Stránka 1 z 1

prosím o kontrolu pc problém s omnibox

Napsal: 06 bře 2017 18:08
od jirik78
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
Ran by jiří mansfeld (administrator) on MANY (06-03-2017 18:05:35)
Running from C:\Users\jiří mansfeld\Desktop
Loaded Profiles: jiří mansfeld (Available Profiles: jiří mansfeld & Lenka)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)



==================== Registry (Whitelisted) ===========================

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 81.25.16.250 81.25.28.250
Tcpip\..\Interfaces\{94dc49ed-1706-48b3-8b8e-1adbee222ddc}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{989a064c-99a7-4eda-b4d4-31b13298ee7a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{c471df3e-ffe3-429c-992f-92d3274af196}: [DhcpNameServer] 81.25.16.250 81.25.28.250

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={6E1F8504-17F2-476B-A85B-702898208AE8}&mid=58358efceac647ccbadc71015a0d1678-ed51f830362347a4016d7987d3a64985d7e8bf86&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0616avz&pr=fr&d=2016-06-09 07:34:57&v=4.3.1.831&pid=wtu&sg=&sap=hp
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={6E1F8504-17F2-476B-A85B-702898208AE8}&mid=58358efceac647ccbadc71015a0d1678-ed51f830362347a4016d7987d3a64985d7e8bf86&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0616avz&pr=fr&d=2016-06-09 07:34:57&v=4.3.7.452&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {05352811-120A-494E-8D4E-A6BD0F4C0C5B} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {2E566CD0-E8BA-4608-B344-F593C6FB56E6} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {62973BDC-4714-4A76-B3D1-C59FB833E61A} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {8728D987-ADA0-4D34-82FB-7EDCFBD49073} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {8E7DAC10-3779-44A8-A908-E5C182D6C8DA} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={6E1F8504-17F2-476B-A85B-702898208AE8}&mid=58358efceac647ccbadc71015a0d1678-ed51f830362347a4016d7987d3a64985d7e8bf86&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0616avz&pr=fr&d=2016-06-09 07:34:57&v=4.3.7.452&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {A8504CF6-41FC-4237-8AF5-E83697A17758} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {CB9B3FC0-DDFF-4C6E-BC50-14C71BB58511} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {E676738A-5897-4A6F-B632-9DCB5C22BF90} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {FABA9D78-58A9-4288-A8B9-E68CDF299DD6} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll [2017-02-21] (AVG)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-27] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll [2017-02-21] (AVG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-27] (Oracle Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> hxxp://www.delta-homes.com/?type=hp&ts=1444635 ... 9_C8F2D239

FireFox:
========
FF ProfilePath: C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll [2013-02-07] ( HP)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.7\\npsitesafety.dll [No File]
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3882090170-638525116-1017874946-1002: @tools.google.com/Google Update;version=3 -> C:\Users\jiří mansfeld\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-3882090170-638525116-1017874946-1002: @tools.google.com/Google Update;version=9 -> C:\Users\jiří mansfeld\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-09] (Google Inc.)
FF SearchPlugin: C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\searchplugins\avg-secure-search.xml [2017-03-06]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2017-02-21]
FF Extension: AVG Web TuneUp - C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\Extensions\avg@toolbar.xpi [2017-02-21]
FF Extension: Seznam lištička - C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-10]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2016-09-24] [not signed]

