Nefunguje diakritika, kontrola logu
Napsal: 04 říj 2015 10:11
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-10-2015
Ran by Kajušinka (administrator) on MUFFIN (04-10-2015 11:08:47)
Running from C:\Users\Kajušinka\Desktop
Loaded Profiles: Kajušinka (Available Profiles: Kajušinka)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Qualcomm Atheros) C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Trend Micro Inc.) C:\Users\Kajušinka\Downloads\hijackthis.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Kajušinka\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [Andy] => "C:\Program Files\Andy\HandyAndy.exe"
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-10-04] (AVAST Software)
HKU\S-1-5-21-2958726476-3350756913-3102298719-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-12-10] (Spotify Ltd)
HKU\S-1-5-21-2958726476-3350756913-3102298719-1001\...\Run: [Steam] => D:\Programy\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-2958726476-3350756913-3102298719-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-2958726476-3350756913-3102298719-1001\...\Run: [GoogleChromeAutoLaunch_82691DA48A5177D8997070697CF28EE3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-24] (Google Inc.)
HKU\S-1-5-21-2958726476-3350756913-3102298719-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-2958726476-3350756913-3102298719-1001\...\Run: [crack serial keygen Microsoft Office 2010 ] => wscript.exe //B "C:\Users\KAJUIN~1\AppData\Local\Temp\crack serial keygen Microsoft Office 2010 .vbs" <===== ATTENTION
HKU\S-1-5-21-2958726476-3350756913-3102298719-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-2958726476-3350756913-3102298719-1001\...\Winlogon: [Shell] C:\Users\KAJUIN~1\AppData\Local\Temp\FolderName\file.exe <==== ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-10-04] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2015-03-20]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.8.1 8.8.8.8
Tcpip\..\Interfaces\{29918899-742B-4AF5-ACA0-34AE1865688A}: [DhcpNameServer] 192.17.128.24
Tcpip\..\Interfaces\{7BFC6A04-673B-4335-9721-73DFE9B72A8D}: [DhcpNameServer] 10.0.4.1 8.8.8.8
Tcpip\..\Interfaces\{97952045-AD12-4B0B-883F-BF15B8EA9D64}: [DhcpNameServer] 10.6.0.1
Tcpip\..\Interfaces\{DD71DF93-ADDB-4664-9ABA-25AA1508EE7A}: [DhcpNameServer] 10.0.8.1 8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-2958726476-3350756913-3102298719-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-2958726476-3350756913-3102298719-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2958726476-3350756913-3102298719-1001 -> DefaultScope {AFB905FF-86EB-4D35-B382-2913A86D2057} URL =
SearchScopes: HKU\S-1-5-21-2958726476-3350756913-3102298719-1001 -> {AFB905FF-86EB-4D35-B382-2913A86D2057} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-10-04] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-04] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-20] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Programy\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-10-04]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-20]
CHR Extension: (Dokumenty Google) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-20]
CHR Extension: (Disk Google) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-20]
CHR Extension: (YouTube) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-20]
CHR Extension: (Adblock Plus) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-20]
CHR Extension: (Vyhledávání Google) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-20]
CHR Extension: (Tabulky Google) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-06]
CHR Extension: (Avast Online Security) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-10-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-20]
CHR Extension: (Gmail) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-10-04]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\adminservice.exe [305664 2014-08-22] (Qualcomm Atheros) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-04] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4048280 2015-10-04] (Avast Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3053312 2014-06-27] (Acer Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2508608 2015-09-22] (ESET)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-02-01] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-20] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-20] (Intel Corporation)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-24] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 McODS; "C:\ProgramData\McAfee\Update\Installs\pkg_default\Download_Files\default\vso\vso_li_cat\%VSINSTALL_DIR64%\mcods.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-10-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-10-04] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-04] (AVAST Software)
S3 athur; C:\Windows\system32\DRIVERS\athuw8x.sys [2919936 2013-06-02] (Qualcomm Atheros Communications, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264040 2015-09-23] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2015-09-23] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2015-09-23] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [170792 2015-09-23] (ESET)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-20] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
U5 mfencbdc; C:\Windows\System32\Drivers\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [132656 2015-10-04] (AVAST Software)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R3 Qcamain; C:\Windows\system32\DRIVERS\Qcamainx64.sys [2220544 2014-08-26] (Qualcomm Atheros, Inc.)
