Prosím o preventivku
Napsal: 28 pro 2017 21:31
Dobrý večer, prosím o preventivku. Děkuji mockrát.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-12-2017
Ran by Polenovi (administrator) on POLENOVI-PC (28-12-2017 21:27:24)
Running from C:\Users\Polenovi\Desktop
Loaded Profiles: Polenovi (Available Profiles: Polenovi & Monika & Kiki a Táta & Work hard)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Discord Inc.) C:\Users\Polenovi\AppData\Local\Discord\app-0.0.299\Discord.exe
(f.lux Software LLC) C:\Users\Polenovi\AppData\Local\FluxSoftware\Flux\flux.exe
(Dropbox, Inc.) C:\Users\Polenovi\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Creative Technology Ltd) D:\Program Files\Live! Central 3\CTLVCentral3.exe
(Creative Technology Ltd.) C:\Windows\V0700Mon.exe
() D:\Program Files (x86)\Cok Software\Cok Free Auto Clicker\AutoClicker.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
(Dropbox, Inc.) C:\Users\Polenovi\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\Polenovi\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Discord Inc.) C:\Users\Polenovi\AppData\Local\Discord\app-0.0.299\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Discord Inc.) C:\Users\Polenovi\AppData\Local\Discord\app-0.0.299\Discord.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [OODefragTray] => D:\Program Files\OO Software\Defrag\oodtray.exe
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5120144 2012-05-23] (VIA)
HKLM-x32\...\Run: [Live! Central 3] => D:\Program Files\Live! Central 3\CTLVCentral3.exe [503969 2010-12-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [V0700Mon.exe] => C:\Windows\V0700Mon.exe [28672 2010-08-18] (Creative Technology Ltd.)
HKLM-x32\...\Run: [liandianqi] => D:\Program Files (x86)\Cok Software\Cok Free Auto Clicker\AutoClicker.exe [57344 2012-10-31] ()
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files\Razer Cortex\RazerCortex.exe -autorun
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKU\S-1-5-21-710846368-3565823764-1362206376-1000\...\Run: [Facebook Update] => C:\Users\Polenovi\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-02-27] (Facebook Inc.)
HKU\S-1-5-21-710846368-3565823764-1362206376-1000\...\Run: [Gadwin PrintScreen Pro (64-bit)] => "C:\Program Files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro64.exe" /nosplash
HKU\S-1-5-21-710846368-3565823764-1362206376-1000\...\Run: [Dropbox Update] => C:\Users\Polenovi\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
HKU\S-1-5-21-710846368-3565823764-1362206376-1000\...\Run: [Discord] => C:\Users\Polenovi\AppData\Local\Discord\app-0.0.299\Discord.exe [57954808 2017-12-11] (Discord Inc.)
HKU\S-1-5-21-710846368-3565823764-1362206376-1000\...\Run: [f.lux] => C:\Users\Polenovi\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-10] (f.lux Software LLC)
HKU\S-1-5-21-710846368-3565823764-1362206376-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-710846368-3565823764-1362206376-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Polenovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-12-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\Polenovi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy\User: Restriction <==== ATTENTION
GroupPolicyUsers\S-1-5-21-710846368-3565823764-1362206376-1005\User: Restriction <==== ATTENTION
GroupPolicyUsers\S-1-5-21-710846368-3565823764-1362206376-1004\User: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{1058A90E-C101-4B40-9E9F-0BB91251E65A}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4BE1BB41-0FBA-492B-8C2B-AEFEB60503A2}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-14] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-14] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-14] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-14] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
FireFox:
========
FF DefaultProfile: t5ktwgo0.default
FF ProfilePath: C:\Users\Polenovi\AppData\Roaming\Mozilla\Firefox\Profiles\t5ktwgo0.default [2017-11-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-13] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-14] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-13] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-710846368-3565823764-1362206376-1000: @servis24.cz/PKIComponent -> C:\Users\Polenovi\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [No File]
FF Plugin HKU\S-1-5-21-710846368-3565823764-1362206376-1000: @servis24.cz/PKIComponent-x64 -> C:\Users\Polenovi\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [No File]
FF Plugin HKU\S-1-5-21-710846368-3565823764-1362206376-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Polenovi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-710846368-3565823764-1362206376-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Polenovi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-710846368-3565823764-1362206376-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-12-15] ()
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://anonymouse.org/cgi-bin/anon-www.cgi/hxxp://www.google.cz"
CHR Profile: C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default [2017-12-28]
CHR Extension: (Prezentace) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Adobe Acrobat) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-11]
CHR Extension: (Tabulky) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Avira Browser Safety) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-12]
CHR Extension: (vPopulus Game) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kidhdhpflnnmfllolkaekcaddacgonfe [2014-12-08]
CHR Extension: (Little Alchemy) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2016-02-09]