Chrome:
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR DefaultSearchURL: Default -> hxxp://www.omniboxes.com/web/?type=ds&ts=14486 ... earchTerms}
CHR DefaultSearchKeyword: Default -> omniboxes
CHR Profile: C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-30]
CHR Extension: (Dokumenty Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-01]
CHR Extension: (Disk Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (AVG Secure Search) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-02-24]
CHR Extension: (Vyhledávání Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Tabulky Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Website Logon) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbkhknacohfhbmmpnmbkgdffdbildof [2015-10-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-01-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
CHR Extension: (Gmail) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-01]
CHR Extension: (Chrome Media Router) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR HKU\S-1-5-21-3882090170-638525116-1017874946-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3882090170-638525116-1017874946-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hmbkhknacohfhbmmpnmbkgdffdbildof] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [971160 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337600 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [725976 2017-01-09] (AVG Technologies CZ, s.r.o.)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [339456 2016-11-11] (Microsoft Corporation)
S2 CDPUserSvc_8c764; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S2 CDPUserSvc_8c764; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-02-07] (HP)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [805888 2016-11-02] (Microsoft Corporation)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-12-25] (Hewlett-Packard Development Company, L.P.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-11-25] ()
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [668984 2013-02-07] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2017-02-06] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 RmSvc; C:\Windows\System32\RMapi.dll [140800 2016-10-04] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [260704 2016-09-02] (Synaptics Incorporated)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2013-03-19] () [File not signed]
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [349696 2016-10-04] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2016-10-04] (Microsoft Corporation)
R2 vToolbarUpdater40.3.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.7\ToolbarUpdater.exe [1354312 2017-02-21] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [635904 2016-11-02] (Microsoft Corporation)
S3 WpnUserService; C:\Windows\System32\WpnUserService.dll [74240 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_8c764; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_8c764; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [981576 2017-02-21] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [18432 2016-07-16] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [15360 2016-07-16] (Microsoft Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533856 2016-07-16] (QLogic Corporation)
S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [346976 2016-07-16] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104160 2016-07-16] (Chelsio Communications)
R2 clreg; C:\Windows\System32\drivers\registry.sys [70144 2016-07-16] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-22] (Disc Soft Ltd)
S3 DxVGrb; C:\Windows\system32\drivers\DxVGrb.sys [222464 2012-01-10] (Dexetek ) [File not signed]
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18816 2016-11-25] (Huawei Technologies Co., Ltd.)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2014-08-18] (Sony Mobile Communications)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [73568 2016-10-04] (Microsoft Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2016-07-16] (Intel(R) Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [64512 2016-07-16] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [35840 2016-07-16] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [48992 2016-11-02] (Microsoft Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-12-12] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-02-13] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-11-27] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [192312 2015-06-23] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_7c553af4468727c1\nvlddmkm.sys [14311352 2017-02-10] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58720 2016-07-16] (Avago Technologies)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [88416 2016-07-16] (Microsoft Corporation)
S3 scmdisk0101; C:\Windows\System32\drivers\scmdisk0101.sys [123904 2016-07-16] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [71264 2016-09-02] (Synaptics Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-02-15] (AVG Netherlands B.V.)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [108544 2016-07-16] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2016-07-16] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16224 2016-07-16] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [119648 2016-10-04] (Microsoft Corporation)
R2 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [66560 2016-07-16] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2016-01-06] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-06 18:05 - 2017-03-06 18:06 - 00023995 _____ C:\Users\jiří mansfeld\Desktop\FRST.txt
2017-03-06 18:03 - 2017-03-06 18:03 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-06 18:03 - 2017-03-06 18:03 - 00000000 ___HD C:\OneDriveTemp
2017-03-06 18:03 - 2017-03-06 18:03 - 00000000 ____D C:\_MEI96882
2017-03-06 18:01 - 2017-03-06 18:03 - 00008929 _____ C:\Users\jiří mansfeld\Desktop\Fixlog.txt
2017-03-05 20:56 - 2017-03-05 20:56 - 21983120 _____ C:\Users\jiří mansfeld\Downloads\DataCenter-win-5.1.19-000.exe
2017-03-05 20:56 - 2017-03-05 20:56 - 00002105 _____ C:\Users\jiří mansfeld\Desktop\SIGMA DATA CENTER.lnk
2017-03-05 20:56 - 2017-03-05 20:56 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sigma Data Center
2017-03-04 21:00 - 2017-03-04 21:00 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-03-04 21:00 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-03-04 21:00 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-03-04 21:00 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-03-04 21:00 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-03-04 20:59 - 2017-03-04 20:59 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-02-11 13:31 - 2017-02-06 12:07 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-10 20:06 - 2017-02-10 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sigma Data Center
2017-02-10 20:05 - 2017-02-10 20:06 - 21982992 _____ C:\Users\jiří mansfeld\Downloads\DataCenter-win-5.1.18-000.exe
2017-02-10 17:59 - 2017-02-10 17:59 - 00048688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2017-02-10 17:58 - 2017-02-10 17:58 - 34719160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 28212784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 00956856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 00907704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 00446904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 00397240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 40132536 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 35231160 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 02958904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 02594744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 01995704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437682.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 01600056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437682.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 01052216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 00989752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-02-10 17:50 - 2017-02-10 17:50 - 11017016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-02-10 17:50 - 2017-02-10 17:50 - 10907872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-02-10 17:50 - 2017-02-10 17:50 - 09247336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-02-10 17:50 - 2017-02-10 17:50 - 09000328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 10453848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 08847008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00818496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00698728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00658400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00586968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00407240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00339144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-02-10 17:48 - 2017-02-10 17:48 - 03516760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-06 18:05 - 2015-10-20 17:59 - 00000000 ____D C:\FRST
2017-03-06 18:03 - 2017-01-01 12:25 - 00000000 ___RD C:\Users\jiří mansfeld\Disk Google
2017-03-06 18:03 - 2016-10-04 10:18 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-03-06 18:03 - 2016-10-04 10:02 - 00000000 ____D C:\Users\jiří mansfeld
2017-03-06 18:03 - 2016-01-01 12:14 - 00000000 ____D C:\ProgramData\MFAData
2017-03-06 18:03 - 2015-08-02 17:59 - 00000000 __SHD C:\Users\jiří mansfeld\IntelGraphicsProfiles
2017-03-06 18:03 - 2015-01-01 15:04 - 00000000 ____D C:\Temp
2017-03-06 18:03 - 2014-01-03 18:02 - 00000000 __RDO C:\Users\jiří mansfeld\SkyDrive
2017-03-06 18:03 - 2013-09-24 09:26 - 00000000 ____D C:\Users\jiří mansfeld\AppData\LocalLow\AuthenTec
2017-03-06 18:02 - 2016-10-04 10:19 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-06 18:02 - 2016-10-04 09:57 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-06 18:02 - 2016-07-16 07:04 - 02097152 _____ C:\WINDOWS\system32\config\BBI
2017-03-06 17:41 - 2016-10-04 09:55 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-06 17:13 - 2013-09-24 14:06 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz
2017-03-06 17:11 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-06 17:11 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-05 20:56 - 2016-09-14 19:44 - 00000000 ____D C:\Program Files (x86)\Sigma Data Center
2017-03-05 16:38 - 2014-05-09 09:32 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\Seznam.cz
2017-03-05 16:32 - 2015-08-03 19:11 - 00000000 __SHD C:\Users\Lenka\IntelGraphicsProfiles
2017-03-05 16:32 - 2014-05-09 09:31 - 00000000 ____D C:\Users\Lenka\AppData\LocalLow\AuthenTec
2017-03-04 21:21 - 2015-09-30 19:46 - 00000000 ____D C:\Users\jiYí mansfeld\AppData\Local\JDownloader v2.0
2017-03-04 20:59 - 2016-10-04 09:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-04 20:59 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-04 20:25 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-28 21:39 - 2015-08-03 19:12 - 00002429 _____ C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-28 21:39 - 2014-05-09 09:33 - 00000000 ___RD C:\Users\Lenka\OneDrive
2017-02-28 13:33 - 2017-01-09 11:36 - 00000000 ____D C:\Users\jiří mansfeld\Desktop\dres 2017
2017-02-28 13:09 - 2016-12-13 12:01 - 00003284 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-28 13:09 - 2015-08-02 18:03 - 00002453 _____ C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-25 11:15 - 2016-10-04 10:02 - 02326886 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-25 11:15 - 2016-07-16 23:25 - 00866482 _____ C:\WINDOWS\system32\perfh005.dat
2017-02-25 11:15 - 2016-07-16 23:25 - 00221994 _____ C:\WINDOWS\system32\perfc005.dat
2017-02-25 11:07 - 2016-10-04 10:02 - 00000000 ____D C:\Users\Lenka
2017-02-24 19:49 - 2013-09-25 20:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 19:45 - 2013-09-25 20:41 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-22 20:48 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-21 20:24 - 2016-06-09 06:34 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2017-02-21 20:24 - 2016-06-09 06:34 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2017-02-21 09:29 - 2016-01-07 12:01 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-02-19 17:02 - 2016-05-03 20:01 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Local\CrashDumps
2017-02-14 21:44 - 2013-09-24 12:19 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\AIMP3
2017-02-11 13:31 - 2016-10-04 09:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-11 13:31 - 2016-10-04 09:57 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-10 17:58 - 2017-01-17 05:56 - 14311352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2017-02-10 17:48 - 2016-09-12 20:10 - 03980944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-02-10 13:24 - 2016-08-02 23:05 - 00042286 _____ C:\WINDOWS\system32\nvinfo.pb
2017-02-06 21:38 - 2013-09-24 10:07 - 00002535 _____ C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 20:48 - 2017-01-11 20:13 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2017-01-11 20:13 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-06 17:03 - 2016-06-09 06:34 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2017-02-06 12:37 - 2016-10-04 09:57 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