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [274336 2015-10-04] (Avast Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-04 11:08 - 2015-10-04 11:08 - 00029696 _____ C:\Users\Kajušinka\AppData\Local\MSGBOX.EXE
2015-10-04 11:08 - 2015-10-04 11:08 - 00022556 _____ C:\Users\Kajušinka\Desktop\FRST.txt
2015-10-04 11:08 - 2015-10-04 11:08 - 00015327 _____ C:\Users\Kajušinka\Desktop\LM.bat
2015-10-04 11:08 - 2015-10-04 11:08 - 00000000 ____D C:\FRST
2015-10-04 11:07 - 2015-10-04 11:07 - 00112640 _____ (forum.viry.cz) C:\Users\Kajušinka\Desktop\FRSTLauncher.exe
2015-10-04 11:06 - 2015-10-04 11:07 - 02193408 _____ (Farbar) C:\Users\Kajušinka\Desktop\FRST64.exe
2015-10-04 10:54 - 2015-10-04 10:54 - 00000000 ____D C:\Users\Kajušinka\AppData\Local\ESET
2015-10-04 10:53 - 2015-10-04 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-10-04 10:53 - 2015-10-04 10:53 - 00000000 ____D C:\ProgramData\ESET
2015-10-04 10:53 - 2015-10-04 10:53 - 00000000 ____D C:\Program Files\ESET
2015-10-04 10:51 - 2015-10-04 10:51 - 02838216 _____ (ESET) C:\Users\Kajušinka\Downloads\eset_nod32_antivirus_live_installer_.exe
2015-10-04 10:40 - 2015-10-04 10:40 - 00388608 _____ (Trend Micro Inc.) C:\Users\Kajušinka\Downloads\hijackthis.exe
2015-10-04 10:40 - 2015-10-04 10:40 - 00012790 _____ C:\Users\Kajušinka\Downloads\hijackthis.log
2015-10-04 09:46 - 2015-10-04 09:46 - 00000330 _____ C:\WINDOWS\PFRO.log
2015-10-04 09:42 - 2015-10-04 09:42 - 00000000 ____D C:\Users\Kajušinka\AppData\Roaming\AVAST Software
2015-10-04 09:41 - 2015-10-04 09:42 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-10-04 09:41 - 2015-10-04 09:42 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2015-10-04 09:41 - 2015-10-04 09:42 - 00000000 ____D C:\WINDOWS\system32\vbox
2015-10-04 09:41 - 2015-10-04 09:41 - 01049880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-10-04 09:41 - 2015-10-04 09:41 - 00448968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-10-04 09:41 - 2015-10-04 09:41 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-10-04 09:41 - 2015-10-04 09:41 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-10-04 09:41 - 2015-10-04 09:41 - 00153744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-10-04 09:41 - 2015-10-04 09:41 - 00132656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\ngvss.sys
2015-10-04 09:41 - 2015-10-04 09:41 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-10-04 09:41 - 2015-10-04 09:41 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-10-04 09:41 - 2015-10-04 09:41 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-10-04 09:41 - 2015-10-04 09:41 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-10-04 09:41 - 2015-10-04 09:41 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-10-04 09:41 - 2015-10-04 09:41 - 00001942 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-10-04 09:41 - 2015-10-04 09:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-10-04 09:39 - 2015-10-04 09:39 - 05693040 _____ (AVAST Software) C:\Users\Kajušinka\Downloads\avast_free_antivirus_setup_online.exe
2015-10-04 09:39 - 2015-10-04 09:39 - 00000000 ____D C:\ProgramData\AVAST Software
2015-10-04 09:39 - 2015-10-04 09:39 - 00000000 ____D C:\Program Files\AVAST Software
2015-10-04 09:19 - 2015-10-04 10:20 - 00001044 _____ C:\WINDOWS\setupact.log
2015-10-04 09:19 - 2015-10-04 09:19 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-10-04 09:16 - 2015-10-04 09:16 - 00002794 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-10-04 09:16 - 2015-10-04 09:16 - 00000838 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-04 09:16 - 2015-10-04 09:16 - 00000000 ____D C:\Program Files\CCleaner
2015-10-04 09:15 - 2015-10-04 09:15 - 06677440 _____ (Piriform Ltd) C:\Users\Kajušinka\Downloads\ccsetup510.exe
2015-10-04 02:03 - 2015-10-04 02:03 - 00003268 _____ C:\WINDOWS\System32\Tasks\WindowsUpda2ta
2015-10-03 21:51 - 2015-10-03 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-10-03 21:51 - 2015-10-03 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-10-03 21:50 - 2015-10-03 21:50 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-10-03 21:50 - 2015-10-03 21:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2015-10-03 21:50 - 2015-10-03 21:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2015-10-03 21:50 - 2015-10-03 21:50 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-10-03 21:48 - 2015-10-03 21:48 - 00000000 ____D C:\Program Files\Microsoft Office
2015-10-03 21:47 - 2015-10-03 21:47 - 00000000 __RHD C:\MSOCache
2015-10-03 21:47 - 2015-10-03 21:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2015-10-03 21:42 - 2015-10-03 21:43 - 01064448 _____ C:\Users\Kajušinka\Downloads\mini-KMS_Activator_v1.1_Office.2010.VL.ENG.exe
2015-10-03 21:41 - 2015-10-03 21:42 - 00000000 ____D C:\Users\Kajušinka\AppData\Local\MSfree Inc
2015-10-03 21:41 - 2015-10-03 21:41 - 05105152 ____N (MSfree Inc.) C:\Users\Kajušinka\AppData\LocaltSWscmLcqp..exe
2015-10-03 21:41 - 2015-10-03 21:41 - 02821607 _____ C:\Users\Kajušinka\Downloads\KMS-Activator-Windows-7-8-8.1-et-Office-2010-2013t.rar
2015-10-03 21:39 - 2015-10-04 02:25 - 00001020 _____ C:\Users\Kajušinka\AppData\Roaming\svchost.exe.tmp
2015-10-03 21:38 - 2015-10-03 21:38 - 00604704 _____ C:\Users\Kajušinka\Downloads\KMS-Activator-for-Microsoft-Office-2010-Applications-x86-x64.rar
2015-10-03 16:14 - 2015-10-03 16:14 - 00067956 _____ C:\Users\Kajušinka\Downloads\Greys-Anatomy-12x02.zip
2015-10-03 15:18 - 2015-10-03 15:35 - 313663117 _____ C:\Users\Kajušinka\Downloads\Greys.Anatomy.S12E02.HDTV.x264-KILLERS.mp4
2015-09-30 16:34 - 2015-09-30 16:34 - 381800626 _____ C:\Users\Kajušinka\Downloads\s08e22.avi