CHR Extension: (Lightshot (Nástroje snímků)) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2017-08-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-15]
CHR Profile: C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-03-20]
CHR Profile: C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\System Profile [2017-02-28]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-710846368-3565823764-1362206376-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\Polenovi\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\Polenovi\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128944 2017-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-12-12] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1526832 2017-12-12] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [434248 2017-11-06] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1517576 2017-04-18] ()
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-05-10] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2014-01-16] () [File not signed]
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-16] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [196344 2017-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [153072 2017-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-24] (Avira Operations GmbH & Co. KG)
S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2014-08-17] (Digiarty Software, Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2017-12-13] (REALiX(tm))
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104560 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2013-03-28] ()
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce))
S0 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [22936 2006-07-10] (Protection Technology)
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [106360 2007-01-12] (Protection Technology (StarForce))
S3 V0700Vid; C:\Windows\System32\DRIVERS\V0700Vid.sys [393728 2010-10-18] (Creative Technology Ltd.)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S2 NEWDRIVER; \??\C:\Windows\SysWow64\WinVDEdrv6.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-28 21:27 - 2017-12-28 21:28 - 000022573 _____ C:\Users\Polenovi\Desktop\FRST.txt
2017-12-28 21:27 - 2017-12-28 21:27 - 000000000 ____D C:\FRST
2017-12-28 21:21 - 2017-12-28 21:22 - 000112640 _____ (forum.viry.cz) C:\Users\Polenovi\Downloads\Nepotvrzeno 94805.crdownload
2017-12-28 21:21 - 2017-12-28 21:21 - 002391552 _____ (Farbar) C:\Users\Polenovi\Desktop\FRST64.exe
2017-12-28 21:20 - 2017-12-28 21:22 - 000000000 ____D C:\AdwCleaner
2017-12-28 21:20 - 2017-12-28 21:20 - 008198432 _____ (Malwarebytes) C:\Users\Polenovi\Downloads\adwcleaner_7.0.6.0.exe
2017-12-28 19:37 - 2017-12-28 19:37 - 003486336 _____ C:\Users\Polenovi\Downloads\Complex-Map.zip
2017-12-28 19:32 - 2017-12-28 19:32 - 009170551 _____ C:\Users\Polenovi\Downloads\server (1).jar
2017-12-28 19:17 - 2017-12-28 19:17 - 012670344 _____ C:\Users\Polenovi\Downloads\Super_Hostile_01_-_Sea_of_Flame_II_v3.0.zip
2017-12-28 19:14 - 2017-12-28 19:14 - 000000000 ____D C:\Users\Polenovi\Downloads\world
2017-12-28 19:08 - 2017-12-28 19:08 - 000000000 ____D C:\Users\Polenovi\AppData\Roaming\Notzombies
2017-12-27 19:10 - 2017-12-27 19:10 - 000000000 ____D C:\Users\Polenovi\AppData\LocalLow\Total Mayhem Games
2017-12-26 18:34 - 2017-12-26 18:35 - 020421880 _____ C:\Users\Polenovi\Downloads\sumo (1).zip
2017-12-25 20:35 - 2017-12-25 20:35 - 000000000 ____D C:\Users\Polenovi\AppData\Roaming\Godot
2017-12-25 02:49 - 2017-12-25 02:49 - 014593045 _____ C:\Users\Polenovi\Downloads\sumo.zip
2017-12-17 17:51 - 2017-12-17 17:51 - 000024803 _____ C:\Users\Polenovi\Downloads\fuckinghell.odt
2017-12-15 20:48 - 2017-12-15 20:48 - 000000017 _____ C:\Users\Polenovi\Desktop\Nový textový dokument (3).txt
2017-12-13 20:29 - 2017-12-13 20:29 - 000000000 _____ C:\Users\Polenovi\Desktop\Nový textový dokument (2).txt
2017-12-13 20:18 - 2017-12-13 20:18 - 000027552 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO64A.SYS
2017-12-13 20:18 - 2017-12-13 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2017-12-13 20:18 - 2017-12-13 20:18 - 000000000 ____D C:\Program Files\HWiNFO64
2017-12-13 20:17 - 2017-12-13 20:18 - 004567432 _____ (Martin Malík - REALiX ) C:\Users\Polenovi\Downloads\hw64_570.exe
2017-12-11 09:58 - 2017-12-11 09:58 - 000062928 _____ C:\Users\Monika\Desktop\Monika ŽL.pdf
2017-12-11 09:55 - 2017-12-11 09:55 - 000387741 _____ C:\Users\Monika\Desktop\Blanka ŽL.pdf
2017-12-08 00:54 - 2017-12-08 00:54 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2017-12-08 00:54 - 2017-12-08 00:54 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2017-12-07 19:57 - 2017-12-07 19:57 - 000000000 ____D C:\Users\Polenovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-12-05 23:57 - 2017-12-05 23:57 - 000243824 _____ C:\Users\Polenovi\Downloads\just creative work.pdf
2017-12-05 23:51 - 2017-12-05 23:51 - 000225547 _____ C:\Users\Polenovi\Downloads\#Marythevirgin.pdf
2017-12-02 20:39 - 2017-12-02 20:39 - 000048794 _____ C:\Users\Polenovi\Downloads\sheet.pdf
2017-11-28 20:50 - 2017-11-28 20:50 - 000000000 _____ C:\Users\Polenovi\Desktop\Nový textový dokument.txt
2017-11-28 12:15 - 2017-12-28 20:12 - 000000000 ____D C:\Users\Polenovi\Documents\OpenTTD
2017-11-28 12:12 - 2017-11-28 12:12 - 007883056 _____ (OpenTTD Developers) C:\Users\Polenovi\Downloads\openttd-1.7.1-windows-win64.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-28 21:23 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-28 21:22 - 2017-09-23 12:52 - 000003316 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2017-12-28 21:22 - 2012-12-03 16:56 - 000001351 _____ C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-12-28 21:19 - 2009-07-14 05:45 - 000022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-28 21:19 - 2009-07-14 05:45 - 000022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-28 20:18 - 2012-12-07 20:15 - 000000000 ____D C:\Users\Polenovi\AppData\Local\LogMeIn Hamachi
