Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-12-2015
Ran by Jiří (administrator) on JJOHNY (11-12-2015 15:49:48)
Running from C:\Users\Jiří\Desktop
Loaded Profiles: Jiří (Available Profiles: Jiří)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(New Softwares.net) C:\Windows\SysWOW64\WinFLService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
( New Softwares.net) C:\Windows\SysWOW64\WinFLTray.exe
(New Softwares.net) C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe
( New Softwares.net) C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServ.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginClientService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(forum.viry.cz) C:\Users\Jiří\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573720 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [457616 2014-10-03] ()
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2013-04-24] (Synaptics Incorporated)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-05-22] (CyberLink Corp.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-12-25] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [msixhjwoSrv] => C:\Windows\SysWOW64\msixhjwo.vbe [649 2014-06-23] ()
HKLM-x32\...\Run: [MSStp] => C:\Windows\inf\msstp.vbe
HKLM-x32\...\Run: [mncvbmbbySrv] => C:\Windows\SysWOW64\mncvbmbby.vbe [7670 2014-03-05] ()
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-455240653-3503876362-3278339993-1002\...\Run: [uTorrent] => C:\Users\Jiří\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-11-30] (BitTorrent Inc.)
HKU\S-1-5-21-455240653-3503876362-3278339993-1002\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-455240653-3503876362-3278339993-1002\...\Run: [WinFLTray] => C:\WINDOWS\SysWow64\WinFLTray.exe [330040 2015-03-18] ( New Softwares.net)
HKU\S-1-5-21-455240653-3503876362-3278339993-1002\...\Run: [FLBackup] => C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe [275768 2015-03-18] (New Softwares.net)
HKU\S-1-5-21-455240653-3503876362-3278339993-1002\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.132.12.33 10.132.12.1
Tcpip\..\Interfaces\{D3304553-E163-4600-B2E7-FE4D9FA6CF1A}: [DhcpNameServer] 10.132.12.33 10.132.12.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.bing.com?pc=HPNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://
www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-455240653-3503876362-3278339993-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.reerd.com
HKU\S-1-5-21-455240653-3503876362-3278339993-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://
www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {956D519B-84FA-4151-A8C3-A759375AAF4D} URL = hxxp://
www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {956D519B-84FA-4151-A8C3-A759375AAF4D} URL = hxxp://
www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-455240653-3503876362-3278339993-1002 -> {656FADF0-050E-4783-95AA-FA1FB6E4582E} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-455240653-3503876362-3278339993-1002 -> {956D519B-84FA-4151-A8C3-A759375AAF4D} URL = hxxp://
www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-23] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-23] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-455240653-3503876362-3278339993-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jiří\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-455240653-3503876362-3278339993-1002: hp.com/HPDetect -> C:\Users\Jiří\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll [No File]
Chrome:
=======
CHR Profile: C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-10]