2015-09-29 17:11 - 2015-09-29 17:11 - 00135504 _____ C:\Users\Kajušinka\Downloads\Greys-Anatomy-12x013.zip
2015-09-29 16:36 - 2015-09-29 17:07 - 315415297 _____ C:\Users\Kajušinka\Downloads\Greys.Anatomy.S12E01.HDTV.x264-KILLERS (1).mp4
2015-09-29 16:26 - 2015-09-29 16:34 - 98891304 _____ C:\Users\Kajušinka\Downloads\Greys.Anatomy.S12E01.HDTV.x264-KILLERS.mp4
2015-09-24 21:03 - 2015-09-24 21:03 - 00242004 _____ C:\Users\Kajušinka\Downloads\Deset-malých-černoušků-(Agatha-Christie).mobi
2015-09-23 18:01 - 2015-09-23 18:01 - 00376320 _____ C:\Users\Kajušinka\Downloads\Fitness-Muscle-Shop-2015-cenník-SPORT-vol.9.xlsx
2015-09-23 09:30 - 2015-09-23 09:30 - 00264040 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2015-09-23 09:30 - 2015-09-23 09:30 - 00186784 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2015-09-23 09:30 - 2015-09-23 09:30 - 00170792 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfpr.sys
2015-09-23 09:30 - 2015-09-23 09:30 - 00014976 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2015-09-09 19:18 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-09 19:18 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-09 19:18 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-09 19:18 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-09 19:18 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-09-09 19:18 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-09 19:18 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-09-09 19:18 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-09-09 19:18 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-09-09 19:18 - 2015-07-10 21:06 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2015-09-09 19:18 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-09-09 19:18 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-09 19:18 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-09 19:18 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-09-09 19:18 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-09-09 15:31 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-09 15:31 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-09 15:31 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-09 15:31 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-09 15:31 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-09 15:31 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-09 15:31 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-09 15:31 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-09 15:31 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-09 15:31 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-09 15:31 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-09 15:31 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-09 15:31 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-09 15:31 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-09 15:31 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-09 15:31 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-09 15:30 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 15:30 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 15:30 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 15:30 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-09 15:30 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-09 15:30 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-09 15:30 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-09 15:30 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-09 15:30 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-09 15:30 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 15:30 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-09 15:30 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-09 15:30 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-09 15:30 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-09 15:30 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-09 15:30 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-09 15:30 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-09 15:30 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-09 15:30 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-09 15:30 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-09 15:30 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-09 15:30 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-09 15:30 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-09 15:30 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-09 15:30 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-09 15:30 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-09 15:30 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-09 15:29 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-09 15:29 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 15:29 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-09 15:29 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-09 15:29 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-09 15:29 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-09 15:29 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-09 15:29 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-09 15:29 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-09 15:29 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-09 15:29 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 15:29 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-09 15:29 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-09 15:29 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 15:29 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 15:29 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-09 15:29 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 15:29 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 15:29 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 15:29 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-09 15:29 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-09 15:29 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-04 11:01 - 2015-03-23 18:15 - 00000000 ____D C:\Users\Kajušinka\AppData\Roaming\Skype