2017-12-28 20:15 - 2016-07-30 20:10 - 000000000 ____D C:\Users\Polenovi\AppData\Roaming\Factorio
2017-12-28 19:40 - 2017-11-11 22:39 - 000000000 ____D C:\Users\Polenovi\AppData\Roaming\.minecraft
2017-12-28 19:39 - 2014-08-17 13:17 - 000000394 _____ C:\Windows\Tasks\update-S-1-5-21-710846368-3565823764-1362206376-1000.job
2017-12-28 19:37 - 2015-06-17 18:40 - 000000930 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-710846368-3565823764-1362206376-1000UA.job
2017-12-28 19:32 - 2017-11-12 16:21 - 000000000 ____D C:\Users\Polenovi\Desktop\srvr
2017-12-28 19:08 - 2017-08-19 19:19 - 000000000 ____D C:\Users\Polenovi\Documents\TrackMania
2017-12-28 19:04 - 2013-12-02 20:18 - 000000000 ____D C:\Users\Polenovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-12-28 18:45 - 2013-02-27 18:40 - 000000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-710846368-3565823764-1362206376-1000UA.job
2017-12-28 18:45 - 2013-02-27 18:40 - 000000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-710846368-3565823764-1362206376-1000Core.job
2017-12-28 17:50 - 2015-06-17 18:40 - 000000878 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-710846368-3565823764-1362206376-1000Core.job
2017-12-28 16:42 - 2014-08-17 13:17 - 000000394 _____ C:\Windows\Tasks\update-sys.job
2017-12-26 18:48 - 2016-04-12 19:14 - 003917312 ___SH C:\Users\Polenovi\Desktop\Thumbs.db
2017-12-24 14:22 - 2016-08-24 08:38 - 000000644 __RSH C:\Users\Polenovi\ntuser.pol
2017-12-24 14:22 - 2012-12-03 16:30 - 000000000 ____D C:\Users\Polenovi
2017-12-24 11:53 - 2012-12-03 10:17 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-12-24 11:51 - 2015-09-18 19:02 - 000000000 ____D C:\Users\Polenovi\AppData\Roaming\TS3Client
2017-12-22 18:15 - 2013-05-17 19:29 - 000000000 ___RD C:\Users\Polenovi\Dropbox
2017-12-20 20:21 - 2009-07-14 06:08 - 000032560 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-12-17 15:08 - 2013-03-25 16:31 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2017-12-17 15:08 - 2013-03-25 16:31 - 000000000 ____D C:\Program Files\Windows Live
2017-12-17 15:08 - 2013-03-25 16:31 - 000000000 ____D C:\Program Files (x86)\Windows Live
2017-12-15 22:52 - 2013-12-30 19:48 - 000000000 ____D C:\Users\Polenovi\Documents\My Games
2017-12-15 20:37 - 2012-12-03 17:48 - 000000000 ____D C:\Users\Polenovi\AppData\Local\Ubisoft Game Launcher
2017-12-15 20:08 - 2014-08-09 19:12 - 000002075 _____ C:\Users\Polenovi\Documents\50 odstínů hnědi.txt
2017-12-15 19:26 - 2012-12-28 21:14 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-13 21:31 - 2017-05-02 11:45 - 000004552 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-12-13 21:31 - 2012-12-03 10:17 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-12-13 21:31 - 2012-12-03 10:17 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-13 21:31 - 2012-12-03 10:17 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-12-13 21:31 - 2012-12-03 10:17 - 000000000 ____D C:\Windows\system32\Macromed
2017-12-13 19:50 - 2016-08-25 09:01 - 000000940 __RSH C:\Users\Kiki a Táta\ntuser.pol
2017-12-13 19:50 - 2012-12-28 18:00 - 000000000 ____D C:\Users\Kiki a Táta\AppData\Local\Google
2017-12-13 19:50 - 2012-12-03 17:05 - 000000000 ____D C:\Users\Kiki a Táta
2017-12-12 21:25 - 2014-12-28 22:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-12-12 21:23 - 2014-12-28 22:49 - 000196344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2017-12-12 21:23 - 2014-12-28 22:49 - 000153072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2017-12-12 19:26 - 2017-06-16 18:46 - 000000000 ____D C:\Users\Polenovi\AppData\Roaming\discord
2017-12-12 19:25 - 2017-06-16 18:46 - 000000000 ____D C:\Users\Polenovi\AppData\Local\Discord
2017-12-12 19:25 - 2015-07-05 12:34 - 000000000 ____D C:\Users\Polenovi\Desktop\Textové Soubory
2017-12-12 12:40 - 2012-12-10 18:04 - 000000000 ____D C:\Users\Monika\AppData\Local\LogMeIn Hamachi
2017-12-12 10:51 - 2012-12-29 11:35 - 000000000 ____D C:\Users\Monika\AppData\Roaming\Skype
2017-12-12 10:49 - 2016-09-11 08:01 - 000000930 __RSH C:\Users\Monika\ntuser.pol
2017-12-12 10:49 - 2012-12-03 16:55 - 000000000 ____D C:\Users\Monika
2017-12-11 09:49 - 2013-02-08 19:52 - 000000000 ____D C:\Users\Monika\AppData\Local\Google
2017-12-08 00:54 - 2017-11-11 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-12-07 19:57 - 2013-05-17 19:24 - 000000000 ____D C:\Users\Polenovi\AppData\Roaming\Dropbox
2017-12-02 21:55 - 2017-09-23 12:52 - 000003122 _____ C:\Windows\System32\Tasks\Avira SystrayStartTrigger
2017-12-02 21:55 - 2014-12-28 22:46 - 000000000 ____D C:\ProgramData\Package Cache
2017-12-02 14:38 - 2017-09-03 21:08 - 000000000 ____D C:\Users\Polenovi\Desktop\Scanned
2017-11-29 19:24 - 2015-12-27 09:47 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-29 19:13 - 2015-07-05 12:35 - 000000000 ____D C:\Users\Polenovi\Desktop\Hry mimo Steam
==================== Files in the root of some directories =======
2014-05-20 20:33 - 2014-05-20 20:33 - 000063075 _____ () C:\Users\Polenovi\AppData\Roaming\Crescendo.dmp
2012-12-03 21:49 - 2013-02-01 12:36 - 000703117 _____ () C:\Users\Polenovi\AppData\Roaming\technic-launcher.jar
2012-12-03 21:49 - 2013-01-23 17:37 - 000703104 _____ () C:\Users\Polenovi\AppData\Roaming\technic-launcher.jar.bak
2017-11-05 15:41 - 2017-11-05 15:41 - 000004300 _____ () C:\Users\Polenovi\AppData\Roaming\Zer16AC.tmp