==================== Files in the root of some directories =======

2014-03-17 19:44 - 2016-03-09 10:38 - 0030455 _____ () C:\Users\jiří mansfeld\AppData\Local\MRDownloader.err
2014-10-01 11:23 - 2014-10-01 11:33 - 0000188 _____ () C:\Users\jiří mansfeld\AppData\Local\MRDownloader.log
2014-03-15 11:22 - 2016-03-09 10:38 - 0001120 _____ () C:\Users\jiří mansfeld\AppData\Local\MRDownloader.nast
2016-02-12 20:48 - 2016-02-12 20:48 - 0000017 _____ () C:\Users\jiří mansfeld\AppData\Local\resmon.resmoncfg
2013-09-26 19:17 - 2014-03-14 21:45 - 0043734 _____ () C:\Users\jiří mansfeld\AppData\Local\SRDownloader.err
2013-09-24 20:18 - 2014-03-14 21:45 - 0001088 _____ () C:\Users\jiří mansfeld\AppData\Local\SRDownloader.nast

Some files in TEMP:
====================
C:\Users\Lenka\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2017-03-05 19:07

==================== End of FRST.txt ============================

Re: prosím o kontrolu pc problém s omnibox

Napsal: 06 bře 2017 18:31
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: prosím o kontrolu pc problém s omnibox

Napsal: 06 bře 2017 19:00
od jirik78
# AdwCleaner v6.044 - Logfile created 06/03/2017 at 18:56:52
# Updated on 28/02/2017 by Malwarebytes
# Database : 2017-03-02.1 [Server]
# Operating System : Windows 10 Home (X64)
# Username : jiří mansfeld - MANY
# Running from : C:\Users\jiří mansfeld\Desktop\adwcleaner_6.044.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

[-] Service deleted: vToolbarUpdater40.3.7
[-] Service deleted: WtuSystemSupport


***** [ Folders ] *****

[-] Folder deleted: C:\Users\jiří mansfeld\AppData\Local\avg web tuneup
[-] Folder deleted: C:\Users\Lenka\AppData\Local\avg web tuneup
[-] Folder deleted: C:\Program Files\avg web tuneup
[-] Folder deleted: C:\Program Files\Enigma Software Group
[-] Folder deleted: C:\Program Files\Common Files\AVG Secure Search
[-] Folder deleted: C:\ProgramData\avg web tuneup
[-] Folder deleted: C:\Program Files (x86)\avg web tuneup
[-] Folder deleted: C:\Program Files (x86)\Common Files\AVG Secure Search


***** [ Files ] *****

[-] File deleted: C:\WINDOWS\SysNative\drivers\EsgScanner.sys
[-] File deleted: C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\extensions\Avg@toolbar.xpi
[-] File deleted: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\sjmirrzv.default\extensions\Avg@toolbar.xpi
[-] File deleted: C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\searchplugins\avg-secure-search.xml
[-] File deleted: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\sjmirrzv.default\searchplugins\avg-secure-search.xml
[-] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\PicexaService
[#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\PicexaService
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WdsManPro
[#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WdsManPro
[-] Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key deleted: HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Software\Conduit
[#] Key deleted on reboot: HKCU\Software\Conduit
[-] Key deleted: HKLM\SOFTWARE\AVG Tuneup
[#] Key deleted on reboot: [x64] HKCU\Software\Conduit
[-] Key deleted: [x64] HKLM\SOFTWARE\AVG Secure Search
[-] Key deleted: [x64] HKLM\SOFTWARE\EnigmaSoftwareGroup
[-] Data restored: HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Key deleted: HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data restored: HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [vProt]
[-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [hshhsaaaws]
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin


***** [ Web browsers ] *****



*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [11348 Bytes] - [13/10/2015 15:06:07]
C:\AdwCleaner\AdwCleaner[C2].txt - [7287 Bytes] - [06/03/2017 18:56:52]
C:\AdwCleaner\AdwCleaner[S1].txt - [11895 Bytes] - [13/10/2015 15:04:01]
C:\AdwCleaner\AdwCleaner[S2].txt - [7427 Bytes] - [06/03/2017 18:56:04]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [7507 Bytes] ##########

Re: prosím o kontrolu pc problém s omnibox

Napsal: 06 bře 2017 19:25
od Rudy
Dejte nový log FRST.

