Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by Marek (administrator) on MAREK-PC (12-10-2018 10:16:51)
Running from C:\Users\Marek\Desktop
Loaded Profiles: Marek (Available Profiles: OEM & Marek & polo & DefaultAppPool)
Platform: Windows 10 Home Version 1803 17134.228 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.30.98.1000_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.30.98.1000_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Akamai Technologies, Inc.) C:\Users\Marek\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Conduit Ltd.) C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe
(Akamai Technologies, Inc.) C:\Users\Marek\AppData\Local\Akamai\netsession_win.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Autodesk Inc.) C:\Users\Marek\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.281_none_eada712a1d8142be\TiWorker.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11772520 2011-01-04] (Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-15] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [291056 2018-08-26] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ConduitHelper] => C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe [274216 2011-08-31] (Conduit Ltd.)
HKLM-x32\...\Run: [STCAgent] => C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe [776064 2011-01-21] (Splashtop Inc.)
HKLM-x32\...\Run: [ZyngaGamesAgent] => C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe [841544 2010-11-15] (Splashtop Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2195968 2018-10-10] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2491330648-603408350-2460880061-1001\...\Run: [RGSC] => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.)
HKU\S-1-5-21-2491330648-603408350-2460880061-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Marek\AppData\Local\Akamai\netsession_win.exe [4586456 2018-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2491330648-603408350-2460880061-1001\...\Policies\Explorer: [] 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-09-18]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{086ba771-16a8-4b3a-943c-252fe6022f9a}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2491330648-603408350-2460880061-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={93079BED-E271-4D80-BA72-09295C31D573}&mid=7b4ce12a1c6c47d1a47281ac0fd64f4f-f0924cf765e5a893d68eb84155bae41896158fa1&lang=cs&ds=AVG&coid=avgtbavg&cmpid=ipm181001c&pr=fr&d=2014-12-11 19:25:29&v=4.3.9.626&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-2491330648-603408350-2460880061-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nmd.msn.com
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM -> {AE70D549-EB13-4801-A7F1-6721D6E2088A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM-x32 -> {84075913-3D2C-462A-A6A6-46A010FDA1C2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2491330648-603408350-2460880061-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={93079BED-E271-4D80-BA72-09295C31D573}&mid=7b4ce12a1c6c47d1a47281ac0fd64f4f-f0924cf765e5a893d68eb84155bae41896158fa1&lang=cs&ds=AVG&coid=avgtbavg&cmpid=ipm181001c&pr=fr&d=2014-12-11 19:25:29&v=4.3.9.626&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2491330648-603408350-2460880061-1001 -> {15FE0B1C-7EF9-4626-A824-57B928CA41E7} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&q=&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2491330648-603408350-2460880061-1001 -> {3931B462-C473-4C53-9A0F-E5969F8BC2BD} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-2491330648-603408350-2460880061-1001 -> {44675A43-AF3D-42C7-9BB0-95A488038D75} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-2491330648-603408350-2460880061-1001 -> {52BC1492-8F53-484E-BA70-FB8E8D1BCA4C} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-2491330648-603408350-2460880061-1001 -> {563BB77A-B414-4A79-81CE-791B93423862} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-2491330648-603408350-2460880061-1001 -> {64BDD556-5E1B-4981-AE13-4E7012B307F2} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-2491330648-603408350-2460880061-1001 -> {836A51F2-752D-4D9E-BA0E-5DF7C1A9FE59} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-2491330648-603408350-2460880061-1001 -> {84075913-3D2C-462A-A6A6-46A010FDA1C2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
SearchScopes: HKU\S-1-5-21-2491330648-603408350-2460880061-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={93079BED-E271-4D80-BA72-09295C31D573}&mid=7b4ce12a1c6c47d1a47281ac0fd64f4f-f0924cf765e5a893d68eb84155bae41896158fa1&lang=cs&ds=AVG&coid=avgtbavg&cmpid=ipm181001c&pr=fr&d=2014-12-11 19:25:29&v=4.3.9.626&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2491330648-603408350-2460880061-1001 -> {990E69DD-137C-479C-A1DC-ECE654D556F5} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-2491330648-603408350-2460880061-1001 -> {9CBF504B-9E4A-449b-A911-9F6478740B0A} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKU\S-1-5-21-2491330648-603408350-2460880061-1001 -> {BC369071-0D18-4B80-90C6-4B1E4719E659} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-2491330648-603408350-2460880061-1001 -> {E31E6080-4AE1-4B18-8EB4-5FF27834FBC7} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_13415