CHR Extension: (HD for YouTube™) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf [2015-11-18]
CHR Extension: (Dokumenty Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-10]
CHR Extension: (Disk Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Lounge Assistant) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\enjonnlehciedbcidabdglnnihcncbml [2015-09-10]
CHR Extension: (Tabulky Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (AdBlock) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-10]
CHR Extension: (Gmail) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-10]
CHR HKLM-x32\...\Chrome\Extension: [pmcmflmkceipgecmhoddphflfndnfbbe] - C:\Users\JI10BB~1\AppData\Local\Temp\tbch.crx <not found>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-05-28] (Intel)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-11-04] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-05] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-05] (CyberLink)
S2 eprodukt; C:\Users\Jiří\AppData\Local\Singleholding.exe [46592 2015-12-09] () [File not signed]
R2 FLService; C:\WINDOWS\SysWow64\WinFLService.exe [92984 2015-03-18] (New Softwares.net)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-12-25] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-09-27] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-04-03] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2014-09-13] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-08] ()
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3512928 2015-07-22] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-10] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-12-11] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2000-01-01] (Realtek Semiconductor)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2014-01-08] (Intel® Corporation)
S2 P2PEnhance; C:\Program Files (x86)\P2PEnhance\P2PEnhance.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385272 2013-08-01] (Motorola Solutions, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [113096 2014-09-13] (Intel Corporation)
S3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3670496 2014-04-25] (Intel Corporation)
R2 NEWDRIVER; C:\WINDOWS\SysWow64\WinVDEdrv6.sys [197648 2015-03-18] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [408136 2013-05-09] (Realsil Semiconductor Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-04-24] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [206744 2013-05-28] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [35320 2014-09-22] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [258368 2014-09-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R1 WinFLAdrv; C:\Windows\SysWow64\WinFLAdrv.sys [36472 2015-03-18] ()
R2 WinVDEDrv; C:\WINDOWS\SysWow64\WinVDEdrv.sys [225680 2015-03-18] (NewSoftwares.net, Inc.)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-11 15:49 - 2015-12-11 15:50 - 00023934 _____ C:\Users\Jiří\Desktop\FRST.txt
2015-12-11 11:48 - 2015-12-11 11:48 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Publish Providers
2015-12-11 11:31 - 2015-12-11 11:48 - 00000000 ____D C:\Users\Jiří\AppData\Local\Sony
2015-12-11 11:31 - 2015-12-11 11:31 - 00001061 _____ C:\Users\Public\Desktop\Vegas Pro 13.0 (64-bit).lnk
2015-12-11 11:31 - 2015-12-11 11:31 - 00000000 ____D C:\ProgramData\Sony
2015-12-11 11:31 - 2015-12-11 11:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-12-11 11:31 - 2015-12-11 11:31 - 00000000 ____D C:\Program Files\Sony
2015-12-11 11:31 - 2015-12-11 11:31 - 00000000 ____D C:\Program Files (x86)\Sony
2015-12-11 11:30 - 2015-12-11 11:48 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Sony