2015-10-04 11:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-04 10:57 - 2014-12-10 01:09 - 00091538 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-04 10:53 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-10-04 10:48 - 2015-03-20 16:16 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-04 10:40 - 2015-03-19 06:06 - 00000000 ____D C:\Users\Kajušinka\AppData\Local\VirtualStore
2015-10-04 10:26 - 2014-12-10 01:09 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2015-10-04 10:26 - 2014-12-10 01:09 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2015-10-04 10:26 - 2014-03-18 12:03 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-04 10:25 - 2015-03-19 06:11 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2958726476-3350756913-3102298719-1001
2015-10-04 10:22 - 2014-12-10 00:46 - 00006463 _____ C:\WINDOWS\SysWOW64\Gms.log
2015-10-04 10:20 - 2015-03-20 16:16 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-04 10:20 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-04 09:53 - 2015-06-16 18:50 - 00000000 ____D C:\Users\Kajušinka\.VirtualBox
2015-10-04 09:53 - 2015-06-16 17:24 - 00000000 ____D C:\Users\Kajušinka\AppData\Roaming\Andy
2015-10-04 09:53 - 2015-03-22 19:34 - 00629760 ___SH C:\Users\Kajušinka\Downloads\Thumbs.db
2015-10-04 09:53 - 2015-03-19 06:06 - 00000000 ____D C:\Users\Kajušinka
2015-10-04 09:20 - 2015-03-30 14:32 - 00788992 ___SH C:\Users\Kajušinka\Desktop\Thumbs.db
2015-10-04 09:17 - 2015-03-19 06:07 - 00000000 ____D C:\Users\Kajušinka\AppData\Local\CrashDumps
2015-10-04 09:17 - 2014-07-14 20:34 - 00000000 ____D C:\WINDOWS\Panther
2015-10-04 08:59 - 2015-03-20 15:37 - 00003978 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FC61AA35-21C6-4BDF-8DE5-84523840E855}
2015-10-04 02:19 - 2013-08-22 16:44 - 00491456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-03 21:53 - 2015-03-20 18:32 - 00077824 ____N C:\WINDOWS\KMSEmulator.exe
2015-10-03 21:51 - 2015-03-20 17:12 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-03 21:50 - 2015-03-20 17:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-10-03 21:50 - 2014-03-18 11:45 - 00000000 ____D C:\WINDOWS\ShellNew
2015-10-03 21:49 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-03 21:08 - 2015-06-16 18:52 - 00000000 ____D C:\Users\Kajušinka\AppData\Roaming\NVIDIA
2015-10-03 21:02 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-10-03 20:25 - 2015-03-20 17:05 - 00000000 ____D C:\Users\Kajušinka\Desktop\výkazy
2015-09-30 20:17 - 2015-05-15 22:14 - 00000000 ____D C:\Users\Kajušinka\AppData\Roaming\vlc
2015-09-30 16:49 - 2015-03-20 16:20 - 00002207 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-24 17:28 - 2015-03-30 14:32 - 00015167 _____ C:\Users\Kajušinka\Desktop\Seznam knih.xlsx
2015-09-22 15:24 - 2015-03-20 20:37 - 00168960 ___SH C:\Users\Kajušinka\Documents\Thumbs.db
2015-09-22 11:01 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-20 09:17 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-18 14:43 - 2015-03-20 16:16 - 00003946 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-18 14:43 - 2015-03-20 16:16 - 00003710 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 03:18 - 2014-07-14 19:54 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2014-07-14 19:54 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-13 21:39 - 2015-03-19 07:54 - 00000000 ____D C:\Users\Kajušinka\AppData\Local\Google
2015-09-13 12:18 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-09-13 09:26 - 2014-03-18 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-13 09:26 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-13 09:25 - 2015-03-22 11:46 - 00000000 ____D C:\WINDOWS\system32\MRT
==================== Files in the root of some directories =======
2015-10-03 21:39 - 2015-10-04 02:25 - 0001020 _____ () C:\Users\Kajušinka\AppData\Roaming\svchost.exe.tmp
2015-10-04 11:08 - 2015-10-04 11:08 - 0029696 _____ () C:\Users\Kajušinka\AppData\Local\MSGBOX.EXE
2014-12-10 00:43 - 2014-12-10 00:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-02 17:02
==================== End of FRST.txt ============================
Ran by Kajušinka (administrator) on MUFFIN (04-10-2015 11:08:47)
Running from C:\Users\Kajušinka\Desktop
Loaded Profiles: Kajušinka (Available Profiles: Kajušinka)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Qualcomm Atheros) C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Trend Micro Inc.) C:\Users\Kajušinka\Downloads\hijackthis.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Kajušinka\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [Andy] => "C:\Program Files\Andy\HandyAndy.exe"
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-10-04] (AVAST Software)
HKU\S-1-5-21-2958726476-3350756913-3102298719-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-12-10] (Spotify Ltd)
HKU\S-1-5-21-2958726476-3350756913-3102298719-1001\...\Run: [Steam] => D:\Programy\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-2958726476-3350756913-3102298719-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-2958726476-3350756913-3102298719-1001\...\Run: [GoogleChromeAutoLaunch_82691DA48A5177D8997070697CF28EE3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-24] (Google Inc.)