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll => No File
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll [2018-10-10] (AVG)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-02] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll [2018-10-10] (AVG)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: aTube Toolbar -> {bfc39e47-d643-4dc2-aa1d-61377501c844} -> C:\Program Files (x86)\atube\atubeX.dll [2011-10-31] ()
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-02] (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - aTube Toolbar - {bfc39e47-d643-4dc2-aa1d-61377501c844} - C:\Program Files (x86)\atube\atubeX.dll [2011-10-31] ()
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-2491330648-603408350-2460880061-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)

FireFox:
========
FF ProfilePath: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\d62llqxw.default [2018-10-12]
FF Homepage: Mozilla\Firefox\Profiles\d62llqxw.default -> hxxps://www.seznam.cz/
FF Extension: (AVG Web TuneUp) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\d62llqxw.default\Extensions\avg@toolbar.xpi [2018-10-10]
FF Extension: (Classic Theme Restorer) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\d62llqxw.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2017-11-14] [Legacy]
FF Extension: (Telemetry coverage) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\d62llqxw.default\features\{e313bb88-c69d-41f6-8ac6-19d0131bea4e}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-10] [Legacy]
FF SearchPlugin: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\d62llqxw.default\searchplugins\avg-secure-search.xml [2018-10-12]
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-11-20] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-10] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-10] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=1.140.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @idsoftware.com/QuakeLive -> C:\ProgramData\id Software\QuakeLive\npquakezero.dll [2012-02-14] (id Software Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-02] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-22] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2491330648-603408350-2460880061-1001: @powerchallenge.com/PowerLoader -> C:\Users\Marek\AppData\LocalLow\PowerChallenge\nppowerloader.dll [2011-03-15] (Power Challenge Sweden AB)
FF Plugin HKU\S-1-5-21-2491330648-603408350-2460880061-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-10-03] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2491330648-603408350-2460880061-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-12-19] ()

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> mysearch.avg.com
CHR StartupUrls: Profile 1 -> "hxxp://www.seznam.cz/"
CHR NewTab: Profile 1 ->  Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchURL: Profile 1 -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> hxxps://mysearch.avg.com
CHR DefaultSuggestURL: Profile 1 -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-10-12]
CHR Extension: (Disk Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-05]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-10-10]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-10-10]
CHR Extension: (YouTube) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-05]
CHR Extension: (AVG Secure Search) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2018-10-10]
CHR Extension: (Vyhledávání Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-23]
CHR Extension: (Adobe Acrobat) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-10]
CHR Extension: (Skype) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-10]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-10-10]
CHR Extension: (Gmail) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-23]
CHR Extension: (Chrome Media Router) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-10]
CHR HKU\S-1-5-21-2491330648-603408350-2460880061-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaaapoomnboffjcgcebabolakmhbblbk] - C:\Users\Marek\AppData\Local\APN\GoogleCRXs\aaaapoomnboffjcgcebabolakmhbblbk_7.14.1.0.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-09-16]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
S2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [323512 2018-08-26] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [8043904 2018-08-26] (AVG Technologies CZ, s.r.o.)
S3 AvgWscReporter; C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe [111040 2018-08-26] (AVG Technologies CZ, s.r.o.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332656 2018-05-02] (HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2216256 2018-09-13] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3087176 2018-09-13] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-08-12] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2017-10-25] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 vToolbarUpdater40.3.8; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe [1371136 2018-10-10] (AVG Secure Search)
R2 WCUService_STC_FF; C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [493384 2011-03-24] (Splashtop Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [106904 2018-08-03] (Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [811520 2018-10-10] ()
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [192104 2018-08-26] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdrivera.sys [222288 2018-08-26] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsha.sys [194224 2018-08-26] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgbloga.sys [339048 2018-08-26] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniva.sys [51952 2018-08-26] (AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [15344 2018-08-26] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [39352 2018-08-26] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [155664 2018-09-27] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [104256 2018-08-26] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [78864 2018-08-30] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1020112 2018-08-26] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [459624 2018-09-27] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [208216 2018-09-27] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [373944 2018-08-26] (AVG Technologies CZ, s.r.o.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-11-05] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
S4 sfdrv01; C:\WINDOWS\System32\drivers\sfdrv01.sys [68608 2005-08-10] (Protection Technology) [File not signed]
S4 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [7168 2005-05-16] (Protection Technology) [File not signed]
S4 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [89600 2005-11-03] (Protection Technology) [File not signed]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-12 10:16 - 2018-10-12 10:21 - 000032899 _____ C:\Users\Marek\Desktop\FRST.txt
2018-10-12 10:16 - 2018-10-12 10:16 - 000000000 ____D C:\FRST
2018-10-12 10:14 - 2018-10-12 10:14 - 002414592 _____ (Farbar) C:\Users\Marek\Desktop\FRST64.exe
2018-10-12 09:26 - 2018-10-12 09:39 - 000000000 ____D C:\Marek
2018-10-11 21:32 - 2018-10-11 21:32 - 000000000 ____D C:\ProgramData\FLEXnet
2018-10-11 21:22 - 2018-10-11 21:22 - 000000000 ____D C:\Users\Marek\Documents\Autodesk Application Manager
2018-10-11 21:22 - 2018-10-11 21:22 - 000000000 ____D C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2018-10-11 21:21 - 2018-10-11 21:21 - 000000000 ____D C:\Program Files (x86)\Autodesk
2018-10-11 21:20 - 2018-10-11 21:31 - 000000000 ____D C:\Users\Marek\AppData\Local\Autodesk
2018-10-11 21:20 - 2018-10-11 21:20 - 000002187 _____ C:\Users\Public\Desktop\AutoCAD 2016 – Čeština (Czech).lnk
2018-10-11 21:20 - 2018-10-11 21:20 - 000000000 ____D C:\Users\Public\Documents\Autodesk
2018-10-11 21:20 - 2018-10-11 21:20 - 000000000 ____D C:\Program Files\Common Files\Macrovision Shared
2018-10-11 21:19 - 2018-10-11 21:19 - 000000000 ____D C:\Users\Marek\Documents\Inventor Server SDK ACAD 2016
2018-10-11 21:10 - 2018-10-11 21:22 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2018-10-11 21:10 - 2018-10-11 21:16 - 000000000 ____D C:\Program Files\Autodesk
2018-10-11 21:08 - 2018-10-11 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2018-10-11 21:04 - 2018-10-11 21:38 - 000000000 ____D C:\Users\Marek\AppData\Roaming\Autodesk
