VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o preventivku, díky

https://forum.viry.cz:443/viewtopic.php?t=149849

Stránka 1 z 1

Prosím o preventivku, díky

Napsal: 28 srp 2016 19:13
od Philipeer
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-08-2016
Ran by User007 (administrator) on USER007-PC (28-08-2016 20:03:51)
Running from C:\Users\User007\Downloads
Loaded Profiles: User007 (Available Profiles: User007 & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(LogMeIn Inc.) D:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(LogMeIn, Inc.) D:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
() C:\Program Files\Core Temp\Core Temp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Users\User007\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Users\User007\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken0502_Driver\Drivers\SysAudio\Kraken0502Helper.exe
(LogMeIn Inc.) D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
(LogMeIn, Inc.) D:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.23981.0_x64__8wekyb3d8bbwe\Music.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-11-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1710752 2015-11-05] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-27] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-06-27] (AVAST Software)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-08-10] (Razer Inc.)
HKLM-x32\...\Run: [Kraken0502Launcher] => C:\Program Files (x86)\Razer\Razer_Kraken0502_Driver\Drivers\SysAudio\Kraken0502Helper.exe [1599808 2015-08-14] (Razer Inc)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-07-20] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKU\S-1-5-21-1606076732-1506853963-2258369253-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-1606076732-1506853963-2258369253-1000\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1606076732-1506853963-2258369253-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\User007\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1606076732-1506853963-2258369253-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\User007\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1606076732-1506853963-2258369253-1000\...\RunOnce: [Uninstall C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-1606076732-1506853963-2258369253-1000\...\RunOnce: [Uninstall C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-1606076732-1506853963-2258369253-1000\...\RunOnce: [Uninstall C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-1606076732-1506853963-2258369253-1000\...\RunOnce: [Uninstall C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-1606076732-1506853963-2258369253-1000\...\RunOnce: [Uninstall C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-05] (AVAST Software)
Startup: C:\Users\User007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2016-04-19]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\User007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk [2016-06-02]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{03db979c-8ad0-4a8f-85f1-c020cde6cecf}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{321ab935-2864-4ba3-a0ff-43823dd3d79f}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{7b542768-3c2c-48c7-96a6-e2f20ff9b35f}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1606076732-1506853963-2258369253-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=27368
SearchScopes: HKU\S-1-5-21-1606076732-1506853963-2258369253-1000 -> {07AD658B-0688-486F-859D-B0D61BC99FA1} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-1606076732-1506853963-2258369253-1000 -> {24503BF6-3CE6-49DC-8538-A9F81F5B4090} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_27368
SearchScopes: HKU\S-1-5-21-1606076732-1506853963-2258369253-1000 -> {31BBE4FF-2541-4569-A067-55A790F0F90A} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-1606076732-1506853963-2258369253-1000 -> {3B52FD4E-67AF-4EA9-9743-55114CAEF1D9} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_27368
SearchScopes: HKU\S-1-5-21-1606076732-1506853963-2258369253-1000 -> {584A2B94-05CC-4111-B68D-C4333ED63B51} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-1606076732-1506853963-2258369253-1000 -> {6A39AB33-D170-4D59-8D19-48A8827A5726} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-1606076732-1506853963-2258369253-1000 -> {A699BDAA-EFB9-4670-A1CE-FDEFD78DED80} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_27368
SearchScopes: HKU\S-1-5-21-1606076732-1506853963-2258369253-1000 -> {A7B98A86-801F-4C10-9A8D-1FDD0AB9C61D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_27368
SearchScopes: HKU\S-1-5-21-1606076732-1506853963-2258369253-1000 -> {B42AE766-C74D-4B19-9BD7-9551BF6E0AB1} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_27368
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-08-28] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-26] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-28] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1606076732-1506853963-2258369253-1000 -> hxxps://www.seznam.cz/

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-28] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] ()
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-05]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-05]

Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-12]
CHR Extension: (Dokumenty Google) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-12]
CHR Extension: (Disk Google) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-12]
CHR Extension: (Seznam Lištička - Email) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-06-12]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-06-12]
CHR Extension: (YouTube) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-12]
CHR Extension: (Vyhledávání Google) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-12]
CHR Extension: (Tabulky Google) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Avast Online Security) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-08-13]
CHR Extension: (Gmail) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-12]
CHR Extension: (Chrome Media Router) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-06-05]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-06-05] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [5570272 2016-06-05] (Avast Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2981056 2016-08-11] (Microsoft Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [236832 2015-12-08] (EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-11-05] (Futuremark)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-11-05] (NVIDIA Corporation)
R2 Hamachi2Svc; D:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2554376 2016-07-20] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-11-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-11-05] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-19] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1310448 2016-08-14] (Overwolf LTD)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-05] ()
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALSysIO; C:\Users\User007\AppData\Local\Temp\ALSysIO64.sys [26608 2016-08-28] (Arthur Liberman)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-05] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-06-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-05] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-06-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-06-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [161760 2016-06-05] (AVAST Software)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-11-05] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [323392 2016-06-05] (Avast Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-28 20:03 - 2016-08-28 20:04 - 00024473 _____ C:\Users\User007\Downloads\FRST.txt
2016-08-28 20:03 - 2016-08-28 20:03 - 00000000 ____D C:\FRST
2016-08-28 20:02 - 2016-08-28 20:03 - 02396672 _____ (Farbar) C:\Users\User007\Downloads\FRST64.exe
2016-08-26 18:01 - 2016-08-26 18:01 - 00037756 _____ C:\Users\User007\Desktop\dds.txt
2016-08-26 18:01 - 2016-08-26 18:01 - 00004735 _____ C:\Users\User007\Desktop\attach.txt
2016-08-26 17:56 - 2016-08-26 17:56 - 00688992 ____R (Swearware) C:\Users\User007\Downloads\dds.exe
2016-08-26 17:51 - 2016-08-26 17:53 - 00000000 ____D C:\Program Files\trend micro
2016-08-26 17:51 - 2016-08-26 17:51 - 00000000 ____D C:\rsit
2016-08-23 19:04 - 2016-08-23 19:04 - 00003340 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-08-23 19:04 - 2016-08-23 19:04 - 00000000 ____D C:\Users\User007\AppData\Roaming\Skype
2016-08-20 13:53 - 2016-08-20 13:53 - 00000000 ____D C:\ProgramData\avastSWCUTemp
2016-08-20 13:53 - 2016-08-20 13:53 - 00000000 _____ C:\WINDOWS\SysWOW64\last.dump
2016-08-19 18:43 - 2016-08-19 18:43 - 07878008 _____ (Microsoft Corporation) C:\Users\User007\Downloads\Xbox360_64Eng.exe
2016-08-19 18:43 - 2016-08-19 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2016-08-19 18:43 - 2016-08-19 18:43 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2016-08-19 12:47 - 2016-08-19 12:47 - 00257001 _____ C:\Users\User007\Documents\renault laguna policie fafa.pdf
2016-08-19 12:25 - 2016-08-19 12:25 - 01405265 _____ C:\Users\User007\Downloads\oznameni_o_zahajeni_spravniho_rizeni_a_usneseni_o_urceni_lhuty_ve_veci_povoleni_rozsireni_geograficky_nepuvodniho_krizence_druhu_rostli.pdf
2016-08-19 12:24 - 2016-08-19 12:24 - 01170965 _____ C:\Users\User007\Downloads\oznameni_o_zahajeni_spravniho_rizeni_a_usneseni_o_urceni_lhuty_ve_veci_povoleni_kaceni_drevin_rosoucich_mimo_les_zadatele_mesto_breclav.pdf
2016-08-19 11:29 - 2016-08-19 11:29 - 00778870 _____ C:\Users\User007\Downloads\SP_LP_Breclav.pdf
2016-08-18 14:50 - 2016-08-18 14:50 - 00000877 _____ C:\Users\Public\Desktop\FIFA 16.lnk
2016-08-10 11:07 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 11:07 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 11:07 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 11:07 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 11:07 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 11:07 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 11:07 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 11:07 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 11:07 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 11:07 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 11:07 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 11:07 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 11:07 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 11:07 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 11:07 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 11:07 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 11:07 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 11:07 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 11:07 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 11:07 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 11:07 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 11:07 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 11:07 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 11:07 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 11:07 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 11:07 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 11:07 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 11:07 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 11:07 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 11:07 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 11:07 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 11:07 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 11:07 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 11:07 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 11:07 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 11:07 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-10 11:07 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 11:07 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 11:07 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 11:07 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 11:07 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 11:07 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 11:07 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-10 11:07 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 11:07 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 11:07 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 11:07 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 11:07 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 11:07 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 11:07 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 11:07 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 11:07 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 11:07 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 11:07 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 11:07 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 11:07 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 11:07 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 11:07 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 11:07 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 11:07 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 11:07 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 11:07 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 11:07 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 11:07 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 11:07 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 11:07 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 11:07 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 11:07 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 11:07 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 11:07 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 11:07 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 11:07 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 11:07 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 11:07 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 11:07 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 11:07 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 11:07 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 11:07 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 11:07 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 11:07 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 11:07 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 11:07 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 11:07 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 11:07 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 11:07 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-10 11:07 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 11:07 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-10 11:07 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-10 11:07 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-10 11:07 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-10 11:07 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 11:07 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 11:07 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-10 11:07 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 11:07 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-10 11:07 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-10 11:07 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-10 11:07 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-10 11:07 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 11:07 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-10 11:07 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-10 11:07 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-10 11:07 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-10 11:07 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 11:07 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-10 11:07 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-10 11:07 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-10 11:07 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-10 11:07 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-10 11:07 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 11:07 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 11:07 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-10 11:07 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 11:07 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-10 11:07 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 11:07 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 11:07 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-10 11:07 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-10 11:07 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-10 11:07 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 11:07 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 11:07 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 11:07 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-10 11:07 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 11:07 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-10 11:07 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 11:07 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 11:07 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-10 11:07 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-08 21:20 - 2016-08-08 21:20 - 308622292 _____ C:\Users\User007\Documents\Sven Väth @ Kappa FuturFestival 2016.mp4
2016-08-05 19:11 - 2016-08-05 19:11 - 00113195 _____ C:\Users\User007\Downloads\1.FAZE-jidelnicek-dukan.pdf
2016-08-05 19:11 - 2016-08-05 19:11 - 00113195 _____ C:\Users\User007\Downloads\1.FAZE-jidelnicek-dukan (1).pdf
2016-08-04 11:53 - 2016-08-04 11:53 - 07004004 _____ C:\Users\User007\Downloads\secret-hitler-pnp-verze-hry-cz.pdf
2016-08-02 12:29 - 2016-08-02 12:29 - 00378713 _____ C:\Users\User007\Documents\plná moc.pdf
2016-08-02 12:06 - 2016-08-02 12:06 - 00370069 _____ C:\Users\User007\Documents\žádost_o_odbavení.pdf
2016-08-01 16:17 - 2016-08-01 16:17 - 00000757 _____ C:\Users\User007\Desktop\Little Fighter 2.lnk
2016-08-01 16:17 - 2016-08-01 16:17 - 00000000 ____D C:\Users\User007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Little Fighter 2 version 2.0a
2016-08-01 16:16 - 2016-08-01 16:17 - 29586263 _____ () C:\Users\User007\Downloads\LF2_v2.0a (2).exe
2016-08-01 16:12 - 2016-08-01 16:14 - 31763456 _____ C:\Users\User007\Downloads\LF2_v20a_Install.exe
2016-08-01 16:12 - 2016-08-01 16:12 - 31763456 _____ C:\Users\User007\Downloads\LF2_v20a_Install [1].exe
2016-08-01 16:08 - 2016-08-01 16:08 - 02723264 _____ (Microsoft Corporation) C:\Users\User007\Downloads\vcredist_x86.exe
2016-08-01 16:07 - 2016-08-01 16:08 - 05055571 _____ () C:\Users\User007\Downloads\LF2_v2.0a (1).exe
2016-08-01 16:03 - 2016-08-01 16:04 - 12623262 _____ C:\Users\User007\Downloads\Little Fighter 2.rar
2016-08-01 15:57 - 2016-08-01 15:57 - 16403276 _____ () C:\Users\User007\Downloads\lf2_5_v1_25.exe
2016-08-01 15:53 - 2016-08-01 15:53 - 13316052 _____ (Little Fighter 2) C:\Users\User007\Downloads\lf2_v19c_Setup (1).exe
2016-08-01 15:35 - 2016-08-01 15:35 - 13316052 _____ (Little Fighter 2) C:\Users\User007\Downloads\lf2_v19c_Setup.exe
2016-08-01 15:35 - 2016-08-01 15:35 - 00000000 ____D C:\Users\User007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Little Fighter 2
2016-08-01 15:33 - 2016-08-01 15:33 - 01843747 _____ () C:\Users\User007\Downloads\LF2_v2.0a.exe
2016-07-31 21:44 - 2016-07-31 21:59 - 840374113 _____ C:\Users\User007\Downloads\lipnice_2016_videa.zip
2016-07-31 21:36 - 2016-07-31 21:42 - 344704209 _____ C:\Users\User007\Downloads\Nepotvrzeno 561974.crdownload
2016-07-31 20:43 - 2016-07-31 20:50 - 421873693 _____ C:\Users\User007\Downloads\lipnice_2016_fotky.zip
2016-07-31 20:43 - 2016-07-31 20:43 - 11762464 _____ C:\Users\User007\Downloads\lipnice_2016_pisnicka.rar
2016-07-31 08:17 - 2016-07-31 08:17 - 00000000 ____D C:\Users\User007\AppData\Roaming\MPC-HC