2017-11-05 15:43 - 2017-11-11 17:20 - 000007330 _____ () C:\Users\Polenovi\AppData\Roaming\ZeroBraneStudio.ini
2015-10-22 20:30 - 2017-07-12 19:37 - 000010752 _____ () C:\Users\Polenovi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-10-22 00:04 - 2017-10-22 00:04 - 000000857 _____ () C:\Users\Polenovi\AppData\Local\recently-used.xbel
2015-10-13 16:52 - 2016-06-29 15:43 - 000000700 ___SH () C:\Users\Polenovi\AppData\Local\systemFL7.dat
2014-12-28 22:11 - 2014-12-28 22:11 - 000000003 _____ () C:\Users\Polenovi\AppData\Local\updater.log
2016-12-15 23:24 - 2017-05-07 10:06 - 000000425 _____ () C:\Users\Polenovi\AppData\Local\UserProducts.xml
Some files in TEMP:
====================
2015-01-03 11:30 - 2015-01-03 11:30 - 000000000 ____D () C:\Users\Kiki a Táta\AppData\Local\Temp\avgnt.exe
2015-01-07 14:42 - 2015-01-07 14:42 - 000000000 ____D () C:\Users\Monika\AppData\Local\Temp\avgnt.exe
2013-04-05 15:44 - 2013-04-05 15:44 - 000904104 _____ (Oracle Corporation) C:\Users\Monika\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
2013-04-29 22:54 - 2013-04-29 22:54 - 000192512 _____ () C:\Users\Monika\AppData\Local\Temp\sfamcc00001.dll
2013-04-29 22:54 - 2013-04-29 22:54 - 000158720 _____ () C:\Users\Monika\AppData\Local\Temp\sfareca00001.dll
2013-06-16 20:34 - 2013-07-13 20:33 - 031954536 _____ (Skype Technologies S.A.) C:\Users\Monika\AppData\Local\Temp\SkypeSetup.exe
2014-02-01 16:04 - 2014-02-01 16:04 - 000372736 _____ (Babylon Ltd.) C:\Users\Monika\AppData\Local\Temp\uninst1.exe
2017-11-04 17:28 - 2017-11-04 17:28 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-1293074186676084891.dll
2017-11-05 14:51 - 2017-11-05 14:51 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-1541491266320543309.dll
2017-11-04 17:02 - 2017-11-04 17:02 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-1917392608150639533.dll
2017-11-04 20:24 - 2017-11-04 20:24 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-1947704379741816969.dll
2017-11-08 22:43 - 2017-11-08 22:43 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-2113263404762285482.dll
2017-11-04 19:34 - 2017-11-04 19:34 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-3267310053797635130.dll
2017-11-04 20:23 - 2017-11-04 20:23 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-3735125059335927498.dll
2017-11-04 20:45 - 2017-11-04 20:45 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-4385420987800280347.dll
2017-11-05 10:01 - 2017-11-05 10:01 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-4697214846344005917.dll
2017-11-04 19:37 - 2017-11-04 19:37 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-4784733505497370112.dll
2017-11-05 14:14 - 2017-11-05 14:14 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-502934571337612439.dll
2017-11-04 17:02 - 2017-11-04 17:02 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-5043693483082692465.dll
2017-11-04 19:53 - 2017-11-04 19:53 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-5712884989014764782.dll
2017-11-10 19:51 - 2017-11-10 19:51 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-5967542734645956681.dll
2017-11-04 20:33 - 2017-11-04 20:33 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-6041141139673191136.dll
2017-11-10 22:33 - 2017-11-10 22:33 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-6096663573166871287.dll
2017-11-04 17:02 - 2017-11-04 17:02 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-8449578744724393618.dll
2017-11-04 17:27 - 2017-11-04 17:27 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-9032472246240655860.dll
2017-11-11 09:01 - 2017-11-11 09:01 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-9103544195738110922.dll
2017-10-26 13:15 - 2017-11-11 21:52 - 000192512 _____ () C:\Users\Polenovi\AppData\Local\Temp\sfamcc00001.dll
2017-11-11 21:52 - 2017-11-11 21:52 - 000158720 _____ () C:\Users\Polenovi\AppData\Local\Temp\sfareca00001.dll
2016-08-24 10:20 - 2016-08-24 10:20 - 000000000 ____D () C:\Users\Work hard\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-12-19 22:04
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-12-2017
Ran by Polenovi (administrator) on POLENOVI-PC (28-12-2017 21:27:24)
Running from C:\Users\Polenovi\Desktop
Loaded Profiles: Polenovi (Available Profiles: Polenovi & Monika & Kiki a Táta & Work hard)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Discord Inc.) C:\Users\Polenovi\AppData\Local\Discord\app-0.0.299\Discord.exe
(f.lux Software LLC) C:\Users\Polenovi\AppData\Local\FluxSoftware\Flux\flux.exe
(Dropbox, Inc.) C:\Users\Polenovi\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Creative Technology Ltd) D:\Program Files\Live! Central 3\CTLVCentral3.exe
(Creative Technology Ltd.) C:\Windows\V0700Mon.exe
() D:\Program Files (x86)\Cok Software\Cok Free Auto Clicker\AutoClicker.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
(Dropbox, Inc.) C:\Users\Polenovi\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\Polenovi\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Discord Inc.) C:\Users\Polenovi\AppData\Local\Discord\app-0.0.299\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Discord Inc.) C:\Users\Polenovi\AppData\Local\Discord\app-0.0.299\Discord.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [OODefragTray] => D:\Program Files\OO Software\Defrag\oodtray.exe
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5120144 2012-05-23] (VIA)
HKLM-x32\...\Run: [Live! Central 3] => D:\Program Files\Live! Central 3\CTLVCentral3.exe [503969 2010-12-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [V0700Mon.exe] => C:\Windows\V0700Mon.exe [28672 2010-08-18] (Creative Technology Ltd.)