HKU\S-1-5-21-2958726476-3350756913-3102298719-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-2958726476-3350756913-3102298719-1001\...\Run: [crack serial keygen Microsoft Office 2010 ] => wscript.exe //B "C:\Users\KAJUIN~1\AppData\Local\Temp\crack serial keygen Microsoft Office 2010 .vbs" <===== ATTENTION
HKU\S-1-5-21-2958726476-3350756913-3102298719-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-2958726476-3350756913-3102298719-1001\...\Winlogon: [Shell] C:\Users\KAJUIN~1\AppData\Local\Temp\FolderName\file.exe <==== ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-10-04] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2015-03-20]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.8.1 8.8.8.8
Tcpip\..\Interfaces\{29918899-742B-4AF5-ACA0-34AE1865688A}: [DhcpNameServer] 192.17.128.24
Tcpip\..\Interfaces\{7BFC6A04-673B-4335-9721-73DFE9B72A8D}: [DhcpNameServer] 10.0.4.1 8.8.8.8
Tcpip\..\Interfaces\{97952045-AD12-4B0B-883F-BF15B8EA9D64}: [DhcpNameServer] 10.6.0.1
Tcpip\..\Interfaces\{DD71DF93-ADDB-4664-9ABA-25AA1508EE7A}: [DhcpNameServer] 10.0.8.1 8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-2958726476-3350756913-3102298719-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-2958726476-3350756913-3102298719-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2958726476-3350756913-3102298719-1001 -> DefaultScope {AFB905FF-86EB-4D35-B382-2913A86D2057} URL =
SearchScopes: HKU\S-1-5-21-2958726476-3350756913-3102298719-1001 -> {AFB905FF-86EB-4D35-B382-2913A86D2057} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-10-04] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-04] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-20] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Programy\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-10-04]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-20]
CHR Extension: (Dokumenty Google) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-20]
CHR Extension: (Disk Google) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-20]
CHR Extension: (YouTube) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-20]
CHR Extension: (Adblock Plus) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-20]
CHR Extension: (Vyhledávání Google) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-20]
CHR Extension: (Tabulky Google) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-06]
CHR Extension: (Avast Online Security) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-10-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-20]
CHR Extension: (Gmail) - C:\Users\Kajušinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-10-04]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\adminservice.exe [305664 2014-08-22] (Qualcomm Atheros) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-04] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4048280 2015-10-04] (Avast Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3053312 2014-06-27] (Acer Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2508608 2015-09-22] (ESET)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-02-01] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-20] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-20] (Intel Corporation)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-24] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 McODS; "C:\ProgramData\McAfee\Update\Installs\pkg_default\Download_Files\default\vso\vso_li_cat\%VSINSTALL_DIR64%\mcods.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-10-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-10-04] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-04] (AVAST Software)
S3 athur; C:\Windows\system32\DRIVERS\athuw8x.sys [2919936 2013-06-02] (Qualcomm Atheros Communications, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264040 2015-09-23] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2015-09-23] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2015-09-23] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [170792 2015-09-23] (ESET)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-20] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
U5 mfencbdc; C:\Windows\System32\Drivers\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [132656 2015-10-04] (AVAST Software)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R3 Qcamain; C:\Windows\system32\DRIVERS\Qcamainx64.sys [2220544 2014-08-26] (Qualcomm Atheros, Inc.)