2015-12-11 11:17 - 2015-12-11 11:17 - 00016411 _____ C:\Users\Jiří\Downloads\[CzT]Sony_Vegas_Pro_13_0_build_453_x64_.torrent
2015-12-11 11:17 - 2015-12-11 11:17 - 00000000 ____D C:\Users\Jiří\Downloads\Sony Vegas Pro 13.0 build 453 (x64)
2015-12-11 07:17 - 2015-12-11 11:01 - 00000000 ____D C:\Users\Jiří\AppData\Local\TurmoilSteam
2015-12-11 06:59 - 2015-12-11 07:04 - 268521150 ____R C:\Users\Jiří\Downloads\Turmoil.v0.0.0.200.zip
2015-12-10 22:03 - 2015-12-11 05:59 - 00000000 ____D C:\Users\Jiří\AppData\Local\PunkBuster
2015-12-10 22:03 - 2015-12-10 22:04 - 00000000 ____D C:\Users\Jiří\Documents\Battlefield 3
2015-12-10 22:00 - 2015-12-11 13:02 - 00000000 ____D C:\ProgramData\EA Logs
2015-12-10 22:00 - 2015-12-10 22:00 - 00000000 ____D C:\ProgramData\EA Core
2015-12-10 21:34 - 2015-12-10 21:34 - 00001193 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2015-12-10 21:34 - 2015-12-10 21:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-12-10 21:09 - 2015-12-10 21:09 - 00000000 ____D C:\Program Files (x86)\WB Games
2015-12-10 20:55 - 2015-12-10 20:55 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\WB Games
2015-12-10 18:49 - 2015-12-10 19:12 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Origin
2015-12-10 18:49 - 2015-12-10 19:12 - 00000000 ____D C:\Users\Jiří\AppData\Local\Origin
2015-12-10 13:23 - 2015-12-10 13:23 - 00233815 _____ C:\Users\Jiří\Desktop\Bez názvu-3.psd
2015-12-10 08:19 - 2015-12-10 08:19 - 00000000 ____D C:\Users\Jiří\AppData\LocalLow\Dreamsite Games
2015-12-10 06:51 - 2015-12-10 06:51 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\BANDISOFT
2015-12-10 06:50 - 2015-12-10 06:50 - 00001007 _____ C:\Users\Public\Desktop\Bandicam.lnk
2015-12-10 06:50 - 2015-12-10 06:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2015-12-10 06:50 - 2015-12-10 06:50 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1
2015-12-10 06:50 - 2015-12-10 06:50 - 00000000 ____D C:\Program Files (x86)\Bandicam
2015-12-10 06:44 - 2015-12-10 06:44 - 00000000 ____D C:\Users\Jiří\Downloads\Bandicam
2015-12-10 06:29 - 2015-12-11 14:37 - 00000000 ____D C:\Users\Jiří\Desktop\Videa
2015-12-10 06:26 - 2015-12-10 06:42 - 00000000 ____D C:\Users\Jiří\AppData\Local\Dxtory Software
2015-12-10 06:26 - 2015-12-10 06:26 - 00001205 _____ C:\Users\Jiří\Desktop\Dxtory.lnk
2015-12-10 06:26 - 2015-12-10 06:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0
2015-12-10 06:26 - 2015-12-10 06:26 - 00000000 ____D C:\Program Files (x86)\Dxtory Software
2015-12-10 06:26 - 2013-02-15 22:44 - 08300544 _____ (Dxtory Software) C:\WINDOWS\SysWOW64\DxtoryCodec.dll
2015-12-10 06:26 - 2013-02-15 22:44 - 08043008 _____ (Dxtory Software) C:\WINDOWS\system32\DxtoryCodec.dll
2015-12-10 06:17 - 2015-12-10 06:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-12-10 06:10 - 2015-12-10 06:12 - 00000000 ____D C:\Program Files\DIPS64
2015-12-10 05:51 - 2015-12-10 05:51 - 00000000 ____D C:\Program Files\Dripkix
2015-12-10 05:50 - 2015-12-10 05:51 - 00000000 ____D C:\AdwCleaner
2015-12-10 05:48 - 2015-12-10 05:48 - 01738240 _____ C:\Users\Jiří\Desktop\adwcleaner_5.024.exe
2015-12-09 19:43 - 2015-12-09 19:43 - 00112640 _____ (forum.viry.cz) C:\Users\Jiří\Desktop\FRSTLauncher.exe
2015-12-09 19:42 - 2015-12-11 15:49 - 00000000 ____D C:\FRST
2015-12-09 19:42 - 2015-12-09 19:42 - 02369024 _____ (Farbar) C:\Users\Jiří\Desktop\FRST64.exe
2015-12-09 19:10 - 2015-12-09 19:10 - 00000000 ____D C:\Users\Jiří\Downloads\DxTory V2.0.122
2015-12-09 11:27 - 2015-12-09 11:27 - 00000000 ____D C:\Users\Jiří\AppData\LocalLow\Strange Fire