HKLM-x32\...\Run: [liandianqi] => D:\Program Files (x86)\Cok Software\Cok Free Auto Clicker\AutoClicker.exe [57344 2012-10-31] ()
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files\Razer Cortex\RazerCortex.exe -autorun
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKU\S-1-5-21-710846368-3565823764-1362206376-1000\...\Run: [Facebook Update] => C:\Users\Polenovi\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-02-27] (Facebook Inc.)
HKU\S-1-5-21-710846368-3565823764-1362206376-1000\...\Run: [Gadwin PrintScreen Pro (64-bit)] => "C:\Program Files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro64.exe" /nosplash
HKU\S-1-5-21-710846368-3565823764-1362206376-1000\...\Run: [Dropbox Update] => C:\Users\Polenovi\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
HKU\S-1-5-21-710846368-3565823764-1362206376-1000\...\Run: [Discord] => C:\Users\Polenovi\AppData\Local\Discord\app-0.0.299\Discord.exe [57954808 2017-12-11] (Discord Inc.)
HKU\S-1-5-21-710846368-3565823764-1362206376-1000\...\Run: [f.lux] => C:\Users\Polenovi\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-10] (f.lux Software LLC)
HKU\S-1-5-21-710846368-3565823764-1362206376-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-710846368-3565823764-1362206376-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Polenovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-12-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\Polenovi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy\User: Restriction <==== ATTENTION
GroupPolicyUsers\S-1-5-21-710846368-3565823764-1362206376-1005\User: Restriction <==== ATTENTION
GroupPolicyUsers\S-1-5-21-710846368-3565823764-1362206376-1004\User: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{1058A90E-C101-4B40-9E9F-0BB91251E65A}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4BE1BB41-0FBA-492B-8C2B-AEFEB60503A2}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-14] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-14] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-14] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-14] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
FireFox:
========
FF DefaultProfile: t5ktwgo0.default
FF ProfilePath: C:\Users\Polenovi\AppData\Roaming\Mozilla\Firefox\Profiles\t5ktwgo0.default [2017-11-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-13] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-14] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-13] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-710846368-3565823764-1362206376-1000: @servis24.cz/PKIComponent -> C:\Users\Polenovi\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [No File]
FF Plugin HKU\S-1-5-21-710846368-3565823764-1362206376-1000: @servis24.cz/PKIComponent-x64 -> C:\Users\Polenovi\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [No File]
FF Plugin HKU\S-1-5-21-710846368-3565823764-1362206376-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Polenovi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-710846368-3565823764-1362206376-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Polenovi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-710846368-3565823764-1362206376-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-12-15] ()
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://anonymouse.org/cgi-bin/anon-www.cgi/hxxp://www.google.cz"
CHR Profile: C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default [2017-12-28]
CHR Extension: (Prezentace) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Adobe Acrobat) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-11]
CHR Extension: (Tabulky) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Avira Browser Safety) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-12]
CHR Extension: (vPopulus Game) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kidhdhpflnnmfllolkaekcaddacgonfe [2014-12-08]
CHR Extension: (Little Alchemy) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2016-02-09]
CHR Extension: (Lightshot (Nástroje snímků)) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2017-08-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-15]
CHR Profile: C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-03-20]
CHR Profile: C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\System Profile [2017-02-28]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-710846368-3565823764-1362206376-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\Polenovi\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\Polenovi\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Polenovi\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128944 2017-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-12-12] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1526832 2017-12-12] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [434248 2017-11-06] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1517576 2017-04-18] ()