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-28 19:56 - 2015-12-12 17:27 - 00000982 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-28 19:04 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-28 15:56 - 2015-12-12 17:27 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-28 14:56 - 2015-10-06 20:33 - 00004206 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9F4A26CB-3AE6-4989-9CC7-8330B83B958F}
2016-08-28 10:03 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-28 10:02 - 2015-12-12 14:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-08-28 08:45 - 2016-06-12 13:30 - 00000000 ____D C:\Users\User007\AppData\Roaming\Seznam.cz
2016-08-28 08:45 - 2015-12-16 04:40 - 02043132 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-28 08:45 - 2015-10-30 20:31 - 00844580 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-28 08:45 - 2015-10-30 20:31 - 00193092 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-28 08:45 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-28 08:41 - 2016-02-06 18:43 - 00000000 ____D C:\Users\User007\AppData\Local\LogMeIn Hamachi
2016-08-28 08:39 - 2015-12-16 04:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-28 08:39 - 2015-12-16 04:40 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-28 08:39 - 2015-10-06 20:57 - 00003136 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2016-08-28 08:39 - 2015-10-06 20:32 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-08-27 23:23 - 2015-10-30 08:28 - 01310720 ___SH C:\WINDOWS\system32\config\BBI
2016-08-27 17:02 - 2016-06-12 10:33 - 00000000 ____D C:\Users\User007\Downloads\techno
2016-08-27 11:50 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-26 22:29 - 2015-12-08 17:46 - 00000000 ____D C:\Users\User007\AppData\Roaming\TS3Client
2016-08-26 19:31 - 2016-01-06 19:34 - 00000000 ____D C:\ProgramData\Origin
2016-08-26 14:59 - 2015-12-19 20:54 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-08-26 14:59 - 2015-12-19 20:54 - 00000000 ____D C:\Users\User007\.oracle_jre_usage
2016-08-26 14:59 - 2015-12-19 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-26 14:59 - 2015-12-19 20:54 - 00000000 ____D C:\Program Files (x86)\Java
2016-08-24 11:55 - 2015-12-12 17:26 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-08-23 19:04 - 2015-11-18 23:09 - 00002397 _____ C:\Users\User007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-23 19:04 - 2015-11-18 23:09 - 00000000 ___RD C:\Users\User007\OneDrive
2016-08-18 23:47 - 2015-12-08 17:46 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-08-18 17:47 - 2016-06-26 17:47 - 00000002 _____ C:\END
2016-08-11 09:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-11 03:01 - 2015-09-10 07:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-11 03:00 - 2015-10-30 20:35 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-11 03:00 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-11 03:00 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-10 20:16 - 2015-11-18 23:07 - 00000000 ____D C:\Users\User007\AppData\Local\Packages
2016-08-10 11:42 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 11:42 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-10 11:42 - 2015-10-06 22:43 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 11:39 - 2015-10-06 22:43 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-08 23:58 - 2015-12-12 17:28 - 00002232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-07 20:57 - 2015-12-16 04:41 - 00000000 ____D C:\Users\User007
2016-08-06 21:32 - 2016-01-05 21:00 - 00000000 ____D C:\Users\User007\AppData\Local\PokerStars.EU
2016-08-05 12:00 - 2015-12-12 17:26 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-08-03 08:21 - 2015-10-06 21:28 - 00400304 __RSH C:\bootmgr
2016-07-31 16:00 - 2016-07-17 14:34 - 00000000 ____D C:\Users\User007\Desktop\fafa
2016-07-31 08:19 - 2015-11-18 23:07 - 00000000 ____D C:\Users\User007\AppData\Local\Publishers
2016-07-31 04:48 - 2016-07-21 17:26 - 00000000 ____D C:\Program Files (x86)\Razer
2016-07-29 15:51 - 2015-12-12 17:27 - 00004040 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-29 15:51 - 2015-12-12 17:27 - 00003808 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2015-10-06 20:57 - 2015-12-08 08:58 - 1065984 _____ () C:\Users\User007\AppData\Local\file__0.localstorage
2016-05-10 08:13 - 2016-05-10 08:13 - 0000000 _____ () C:\Users\User007\AppData\Local\{93D54A94-581A-403E-8F01-9F51F9C1A28E}
2015-12-08 09:16 - 2015-12-08 09:16 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-12-16 04:40 - 2015-12-16 04:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\User007\AppData\Local\Temp\0Kraken0502DevProps.dll
C:\Users\User007\AppData\Local\Temp\ICReinstall_LF2_v20a_Install.exe
C:\Users\User007\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\User007\AppData\Local\Temp\sfamcc00001.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-24 12:05