2015-12-09 11:23 - 2015-12-09 11:24 - 00000000 ____D C:\Users\Jiří\Desktop\Shoppe Keep
2015-12-09 10:45 - 2015-12-09 10:45 - 00000000 ____D C:\Users\Jiří\.android
2015-12-09 10:44 - 2015-12-09 10:44 - 00000000 ____D C:\Users\Jiří\AppData\LocalLow\VirtualStore
2015-12-09 10:18 - 2015-12-09 10:18 - 00002282 _____ C:\Users\Default\Desktop\Google Chrome.lnk
2015-12-09 10:18 - 2015-12-09 10:18 - 00002282 _____ C:\Users\Default User\Desktop\Google Chrome.lnk
2015-12-09 10:17 - 2015-12-09 10:46 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Seznam.cz
2015-12-09 10:17 - 2015-12-09 10:17 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-12-09 10:16 - 2015-12-09 10:16 - 00000000 ____D C:\Users\Jiří\AppData\LocalLow\Unity
2015-12-09 10:16 - 2015-12-09 10:16 - 00000000 ____D C:\Users\Jiří\AppData\Local\Unity
2015-12-09 10:15 - 2015-12-09 10:15 - 00046592 _____ C:\Users\Jiří\AppData\Local\Singleholding.exe
2015-12-09 10:15 - 2015-12-09 10:15 - 00000187 _____ C:\Users\Jiří\AppData\Local\Singleholding.exe.config
2015-12-09 10:15 - 2015-12-09 10:15 - 00000000 ____D C:\Users\Public\QiYi
2015-12-09 10:13 - 2015-12-09 10:20 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Opera Software
2015-12-09 10:13 - 2015-12-09 10:20 - 00000000 ____D C:\Users\Jiří\AppData\Local\Opera Software
2015-12-09 10:12 - 2015-12-09 10:20 - 00000000 ____D C:\Program Files (x86)\Opera
2015-12-09 10:12 - 2015-12-09 10:12 - 00000000 ____D C:\Program Files (x86)\baidu
2015-12-09 10:12 - 2014-10-24 08:44 - 00000913 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-12-07 18:17 - 2015-12-07 20:04 - 00000000 ____D C:\Users\Jiří\Downloads\Lego Harry Potter
2015-12-07 16:43 - 2015-12-07 16:43 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Sublime Text 2
2015-12-06 10:54 - 2015-12-06 11:15 - 00000000 ____D C:\Users\Jiří\Downloads\Vetřelci dávnověku I (Ancient Aliens I) 2010 10.epizod
2015-12-05 20:40 - 2015-12-05 20:40 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\LucasArts
2015-12-05 18:47 - 2015-12-05 18:47 - 00001478 _____ C:\Users\Jiří\Desktop\LEGO Indiana Jones 2 - The Adventure Continues.lnk
2015-12-05 18:47 - 2015-12-05 18:47 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\LEGO Indiana Jones 2 - The Adventure Continues
2015-12-04 12:06 - 2015-12-04 12:06 - 00000000 ____D C:\Users\Jiří\Documents\KONAMI
2015-12-04 12:06 - 2015-12-04 12:06 - 00000000 ____D C:\ProgramData\KONAMI
2015-12-04 11:49 - 2015-12-04 12:04 - 00000000 ____D C:\Program Files (x86)\Pro Evolution Soccer 2015
2015-12-04 11:49 - 2015-12-04 11:49 - 00000926 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro Evolution Soccer 2015.lnk
2015-12-04 11:49 - 2015-12-04 11:49 - 00000914 _____ C:\Users\Public\Desktop\Pro Evolution Soccer 2015.lnk
2015-12-03 17:46 - 2015-12-03 20:33 - 00000709 _____ C:\Users\Jiří\Desktop\Suroviny.txt
2015-12-03 16:33 - 2015-12-03 16:33 - 00000000 ____D C:\ProgramData\X360CE
2015-12-03 14:43 - 2015-12-07 15:22 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\bizarre creations
2015-12-03 14:39 - 2015-12-03 14:39 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Hive Cluster
2015-12-03 14:31 - 2015-12-07 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-12-03 14:30 - 2015-12-03 14:30 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-12-03 14:08 - 2015-12-03 14:08 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rock of Ages
2015-12-01 15:21 - 2015-12-01 15:21 - 00000000 ____D C:\Users\Jiří\Desktop\Od Anet
2015-12-01 15:20 - 2015-12-01 15:21 - 00000000 ____D C:\Users\Jiří\Desktop\105_PANA
2015-11-28 19:02 - 2015-12-07 13:02 - 00003154 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForJiří
2015-11-28 19:02 - 2015-12-07 13:02 - 00000342 _____ C:\WINDOWS\Tasks\HPCeeScheduleForJiří.job
2015-11-26 15:52 - 2015-11-26 16:36 - 780427264 ____R C:\Users\Jiří\Downloads\Nedotknutelni.2011.BRRip.XviD.CZ.avi
2015-11-21 21:45 - 2015-11-21 21:47 - 00000000 ____D C:\Users\Jiří\Downloads\26000 e-knih v češtině - Největší česká seřazená eknihovna
2015-11-20 20:35 - 2015-11-25 21:09 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-18 17:27 - 2015-11-18 17:27 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Steam
2015-11-18 17:27 - 2015-11-18 17:27 - 00000000 ____D C:\ProgramData\Codemasters
2015-11-18 17:06 - 2015-11-18 17:06 - 00001141 _____ C:\Users\Jiří\Desktop\DiRT 3 Complete Edition.lnk
2015-11-18 17:06 - 2015-11-18 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiRT 3 Complete Edition
2015-11-18 16:50 - 2015-11-18 17:26 - 00000000 ____D C:\Program Files (x86)\DiRT 3 Complete Edition
2015-11-17 20:19 - 2015-11-18 16:29 - 00000000 ____D C:\Users\Jiří\Downloads\DiRT 3 Complete Edition MULTi5 2015-PLAZA
2015-11-16 21:00 - 2015-11-18 16:52 - 00000000 ____D C:\Users\Jiří\Downloads\Fast and the Furious Pentalogy
2015-11-16 11:24 - 2015-11-16 11:38 - 00000000 ____D C:\Users\Jiří\Downloads\Crash Bandicoot 1+2+3
2015-11-15 20:30 - 2015-11-15 20:30 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Leadertech
2015-11-15 20:26 - 2015-11-15 20:26 - 00002007 _____ C:\Users\Public\Desktop\NHL™ 09.lnk
2015-11-15 20:20 - 2015-11-15 20:20 - 00000000 ____D C:\Program Files (x86)\EA Sports
2015-11-15 16:36 - 2015-11-15 19:13 - 00000000 ____D C:\Users\Jiří\Downloads\NHL 09
2015-11-11 21:26 - 2015-11-13 13:15 - 00000000 ____D C:\Users\Jiří\Downloads\Bořiči mýtů -Všechny serie+Speciláy
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-11 15:49 - 2015-11-04 20:12 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2015-12-11 15:46 - 2015-11-04 20:10 - 00000000 ____D C:\Users\Jiří\AppData\Local\Battle.net
2015-12-11 15:44 - 2014-09-12 21:25 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-11 15:44 - 2014-09-12 21:25 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-11 14:34 - 2015-11-04 20:09 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-11 13:07 - 2014-10-18 21:23 - 00348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2015-12-11 13:07 - 2014-10-18 21:01 - 00348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-12-11 13:07 - 2014-10-18 21:00 - 00076152 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-12-11 13:02 - 2014-10-18 21:01 - 00280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2015-12-11 13:01 - 2014-09-14 19:05 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-11 13:01 - 2014-09-12 21:41 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\uTorrent
2015-12-11 07:05 - 2015-09-19 17:32 - 00000000 ____D C:\Users\Jiří\Desktop\Turmoil.v0.0.0.200
2015-12-10 22:00 - 2014-09-19 08:02 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-12-10 19:13 - 2014-09-27 18:16 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-12-10 19:12 - 2014-09-19 08:02 - 00000000 ____D C:\ProgramData\Origin
2015-12-10 18:49 - 2014-09-19 08:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-12-10 18:49 - 2014-09-19 08:02 - 00000000 ____D C:\Program Files (x86)\Origin
2015-12-10 14:01 - 2014-09-13 08:32 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-455240653-3503876362-3278339993-1002
2015-12-10 13:37 - 2015-10-10 15:10 - 00000132 _____ C:\Users\Jiří\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-12-10 06:51 - 2015-10-03 11:13 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\NVIDIA