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-05-10] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2014-01-16] () [File not signed]
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-16] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [196344 2017-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [153072 2017-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-24] (Avira Operations GmbH & Co. KG)
S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2014-08-17] (Digiarty Software, Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2017-12-13] (REALiX(tm))
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104560 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2013-03-28] ()
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce))
S0 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [22936 2006-07-10] (Protection Technology)
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [106360 2007-01-12] (Protection Technology (StarForce))
S3 V0700Vid; C:\Windows\System32\DRIVERS\V0700Vid.sys [393728 2010-10-18] (Creative Technology Ltd.)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S2 NEWDRIVER; \??\C:\Windows\SysWow64\WinVDEdrv6.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-28 21:27 - 2017-12-28 21:28 - 000022573 _____ C:\Users\Polenovi\Desktop\FRST.txt
2017-12-28 21:27 - 2017-12-28 21:27 - 000000000 ____D C:\FRST
2017-12-28 21:21 - 2017-12-28 21:22 - 000112640 _____ (forum.viry.cz) C:\Users\Polenovi\Downloads\Nepotvrzeno 94805.crdownload
2017-12-28 21:21 - 2017-12-28 21:21 - 002391552 _____ (Farbar) C:\Users\Polenovi\Desktop\FRST64.exe
2017-12-28 21:20 - 2017-12-28 21:22 - 000000000 ____D C:\AdwCleaner
2017-12-28 21:20 - 2017-12-28 21:20 - 008198432 _____ (Malwarebytes) C:\Users\Polenovi\Downloads\adwcleaner_7.0.6.0.exe
2017-12-28 19:37 - 2017-12-28 19:37 - 003486336 _____ C:\Users\Polenovi\Downloads\Complex-Map.zip
2017-12-28 19:32 - 2017-12-28 19:32 - 009170551 _____ C:\Users\Polenovi\Downloads\server (1).jar
2017-12-28 19:17 - 2017-12-28 19:17 - 012670344 _____ C:\Users\Polenovi\Downloads\Super_Hostile_01_-_Sea_of_Flame_II_v3.0.zip
2017-12-28 19:14 - 2017-12-28 19:14 - 000000000 ____D C:\Users\Polenovi\Downloads\world
2017-12-28 19:08 - 2017-12-28 19:08 - 000000000 ____D C:\Users\Polenovi\AppData\Roaming\Notzombies
2017-12-27 19:10 - 2017-12-27 19:10 - 000000000 ____D C:\Users\Polenovi\AppData\LocalLow\Total Mayhem Games
2017-12-26 18:34 - 2017-12-26 18:35 - 020421880 _____ C:\Users\Polenovi\Downloads\sumo (1).zip
2017-12-25 20:35 - 2017-12-25 20:35 - 000000000 ____D C:\Users\Polenovi\AppData\Roaming\Godot
2017-12-25 02:49 - 2017-12-25 02:49 - 014593045 _____ C:\Users\Polenovi\Downloads\sumo.zip
2017-12-17 17:51 - 2017-12-17 17:51 - 000024803 _____ C:\Users\Polenovi\Downloads\fuckinghell.odt
2017-12-15 20:48 - 2017-12-15 20:48 - 000000017 _____ C:\Users\Polenovi\Desktop\Nový textový dokument (3).txt
2017-12-13 20:29 - 2017-12-13 20:29 - 000000000 _____ C:\Users\Polenovi\Desktop\Nový textový dokument (2).txt
2017-12-13 20:18 - 2017-12-13 20:18 - 000027552 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO64A.SYS
2017-12-13 20:18 - 2017-12-13 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2017-12-13 20:18 - 2017-12-13 20:18 - 000000000 ____D C:\Program Files\HWiNFO64
2017-12-13 20:17 - 2017-12-13 20:18 - 004567432 _____ (Martin Malík - REALiX ) C:\Users\Polenovi\Downloads\hw64_570.exe
2017-12-11 09:58 - 2017-12-11 09:58 - 000062928 _____ C:\Users\Monika\Desktop\Monika ŽL.pdf
2017-12-11 09:55 - 2017-12-11 09:55 - 000387741 _____ C:\Users\Monika\Desktop\Blanka ŽL.pdf
2017-12-08 00:54 - 2017-12-08 00:54 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2017-12-08 00:54 - 2017-12-08 00:54 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2017-12-07 19:57 - 2017-12-07 19:57 - 000000000 ____D C:\Users\Polenovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-12-05 23:57 - 2017-12-05 23:57 - 000243824 _____ C:\Users\Polenovi\Downloads\just creative work.pdf
2017-12-05 23:51 - 2017-12-05 23:51 - 000225547 _____ C:\Users\Polenovi\Downloads\#Marythevirgin.pdf
2017-12-02 20:39 - 2017-12-02 20:39 - 000048794 _____ C:\Users\Polenovi\Downloads\sheet.pdf
2017-11-28 20:50 - 2017-11-28 20:50 - 000000000 _____ C:\Users\Polenovi\Desktop\Nový textový dokument.txt
2017-11-28 12:15 - 2017-12-28 20:12 - 000000000 ____D C:\Users\Polenovi\Documents\OpenTTD
2017-11-28 12:12 - 2017-11-28 12:12 - 007883056 _____ (OpenTTD Developers) C:\Users\Polenovi\Downloads\openttd-1.7.1-windows-win64.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-28 21:23 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-28 21:22 - 2017-09-23 12:52 - 000003316 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2017-12-28 21:22 - 2012-12-03 16:56 - 000001351 _____ C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-12-28 21:19 - 2009-07-14 05:45 - 000022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-28 21:19 - 2009-07-14 05:45 - 000022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-28 20:18 - 2012-12-07 20:15 - 000000000 ____D C:\Users\Polenovi\AppData\Local\LogMeIn Hamachi
