Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.11.2018
Ran by Paulie (administrator) on PAULIE-PC (18-11-2018 18:15:34)
Running from C:\Users\Paulie\Desktop
Loaded Profiles: Paulie (Available Profiles: Paulie)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Scarlet.Crush Productions) E:\PROGRAMY\SCP TOOLKIT\ScpService.exe
() C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
() C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgrhv.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(VMware) C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(LogMeIn Inc.) E:\PROGRAMY\hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) E:\PROGRAMY\hamachi\x64\LMIGuardianSvc.exe
(CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve Corporation) E:\PROGRAMY\Steam\Steam.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(Scarlet.Crush Productions) E:\PROGRAMY\SCP TOOLKIT\ScpTrayApp.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) E:\PROGRAMY\hamachi\hamachi-2-ui.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(LogMeIn, Inc.) E:\PROGRAMY\hamachi\LMIGuardianSvc.exe
() C:\Windows\DAODx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Valve Corporation) E:\PROGRAMY\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) E:\PROGRAMY\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) E:\PROGRAMY\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) E:\PROGRAMY\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) E:\PROGRAMY\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7200984 2013-10-04] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-12] (AVAST Software)
HKLM\...\Run: [VMware Netlink 3 HV Install Utility] => C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnliu.exe [75680 2017-07-12] ()
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498720 2016-04-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3785536 2018-11-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [766464 2016-02-29] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => E:\PROGRAMY\hamachi\hamachi-2-ui.exe [5885352 2018-05-30] (LogMeIn Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2623976002-1524246759-2826972749-1000\...\Run: [Steam] => E:\PROGRAMY\Steam\steam.exe [3131680 2018-11-10] (Valve Corporation)
HKU\S-1-5-21-2623976002-1524246759-2826972749-1000\...\Run: [CCleaner Smart Cleaning] => D:\PROGRAMY\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-2623976002-1524246759-2826972749-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-2623976002-1524246759-2826972749-1000\...\MountPoints2: H - H:\setup.exe
HKU\S-1-5-21-2623976002-1524246759-2826972749-1000\...\MountPoints2: {c591bfd7-2ad9-11e6-9155-806e6f6e6963} - E:\.\Bin\ASSETUP.exe
HKU\S-1-5-21-2623976002-1524246759-2826972749-1000\...\MountPoints2: {ef9f63f2-9cb7-11e8-8122-99fdd327bea2} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2623976002-1524246759-2826972749-1000\...\MountPoints2: {ef9f63f8-9cb7-11e8-8122-99fdd327bea2} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2623976002-1524246759-2826972749-1000\...\MountPoints2: {ef9f63fc-9cb7-11e8-8122-99fdd327bea2} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2017-11-21]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2016-07-18]
ShortcutTarget: Canon LBP2900 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2018-01-16]
ShortcutTarget: ScpToolkit Tray Notifications.lnk -> E:\PROGRAMY\SCP TOOLKIT\ScpTrayApp.exe (Scarlet.Crush Productions)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 view-localhost # view localhost server
Tcpip\..\Interfaces\{7721449B-54C2-4422-B45D-91B5D03753DA}: [NameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2623976002-1524246759-2826972749-1000 -> {78FA49D8-B6E7-4E91-8983-BF688BA9DDA9} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-08] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\PROGRAMY\JAVA\jre\bin\ssv.dll [2017-08-06] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\PROGRAMY\JAVA\jre\bin\jp2ssv.dll [2017-08-06] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-05-10] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-05-10] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2623976002-1524246759-2826972749-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-03-05] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_148.dll [2018-11-14] ()
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> E:\PROGRAMY\JAVA\jre\bin\dtplugin\npDeployJava1.dll [2017-08-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> E:\PROGRAMY\JAVA\jre\bin\plugin2\npjp2.dll [2017-08-06] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_148.dll [2018-11-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-05-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-05-10] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default [2018-11-18]
CHR Extension: (Prezentace) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (🐍 Slither Friends - by Creators of Agar.pw) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\acmckabjkfogakcfhckahnpmbjfncafn [2017-03-05]
CHR Extension: (Dokumenty) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-05]
CHR Extension: (YouTube) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-05]
CHR Extension: (Adblock Plus) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-11-16]
CHR Extension: (Vyhledávání Google) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-06-05]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-11-16]
CHR Extension: (Tabulky) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-09-07]
CHR Extension: (Gmail) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-05]
CHR Extension: (Chrome Media Router) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-27]
CHR Profile: C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\System Profile [2018-10-03]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-04-23]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kbejacapfbbfcbonimhhmpdbbpjdoplf] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-12] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-04] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-12] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-04] (AVAST Software)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe [73048 2018-10-18] (Google Inc.)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [9121248 2018-11-02] (AVAST Software)
R2 client_service; C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe [532456 2017-09-27] (VMware, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-06] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-06] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-11-06] (Dropbox, Inc.)