==================== End of FRST.txt ============================

Re: Prosím o preventivku, díky

Napsal: 29 srp 2016 17:23
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Prosím o preventivku, díky

Napsal: 29 srp 2016 19:05
od Philipeer
# AdwCleaner v6.010 - Log soubor vytvořen 29/08/2016 na 19:51:34
# Aktualizováno dne 12/08/2016 z ToolsLib
# Databáze : 2016-08-28.2 [Server]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : User007 - USER007-PC
# Beží od : C:\Users\User007\Desktop\adwcleaner_6.010.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum



***** [ Služby ] *****



***** [ Adresáře ] *****

[-] Adresář smazán:C:\Users\User007\AppData\Roaming\OpenCandy
[-] Adresář smazán:C:\Program Files (x86)\GreenTree Applications


***** [ Soubory ] *****

[-] Soubor smazán:C:\END
[-] Soubor smazán:C:\Users\Public\Desktop\YTD Video Downloader.lnk


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****

[-] Klíč smazán:HKU\S-1-5-21-1606076732-1506853963-2258369253-1000\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
[#] Klíč smazán po restartování:HKCU\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Prohlížeče ] *****

[-] [tennis-titans.en.softonic.com] [Search Provider] Smazání:tennis-titans.en.softonic.com
[-] [little-fighter-2.en.softonic.com] [Search Provider] Smazání:little-fighter-2.en.softonic.com


*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1618 Bajtů] - [29/08/2016 19:51:34]
C:\AdwCleaner\AdwCleaner[S0].txt - [2027 Bajtů] - [29/08/2016 19:47:19]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1766 Bajtů] ##########

Re: Prosím o preventivku, díky

Napsal: 29 srp 2016 19:14
od Rudy
Dejte nový log FRST.