Re: prosím o kontrolu pc problém s omnibox

Napsal: 06 bře 2017 19:39
od jirik78
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
Ran by jiří mansfeld (administrator) on MANY (06-03-2017 19:36:48)
Running from C:\Users\jiří mansfeld\Desktop
Loaded Profiles: jiří mansfeld (Available Profiles: jiří mansfeld & Lenka)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
() C:\Windows\System32\valWBFPolicyService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
Failed to access process -> Memory Compression
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(ACD Systems) C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7922.42017.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7922.42017.0_x64__8wekyb3d8bbwe\HxTsr.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\jiří mansfeld\Desktop\FRST64 (2).exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [401896 2016-11-01] ()
HKLM\...\Run: [ACPW06EN] => C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe [1234120 2012-12-17] (ACD Systems)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-12-25] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [DAEMON Tools Lite] => C:\programy instalace\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [Google Update] => C:\Users\jiří mansfeld\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2017-01-09] (Google Inc.)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\MountPoints2: {0ded4f92-835a-11e3-824f-70188b5d7c58} - "F:\setup.exe"
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\MountPoints2: {1d0b0c0e-fb42-11e6-bf5a-a0481ce9ff8b} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\MountPoints2: {c8f62831-53cc-11e6-bf3a-a0481ce9ff8b} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [231936 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-02-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-02-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-02-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-02-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-02-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-02-28] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 81.25.16.250 81.25.28.250
Tcpip\..\Interfaces\{94dc49ed-1706-48b3-8b8e-1adbee222ddc}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{989a064c-99a7-4eda-b4d4-31b13298ee7a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{c471df3e-ffe3-429c-992f-92d3274af196}: [DhcpNameServer] 81.25.16.250 81.25.28.250

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {05352811-120A-494E-8D4E-A6BD0F4C0C5B} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {2E566CD0-E8BA-4608-B344-F593C6FB56E6} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {62973BDC-4714-4A76-B3D1-C59FB833E61A} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {8728D987-ADA0-4D34-82FB-7EDCFBD49073} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {8E7DAC10-3779-44A8-A908-E5C182D6C8DA} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {A8504CF6-41FC-4237-8AF5-E83697A17758} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {CB9B3FC0-DDFF-4C6E-BC50-14C71BB58511} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {E676738A-5897-4A6F-B632-9DCB5C22BF90} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {FABA9D78-58A9-4288-A8B9-E68CDF299DD6} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll => No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-27] (Oracle Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> hxxp://www.delta-homes.com/?type=hp&ts=1444635 ... 9_C8F2D239

FireFox:
========
FF ProfilePath: C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll [2013-02-07] ( HP)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3882090170-638525116-1017874946-1002: @tools.google.com/Google Update;version=3 -> C:\Users\jiří mansfeld\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-3882090170-638525116-1017874946-1002: @tools.google.com/Google Update;version=9 -> C:\Users\jiří mansfeld\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-09] (Google Inc.)
FF Extension: Seznam lištička - C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-10]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2016-09-24] [not signed]