R2 Ds3Service; E:\PROGRAMY\SCP TOOLKIT\ScpService.exe [394944 2016-04-12] (Scarlet.Crush Productions)
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [218528 2017-07-12] ()
R2 ftscanmgrhv; C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgrhv.exe [2949024 2017-06-15] ()
R2 Hamachi2Svc; E:\PROGRAMY\hamachi\x64\hamachi-2.exe [3346856 2018-05-30] (LogMeIn Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-04-20] () [File not signed]
S3 TunngleService; E:\PROGRAMY\Tunngle\TnglCtrl.exe [872432 2016-06-23] (Tunngle.net GmbH) [File not signed]
R2 vmwsprrdpwks; C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [276896 2017-06-15] (VMware)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201408 2018-10-12] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230512 2018-10-12] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201928 2018-10-12] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346760 2018-10-12] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59664 2018-10-12] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [185240 2018-10-12] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47064 2018-10-12] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42456 2018-10-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163376 2018-10-12] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111968 2018-10-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88112 2018-10-12] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028840 2018-10-12] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467904 2018-10-12] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208640 2018-10-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381144 2018-10-12] (AVAST Software)
S3 EraserUtilDrv11510; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11510.sys [153936 2016-06-06] (Symantec Corporation)
S3 EraserUtilDrv11521; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11521.sys [156912 2016-06-06] (Symantec Corporation)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2018-04-20] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-04-20] (Huawei Technologies Co., Ltd.)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2016-06-05] (Symantec Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [39464 2016-04-26] (Tunngle.net GmbH)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [119712 2016-06-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [192864 2016-06-28] (Oracle Corporation)
R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2015-12-23] (Cisco Systems, Inc.)
S3 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-18 18:15 - 2018-11-18 18:15 - 000024298 _____ C:\Users\Paulie\Desktop\FRST.txt
2018-11-18 18:15 - 2018-11-18 18:15 - 000000000 ____D C:\FRST
2018-11-18 18:13 - 2018-11-18 18:13 - 002416128 _____ (Farbar) C:\Users\Paulie\Downloads\FRST64 (1).exe
2018-11-18 18:13 - 2018-11-18 18:13 - 002416128 _____ (Farbar) C:\Users\Paulie\Desktop\FRST64.exe
2018-11-18 01:45 - 2018-11-18 01:46 - 000000000 ____D C:\AdwCleaner
2018-11-17 23:07 - 2018-11-17 23:07 - 007592144 _____ (Malwarebytes) C:\Users\Paulie\Desktop\adwcleaner_7.2.4.0.exe
2018-11-17 14:35 - 2018-11-17 14:35 - 000527423 _____ ( ) C:\Users\Paulie\Downloads\Lame_v3.99.3_for_Windows.exe
2018-11-17 14:33 - 2018-11-17 14:33 - 001524133 _____ C:\Users\Paulie\Downloads\lame-3.100.tar.gz
2018-11-17 14:33 - 2018-11-17 14:33 - 000000000 ____D C:\Users\Paulie\Desktop\lame-3.100
2018-11-17 13:44 - 2018-11-17 13:44 - 001222144 _____ C:\Users\Paulie\Downloads\RSITx64 (2).exe