Re: Prosím o preventivku, díky

Napsal: 29 srp 2016 19:22
od Philipeer
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-08-2016
Ran by User007 (administrator) on USER007-PC (29-08-2016 20:15:03)
Running from C:\Users\User007\Desktop
Loaded Profiles: User007 (Available Profiles: User007 & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(LogMeIn Inc.) D:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) D:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Almico Software (almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe
() C:\Program Files\Core Temp\Core Temp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Users\User007\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Users\User007\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken0502_Driver\Drivers\SysAudio\Kraken0502Helper.exe
(LogMeIn Inc.) D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) D:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-11-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1710752 2015-11-05] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-27] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-06-27] (AVAST Software)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-08-10] (Razer Inc.)
HKLM-x32\...\Run: [Kraken0502Launcher] => C:\Program Files (x86)\Razer\Razer_Kraken0502_Driver\Drivers\SysAudio\Kraken0502Helper.exe [1599808 2015-08-14] (Razer Inc)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-07-20] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKU\S-1-5-21-1606076732-1506853963-2258369253-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-1606076732-1506853963-2258369253-1000\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1606076732-1506853963-2258369253-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\User007\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1606076732-1506853963-2258369253-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\User007\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1606076732-1506853963-2258369253-1000\...\RunOnce: [Uninstall C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-1606076732-1506853963-2258369253-1000\...\RunOnce: [Uninstall C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-1606076732-1506853963-2258369253-1000\...\RunOnce: [Uninstall C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-1606076732-1506853963-2258369253-1000\...\RunOnce: [Uninstall C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-1606076732-1506853963-2258369253-1000\...\RunOnce: [Uninstall C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-05] (AVAST Software)
Startup: C:\Users\User007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2016-04-19]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\User007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk [2016-06-02]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{03db979c-8ad0-4a8f-85f1-c020cde6cecf}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{321ab935-2864-4ba3-a0ff-43823dd3d79f}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{7b542768-3c2c-48c7-96a6-e2f20ff9b35f}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1606076732-1506853963-2258369253-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=27368
SearchScopes: HKU\S-1-5-21-1606076732-1506853963-2258369253-1000 -> {07AD658B-0688-486F-859D-B0D61BC99FA1} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-1606076732-1506853963-2258369253-1000 -> {24503BF6-3CE6-49DC-8538-A9F81F5B4090} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_27368
SearchScopes: HKU\S-1-5-21-1606076732-1506853963-2258369253-1000 -> {31BBE4FF-2541-4569-A067-55A790F0F90A} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-1606076732-1506853963-2258369253-1000 -> {3B52FD4E-67AF-4EA9-9743-55114CAEF1D9} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_27368
SearchScopes: HKU\S-1-5-21-1606076732-1506853963-2258369253-1000 -> {584A2B94-05CC-4111-B68D-C4333ED63B51} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-1606076732-1506853963-2258369253-1000 -> {6A39AB33-D170-4D59-8D19-48A8827A5726} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-1606076732-1506853963-2258369253-1000 -> {A699BDAA-EFB9-4670-A1CE-FDEFD78DED80} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_27368
SearchScopes: HKU\S-1-5-21-1606076732-1506853963-2258369253-1000 -> {A7B98A86-801F-4C10-9A8D-1FDD0AB9C61D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_27368
SearchScopes: HKU\S-1-5-21-1606076732-1506853963-2258369253-1000 -> {B42AE766-C74D-4B19-9BD7-9551BF6E0AB1} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_27368
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-08-28] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-26] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-28] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1606076732-1506853963-2258369253-1000 -> hxxps://www.seznam.cz/

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-28] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] ()
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-05]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-05]

Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-12]
CHR Extension: (Dokumenty Google) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-12]
CHR Extension: (Disk Google) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-12]
CHR Extension: (Seznam Lištička - Email) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-06-12]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-06-12]
CHR Extension: (YouTube) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-12]
CHR Extension: (Vyhledávání Google) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-12]
CHR Extension: (Tabulky Google) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Avast Online Security) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-08-13]
CHR Extension: (Gmail) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-12]
CHR Extension: (Chrome Media Router) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-06-05]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-06-05] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [5570272 2016-06-05] (Avast Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2981056 2016-08-11] (Microsoft Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [236832 2015-12-08] (EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-11-05] (Futuremark)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-11-05] (NVIDIA Corporation)
R2 Hamachi2Svc; D:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2554376 2016-07-20] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-11-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-11-05] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-19] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1310448 2016-08-14] (Overwolf LTD)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-05] ()
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALSysIO; C:\Users\User007\AppData\Local\Temp\ALSysIO64.sys [26608 2016-08-29] (Arthur Liberman)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-05] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-06-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-05] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-06-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-06-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [161760 2016-06-05] (AVAST Software)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-11-05] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [323392 2016-06-05] (Avast Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-29 20:15 - 2016-08-29 20:15 - 00023561 _____ C:\Users\User007\Desktop\FRST.txt
2016-08-29 20:14 - 2016-08-29 20:14 - 00000000 ____D C:\Users\User007\Desktop\FRST-OlderVersion
2016-08-29 19:45 - 2016-08-29 19:51 - 00000000 ____D C:\AdwCleaner
2016-08-29 19:45 - 2016-08-29 19:45 - 03826240 _____ C:\Users\User007\Desktop\adwcleaner_6.010.exe
2016-08-28 20:04 - 2016-08-28 20:04 - 00047728 _____ C:\Users\User007\Downloads\Addition.txt
2016-08-28 20:03 - 2016-08-29 20:15 - 00000000 ____D C:\FRST
2016-08-28 20:03 - 2016-08-28 20:04 - 00050813 _____ C:\Users\User007\Downloads\FRST.txt
2016-08-28 20:02 - 2016-08-29 20:14 - 02397696 _____ (Farbar) C:\Users\User007\Desktop\FRST64.exe
2016-08-26 17:56 - 2016-08-26 17:56 - 00688992 ____R (Swearware) C:\Users\User007\Downloads\dds.exe
2016-08-26 17:51 - 2016-08-26 17:53 - 00000000 ____D C:\Program Files\trend micro
2016-08-26 17:51 - 2016-08-26 17:51 - 00000000 ____D C:\rsit
2016-08-23 19:04 - 2016-08-23 19:04 - 00003340 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-08-23 19:04 - 2016-08-23 19:04 - 00000000 ____D C:\Users\User007\AppData\Roaming\Skype
2016-08-20 13:53 - 2016-08-20 13:53 - 00000000 ____D C:\ProgramData\avastSWCUTemp
2016-08-20 13:53 - 2016-08-20 13:53 - 00000000 _____ C:\WINDOWS\SysWOW64\last.dump
2016-08-19 18:43 - 2016-08-19 18:43 - 07878008 _____ (Microsoft Corporation) C:\Users\User007\Downloads\Xbox360_64Eng.exe
2016-08-19 18:43 - 2016-08-19 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2016-08-19 18:43 - 2016-08-19 18:43 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2016-08-19 12:47 - 2016-08-19 12:47 - 00257001 _____ C:\Users\User007\Documents\renault laguna policie fafa.pdf
2016-08-19 12:25 - 2016-08-19 12:25 - 01405265 _____ C:\Users\User007\Downloads\oznameni_o_zahajeni_spravniho_rizeni_a_usneseni_o_urceni_lhuty_ve_veci_povoleni_rozsireni_geograficky_nepuvodniho_krizence_druhu_rostli.pdf
2016-08-19 12:24 - 2016-08-19 12:24 - 01170965 _____ C:\Users\User007\Downloads\oznameni_o_zahajeni_spravniho_rizeni_a_usneseni_o_urceni_lhuty_ve_veci_povoleni_kaceni_drevin_rosoucich_mimo_les_zadatele_mesto_breclav.pdf
2016-08-19 11:29 - 2016-08-19 11:29 - 00778870 _____ C:\Users\User007\Downloads\SP_LP_Breclav.pdf
2016-08-18 14:50 - 2016-08-18 14:50 - 00000877 _____ C:\Users\Public\Desktop\FIFA 16.lnk
2016-08-10 11:07 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 11:07 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 11:07 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 11:07 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 11:07 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 11:07 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 11:07 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 11:07 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 11:07 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 11:07 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 11:07 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 11:07 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 11:07 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 11:07 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 11:07 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 11:07 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 11:07 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 11:07 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 11:07 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 11:07 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 11:07 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 11:07 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 11:07 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 11:07 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 11:07 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 11:07 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 11:07 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 11:07 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 11:07 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 11:07 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 11:07 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 11:07 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 11:07 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 11:07 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 11:07 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 11:07 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-10 11:07 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 11:07 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 11:07 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 11:07 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 11:07 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 11:07 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 11:07 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-10 11:07 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 11:07 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 11:07 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 11:07 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 11:07 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 11:07 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 11:07 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 11:07 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 11:07 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 11:07 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 11:07 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 11:07 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 11:07 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 11:07 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 11:07 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 11:07 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 11:07 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 11:07 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 11:07 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 11:07 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 11:07 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 11:07 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 11:07 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 11:07 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 11:07 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 11:07 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 11:07 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 11:07 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 11:07 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 11:07 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 11:07 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 11:07 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 11:07 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 11:07 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 11:07 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 11:07 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 11:07 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 11:07 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 11:07 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 11:07 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 11:07 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 11:07 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-10 11:07 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 11:07 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-10 11:07 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-10 11:07 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-10 11:07 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-10 11:07 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 11:07 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 11:07 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-10 11:07 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 11:07 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-10 11:07 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-10 11:07 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-10 11:07 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-10 11:07 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 11:07 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-10 11:07 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-10 11:07 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-10 11:07 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-10 11:07 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 11:07 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-10 11:07 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-10 11:07 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-10 11:07 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-10 11:07 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-10 11:07 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 11:07 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 11:07 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-10 11:07 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 11:07 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-10 11:07 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 11:07 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 11:07 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-10 11:07 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-10 11:07 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-10 11:07 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 11:07 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 11:07 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 11:07 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-10 11:07 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 11:07 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-10 11:07 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 11:07 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 11:07 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-10 11:07 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-08 21:20 - 2016-08-08 21:20 - 308622292 _____ C:\Users\User007\Documents\Sven Väth @ Kappa FuturFestival 2016.mp4
2016-08-05 19:11 - 2016-08-05 19:11 - 00113195 _____ C:\Users\User007\Downloads\1.FAZE-jidelnicek-dukan.pdf
2016-08-05 19:11 - 2016-08-05 19:11 - 00113195 _____ C:\Users\User007\Downloads\1.FAZE-jidelnicek-dukan (1).pdf
2016-08-04 11:53 - 2016-08-04 11:53 - 07004004 _____ C:\Users\User007\Downloads\secret-hitler-pnp-verze-hry-cz.pdf
2016-08-02 12:29 - 2016-08-02 12:29 - 00378713 _____ C:\Users\User007\Documents\plná moc.pdf
2016-08-02 12:06 - 2016-08-02 12:06 - 00370069 _____ C:\Users\User007\Documents\žádost_o_odbavení.pdf
2016-08-01 16:17 - 2016-08-01 16:17 - 00000757 _____ C:\Users\User007\Desktop\Little Fighter 2.lnk
2016-08-01 16:17 - 2016-08-01 16:17 - 00000000 ____D C:\Users\User007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Little Fighter 2 version 2.0a
2016-08-01 16:16 - 2016-08-01 16:17 - 29586263 _____ () C:\Users\User007\Downloads\LF2_v2.0a (2).exe
2016-08-01 16:12 - 2016-08-01 16:14 - 31763456 _____ C:\Users\User007\Downloads\LF2_v20a_Install.exe
2016-08-01 16:12 - 2016-08-01 16:12 - 31763456 _____ C:\Users\User007\Downloads\LF2_v20a_Install [1].exe
2016-08-01 16:08 - 2016-08-01 16:08 - 02723264 _____ (Microsoft Corporation) C:\Users\User007\Downloads\vcredist_x86.exe
2016-08-01 16:07 - 2016-08-01 16:08 - 05055571 _____ () C:\Users\User007\Downloads\LF2_v2.0a (1).exe
2016-08-01 16:03 - 2016-08-01 16:04 - 12623262 _____ C:\Users\User007\Downloads\Little Fighter 2.rar
2016-08-01 15:57 - 2016-08-01 15:57 - 16403276 _____ () C:\Users\User007\Downloads\lf2_5_v1_25.exe
2016-08-01 15:53 - 2016-08-01 15:53 - 13316052 _____ (Little Fighter 2) C:\Users\User007\Downloads\lf2_v19c_Setup (1).exe
2016-08-01 15:35 - 2016-08-01 15:35 - 13316052 _____ (Little Fighter 2) C:\Users\User007\Downloads\lf2_v19c_Setup.exe
2016-08-01 15:35 - 2016-08-01 15:35 - 00000000 ____D C:\Users\User007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Little Fighter 2
2016-08-01 15:33 - 2016-08-01 15:33 - 01843747 _____ () C:\Users\User007\Downloads\LF2_v2.0a.exe
2016-07-31 21:44 - 2016-07-31 21:59 - 840374113 _____ C:\Users\User007\Downloads\lipnice_2016_videa.zip
2016-07-31 21:36 - 2016-07-31 21:42 - 344704209 _____ C:\Users\User007\Downloads\Nepotvrzeno 561974.crdownload
2016-07-31 20:43 - 2016-07-31 20:50 - 421873693 _____ C:\Users\User007\Downloads\lipnice_2016_fotky.zip
2016-07-31 20:43 - 2016-07-31 20:43 - 11762464 _____ C:\Users\User007\Downloads\lipnice_2016_pisnicka.rar
2016-07-31 08:17 - 2016-07-31 08:17 - 00000000 ____D C:\Users\User007\AppData\Roaming\MPC-HC