Chrome:
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR DefaultSearchURL: Default -> hxxp://www.omniboxes.com/web/?type=ds&ts=14486 ... earchTerms}
CHR DefaultSearchKeyword: Default -> omniboxes
CHR Profile: C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-30]
CHR Extension: (Dokumenty Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-01]
CHR Extension: (Disk Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (AVG Secure Search) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-02-24]
CHR Extension: (Vyhledávání Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Tabulky Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Website Logon) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbkhknacohfhbmmpnmbkgdffdbildof [2015-10-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-01-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
CHR Extension: (Gmail) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-01]
CHR Extension: (Chrome Media Router) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR HKU\S-1-5-21-3882090170-638525116-1017874946-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3882090170-638525116-1017874946-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hmbkhknacohfhbmmpnmbkgdffdbildof] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [971160 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337600 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [725976 2017-01-09] (AVG Technologies CZ, s.r.o.)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [339456 2016-11-11] (Microsoft Corporation)
S2 CDPUserSvc_94412; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S2 CDPUserSvc_94412; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-02-07] (HP)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [805888 2016-11-02] (Microsoft Corporation)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-12-25] (Hewlett-Packard Development Company, L.P.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-11-25] ()
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [668984 2013-02-07] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2017-02-06] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 RmSvc; C:\Windows\System32\RMapi.dll [140800 2016-10-04] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [260704 2016-09-02] (Synaptics Incorporated)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2013-03-19] () [File not signed]
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [349696 2016-10-04] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2016-10-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [635904 2016-11-02] (Microsoft Corporation)
S3 WpnUserService; C:\Windows\System32\WpnUserService.dll [74240 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_94412; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_94412; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [18432 2016-07-16] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [15360 2016-07-16] (Microsoft Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533856 2016-07-16] (QLogic Corporation)
S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [346976 2016-07-16] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104160 2016-07-16] (Chelsio Communications)
R2 clreg; C:\Windows\System32\drivers\registry.sys [70144 2016-07-16] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-22] (Disc Soft Ltd)
S3 DxVGrb; C:\Windows\system32\drivers\DxVGrb.sys [222464 2012-01-10] (Dexetek ) [File not signed]
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18816 2016-11-25] (Huawei Technologies Co., Ltd.)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2014-08-18] (Sony Mobile Communications)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [73568 2016-10-04] (Microsoft Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2016-07-16] (Intel(R) Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [64512 2016-07-16] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [35840 2016-07-16] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [48992 2016-11-02] (Microsoft Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-12-12] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-02-13] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-11-27] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [192312 2015-06-23] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_7c553af4468727c1\nvlddmkm.sys [14311352 2017-02-10] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58720 2016-07-16] (Avago Technologies)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [88416 2016-07-16] (Microsoft Corporation)
S3 scmdisk0101; C:\Windows\System32\drivers\scmdisk0101.sys [123904 2016-07-16] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [71264 2016-09-02] (Synaptics Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-02-15] (AVG Netherlands B.V.)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [108544 2016-07-16] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2016-07-16] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16224 2016-07-16] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [119648 2016-10-04] (Microsoft Corporation)
R2 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [66560 2016-07-16] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2016-01-06] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-06 19:36 - 2017-03-06 19:37 - 00032378 _____ C:\Users\jiří mansfeld\Desktop\FRST.txt
2017-03-06 18:53 - 2017-03-06 18:54 - 04031440 _____ C:\Users\jiří mansfeld\Desktop\adwcleaner_6.044.exe
2017-03-06 18:03 - 2017-03-06 18:58 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-06 18:03 - 2017-03-06 18:03 - 00000000 ___HD C:\OneDriveTemp
2017-03-05 20:56 - 2017-03-05 20:56 - 21983120 _____ C:\Users\jiří mansfeld\Downloads\DataCenter-win-5.1.19-000.exe
2017-03-05 20:56 - 2017-03-05 20:56 - 00002105 _____ C:\Users\jiří mansfeld\Desktop\SIGMA DATA CENTER.lnk
2017-03-05 20:56 - 2017-03-05 20:56 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sigma Data Center
2017-03-04 21:00 - 2017-03-04 21:00 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-03-04 21:00 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-03-04 21:00 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-03-04 21:00 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-03-04 21:00 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-03-04 20:59 - 2017-03-04 20:59 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-02-11 13:31 - 2017-02-06 12:07 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-10 20:06 - 2017-02-10 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sigma Data Center
2017-02-10 20:05 - 2017-02-10 20:06 - 21982992 _____ C:\Users\jiří mansfeld\Downloads\DataCenter-win-5.1.18-000.exe
2017-02-10 17:59 - 2017-02-10 17:59 - 00048688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2017-02-10 17:58 - 2017-02-10 17:58 - 34719160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 28212784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 00956856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 00907704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 00446904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 00397240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 40132536 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 35231160 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 02958904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 02594744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 01995704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437682.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 01600056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437682.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 01052216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 00989752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-02-10 17:50 - 2017-02-10 17:50 - 11017016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-02-10 17:50 - 2017-02-10 17:50 - 10907872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-02-10 17:50 - 2017-02-10 17:50 - 09247336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-02-10 17:50 - 2017-02-10 17:50 - 09000328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 10453848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 08847008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00818496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00698728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00658400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00586968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00407240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00339144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-02-10 17:48 - 2017-02-10 17:48 - 03516760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-06 19:36 - 2015-10-20 17:59 - 00000000 ____D C:\FRST
2017-03-06 19:05 - 2016-10-04 10:02 - 02384186 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-06 19:05 - 2016-07-16 23:25 - 00896078 _____ C:\WINDOWS\system32\perfh005.dat
2017-03-06 19:05 - 2016-07-16 23:25 - 00230794 _____ C:\WINDOWS\system32\perfc005.dat
2017-03-06 19:03 - 2013-09-24 14:06 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz
2017-03-06 18:58 - 2017-01-01 12:25 - 00000000 ___RD C:\Users\jiří mansfeld\Disk Google
2017-03-06 18:58 - 2016-10-04 10:19 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-06 18:58 - 2016-10-04 10:02 - 00000000 ____D C:\Users\jiří mansfeld
2017-03-06 18:58 - 2016-10-04 09:57 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-06 18:58 - 2016-01-01 12:14 - 00000000 ____D C:\ProgramData\MFAData
2017-03-06 18:58 - 2015-08-02 17:59 - 00000000 __SHD C:\Users\jiří mansfeld\IntelGraphicsProfiles
2017-03-06 18:58 - 2014-01-03 18:02 - 00000000 __RDO C:\Users\jiří mansfeld\SkyDrive
2017-03-06 18:58 - 2013-09-24 09:26 - 00000000 ____D C:\Users\jiří mansfeld\AppData\LocalLow\AuthenTec
2017-03-06 18:57 - 2016-07-16 07:04 - 02097152 _____ C:\WINDOWS\system32\config\BBI
2017-03-06 18:56 - 2015-10-13 15:03 - 00000000 ____D C:\AdwCleaner
2017-03-06 18:52 - 2016-10-04 09:55 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-06 18:03 - 2016-10-04 10:18 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-03-06 18:03 - 2015-01-01 15:04 - 00000000 ____D C:\Temp
2017-03-06 17:11 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-06 17:11 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-05 20:56 - 2016-09-14 19:44 - 00000000 ____D C:\Program Files (x86)\Sigma Data Center
2017-03-05 16:38 - 2014-05-09 09:32 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\Seznam.cz
2017-03-05 16:32 - 2015-08-03 19:11 - 00000000 __SHD C:\Users\Lenka\IntelGraphicsProfiles
2017-03-05 16:32 - 2014-05-09 09:31 - 00000000 ____D C:\Users\Lenka\AppData\LocalLow\AuthenTec
2017-03-04 21:21 - 2015-09-30 19:46 - 00000000 ____D C:\Users\jiYí mansfeld\AppData\Local\JDownloader v2.0
2017-03-04 20:59 - 2016-10-04 09:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-04 20:59 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-04 20:25 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-28 21:39 - 2015-08-03 19:12 - 00002429 _____ C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-28 21:39 - 2014-05-09 09:33 - 00000000 ___RD C:\Users\Lenka\OneDrive
2017-02-28 13:33 - 2017-01-09 11:36 - 00000000 ____D C:\Users\jiří mansfeld\Desktop\dres 2017
2017-02-28 13:09 - 2016-12-13 12:01 - 00003284 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-28 13:09 - 2015-08-02 18:03 - 00002453 _____ C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-25 11:07 - 2016-10-04 10:02 - 00000000 ____D C:\Users\Lenka
2017-02-24 19:49 - 2013-09-25 20:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 19:45 - 2013-09-25 20:41 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-22 20:48 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-21 09:29 - 2016-01-07 12:01 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-02-19 17:02 - 2016-05-03 20:01 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Local\CrashDumps
2017-02-14 21:44 - 2013-09-24 12:19 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\AIMP3
2017-02-11 13:31 - 2016-10-04 09:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-11 13:31 - 2016-10-04 09:57 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-10 17:58 - 2017-01-17 05:56 - 14311352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2017-02-10 17:48 - 2016-09-12 20:10 - 03980944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-02-10 13:24 - 2016-08-02 23:05 - 00042286 _____ C:\WINDOWS\system32\nvinfo.pb
2017-02-06 21:38 - 2013-09-24 10:07 - 00002535 _____ C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 20:48 - 2017-01-11 20:13 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2017-01-11 20:13 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-06 12:37 - 2016-10-04 09:57 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

