prosím o kontrolu logu
Napsal: 21 čer 2016 17:38
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2016
Ran by Slávek (administrator) on SLAVEK-NB (21-06-2016 18:32:14)
Running from C:\Users\Slávek\Desktop
Loaded Profiles: Slávek (Available Profiles: Slávek)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(SODATSW spol. s .r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Service.exe
(SODATSW spol. s r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Button.exe
(SODATSW spol. s r. o.) C:\Program Files (x86)\StartW8\bin\StartW8Menu.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_192.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_192.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartW8Button] => C:\Program Files (x86)\StartW8\bin\StartW8Button.exe [59784 2014-06-05] (SODATSW spol. s r.o.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-05-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-05-19] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Qualcomm®Atheros®)
HKU\S-1-5-21-4242946692-605027899-2297166520-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-4242946692-605027899-2297166520-1001\...\MountPoints2: {3c4cc656-1204-11e6-829a-201a0652b269} - "G:\autorun.exe"
HKU\S-1-5-21-4242946692-605027899-2297166520-1001\...\MountPoints2: {8d60b678-4e3c-11e4-826e-201a06443156} - "F:\Setup.exe"
HKU\S-1-5-21-4242946692-605027899-2297166520-1001\...\MountPoints2: {e326139c-e454-11e4-827d-201a06443156} - "G:\autorun.exe"
HKU\S-1-5-21-4242946692-605027899-2297166520-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\UEFA20~1.SCR [674280 2015-09-05] (ScreenTime Media)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-08-09]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\Parameters: [NameServer] 82.163.142.7 95.211.158.134
Tcpip\..\Interfaces\{2B237A2D-F696-4F3B-B7EE-8BA63C93B393}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A5CB9438-24F2-4CFD-A9EB-371DF8F114BE}: [DhcpNameServer] 82.163.142.7
Tcpip\..\Interfaces\{F8766E43-DC37-4F2E-9878-AF9D69A3E833}: [DhcpNameServer] 82.163.142.7
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-4242946692-605027899-2297166520-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-4242946692-605027899-2297166520-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-4242946692-605027899-2297166520-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKU\S-1-5-21-4242946692-605027899-2297166520-1001 -> DefaultScope {3902C2DF-EE2B-482E-A0F7-9CB95039D089} URL =
SearchScopes: HKU\S-1-5-21-4242946692-605027899-2297166520-1001 -> {3902C2DF-EE2B-482E-A0F7-9CB95039D089} URL =
SearchScopes: HKU\S-1-5-21-4242946692-605027899-2297166520-1001 -> {6E0E1BDD-C4B2-4282-B586-E7DFAD3171D3} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11433
BHO-x32: No Name -> {c7c5384f-d9e9-4db1-8c72-135ecccbc571} -> No File
FireFox:
========
FF ProfilePath: C:\Users\Slávek\AppData\Roaming\Mozilla\Firefox\Profiles\wjp8wklo.default-3950631209733
FF Homepage: hxxp://www.idnes.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-16] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4242946692-605027899-2297166520-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Slávek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-22] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Slávek\AppData\Roaming\Mozilla\Firefox\Profiles\wjp8wklo.default-3950631209733\user.js [2016-03-15]
FF Extension: S3.Google Translator - C:\Users\Slávek\AppData\Roaming\Mozilla\Firefox\Profiles\wjp8wklo.default-3950631209733\extensions\s3google@translator.xpi [2016-05-16]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [dkmjljdbbgogihjcapfhgkonfmccbffp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-05-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-05-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-05-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-05-11] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [285176 2016-05-19] (Avira Operations GmbH & Co. KG)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-08] (Broadcom Corporation.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-06] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.)