2015-12-10 06:19 - 2014-09-26 08:05 - 00000829 _____ C:\Users\Jiří\rgut
2015-12-10 06:18 - 2014-09-12 19:12 - 00000000 ____D C:\Users\Jiří\Documents\Youcam
2015-12-10 06:17 - 2014-11-04 21:08 - 00000000 ___RD C:\Users\Jiří\OneDrive
2015-12-10 06:16 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-10 06:15 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-10 05:56 - 2015-10-20 10:50 - 00000039 _____ C:\Users\Jiří\AppData\Roaming\msxamboq.dat
2015-12-10 05:52 - 2015-10-04 11:30 - 05157736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-10 05:45 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2015-12-09 19:45 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-12-09 17:22 - 2014-09-24 17:23 - 01938474 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-09 17:22 - 2014-09-24 16:39 - 00803244 _____ C:\WINDOWS\system32\perfh005.dat
2015-12-09 17:22 - 2014-09-24 16:39 - 00184236 _____ C:\WINDOWS\system32\perfc005.dat
2015-12-09 14:18 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-09 10:45 - 2014-11-04 20:29 - 00000000 ____D C:\Users\Jiří
2015-12-09 10:19 - 2014-11-10 22:38 - 00000000 ____D C:\ProgramData\Autodesk
2015-12-07 15:23 - 2015-10-05 17:39 - 00000000 ____D C:\GamesCampus
2015-12-07 15:22 - 2014-11-17 13:06 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2015-12-06 21:03 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-04 15:39 - 2014-09-12 21:25 - 00003946 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 15:39 - 2014-09-12 21:25 - 00003710 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-28 19:02 - 2015-09-12 15:25 - 00000000 ____D C:\Users\Jiří\AppData\Local\Hewlett-Packard
2015-11-25 21:06 - 2015-09-12 19:11 - 00000000 ____D C:\Users\Jiří\AppData\Local\Adobe
2015-11-20 20:35 - 2015-07-02 10:20 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-11-20 20:35 - 2014-09-17 12:11 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-20 20:35 - 2014-09-17 12:06 - 00000000 ____D C:\ProgramData\Adobe
2015-11-19 18:23 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-11-18 17:27 - 2014-09-17 10:36 - 00000000 ____D C:\Users\Jiří\Documents\My Games
2015-11-11 16:59 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
==================== Files in the root of some directories =======
2015-10-10 15:10 - 2015-12-10 13:37 - 0000132 _____ () C:\Users\Jiří\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-10-20 10:50 - 2015-10-20 10:50 - 0010110 _____ () C:\Users\Jiří\AppData\Roaming\msnonosv.dat
2015-10-20 10:50 - 2015-12-10 05:56 - 0000039 _____ () C:\Users\Jiří\AppData\Roaming\msxamboq.dat
2015-12-09 10:15 - 2015-12-09 10:15 - 0046592 _____ () C:\Users\Jiří\AppData\Local\Singleholding.exe
2015-12-09 10:15 - 2015-12-09 10:15 - 0000187 _____ () C:\Users\Jiří\AppData\Local\Singleholding.exe.config
2014-09-19 12:02 - 2014-09-22 21:57 - 0069581 _____ () C:\ProgramData\KeyLog.txt
Some files in TEMP:
====================
C:\Users\Jiří\AppData\Local\Temp\avg3A8F.exe
C:\Users\Jiří\AppData\Local\Temp\bdfilters.dll
C:\Users\Jiří\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Jiří\AppData\Local\Temp\drm_dyndata_7370012.dll
C:\Users\Jiří\AppData\Local\Temp\
IQIYIsetup_spl004@kb037.exe
C:\Users\Jiří\AppData\Local\Temp\nsuC93D.exe
C:\Users\Jiří\AppData\Local\Temp\Opera_NI_stable.exe
C:\Users\Jiří\AppData\Local\Temp\qqpcmgr_v10.8.16208.227_71917_Silence.exe
C:\Users\Jiří\AppData\Local\Temp\setup3.exe
C:\Users\Jiří\AppData\Local\Temp\sqlite3.dll
C:\Users\Jiří\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForJiří.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Ji��\Desktop" je 1606 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