2017-12-28 20:15 - 2016-07-30 20:10 - 000000000 ____D C:\Users\Polenovi\AppData\Roaming\Factorio
2017-12-28 19:40 - 2017-11-11 22:39 - 000000000 ____D C:\Users\Polenovi\AppData\Roaming\.minecraft
2017-12-28 19:39 - 2014-08-17 13:17 - 000000394 _____ C:\Windows\Tasks\update-S-1-5-21-710846368-3565823764-1362206376-1000.job
2017-12-28 19:37 - 2015-06-17 18:40 - 000000930 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-710846368-3565823764-1362206376-1000UA.job
2017-12-28 19:32 - 2017-11-12 16:21 - 000000000 ____D C:\Users\Polenovi\Desktop\srvr
2017-12-28 19:08 - 2017-08-19 19:19 - 000000000 ____D C:\Users\Polenovi\Documents\TrackMania
2017-12-28 19:04 - 2013-12-02 20:18 - 000000000 ____D C:\Users\Polenovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-12-28 18:45 - 2013-02-27 18:40 - 000000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-710846368-3565823764-1362206376-1000UA.job
2017-12-28 18:45 - 2013-02-27 18:40 - 000000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-710846368-3565823764-1362206376-1000Core.job
2017-12-28 17:50 - 2015-06-17 18:40 - 000000878 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-710846368-3565823764-1362206376-1000Core.job
2017-12-28 16:42 - 2014-08-17 13:17 - 000000394 _____ C:\Windows\Tasks\update-sys.job
2017-12-26 18:48 - 2016-04-12 19:14 - 003917312 ___SH C:\Users\Polenovi\Desktop\Thumbs.db
2017-12-24 14:22 - 2016-08-24 08:38 - 000000644 __RSH C:\Users\Polenovi\ntuser.pol
2017-12-24 14:22 - 2012-12-03 16:30 - 000000000 ____D C:\Users\Polenovi
2017-12-24 11:53 - 2012-12-03 10:17 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-12-24 11:51 - 2015-09-18 19:02 - 000000000 ____D C:\Users\Polenovi\AppData\Roaming\TS3Client
2017-12-22 18:15 - 2013-05-17 19:29 - 000000000 ___RD C:\Users\Polenovi\Dropbox
2017-12-20 20:21 - 2009-07-14 06:08 - 000032560 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-12-17 15:08 - 2013-03-25 16:31 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2017-12-17 15:08 - 2013-03-25 16:31 - 000000000 ____D C:\Program Files\Windows Live
2017-12-17 15:08 - 2013-03-25 16:31 - 000000000 ____D C:\Program Files (x86)\Windows Live
2017-12-15 22:52 - 2013-12-30 19:48 - 000000000 ____D C:\Users\Polenovi\Documents\My Games
2017-12-15 20:37 - 2012-12-03 17:48 - 000000000 ____D C:\Users\Polenovi\AppData\Local\Ubisoft Game Launcher
2017-12-15 20:08 - 2014-08-09 19:12 - 000002075 _____ C:\Users\Polenovi\Documents\50 odstínů hnědi.txt
2017-12-15 19:26 - 2012-12-28 21:14 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-13 21:31 - 2017-05-02 11:45 - 000004552 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-12-13 21:31 - 2012-12-03 10:17 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-12-13 21:31 - 2012-12-03 10:17 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-13 21:31 - 2012-12-03 10:17 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-12-13 21:31 - 2012-12-03 10:17 - 000000000 ____D C:\Windows\system32\Macromed
2017-12-13 19:50 - 2016-08-25 09:01 - 000000940 __RSH C:\Users\Kiki a Táta\ntuser.pol
2017-12-13 19:50 - 2012-12-28 18:00 - 000000000 ____D C:\Users\Kiki a Táta\AppData\Local\Google
2017-12-13 19:50 - 2012-12-03 17:05 - 000000000 ____D C:\Users\Kiki a Táta
2017-12-12 21:25 - 2014-12-28 22:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-12-12 21:23 - 2014-12-28 22:49 - 000196344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2017-12-12 21:23 - 2014-12-28 22:49 - 000153072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2017-12-12 19:26 - 2017-06-16 18:46 - 000000000 ____D C:\Users\Polenovi\AppData\Roaming\discord
2017-12-12 19:25 - 2017-06-16 18:46 - 000000000 ____D C:\Users\Polenovi\AppData\Local\Discord
2017-12-12 19:25 - 2015-07-05 12:34 - 000000000 ____D C:\Users\Polenovi\Desktop\Textové Soubory
2017-12-12 12:40 - 2012-12-10 18:04 - 000000000 ____D C:\Users\Monika\AppData\Local\LogMeIn Hamachi
2017-12-12 10:51 - 2012-12-29 11:35 - 000000000 ____D C:\Users\Monika\AppData\Roaming\Skype
2017-12-12 10:49 - 2016-09-11 08:01 - 000000930 __RSH C:\Users\Monika\ntuser.pol
2017-12-12 10:49 - 2012-12-03 16:55 - 000000000 ____D C:\Users\Monika
2017-12-11 09:49 - 2013-02-08 19:52 - 000000000 ____D C:\Users\Monika\AppData\Local\Google
2017-12-08 00:54 - 2017-11-11 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-12-07 19:57 - 2013-05-17 19:24 - 000000000 ____D C:\Users\Polenovi\AppData\Roaming\Dropbox
2017-12-02 21:55 - 2017-09-23 12:52 - 000003122 _____ C:\Windows\System32\Tasks\Avira SystrayStartTrigger
2017-12-02 21:55 - 2014-12-28 22:46 - 000000000 ____D C:\ProgramData\Package Cache