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [192304 2016-02-16] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
R2 StartW8Service; C:\Program Files (x86)\StartW8\bin\StartW8Service.exe [620424 2014-06-05] (SODATSW spol. s .r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-05-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-11] (Avira Operations GmbH & Co. KG)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-08-08] (Broadcom Corporation.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-10-13] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-02-16] (Huawei Technologies Co., Ltd.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-02-04] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [264000 2015-02-04] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 AIDA64Driver; \??\D:\_Programy, nastaveni, data\_PC testy, čističe\Finalwire Aida64 Extreme v4.00.2700 portable cracked\kerneld.x64 [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2095-03-10 23:33 - 2095-03-10 23:33 - 00000000 ____D C:\Users\Slávek\Desktop\Původní data aplikace Firefox
2095-03-10 23:26 - 2095-03-10 23:26 - 00001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2095-03-10 23:26 - 2095-03-10 23:26 - 00001123 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2095-03-10 23:24 - 2016-06-21 18:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2095-03-06 17:32 - 2016-06-21 18:25 - 1207959552 ___SH C:\pagefile.sys
2016-06-21 18:32 - 2016-06-21 18:32 - 00016935 _____ C:\Users\Slávek\Desktop\FRST.txt
2016-06-21 18:31 - 2016-06-21 18:32 - 00000000 ____D C:\FRST
2016-06-21 18:29 - 2016-06-21 18:29 - 02387456 _____ (Farbar) C:\Users\Slávek\Desktop\FRST64.exe
2016-06-15 20:28 - 2016-06-15 22:28 - 1052380472 _____ C:\Users\Slávek\Downloads\Pod-toskánským-sluncem.avi
2016-06-14 19:13 - 2016-06-14 20:18 - 564553442 _____ C:\Users\Slávek\Downloads\Já-Olga-Hepnarova-(2016)-Cz-film---NOVINKA!!!.avi
2016-06-12 17:39 - 2016-06-12 18:27 - 838894870 _____ C:\Users\Slávek\Downloads\Svět-ve-válce-(3).avi
2016-06-10 17:30 - 2016-06-10 17:30 - 00001114 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-06-05 11:35 - 2016-06-06 22:15 - 3724782944 _____ C:\Users\Slávek\Downloads\Cesta-z-města-_-Out-of-the-City-2000,-CZ.avi
2016-06-04 13:42 - 2016-06-04 15:52 - 2332557312 _____ C:\Users\Slávek\Downloads\Venkovský-učitel-(2007)-Monty-698.avi
2016-06-02 18:41 - 2016-06-02 19:29 - 832630308 _____ C:\Users\Slávek\Downloads\Svět-ve-válce-(1).avi
2016-05-30 17:21 - 2016-05-30 18:18 - 1021363946 _____ C:\Users\Slávek\Downloads\7-zivotu---CZ.avi
2016-05-22 20:08 - 2016-05-23 07:35 - 997906070 _____ C:\Users\Slávek\Downloads\Slasti-Otce-vlasti-(1969).avi
2016-05-22 12:29 - 2016-05-22 20:01 - 840181930 _____ C:\Users\Slávek\Downloads\Svět-ve-válce-(16).avi
2016-05-22 09:28 - 2016-05-22 10:15 - 838313032 _____ C:\Users\Slávek\Downloads\Svět-ve-válce-(19).avi
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2095-03-06 19:32 - 2013-08-22 15:36 - 00000000 ___RD C:\Program Files
2095-03-06 17:32 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\apppatch
2095-03-06 17:30 - 2013-08-22 16:44 - 00482256 _____ C:\Windows\system32\FNTCACHE.DAT
2095-03-06 17:25 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\CodeIntegrity
2095-03-06 17:25 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Internet Explorer
2095-03-06 17:25 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2021-10-21 15:36 - 2014-08-06 19:42 - 00000852 _____ C:\Windows\system32\Drivers\RTKHDRC.dat
2021-10-04 09:34 - 2014-08-06 19:42 - 00000712 _____ C:\Windows\system32\Drivers\RTMICEQ0.dat
2016-06-21 18:31 - 2014-08-09 06:12 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4242946692-605027899-2297166520-1001
2016-06-21 18:30 - 2014-08-06 18:53 - 00739924 _____ C:\Windows\system32\perfh005.dat
2016-06-21 18:30 - 2014-08-06 18:53 - 00151610 _____ C:\Windows\system32\perfc005.dat
2016-06-21 18:30 - 2014-01-17 21:40 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-21 18:30 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-06-21 18:28 - 2015-01-19 23:07 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-06-21 18:27 - 2014-08-09 13:15 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-21 18:26 - 2016-05-11 07:59 - 00000976 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-21 18:26 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-21 18:25 - 2016-05-04 19:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-21 18:24 - 2016-01-08 17:11 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-21 18:24 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-06-21 18:10 - 2014-08-26 17:51 - 00000000 ____D C:\Users\Slávek\AppData\Local\CrashDumps
2016-06-21 18:09 - 2014-08-10 09:42 - 00000000 ____D C:\Users\Slávek\AppData\Local\Deployment