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [274336 2015-10-04] (Avast Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-04 11:08 - 2015-10-04 11:08 - 00029696 _____ C:\Users\Kajušinka\AppData\Local\MSGBOX.EXE
2015-10-04 11:08 - 2015-10-04 11:08 - 00022556 _____ C:\Users\Kajušinka\Desktop\FRST.txt
2015-10-04 11:08 - 2015-10-04 11:08 - 00015327 _____ C:\Users\Kajušinka\Desktop\LM.bat
2015-10-04 11:08 - 2015-10-04 11:08 - 00000000 ____D C:\FRST
2015-10-04 11:07 - 2015-10-04 11:07 - 00112640 _____ (forum.viry.cz) C:\Users\Kajušinka\Desktop\FRSTLauncher.exe
2015-10-04 11:06 - 2015-10-04 11:07 - 02193408 _____ (Farbar) C:\Users\Kajušinka\Desktop\FRST64.exe
2015-10-04 10:54 - 2015-10-04 10:54 - 00000000 ____D C:\Users\Kajušinka\AppData\Local\ESET
2015-10-04 10:53 - 2015-10-04 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-10-04 10:53 - 2015-10-04 10:53 - 00000000 ____D C:\ProgramData\ESET
2015-10-04 10:53 - 2015-10-04 10:53 - 00000000 ____D C:\Program Files\ESET
2015-10-04 10:51 - 2015-10-04 10:51 - 02838216 _____ (ESET) C:\Users\Kajušinka\Downloads\eset_nod32_antivirus_live_installer_.exe
2015-10-04 10:40 - 2015-10-04 10:40 - 00388608 _____ (Trend Micro Inc.) C:\Users\Kajušinka\Downloads\hijackthis.exe
2015-10-04 10:40 - 2015-10-04 10:40 - 00012790 _____ C:\Users\Kajušinka\Downloads\hijackthis.log
2015-10-04 09:46 - 2015-10-04 09:46 - 00000330 _____ C:\WINDOWS\PFRO.log
2015-10-04 09:42 - 2015-10-04 09:42 - 00000000 ____D C:\Users\Kajušinka\AppData\Roaming\AVAST Software
2015-10-04 09:41 - 2015-10-04 09:42 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-10-04 09:41 - 2015-10-04 09:42 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2015-10-04 09:41 - 2015-10-04 09:42 - 00000000 ____D C:\WINDOWS\system32\vbox
2015-10-04 09:41 - 2015-10-04 09:41 - 01049880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-10-04 09:41 - 2015-10-04 09:41 - 00448968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-10-04 09:41 - 2015-10-04 09:41 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-10-04 09:41 - 2015-10-04 09:41 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-10-04 09:41 - 2015-10-04 09:41 - 00153744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-10-04 09:41 - 2015-10-04 09:41 - 00132656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\ngvss.sys
2015-10-04 09:41 - 2015-10-04 09:41 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-10-04 09:41 - 2015-10-04 09:41 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-10-04 09:41 - 2015-10-04 09:41 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-10-04 09:41 - 2015-10-04 09:41 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-10-04 09:41 - 2015-10-04 09:41 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-10-04 09:41 - 2015-10-04 09:41 - 00001942 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-10-04 09:41 - 2015-10-04 09:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-10-04 09:39 - 2015-10-04 09:39 - 05693040 _____ (AVAST Software) C:\Users\Kajušinka\Downloads\avast_free_antivirus_setup_online.exe
2015-10-04 09:39 - 2015-10-04 09:39 - 00000000 ____D C:\ProgramData\AVAST Software
2015-10-04 09:39 - 2015-10-04 09:39 - 00000000 ____D C:\Program Files\AVAST Software
2015-10-04 09:19 - 2015-10-04 10:20 - 00001044 _____ C:\WINDOWS\setupact.log
2015-10-04 09:19 - 2015-10-04 09:19 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-10-04 09:16 - 2015-10-04 09:16 - 00002794 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-10-04 09:16 - 2015-10-04 09:16 - 00000838 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-04 09:16 - 2015-10-04 09:16 - 00000000 ____D C:\Program Files\CCleaner
2015-10-04 09:15 - 2015-10-04 09:15 - 06677440 _____ (Piriform Ltd) C:\Users\Kajušinka\Downloads\ccsetup510.exe
2015-10-04 02:03 - 2015-10-04 02:03 - 00003268 _____ C:\WINDOWS\System32\Tasks\WindowsUpda2ta
2015-10-03 21:51 - 2015-10-03 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-10-03 21:51 - 2015-10-03 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-10-03 21:50 - 2015-10-03 21:50 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-10-03 21:50 - 2015-10-03 21:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2015-10-03 21:50 - 2015-10-03 21:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2015-10-03 21:50 - 2015-10-03 21:50 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-10-03 21:48 - 2015-10-03 21:48 - 00000000 ____D C:\Program Files\Microsoft Office
2015-10-03 21:47 - 2015-10-03 21:47 - 00000000 __RHD C:\MSOCache
2015-10-03 21:47 - 2015-10-03 21:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2015-10-03 21:42 - 2015-10-03 21:43 - 01064448 _____ C:\Users\Kajušinka\Downloads\mini-KMS_Activator_v1.1_Office.2010.VL.ENG.exe
2015-10-03 21:41 - 2015-10-03 21:42 - 00000000 ____D C:\Users\Kajušinka\AppData\Local\MSfree Inc
2015-10-03 21:41 - 2015-10-03 21:41 - 05105152 ____N (MSfree Inc.) C:\Users\Kajušinka\AppData\LocaltSWscmLcqp..exe
2015-10-03 21:41 - 2015-10-03 21:41 - 02821607 _____ C:\Users\Kajušinka\Downloads\KMS-Activator-Windows-7-8-8.1-et-Office-2010-2013t.rar
2015-10-03 21:39 - 2015-10-04 02:25 - 00001020 _____ C:\Users\Kajušinka\AppData\Roaming\svchost.exe.tmp
2015-10-03 21:38 - 2015-10-03 21:38 - 00604704 _____ C:\Users\Kajušinka\Downloads\KMS-Activator-for-Microsoft-Office-2010-Applications-x86-x64.rar