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-29 20:09 - 2015-12-12 14:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-08-29 19:59 - 2015-12-16 04:40 - 02043132 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-29 19:59 - 2015-10-30 20:31 - 00844580 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-29 19:59 - 2015-10-30 20:31 - 00193092 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-29 19:59 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-29 19:58 - 2016-06-12 13:30 - 00000000 ____D C:\Users\User007\AppData\Roaming\Seznam.cz
2016-08-29 19:56 - 2015-12-12 17:27 - 00000982 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-29 19:54 - 2016-02-06 18:43 - 00000000 ____D C:\Users\User007\AppData\Local\LogMeIn Hamachi
2016-08-29 19:53 - 2015-12-16 04:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-29 19:53 - 2015-12-16 04:40 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-29 19:53 - 2015-12-12 17:27 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-29 19:53 - 2015-10-06 20:57 - 00003136 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2016-08-29 19:53 - 2015-10-06 20:32 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-08-29 19:52 - 2015-10-30 08:28 - 01310720 ___SH C:\WINDOWS\system32\config\BBI
2016-08-29 19:18 - 2015-10-06 20:33 - 00004206 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9F4A26CB-3AE6-4989-9CC7-8330B83B958F}
2016-08-28 23:51 - 2016-01-06 19:34 - 00000000 ____D C:\ProgramData\Origin
2016-08-28 22:01 - 2015-12-08 17:46 - 00000000 ____D C:\Users\User007\AppData\Roaming\TS3Client
2016-08-28 19:04 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-28 10:03 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-27 17:02 - 2016-06-12 10:33 - 00000000 ____D C:\Users\User007\Downloads\techno
2016-08-27 11:50 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-26 14:59 - 2015-12-19 20:54 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-08-26 14:59 - 2015-12-19 20:54 - 00000000 ____D C:\Users\User007\.oracle_jre_usage
2016-08-26 14:59 - 2015-12-19 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-26 14:59 - 2015-12-19 20:54 - 00000000 ____D C:\Program Files (x86)\Java
2016-08-24 11:55 - 2015-12-12 17:26 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-08-23 19:04 - 2015-11-18 23:09 - 00002397 _____ C:\Users\User007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-23 19:04 - 2015-11-18 23:09 - 00000000 ___RD C:\Users\User007\OneDrive
2016-08-18 23:47 - 2015-12-08 17:46 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-08-11 09:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-11 03:01 - 2015-09-10 07:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-11 03:00 - 2015-10-30 20:35 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-11 03:00 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-11 03:00 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-10 20:16 - 2015-11-18 23:07 - 00000000 ____D C:\Users\User007\AppData\Local\Packages
2016-08-10 11:42 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 11:42 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-10 11:42 - 2015-10-06 22:43 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 11:39 - 2015-10-06 22:43 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-08 23:58 - 2015-12-12 17:28 - 00002232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-07 20:57 - 2015-12-16 04:41 - 00000000 ____D C:\Users\User007
2016-08-06 21:32 - 2016-01-05 21:00 - 00000000 ____D C:\Users\User007\AppData\Local\PokerStars.EU
2016-08-05 12:00 - 2015-12-12 17:26 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-08-03 08:21 - 2015-10-06 21:28 - 00400304 __RSH C:\bootmgr
2016-07-31 16:00 - 2016-07-17 14:34 - 00000000 ____D C:\Users\User007\Desktop\fafa
2016-07-31 08:19 - 2015-11-18 23:07 - 00000000 ____D C:\Users\User007\AppData\Local\Publishers
2016-07-31 04:48 - 2016-07-21 17:26 - 00000000 ____D C:\Program Files (x86)\Razer