2018-11-17 13:44 - 2018-11-17 13:44 - 001222144 _____ C:\Users\Paulie\Downloads\RSITx64 (1).exe
2018-11-17 13:44 - 2018-11-17 13:44 - 000000000 ____D C:\rsit
2018-11-16 22:12 - 2018-11-18 13:36 - 000004010 _____ C:\Windows\System32\Tasks\WarThunder3
2018-11-16 22:12 - 2018-11-16 22:12 - 000002604 _____ C:\Users\Paulie\Desktop\WarThunder.lnk
2018-11-16 22:12 - 2018-11-16 22:12 - 000000000 ____D C:\Users\Paulie\AppData\Roaming\WarThunder
2018-11-16 22:12 - 2018-11-16 22:12 - 000000000 ____D C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2018-11-16 21:22 - 2018-11-16 21:22 - 002368960 _____ ( ) C:\Users\Paulie\Downloads\octodad-dadliest-catch_4037345897.exe
2018-11-16 21:04 - 2018-11-16 21:04 - 000000000 ____D C:\Users\Paulie\AppData\LocalLow\Steel Crate Games
2018-11-16 21:03 - 2018-11-17 14:18 - 000000000 ____D C:\Users\Paulie\Downloads\Keep.Talking.and.Nobody.Explodes.Update.27.01.2017
2018-11-10 18:55 - 2018-11-10 20:29 - 1686856645 _____ C:\Users\Paulie\Downloads\Spirit Stallion of the Cimarron (2002) 1080p SK, CZ, ENG.mkv
2018-11-10 13:15 - 2018-11-10 13:56 - 725451762 _____ C:\Users\Paulie\Downloads\O myších a lidech %2F Of Mice and Men 1992, CZ.mkv
2018-11-07 19:59 - 2018-11-07 19:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-11-07 18:21 - 2018-11-07 18:21 - 000023098 _____ C:\Users\Paulie\Downloads\Čokoláda 3 obd.xlsx
2018-11-06 14:06 - 2018-11-06 14:06 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-11-06 14:06 - 2018-11-06 14:06 - 000047768 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-11-06 14:06 - 2018-11-06 14:06 - 000047768 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-11-06 14:06 - 2018-11-06 14:06 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-11-03 21:07 - 2018-11-03 21:45 - 000016325 _____ C:\Users\Paulie\Downloads\teta-excel (1).xlsx
2018-11-03 21:00 - 2018-11-03 21:00 - 000014540 _____ C:\Users\Paulie\Downloads\teta-excel.xlsx
2018-10-25 23:07 - 2018-10-25 23:07 - 000014634 _____ C:\Users\Paulie\Downloads\Mystery_dotaznik.xlsx
2018-10-24 18:04 - 2018-10-24 18:04 - 000067833 _____ C:\Users\Paulie\Desktop\Bez názvu.wma

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-18 18:00 - 2016-12-08 15:24 - 000000000 ____D C:\Users\Paulie\AppData\Local\LogMeIn Hamachi
2018-11-18 13:41 - 2009-07-14 05:45 - 000030720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-18 13:41 - 2009-07-14 05:45 - 000030720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-18 13:36 - 2018-09-22 13:02 - 000003294 _____ C:\Windows\System32\Tasks\svchostc
2018-11-18 13:36 - 2018-09-22 13:02 - 000002814 _____ C:\Windows\System32\Tasks\WinDef Update Service
2018-11-18 13:36 - 2018-05-29 12:35 - 000004532 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-11-18 13:36 - 2018-05-29 12:35 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-11-18 13:36 - 2018-05-11 13:57 - 000000000 ____D C:\Users\Paulie\AppData\Roaming\vlc
2018-11-18 13:36 - 2018-05-10 10:02 - 000004118 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-11-18 13:36 - 2018-04-30 18:39 - 000003042 _____ C:\Windows\System32\Tasks\{7DA5579A-B480-4872-94AF-AFC0CCA2E092}
2018-11-18 13:36 - 2018-01-30 10:48 - 000003462 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-Paulie-PC-Paulie
2018-11-18 13:36 - 2018-01-16 19:40 - 000002986 _____ C:\Windows\System32\Tasks\ScpUpdater
2018-11-18 13:36 - 2018-01-16 19:40 - 000000300 _____ C:\Windows\Tasks\ScpUpdater.job
2018-11-18 13:36 - 2018-01-03 19:43 - 000003332 _____ C:\Windows\System32\Tasks\SessionAgent