2015-10-03 16:14 - 2015-10-03 16:14 - 00067956 _____ C:\Users\Kajušinka\Downloads\Greys-Anatomy-12x02.zip
2015-10-03 15:18 - 2015-10-03 15:35 - 313663117 _____ C:\Users\Kajušinka\Downloads\Greys.Anatomy.S12E02.HDTV.x264-KILLERS.mp4
2015-09-30 16:34 - 2015-09-30 16:34 - 381800626 _____ C:\Users\Kajušinka\Downloads\s08e22.avi
2015-09-29 17:11 - 2015-09-29 17:11 - 00135504 _____ C:\Users\Kajušinka\Downloads\Greys-Anatomy-12x013.zip
2015-09-29 16:36 - 2015-09-29 17:07 - 315415297 _____ C:\Users\Kajušinka\Downloads\Greys.Anatomy.S12E01.HDTV.x264-KILLERS (1).mp4
2015-09-29 16:26 - 2015-09-29 16:34 - 98891304 _____ C:\Users\Kajušinka\Downloads\Greys.Anatomy.S12E01.HDTV.x264-KILLERS.mp4
2015-09-24 21:03 - 2015-09-24 21:03 - 00242004 _____ C:\Users\Kajušinka\Downloads\Deset-malých-černoušků-(Agatha-Christie).mobi
2015-09-23 18:01 - 2015-09-23 18:01 - 00376320 _____ C:\Users\Kajušinka\Downloads\Fitness-Muscle-Shop-2015-cenník-SPORT-vol.9.xlsx
2015-09-23 09:30 - 2015-09-23 09:30 - 00264040 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2015-09-23 09:30 - 2015-09-23 09:30 - 00186784 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2015-09-23 09:30 - 2015-09-23 09:30 - 00170792 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfpr.sys
2015-09-23 09:30 - 2015-09-23 09:30 - 00014976 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2015-09-09 19:18 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-09 19:18 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-09 19:18 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-09 19:18 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-09 19:18 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-09-09 19:18 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-09 19:18 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-09-09 19:18 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-09-09 19:18 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-09-09 19:18 - 2015-07-10 21:06 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2015-09-09 19:18 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-09-09 19:18 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-09 19:18 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-09 19:18 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-09-09 19:18 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-09-09 15:31 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-09 15:31 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-09 15:31 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-09 15:31 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-09 15:31 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-09 15:31 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-09 15:31 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-09 15:31 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-09 15:31 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-09 15:31 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-09 15:31 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-09 15:31 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-09 15:31 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-09 15:31 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-09 15:31 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-09 15:31 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-09 15:30 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 15:30 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 15:30 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 15:30 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-09 15:30 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-09 15:30 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-09 15:30 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-09 15:30 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-09 15:30 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-09 15:30 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 15:30 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-09 15:30 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-09 15:30 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-09 15:30 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-09 15:30 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-09 15:30 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-09 15:30 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-09 15:30 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-09 15:30 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-09 15:30 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-09 15:30 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-09 15:30 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-09 15:30 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-09 15:30 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-09 15:30 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-09 15:30 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-09 15:30 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-09 15:29 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-09 15:29 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 15:29 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-09 15:29 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-09 