2016-06-21 18:05 - 2016-05-11 07:59 - 00000980 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-16 20:24 - 2016-01-08 17:11 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-16 06:50 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-06-10 20:17 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-06-10 17:30 - 2016-05-11 08:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
==================== Files in the root of some directories =======
2014-08-06 19:42 - 2014-08-06 19:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Slávek\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-13 17:30
==================== End of FRST.txt ============================
Ran by Slávek (administrator) on SLAVEK-NB (21-06-2016 18:32:14)
Running from C:\Users\Slávek\Desktop
Loaded Profiles: Slávek (Available Profiles: Slávek)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(SODATSW spol. s .r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Service.exe
(SODATSW spol. s r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Button.exe
(SODATSW spol. s r. o.) C:\Program Files (x86)\StartW8\bin\StartW8Menu.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_192.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_192.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartW8Button] => C:\Program Files (x86)\StartW8\bin\StartW8Button.exe [59784 2014-06-05] (SODATSW spol. s r.o.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-05-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-05-19] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Qualcomm®Atheros®)
HKU\S-1-5-21-4242946692-605027899-2297166520-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-4242946692-605027899-2297166520-1001\...\MountPoints2: {3c4cc656-1204-11e6-829a-201a0652b269} - "G:\autorun.exe"
HKU\S-1-5-21-4242946692-605027899-2297166520-1001\...\MountPoints2: {8d60b678-4e3c-11e4-826e-201a06443156} - "F:\Setup.exe"
HKU\S-1-5-21-4242946692-605027899-2297166520-1001\...\MountPoints2: {e326139c-e454-11e4-827d-201a06443156} - "G:\autorun.exe"
HKU\S-1-5-21-4242946692-605027899-2297166520-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\UEFA20~1.SCR [674280 2015-09-05] (ScreenTime Media)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-08-09]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\Parameters: [NameServer] 82.163.142.7 95.211.158.134
Tcpip\..\Interfaces\{2B237A2D-F696-4F3B-B7EE-8BA63C93B393}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A5CB9438-24F2-4CFD-A9EB-371DF8F114BE}: [DhcpNameServer] 82.163.142.7
Tcpip\..\Interfaces\{F8766E43-DC37-4F2E-9878-AF9D69A3E833}: [DhcpNameServer] 82.163.142.7
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-4242946692-605027899-2297166520-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-4242946692-605027899-2297166520-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-4242946692-605027899-2297166520-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKU\S-1-5-21-4242946692-605027899-2297166520-1001 -> DefaultScope {3902C2DF-EE2B-482E-A0F7-9CB95039D089} URL =
SearchScopes: HKU\S-1-5-21-4242946692-605027899-2297166520-1001 -> {3902C2DF-EE2B-482E-A0F7-9CB95039D089} URL =
SearchScopes: HKU\S-1-5-21-4242946692-605027899-2297166520-1001 -> {6E0E1BDD-C4B2-4282-B586-E7DFAD3171D3} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11433
BHO-x32: No Name -> {c7c5384f-d9e9-4db1-8c72-135ecccbc571} -> No File
FireFox:
========
FF ProfilePath: C:\Users\Slávek\AppData\Roaming\Mozilla\Firefox\Profiles\wjp8wklo.default-3950631209733
FF Homepage: hxxp://www.idnes.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-16] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4242946692-605027899-2297166520-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Slávek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-22] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Slávek\AppData\Roaming\Mozilla\Firefox\Profiles\wjp8wklo.default-3950631209733\user.js [2016-03-15]
FF Extension: S3.Google Translator - C:\Users\Slávek\AppData\Roaming\Mozilla\Firefox\Profiles\wjp8wklo.default-3950631209733\extensions\s3google@translator.xpi [2016-05-16]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [dkmjljdbbgogihjcapfhgkonfmccbffp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-05-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-05-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-05-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-05-11] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [285176 2016-05-19] (Avira Operations GmbH & Co. KG)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-08] (Broadcom Corporation.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-06] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.)