==================== Files in the root of some directories =======

2014-03-17 19:44 - 2016-03-09 10:38 - 0030455 _____ () C:\Users\jiří mansfeld\AppData\Local\MRDownloader.err
2014-10-01 11:23 - 2014-10-01 11:33 - 0000188 _____ () C:\Users\jiří mansfeld\AppData\Local\MRDownloader.log
2014-03-15 11:22 - 2016-03-09 10:38 - 0001120 _____ () C:\Users\jiří mansfeld\AppData\Local\MRDownloader.nast
2016-02-12 20:48 - 2016-02-12 20:48 - 0000017 _____ () C:\Users\jiří mansfeld\AppData\Local\resmon.resmoncfg
2013-09-26 19:17 - 2014-03-14 21:45 - 0043734 _____ () C:\Users\jiří mansfeld\AppData\Local\SRDownloader.err
2013-09-24 20:18 - 2014-03-14 21:45 - 0001088 _____ () C:\Users\jiří mansfeld\AppData\Local\SRDownloader.nast

Some files in TEMP:
====================
C:\Users\Lenka\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2017-03-05 19:07

==================== End of FRST.txt ============================

Re: prosím o kontrolu pc problém s omnibox

Napsal: 06 bře 2017 20:09
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\MountPoints2: {0ded4f92-835a-11e3-824f-70188b5d7c58} - "F:\setup.exe"
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\MountPoints2: {1d0b0c0e-fb42-11e6-bf5a-a0481ce9ff8b} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\MountPoints2: {c8f62831-53cc-11e6-bf3a-a0481ce9ff8b} - "G:\HiSuiteDownLoader.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll => No File
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR DefaultSearchURL: Default -> hxxp://www.omniboxes.com/web/?type=ds&t ... 8F2D239&q={searchTerms}
CHR DefaultSearchKeyword: Default -> omniboxes
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\LastGood.Tmp
C:\Users\Lenka\AppData\Local\Temp

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: prosím o kontrolu pc problém s omnibox

Napsal: 06 bře 2017 20:19
od jirik78
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
Ran by jiří mansfeld (administrator) on MANY (06-03-2017 20:17:29)
Running from C:\Users\jiří mansfeld\Desktop
Loaded Profiles: jiří mansfeld (Available Profiles: jiří mansfeld & Lenka)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
() C:\Windows\System32\valWBFPolicyService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
Failed to access process -> Memory Compression
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(ACD Systems) C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\szninstall.exe
() C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Farbar) C:\Users\jiří mansfeld\Desktop\FRST64 (2).exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [401896 2016-11-01] ()
HKLM\...\Run: [ACPW06EN] => C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe [1234120 2012-12-17] (ACD Systems)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-12-25] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [DAEMON Tools Lite] => C:\programy instalace\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [Google Update] => C:\Users\jiří mansfeld\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2017-01-09] (Google Inc.)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\...\MountPoints2: {0ded4f92-835a-11e3-824f-70188b5d7c58} - "F:\setup.exe"
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [231936 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-02-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-02-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-02-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-02-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-02-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\jiří mansfeld\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-02-28] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 81.25.16.250 81.25.28.250
Tcpip\..\Interfaces\{94dc49ed-1706-48b3-8b8e-1adbee222ddc}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{989a064c-99a7-4eda-b4d4-31b13298ee7a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{c471df3e-ffe3-429c-992f-92d3274af196}: [DhcpNameServer] 81.25.16.250 81.25.28.250

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {05352811-120A-494E-8D4E-A6BD0F4C0C5B} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {2E566CD0-E8BA-4608-B344-F593C6FB56E6} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {62973BDC-4714-4A76-B3D1-C59FB833E61A} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {8728D987-ADA0-4D34-82FB-7EDCFBD49073} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {8E7DAC10-3779-44A8-A908-E5C182D6C8DA} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {A8504CF6-41FC-4237-8AF5-E83697A17758} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {CB9B3FC0-DDFF-4C6E-BC50-14C71BB58511} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {E676738A-5897-4A6F-B632-9DCB5C22BF90} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {FABA9D78-58A9-4288-A8B9-E68CDF299DD6} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-27] (Oracle Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> hxxp://www.delta-homes.com/?type=hp&ts=1444635 ... 9_C8F2D239

FireFox:
========
FF ProfilePath: C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll [2013-02-07] ( HP)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3882090170-638525116-1017874946-1002: @tools.google.com/Google Update;version=3 -> C:\Users\jiří mansfeld\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-3882090170-638525116-1017874946-1002: @tools.google.com/Google Update;version=9 -> C:\Users\jiří mansfeld\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-09] (Google Inc.)
FF Extension: Seznam lištička - C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-10]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2016-09-24] [not signed]

Chrome:
=======
CHR Profile: C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-30]
CHR Extension: (Dokumenty Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-01]
CHR Extension: (Disk Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (AVG Secure Search) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-02-24]
CHR Extension: (Vyhledávání Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Tabulky Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Website Logon) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbkhknacohfhbmmpnmbkgdffdbildof [2015-10-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-01-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
CHR Extension: (Gmail) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-01]
CHR Extension: (Chrome Media Router) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR HKU\S-1-5-21-3882090170-638525116-1017874946-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3882090170-638525116-1017874946-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hmbkhknacohfhbmmpnmbkgdffdbildof] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [971160 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337600 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [725976 2017-01-09] (AVG Technologies CZ, s.r.o.)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [339456 2016-11-11] (Microsoft Corporation)
S2 CDPUserSvc_6d144; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S2 CDPUserSvc_6d144; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-02-07] (HP)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [805888 2016-11-02] (Microsoft Corporation)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-12-25] (Hewlett-Packard Development Company, L.P.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-11-25] ()
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [668984 2013-02-07] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2017-02-06] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 RmSvc; C:\Windows\System32\RMapi.dll [140800 2016-10-04] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [260704 2016-09-02] (Synaptics Incorporated)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2013-03-19] () [File not signed]
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [349696 2016-10-04] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2016-10-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [635904 2016-11-02] (Microsoft Corporation)
S3 WpnUserService; C:\Windows\System32\WpnUserService.dll [74240 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_6d144; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_6d144; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [18432 2016-07-16] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [15360 2016-07-16] (Microsoft Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533856 2016-07-16] (QLogic Corporation)
S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [346976 2016-07-16] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104160 2016-07-16] (Chelsio Communications)
R2 clreg; C:\Windows\System32\drivers\registry.sys [70144 2016-07-16] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-22] (Disc Soft Ltd)
S3 DxVGrb; C:\Windows\system32\drivers\DxVGrb.sys [222464 2012-01-10] (Dexetek ) [File not signed]
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18816 2016-11-25] (Huawei Technologies Co., Ltd.)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2014-08-18] (Sony Mobile Communications)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [73568 2016-10-04] (Microsoft Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2016-07-16] (Intel(R) Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [64512 2016-07-16] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [35840 2016-07-16] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [48992 2016-11-02] (Microsoft Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-12-12] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-02-13] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-11-27] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [192312 2015-06-23] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_7c553af4468727c1\nvlddmkm.sys [14311352 2017-02-10] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58720 2016-07-16] (Avago Technologies)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [88416 2016-07-16] (Microsoft Corporation)
S3 scmdisk0101; C:\Windows\System32\drivers\scmdisk0101.sys [123904 2016-07-16] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [71264 2016-09-02] (Synaptics Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-02-15] (AVG Netherlands B.V.)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [108544 2016-07-16] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2016-07-16] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16224 2016-07-16] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [119648 2016-10-04] (Microsoft Corporation)
R2 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [66560 2016-07-16] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2016-01-06] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-06 20:16 - 2017-03-06 20:17 - 00031006 _____ C:\Users\jiří mansfeld\Desktop\FRST.txt
2017-03-06 20:14 - 2017-03-06 20:14 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-06 20:14 - 2017-03-06 20:14 - 00000000 ___HD C:\OneDriveTemp
2017-03-06 18:53 - 2017-03-06 18:54 - 04031440 _____ C:\Users\jiří mansfeld\Desktop\adwcleaner_6.044.exe
2017-03-05 20:56 - 2017-03-05 20:56 - 21983120 _____ C:\Users\jiří mansfeld\Downloads\DataCenter-win-5.1.19-000.exe
2017-03-05 20:56 - 2017-03-05 20:56 - 00002105 _____ C:\Users\jiří mansfeld\Desktop\SIGMA DATA CENTER.lnk
2017-03-05 20:56 - 2017-03-05 20:56 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sigma Data Center
2017-03-04 21:00 - 2017-03-04 21:00 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-03-04 21:00 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-03-04 21:00 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-03-04 21:00 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-03-04 21:00 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-02-11 13:31 - 2017-02-06 12:07 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-10 20:06 - 2017-02-10 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sigma Data Center
2017-02-10 20:05 - 2017-02-10 20:06 - 21982992 _____ C:\Users\jiří mansfeld\Downloads\DataCenter-win-5.1.18-000.exe
2017-02-10 17:59 - 2017-02-10 17:59 - 00048688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2017-02-10 17:58 - 2017-02-10 17:58 - 34719160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 28212784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 00956856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 00907704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 00446904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 00397240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 40132536 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 35231160 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 02958904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 02594744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 01995704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437682.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 01600056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437682.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 01052216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 00989752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-02-10 17:50 - 2017-02-10 17:50 - 11017016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-02-10 17:50 - 2017-02-10 17:50 - 10907872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-02-10 17:50 - 2017-02-10 17:50 - 09247336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-02-10 17:50 - 2017-02-10 17:50 - 09000328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 10453848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 08847008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00818496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00698728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00658400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00586968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00407240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00339144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-02-10 17:48 - 2017-02-10 17:48 - 03516760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-06 20:16 - 2015-10-20 17:59 - 00000000 ____D C:\FRST
2017-03-06 20:14 - 2017-01-01 12:25 - 00000000 ___RD C:\Users\jiří mansfeld\Disk Google
2017-03-06 20:14 - 2016-10-04 10:19 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-06 20:14 - 2016-10-04 09:57 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-06 20:14 - 2016-01-01 12:14 - 00000000 ____D C:\ProgramData\MFAData
2017-03-06 20:14 - 2015-08-02 17:59 - 00000000 __SHD C:\Users\jiří mansfeld\IntelGraphicsProfiles
2017-03-06 20:14 - 2014-01-03 18:02 - 00000000 __RDO C:\Users\jiří mansfeld\SkyDrive
2017-03-06 20:14 - 2013-09-24 09:26 - 00000000 ____D C:\Users\jiří mansfeld\AppData\LocalLow\AuthenTec
2017-03-06 20:13 - 2016-07-16 07:04 - 02097152 _____ C:\WINDOWS\system32\config\BBI
2017-03-06 19:05 - 2016-10-04 10:02 - 02384186 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-06 19:05 - 2016-07-16 23:25 - 00896078 _____ C:\WINDOWS\system32\perfh005.dat
2017-03-06 19:05 - 2016-07-16 23:25 - 00230794 _____ C:\WINDOWS\system32\perfc005.dat
2017-03-06 19:03 - 2013-09-24 14:06 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz
2017-03-06 18:58 - 2016-10-04 10:02 - 00000000 ____D C:\Users\jiří mansfeld
2017-03-06 18:56 - 2015-10-13 15:03 - 00000000 ____D C:\AdwCleaner
2017-03-06 18:52 - 2016-10-04 09:55 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-06 18:03 - 2016-10-04 10:18 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-03-06 18:03 - 2015-01-01 15:04 - 00000000 ____D C:\Temp
2017-03-06 17:11 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-06 17:11 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-05 20:56 - 2016-09-14 19:44 - 00000000 ____D C:\Program Files (x86)\Sigma Data Center
2017-03-05 16:38 - 2014-05-09 09:32 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\Seznam.cz
2017-03-05 16:32 - 2015-08-03 19:11 - 00000000 __SHD C:\Users\Lenka\IntelGraphicsProfiles
2017-03-05 16:32 - 2014-05-09 09:31 - 00000000 ____D C:\Users\Lenka\AppData\LocalLow\AuthenTec
2017-03-04 21:21 - 2015-09-30 19:46 - 00000000 ____D C:\Users\jiYí mansfeld\AppData\Local\JDownloader v2.0
2017-03-04 20:59 - 2016-10-04 09:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-04 20:59 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-04 20:25 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-28 21:39 - 2015-08-03 19:12 - 00002429 _____ C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-28 21:39 - 2014-05-09 09:33 - 00000000 ___RD C:\Users\Lenka\OneDrive
2017-02-28 13:33 - 2017-01-09 11:36 - 00000000 ____D C:\Users\jiří mansfeld\Desktop\dres 2017
2017-02-28 13:09 - 2016-12-13 12:01 - 00003284 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-28 13:09 - 2015-08-02 18:03 - 00002453 _____ C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-25 11:07 - 2016-10-04 10:02 - 00000000 ____D C:\Users\Lenka
2017-02-24 19:49 - 2013-09-25 20:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 19:45 - 2013-09-25 20:41 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-22 20:48 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-21 09:29 - 2016-01-07 12:01 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-02-19 17:02 - 2016-05-03 20:01 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Local\CrashDumps
2017-02-14 21:44 - 2013-09-24 12:19 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\AIMP3
2017-02-11 13:31 - 2016-10-04 09:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-11 13:31 - 2016-10-04 09:57 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-10 17:58 - 2017-01-17 05:56 - 14311352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2017-02-10 17:48 - 2016-09-12 20:10 - 03980944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-02-10 13:24 - 2016-08-02 23:05 - 00042286 _____ C:\WINDOWS\system32\nvinfo.pb
2017-02-06 21:38 - 2013-09-24 10:07 - 00002535 _____ C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 20:48 - 2017-01-11 20:13 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2017-01-11 20:13 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-06 12:37 - 2016-10-04 09:57 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