2018-10-11 21:04 - 2018-10-11 21:38 - 000000000 ____D C:\ProgramData\Autodesk
2018-10-11 21:03 - 2018-10-11 21:03 - 017167368 _____ C:\Users\Marek\Downloads\AutoCAD_2016_Czech_Win_32_64bit_wi_cs-CZ_Setup.exe
2018-10-11 21:03 - 2018-10-11 21:03 - 000000000 ____D C:\Users\Marek\AppData\Local\Akamai
2018-10-11 21:03 - 2018-10-11 21:03 - 000000000 ____D C:\Autodesk
2018-10-11 21:02 - 2018-10-11 21:02 - 000486040 _____ (Autodesk Inc.) C:\Users\Marek\Downloads\AutoCAD_2016_Czech_Win_32_64bit_wi_cs-CZ_Setup_webinstall.exe
2018-10-03 12:08 - 2018-10-11 09:06 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-10-02 11:34 - 2018-10-02 11:34 - 000000000 ____D C:\Users\Marek\AppData\Local\D3DSCache
2018-09-26 07:38 - 2018-10-10 09:40 - 006226432 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-12 10:12 - 2016-11-21 20:50 - 000000000 ____D C:\Users\Marek\AppData\LocalLow\Mozilla
2018-10-12 10:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-10-12 10:07 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-12 10:07 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-10-12 10:06 - 2018-06-08 20:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-12 10:06 - 2017-07-17 19:51 - 000000000 ____D C:\ProgramData\NVIDIA
2018-10-12 10:05 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-12 10:05 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-10-12 09:45 - 2018-06-08 19:37 - 000000000 ____D C:\Users\Marek
2018-10-12 09:44 - 2018-06-08 19:37 - 000000000 ____D C:\Users\polo
2018-10-12 09:44 - 2018-06-08 19:37 - 000000000 ____D C:\Users\OEM
2018-10-12 09:44 - 2018-06-08 19:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-12 09:24 - 2018-06-08 19:37 - 000000000 ____D C:\Users\DefaultAppPool
2018-10-11 21:26 - 2018-06-08 19:27 - 000508392 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-11 21:25 - 2016-11-20 18:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-10-11 21:25 - 2014-08-30 19:04 - 000000318 _____ C:\WINDOWS\Tasks\0814avUpdateInfo.job
2018-10-11 21:25 - 2013-01-20 19:33 - 000000298 _____ C:\WINDOWS\Tasks\ROC_REG_JAN_DELETE.job
2018-10-11 21:25 - 2012-12-28 20:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-11 21:22 - 2013-02-20 20:56 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-11 21:19 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2018-10-11 13:52 - 2011-09-19 19:35 - 000000000 ____D C:\Users\Marek\AppData\Local\CrashDumps
2018-10-11 09:06 - 2018-06-08 20:10 - 000003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-10-11 09:06 - 2018-06-08 20:10 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-10-11 09:06 - 2018-06-08 20:10 - 000003406 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-10-11 09:06 - 2018-06-08 20:10 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-10-11 09:06 - 2018-06-08 20:10 - 000003284 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{00DF41D0-762D-403D-A5F1-BA4AA92EBF5C}
2018-10-11 09:06 - 2018-06-08 20:10 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-10-11 09:06 - 2018-06-08 20:10 - 000003056 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2018-10-11 09:06 - 2018-06-08 20:10 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2491330648-603408350-2460880061-1030
2018-10-11 09:06 - 2018-06-08 20:10 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2491330648-603408350-2460880061-1001
2018-10-11 09:06 - 2018-06-08 20:10 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2491330648-603408350-2460880061-1000
2018-10-11 09:06 - 2018-06-08 20:10 - 000002798 _____ C:\WINDOWS\System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-11 09:06 - 2018-06-08 20:10 - 000002536 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2018-10-11 09:06 - 2018-06-08 20:10 - 000002504 _____ C:\WINDOWS\System32\Tasks\{E05C9271-ADD6-4EB4-A838-48A3FF42ED2F}
2018-10-11 09:06 - 2018-06-08 20:10 - 000002386 _____ C:\WINDOWS\System32\Tasks\{DBFFB1DB-5233-4AD2-B14A-7EEBF8E6EB25}
2018-10-11 09:06 - 2018-06-08 20:10 - 000002298 _____ C:\WINDOWS\System32\Tasks\{7FD2E054-00EE-46F2-B13D-0501E167D1FD}