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [192304 2016-02-16] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
R2 StartW8Service; C:\Program Files (x86)\StartW8\bin\StartW8Service.exe [620424 2014-06-05] (SODATSW spol. s .r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-05-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-11] (Avira Operations GmbH & Co. KG)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-08-08] (Broadcom Corporation.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-10-13] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-02-16] (Huawei Technologies Co., Ltd.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-02-04] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [264000 2015-02-04] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 AIDA64Driver; \??\D:\_Programy, nastaveni, data\_PC testy, čističe\Finalwire Aida64 Extreme v4.00.2700 portable cracked\kerneld.x64 [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2095-03-10 23:33 - 2095-03-10 23:33 - 00000000 ____D C:\Users\Slávek\Desktop\Původní data aplikace Firefox
2095-03-10 23:26 - 2095-03-10 23:26 - 00001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2095-03-10 23:26 - 2095-03-10 23:26 - 00001123 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2095-03-10 23:24 - 2016-06-21 18:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2095-03-06 17:32 - 2016-06-21 18:25 - 1207959552 ___SH C:\pagefile.sys
2016-06-21 18:32 - 2016-06-21 18:32 - 00016935 _____ C:\Users\Slávek\Desktop\FRST.txt
2016-06-21 18:31 - 2016-06-21 18:32 - 00000000 ____D C:\FRST
2016-06-21 18:29 - 2016-06-21 18:29 - 02387456 _____ (Farbar) C:\Users\Slávek\Desktop\FRST64.exe
2016-06-15 20:28 - 2016-06-15 22:28 - 1052380472 _____ C:\Users\Slávek\Downloads\Pod-toskánským-sluncem.avi
2016-06-14 19:13 - 2016-06-14 20:18 - 564553442 _____ C:\Users\Slávek\Downloads\Já-Olga-Hepnarova-(2016)-Cz-film---NOVINKA!!!.avi
2016-06-12 17:39 - 2016-06-12 18:27 - 838894870 _____ C:\Users\Slávek\Downloads\Svět-ve-válce-(3).avi
2016-06-10 17:30 - 2016-06-10 17:30 - 00001114 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-06-05 11:35 - 2016-06-06 22:15 - 3724782944 _____ C:\Users\Slávek\Downloads\Cesta-z-města-_-Out-of-the-City-2000,-CZ.avi
2016-06-04 13:42 - 2016-06-04 15:52 - 2332557312 _____ C:\Users\Slávek\Downloads\Venkovský-učitel-(2007)-Monty-698.avi
2016-06-02 18:41 - 2016-06-02 19:29 - 832630308 _____ C:\Users\Slávek\Downloads\Svět-ve-válce-(1).avi
2016-05-30 17:21 - 2016-05-30 18:18 - 1021363946 _____ C:\Users\Slávek\Downloads\7-zivotu---CZ.avi
2016-05-22 20:08 - 2016-05-23 07:35 - 997906070 _____ C:\Users\Slávek\Downloads\Slasti-Otce-vlasti-(1969).avi
2016-05-22 12:29 - 2016-05-22 20:01 - 840181930 _____ C:\Users\Slávek\Downloads\Svět-ve-válce-(16).avi
2016-05-22 09:28 - 2016-05-22 10:15 - 838313032 _____ C:\Users\Slávek\Downloads\Svět-ve-válce-(19).avi
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2095-03-06 19:32 - 2013-08-22 15:36 - 00000000 ___RD C:\Program Files
2095-03-06 17:32 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\apppatch
2095-03-06 17:30 - 2013-08-22 16:44 - 00482256 _____ C:\Windows\system32\FNTCACHE.DAT
2095-03-06 17:25 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\CodeIntegrity
2095-03-06 17:25 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Internet Explorer
2095-03-06 17:25 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2021-10-21 15:36 - 2014-08-06 19:42 - 00000852 _____ C:\Windows\system32\Drivers\RTKHDRC.dat
2021-10-04 09:34 - 2014-08-06 19:42 - 00000712 _____ C:\Windows\system32\Drivers\RTMICEQ0.dat
2016-06-21 18:31 - 2014-08-09 06:12 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4242946692-605027899-2297166520-1001
2016-06-21 18:30 - 2014-08-06 18:53 - 00739924 _____ C:\Windows\system32\perfh005.dat
2016-06-21 18:30 - 2014-08-06 18:53 - 00151610 _____ C:\Windows\system32\perfc005.dat
2016-06-21 18:30 - 2014-01-17 21:40 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-21 18:30 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-06-21 18:28 - 2015-01-19 23:07 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-06-21 18:27 - 2014-08-09 13:15 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-21 18:26 - 2016-05-11 07:59 - 00000976 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-21 18:26 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-21 18:25 - 2016-05-04 19:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-21 18:24 - 2016-01-08 17:11 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-21 18:24 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-06-21 18:10 - 2014-08-26 17:51 - 00000000 ____D C:\Users\Slávek\AppData\Local\CrashDumps
2016-06-21 18:09 - 2014-08-10 09:42 - 00000000 ____D C:\Users\Slávek\AppData\Local\Deployment
2016-06-21 18:05 - 2016-05-11 07:59 - 00000980 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-16 20:24 - 2016-01-08 17:11 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-16 06:50 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-06-10 20:17 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-06-10 17:30 - 2016-05-11 08:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
==================== Files in the root of some directories =======
2014-08-06 19:42 - 2014-08-06 19:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Slávek\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-13 17:30
==================== End of FRST.txt ============================