==================== Files in the root of some directories =======

2014-03-17 19:44 - 2016-03-09 10:38 - 0030455 _____ () C:\Users\jiří mansfeld\AppData\Local\MRDownloader.err
2014-10-01 11:23 - 2014-10-01 11:33 - 0000188 _____ () C:\Users\jiří mansfeld\AppData\Local\MRDownloader.log
2014-03-15 11:22 - 2016-03-09 10:38 - 0001120 _____ () C:\Users\jiří mansfeld\AppData\Local\MRDownloader.nast
2016-02-12 20:48 - 2016-02-12 20:48 - 0000017 _____ () C:\Users\jiří mansfeld\AppData\Local\resmon.resmoncfg
2013-09-26 19:17 - 2014-03-14 21:45 - 0043734 _____ () C:\Users\jiří mansfeld\AppData\Local\SRDownloader.err
2013-09-24 20:18 - 2014-03-14 21:45 - 0001088 _____ () C:\Users\jiří mansfeld\AppData\Local\SRDownloader.nast

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2017-03-05 19:07

==================== End of FRST.txt ============================

Re: prosím o kontrolu pc problém s omnibox

Napsal: 06 bře 2017 21:00
od Rudy
Smazáno. Nastala někalá změna?

Re: prosím o kontrolu pc problém s omnibox

Napsal: 09 bře 2017 14:55
od jirik78
jj je to ok.Moc děkuji

Re: prosím o kontrolu pc problém s omnibox

Napsal: 09 bře 2017 17:29
od Rudy
Rádo se stalo! :)