:53 - 2018-09-02 20:52 - 000104256 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2018-09-02 20:53 - 2018-09-02 20:52 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2018-09-02 20:53 - 2018-09-02 20:52 - 000015344 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2018-09-02 20:53 - 2018-09-02 20:51 - 001020112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2018-09-02 20:53 - 2018-09-02 20:50 - 000339048 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbloga.sys
2018-09-02 20:53 - 2018-09-02 20:50 - 000222288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdrivera.sys
2018-09-02 20:53 - 2018-09-02 20:50 - 000194224 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsha.sys
2018-09-02 20:53 - 2018-09-02 20:50 - 000051952 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniva.sys
2018-09-02 20:52 - 2018-09-02 20:52 - 000380656 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2018-09-02 20:52 - 2018-09-02 20:52 - 000000000 ____D C:\Program Files\Common Files\AVG
2018-09-02 20:50 - 2018-09-02 20:54 - 079435920 _____ (Malwarebytes ) C:\Users\terka\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.441-1.0.6595.exe
2018-09-02 20:49 - 2018-09-02 20:49 - 000000000 ____D C:\Program Files\AVG
2018-09-02 20:48 - 2018-09-02 21:16 - 000000000 ____D C:\ProgramData\AVG
2018-09-02 20:48 - 2018-09-02 20:48 - 007504768 _____ (AVG Technologies CZ, s.r.o.) C:\Users\terka\Downloads\avg_antivirus_free_setup_a2i.exe
2018-09-02 20:38 - 2018-05-01 23:25 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-09-02 20:38 - 2018-05-01 23:25 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-31 09:47 - 2018-08-31 09:47 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-08-31 09:43 - 2018-05-04 11:37 - 000278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Notifier.exe
2018-08-31 09:30 - 2018-02-16 12:17 - 000023024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Luadgmgt.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-02 22:50 - 2018-03-01 15:28 - 000000000 ___DC C:\WINDOWS\Panther
2018-09-02 22:50 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-09-02 22:42 - 2015-12-15 09:47 - 000000000 ____D C:\ProgramData\mcafee
2018-09-02 22:33 - 2018-03-01 21:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-09-02 22:21 - 2016-06-22 22:38 - 000000000 ____D C:\Users\terka\Documents\YouCam
2018-09-02 22:19 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-02 22:19 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-09-02 22:18 - 2018-03-01 21:13 - 002234190 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-09-02 22:18 - 2017-09-30 16:31 - 000949974 _____ C:\WINDOWS\system32\perfh005.dat
2018-09-02 22:18 - 2017-09-30 16:31 - 000223694 _____ C:\WINDOWS\system32\perfc005.dat
2018-09-02 22:18 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-02 22:13 - 2016-06-22 22:34 - 000000000 __SHD C:\Users\terka\IntelGraphicsProfiles
2018-09-02 22:12 - 2017-10-08 21:18 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-09-02 22:11 - 2018-03-01 21:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-09-02 22:10 - 2017-09-29 10:45 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2018-09-02 21:47 - 2017-08-20 18:34 - 000000000 ____D C:\Program Files\rempl
2018-09-02 21:28 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-09-02 21:28 - 2017-09-29 10:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-09-02 21:06 - 2015-10-30 08:28 - 000000000 ____D C:\Users\Default.migrated
2018-09-02 21:03 - 2018-03-01 21:16 - 000000000 ____D C:\Users\terka\AppData\Local\Packages
2018-09-02 20:59 - 2015-12-15 10:00 - 000000000 ____D C:\Program Files\CyberLink
2018-09-02 20:59 - 2015-12-15 09:24 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-09-02 20:58 - 2016-06-23 05:13 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2018-09-02 20:58 - 2015-12-15 09:28 - 000000000 ____D C:\ProgramData\CyberLink
2018-09-02 20:52 - 2017-09-29 15:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-09-02 20:41 - 2016-06-23 00:44 - 000000000 ___RD C:\Users\terka\3D Objects
2018-09-02 20:41 - 2016-04-27 08:56 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-09-02 20:38 - 2018-03-01 21:14 - 000000000 ____D C:\Users\terka
2018-09-02 20:36 - 2018-03-01 21:08 - 000319264 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-09-02 20:31 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-09-02 20:31 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-09-02 20:31 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-09-02 20:31 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-09-02 20:22 - 2018-02-28 07:59 - 000000000 ____D C:\Windows10Upgrade
2018-09-02 20:13 - 2018-03-01 21:39 - 000004210 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8E4890C4-8DF4-4A16-8AE9-04E8E6BB607C}
2018-09-02 19:48 - 2016-06-22 22:43 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-02 18:46 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-08-31 09:24 - 2016-06-22 22:32 - 000563832 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-08-31 09:05 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories =======

2016-06-22 22:34 - 2018-09-02 22:33 - 000465056 _____ () C:\Users\terka\AppData\Local\BTServer.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-04-18 08:05

==================== End of FRST.txt ============================