15:29 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-09 15:29 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-09 15:29 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-09 15:29 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-09 15:29 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-09 15:29 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-09 15:29 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 15:29 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-09 15:29 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-09 15:29 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 15:29 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 15:29 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-09 15:29 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 15:29 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 15:29 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 15:29 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-09 15:29 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-09 15:29 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-04 11:01 - 2015-03-23 18:15 - 00000000 ____D C:\Users\Kajušinka\AppData\Roaming\Skype
2015-10-04 11:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-04 10:57 - 2014-12-10 01:09 - 00091538 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-04 10:53 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-10-04 10:48 - 2015-03-20 16:16 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-04 10:40 - 2015-03-19 06:06 - 00000000 ____D C:\Users\Kajušinka\AppData\Local\VirtualStore
2015-10-04 10:26 - 2014-12-10 01:09 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2015-10-04 10:26 - 2014-12-10 01:09 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2015-10-04 10:26 - 2014-03-18 12:03 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-04 10:25 - 2015-03-19 06:11 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2958726476-3350756913-3102298719-1001
2015-10-04 10:22 - 2014-12-10 00:46 - 00006463 _____ C:\WINDOWS\SysWOW64\Gms.log
2015-10-04 10:20 - 2015-03-20 16:16 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-04 10:20 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-04 09:53 - 2015-06-16 18:50 - 00000000 ____D C:\Users\Kajušinka\.VirtualBox
2015-10-04 09:53 - 2015-06-16 17:24 - 00000000 ____D C:\Users\Kajušinka\AppData\Roaming\Andy
2015-10-04 09:53 - 2015-03-22 19:34 - 00629760 ___SH C:\Users\Kajušinka\Downloads\Thumbs.db
2015-10-04 09:53 - 2015-03-19 06:06 - 00000000 ____D C:\Users\Kajušinka
2015-10-04 09:20 - 2015-03-30 14:32 - 00788992 ___SH C:\Users\Kajušinka\Desktop\Thumbs.db
2015-10-04 09:17 - 2015-03-19 06:07 - 00000000 ____D C:\Users\Kajušinka\AppData\Local\CrashDumps
2015-10-04 09:17 - 2014-07-14 20:34 - 00000000 ____D C:\WINDOWS\Panther
2015-10-04 08:59 - 2015-03-20 15:37 - 00003978 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FC61AA35-21C6-4BDF-8DE5-84523840E855}
2015-10-04 02:19 - 2013-08-22 16:44 - 00491456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-03 21:53 - 2015-03-20 18:32 - 00077824 ____N C:\WINDOWS\KMSEmulator.exe
2015-10-03 21:51 - 2015-03-20 17:12 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-03 21:50 - 2015-03-20 17:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-10-03 21:50 - 2014-03-18 11:45 - 00000000 ____D C:\WINDOWS\ShellNew
2015-10-03 21:49 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-03 21:08 - 2015-06-16 18:52 - 00000000 ____D C:\Users\Kajušinka\AppData\Roaming\NVIDIA
2015-10-03 21:02 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-10-03 20:25 - 2015-03-20 17:05 - 00000000 ____D C:\Users\Kajušinka\Desktop\výkazy
2015-09-30 20:17 - 2015-05-15 22:14 - 00000000 ____D C:\Users\Kajušinka\AppData\Roaming\vlc
2015-09-30 16:49 - 2015-03-20 16:20 - 00002207 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-24 17:28 - 2015-03-30 14:32 - 00015167 _____ C:\Users\Kajušinka\Desktop\Seznam knih.xlsx
2015-09-22 15:24 - 2015-03-20 20:37 - 00168960 ___SH C:\Users\Kajušinka\Documents\Thumbs.db
2015-09-22 11:01 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-20 09:17 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-18 14:43 - 2015-03-20 16:16 - 00003946 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-18 14:43 - 2015-03-20 16:16 - 00003710 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 03:18 - 2014-07-14 19:54 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2014-07-14 19:54 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-13 21:39 - 2015-03-19 07:54 - 00000000 ____D C:\Users\Kajušinka\AppData\Local\Google
2015-09-13 12:18 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-09-13 09:26 - 2014-03-18 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-13 09:26 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-13 09:25 - 2015-03-22 11:46 - 00000000 ____D C:\WINDOWS\system32\MRT
==================== Files in the root of some directories =======
2015-10-03 21:39 - 2015-10-04 02:25 - 0001020 _____ () C:\Users\Kajušinka\AppData\Roaming\svchost.exe.tmp
2015-10-04 11:08 - 2015-10-04 11:08 - 0029696 _____ () C:\Users\Kajušinka\AppData\Local\MSGBOX.EXE
2014-12-10 00:43 - 2014-12-10 00:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-02 17:02
==================== End of FRST.txt ============================