2018-10-11 09:06 - 2018-06-08 20:10 - 000002274 _____ C:\WINDOWS\System32\Tasks\0814avUpdateInfo
2018-10-11 09:06 - 2018-06-08 20:10 - 000002274 _____ C:\WINDOWS\System32\Tasks\{99DA8ADF-03C1-4A3C-88FF-DB804AB27757}
2018-10-11 09:06 - 2018-06-08 20:10 - 000002258 _____ C:\WINDOWS\System32\Tasks\ROC_REG_JAN_DELETE
2018-10-11 09:06 - 2018-06-08 20:10 - 000002236 _____ C:\WINDOWS\System32\Tasks\{665095AE-8FE4-43D8-84A7-70E36BD70F70}
2018-10-11 09:06 - 2018-06-08 20:10 - 000002194 _____ C:\WINDOWS\System32\Tasks\{264EB086-5931-4021-A46E-D7A5BC8153EC}
2018-10-11 09:06 - 2018-06-08 20:10 - 000002192 _____ C:\WINDOWS\System32\Tasks\{C4FC2F16-F7A7-4944-A6B3-0CBFC611E271}
2018-10-11 09:06 - 2018-06-08 20:10 - 000002160 _____ C:\WINDOWS\System32\Tasks\SidebarExecute
2018-10-11 09:06 - 2018-06-08 20:10 - 000002148 _____ C:\WINDOWS\System32\Tasks\{654FA171-4087-44D4-BB7E-A67F5817BB35}
2018-10-11 09:06 - 2018-06-08 20:10 - 000002136 _____ C:\WINDOWS\System32\Tasks\{4224C1D5-E442-4289-A319-BA413507C019}
2018-10-10 10:41 - 2013-08-14 22:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-10-10 10:37 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-10 10:35 - 2011-09-23 20:54 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-10-10 10:28 - 2018-08-17 08:55 - 000000000 ____D C:\ProgramData\Packages
2018-10-10 10:00 - 2016-08-02 21:27 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-10 09:45 - 2016-09-15 07:42 - 000000000 ____D C:\ProgramData\AVG Web TuneUp
2018-10-10 09:44 - 2016-09-15 07:42 - 000000000 ____D C:\Program Files\AVG Web TuneUp
2018-10-10 09:44 - 2016-09-15 07:42 - 000000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2018-10-10 09:40 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-10-10 09:40 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-10-04 14:51 - 2014-11-26 21:18 - 000000000 ____D C:\KMPlayer
2018-10-03 21:57 - 2012-12-28 20:49 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-10-03 21:49 - 2011-09-23 22:58 - 000000000 ____D C:\Users\Marek\AppData\Roaming\uTorrent
2018-10-03 20:42 - 2011-12-27 21:55 - 000000000 ____D C:\ProgramData\Origin
2018-10-03 12:35 - 2013-11-22 12:07 - 000000000 ____D C:\Users\Marek\AppData\Local\NFS Underground 2
2018-10-03 09:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-10-02 14:17 - 2012-09-28 00:25 - 000000000 ____D C:\Program Files (x86)\Origin
2018-10-02 12:24 - 2016-07-23 20:26 - 000000000 ____D C:\Users\Marek\AppData\Local\Publishers
2018-10-02 12:23 - 2017-12-18 15:41 - 000000000 ____D C:\Users\Marek\AppData\Local\Packages
2018-10-02 11:42 - 2018-06-08 19:32 - 001956152 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-02 11:42 - 2018-04-12 17:50 - 000808228 _____ C:\WINDOWS\system32\perfh005.dat
2018-10-02 11:42 - 2018-04-12 17:50 - 000186472 _____ C:\WINDOWS\system32\perfc005.dat
2018-10-02 07:46 - 2012-08-11 20:49 - 000000000 ____D C:\Users\Marek\AppData\LocalLow\Adobe
2018-09-27 10:29 - 2017-04-06 19:50 - 000208216 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2018-09-27 10:29 - 2017-04-06 19:50 - 000155664 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2018-09-27 10:22 - 2017-04-06 19:50 - 000459624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2018-09-26 07:40 - 2018-06-08 19:37 - 000002425 _____ C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-26 07:40 - 2016-07-23 20:28 - 000000000 ___RD C:\Users\Marek\OneDrive

==================== Files in the root of some directories =======

2013-01-04 12:21 - 2012-10-21 22:15 - 008709074 _____ () C:\Users\Marek\Fifa13i68Regenerator3.1UL.exe
2012-10-02 21:31 - 2012-10-02 21:31 - 000019566 _____ () C:\Users\Marek\AppData\Roaming\19F2.exe

Some files in TEMP:
====================
2018-10-11 21:23 - 2015-01-26 07:59 - 000060296 _____ (Autodesk, Inc.) C:\Users\Marek\AppData\Local\Temp\AcDeltree.exe
2018-08-26 08:44 - 2018-08-26 08:43 - 000534528 _____ () C:\Users\OEM\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-08 19:26

==================== End of FRST.txt ============================