2017-12-02 14:38 - 2017-09-03 21:08 - 000000000 ____D C:\Users\Polenovi\Desktop\Scanned
2017-11-29 19:24 - 2015-12-27 09:47 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-29 19:13 - 2015-07-05 12:35 - 000000000 ____D C:\Users\Polenovi\Desktop\Hry mimo Steam
==================== Files in the root of some directories =======
2014-05-20 20:33 - 2014-05-20 20:33 - 000063075 _____ () C:\Users\Polenovi\AppData\Roaming\Crescendo.dmp
2012-12-03 21:49 - 2013-02-01 12:36 - 000703117 _____ () C:\Users\Polenovi\AppData\Roaming\technic-launcher.jar
2012-12-03 21:49 - 2013-01-23 17:37 - 000703104 _____ () C:\Users\Polenovi\AppData\Roaming\technic-launcher.jar.bak
2017-11-05 15:41 - 2017-11-05 15:41 - 000004300 _____ () C:\Users\Polenovi\AppData\Roaming\Zer16AC.tmp
2017-11-05 15:43 - 2017-11-11 17:20 - 000007330 _____ () C:\Users\Polenovi\AppData\Roaming\ZeroBraneStudio.ini
2015-10-22 20:30 - 2017-07-12 19:37 - 000010752 _____ () C:\Users\Polenovi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-10-22 00:04 - 2017-10-22 00:04 - 000000857 _____ () C:\Users\Polenovi\AppData\Local\recently-used.xbel
2015-10-13 16:52 - 2016-06-29 15:43 - 000000700 ___SH () C:\Users\Polenovi\AppData\Local\systemFL7.dat
2014-12-28 22:11 - 2014-12-28 22:11 - 000000003 _____ () C:\Users\Polenovi\AppData\Local\updater.log
2016-12-15 23:24 - 2017-05-07 10:06 - 000000425 _____ () C:\Users\Polenovi\AppData\Local\UserProducts.xml
Some files in TEMP:
====================
2015-01-03 11:30 - 2015-01-03 11:30 - 000000000 ____D () C:\Users\Kiki a Táta\AppData\Local\Temp\avgnt.exe
2015-01-07 14:42 - 2015-01-07 14:42 - 000000000 ____D () C:\Users\Monika\AppData\Local\Temp\avgnt.exe
2013-04-05 15:44 - 2013-04-05 15:44 - 000904104 _____ (Oracle Corporation) C:\Users\Monika\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
2013-04-29 22:54 - 2013-04-29 22:54 - 000192512 _____ () C:\Users\Monika\AppData\Local\Temp\sfamcc00001.dll
2013-04-29 22:54 - 2013-04-29 22:54 - 000158720 _____ () C:\Users\Monika\AppData\Local\Temp\sfareca00001.dll
2013-06-16 20:34 - 2013-07-13 20:33 - 031954536 _____ (Skype Technologies S.A.) C:\Users\Monika\AppData\Local\Temp\SkypeSetup.exe
2014-02-01 16:04 - 2014-02-01 16:04 - 000372736 _____ (Babylon Ltd.) C:\Users\Monika\AppData\Local\Temp\uninst1.exe
2017-11-04 17:28 - 2017-11-04 17:28 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-1293074186676084891.dll
2017-11-05 14:51 - 2017-11-05 14:51 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-1541491266320543309.dll
2017-11-04 17:02 - 2017-11-04 17:02 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-1917392608150639533.dll
2017-11-04 20:24 - 2017-11-04 20:24 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-1947704379741816969.dll
2017-11-08 22:43 - 2017-11-08 22:43 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-2113263404762285482.dll
2017-11-04 19:34 - 2017-11-04 19:34 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-3267310053797635130.dll
2017-11-04 20:23 - 2017-11-04 20:23 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-3735125059335927498.dll
2017-11-04 20:45 - 2017-11-04 20:45 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-4385420987800280347.dll
2017-11-05 10:01 - 2017-11-05 10:01 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-4697214846344005917.dll
2017-11-04 19:37 - 2017-11-04 19:37 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-4784733505497370112.dll
2017-11-05 14:14 - 2017-11-05 14:14 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-502934571337612439.dll
2017-11-04 17:02 - 2017-11-04 17:02 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-5043693483082692465.dll
2017-11-04 19:53 - 2017-11-04 19:53 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-5712884989014764782.dll
2017-11-10 19:51 - 2017-11-10 19:51 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-5967542734645956681.dll
2017-11-04 20:33 - 2017-11-04 20:33 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-6041141139673191136.dll
2017-11-10 22:33 - 2017-11-10 22:33 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-6096663573166871287.dll
2017-11-04 17:02 - 2017-11-04 17:02 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-8449578744724393618.dll
2017-11-04 17:27 - 2017-11-04 17:27 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-9032472246240655860.dll
2017-11-11 09:01 - 2017-11-11 09:01 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Polenovi\AppData\Local\Temp\jansi-64-9103544195738110922.dll
2017-10-26 13:15 - 2017-11-11 21:52 - 000192512 _____ () C:\Users\Polenovi\AppData\Local\Temp\sfamcc00001.dll
2017-11-11 21:52 - 2017-11-11 21:52 - 000158720 _____ () C:\Users\Polenovi\AppData\Local\Temp\sfareca00001.dll
2016-08-24 10:20 - 2016-08-24 10:20 - 000000000 ____D () C:\Users\Work hard\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-12-19 22:04
==================== End of FRST.txt ============================