2018-11-18 13:36 - 2017-08-06 14:13 - 000003914 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2018-11-18 13:36 - 2017-08-06 14:13 - 000003662 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2018-11-18 13:36 - 2017-08-06 14:13 - 000000908 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-11-18 13:36 - 2017-08-06 14:13 - 000000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-11-18 13:36 - 2017-06-01 18:33 - 000003506 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Paulie-PC-Paulie
2018-11-18 13:36 - 2017-05-02 10:29 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-11-18 13:36 - 2017-02-14 14:47 - 000003146 _____ C:\Windows\System32\Tasks\StartCN
2018-11-18 13:36 - 2016-07-28 22:27 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d1e916db60ce40
2018-11-18 13:36 - 2016-07-28 22:27 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d1e916db4c3483
2018-11-18 13:36 - 2016-07-09 18:58 - 000003162 _____ C:\Windows\System32\Tasks\{CE14BFDF-BB8E-485B-8D2B-0EFC704BE0E5}
2018-11-18 13:36 - 2016-06-23 18:14 - 000002954 _____ C:\Windows\System32\Tasks\{38585E9B-6B1E-4432-8614-096A60AAA340}
2018-11-18 13:36 - 2016-06-14 06:31 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-11-18 02:01 - 2009-07-14 16:18 - 000668866 _____ C:\Windows\system32\perfh005.dat
2018-11-18 02:01 - 2009-07-14 16:18 - 000141526 _____ C:\Windows\system32\perfc005.dat
2018-11-18 02:01 - 2009-07-14 06:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-18 02:01 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-11-18 01:57 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-18 01:56 - 2017-02-14 14:46 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2018-11-17 14:55 - 2018-01-31 23:49 - 000000000 ____D C:\Users\Paulie\AppData\Roaming\audacity
2018-11-17 13:44 - 2017-05-28 21:55 - 000000000 ____D C:\Program Files\trend micro
2018-11-17 12:34 - 2016-06-13 20:39 - 000000000 ____D C:\Users\Paulie\AppData\Local\CrashDumps
2018-11-17 12:34 - 2016-06-13 17:59 - 000000000 ____D C:\Users\Paulie\AppData\Local\Adobe
2018-11-16 17:48 - 2018-05-29 12:38 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-14 03:21 - 2018-05-29 12:35 - 000842376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-11-14 03:21 - 2018-05-29 12:35 - 000175240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-14 03:21 - 2018-05-29 12:35 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-11-14 03:21 - 2018-05-29 12:35 - 000000000 ____D C:\Windows\system32\Macromed
2018-11-14 01:35 - 2016-06-05 00:00 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-14 01:35 - 2016-06-05 00:00 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-13 11:48 - 2017-08-06 14:15 - 000000000 ___RD C:\Users\Paulie\Dropbox
2018-11-09 18:21 - 2017-05-02 10:29 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-11-07 19:59 - 2017-08-06 14:13 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-11-01 09:03 - 2016-06-08 13:25 - 000000000 ____D C:\Users\Paulie\AppData\Local\Battle.net
2018-10-26 15:56 - 2018-04-04 20:13 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk

==================== Files in the root of some directories =======

2018-09-29 10:56 - 2018-09-29 10:56 - 000000000 _____ () C:\Users\Paulie\AppData\Local\oobelibMkey.log

Some zero byte size files/folders:
==========================
C:\Windows\sysde32.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-18 02:19

==================== End of FRST.txt ============================