==================== Files in the root of some directories =======

2015-10-06 20:57 - 2015-12-08 08:58 - 1065984 _____ () C:\Users\User007\AppData\Local\file__0.localstorage
2016-05-10 08:13 - 2016-05-10 08:13 - 0000000 _____ () C:\Users\User007\AppData\Local\{93D54A94-581A-403E-8F01-9F51F9C1A28E}
2015-12-08 09:16 - 2015-12-08 09:16 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-12-16 04:40 - 2015-12-16 04:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\User007\AppData\Local\Temp\0Kraken0502DevProps.dll
C:\Users\User007\AppData\Local\Temp\ICReinstall_LF2_v20a_Install.exe
C:\Users\User007\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\User007\AppData\Local\Temp\libeay32.dll
C:\Users\User007\AppData\Local\Temp\msvcr120.dll
C:\Users\User007\AppData\Local\Temp\sfamcc00001.dll
C:\Users\User007\AppData\Local\Temp\sfareca00001.dll
C:\Users\User007\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-24 12:05

==================== End of FRST.txt ============================

Re: Prosím o preventivku, díky

Napsal: 29 srp 2016 20:34
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
U3 idsvc; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\DP45977C.lfl
C:\Users\User007\AppData\Local\Temp
C:\ProgramData\DP45977C.lfl
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosím o preventivku, díky

Napsal: 29 srp 2016 20:47
od Philipeer
Fix result of Farbar Recovery Scan Tool (x64) Version: 29-08-2016
Ran by User007 (29-08-2016 21:34:33) Run:1
Running from C:\Users\User007\Desktop
Loaded Profiles: User007 (Available Profiles: User007 & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
U3 idsvc; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\DP45977C.lfl
C:\Users\User007\AppData\Local\Temp
C:\ProgramData\DP45977C.lfl
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
idsvc => service removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully

"C:\Users\User007\AppData\Local\Temp" folder move:

Could not move "C:\Users\User007\AppData\Local\Temp" => Scheduled to move on reboot.

"C:\ProgramData\DP45977C.lfl" => not found.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 29-08-2016 21:35:24)

C:\Users\User007\AppData\Local\Temp => moved successfully

==== End of Fixlog 21:35:24 ====

Re: Prosím o preventivku, díky

Napsal: 29 srp 2016 21:20
od Rudy
Smazáno. Log by již měl být OK.

Re: Prosím o preventivku, díky

Napsal: 29 srp 2016 21:21
od Philipeer
Ok, děkuji :)
Můžu se teda zeptat, co tam byl za problém? :D

Re: Prosím o preventivku, díky

Napsal: 30 srp 2016 17:00
od Rudy
Několik AdWarů (Open Candy a další) a zbytečnosti.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz