prosím o kontrolu pc problém s omnibox
Napsal: 06 bře 2017 18:08
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
Ran by jiří mansfeld (administrator) on MANY (06-03-2017 18:05:35)
Running from C:\Users\jiří mansfeld\Desktop
Loaded Profiles: jiří mansfeld (Available Profiles: jiří mansfeld & Lenka)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
==================== Registry (Whitelisted) ===========================
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 81.25.16.250 81.25.28.250
Tcpip\..\Interfaces\{94dc49ed-1706-48b3-8b8e-1adbee222ddc}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{989a064c-99a7-4eda-b4d4-31b13298ee7a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{c471df3e-ffe3-429c-992f-92d3274af196}: [DhcpNameServer] 81.25.16.250 81.25.28.250
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={6E1F8504-17F2-476B-A85B-702898208AE8}&mid=58358efceac647ccbadc71015a0d1678-ed51f830362347a4016d7987d3a64985d7e8bf86&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0616avz&pr=fr&d=2016-06-09 07:34:57&v=4.3.1.831&pid=wtu&sg=&sap=hp
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={6E1F8504-17F2-476B-A85B-702898208AE8}&mid=58358efceac647ccbadc71015a0d1678-ed51f830362347a4016d7987d3a64985d7e8bf86&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0616avz&pr=fr&d=2016-06-09 07:34:57&v=4.3.7.452&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {05352811-120A-494E-8D4E-A6BD0F4C0C5B} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {2E566CD0-E8BA-4608-B344-F593C6FB56E6} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {62973BDC-4714-4A76-B3D1-C59FB833E61A} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {8728D987-ADA0-4D34-82FB-7EDCFBD49073} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {8E7DAC10-3779-44A8-A908-E5C182D6C8DA} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={6E1F8504-17F2-476B-A85B-702898208AE8}&mid=58358efceac647ccbadc71015a0d1678-ed51f830362347a4016d7987d3a64985d7e8bf86&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0616avz&pr=fr&d=2016-06-09 07:34:57&v=4.3.7.452&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {A8504CF6-41FC-4237-8AF5-E83697A17758} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {CB9B3FC0-DDFF-4C6E-BC50-14C71BB58511} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {E676738A-5897-4A6F-B632-9DCB5C22BF90} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {FABA9D78-58A9-4288-A8B9-E68CDF299DD6} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll [2017-02-21] (AVG)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-27] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll [2017-02-21] (AVG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-27] (Oracle Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> hxxp://www.delta-homes.com/?type=hp&ts=1444635 ... 9_C8F2D239
FireFox:
========
FF ProfilePath: C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll [2013-02-07] ( HP)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.7\\npsitesafety.dll [No File]
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3882090170-638525116-1017874946-1002: @tools.google.com/Google Update;version=3 -> C:\Users\jiří mansfeld\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-3882090170-638525116-1017874946-1002: @tools.google.com/Google Update;version=9 -> C:\Users\jiří mansfeld\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-09] (Google Inc.)
FF SearchPlugin: C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\searchplugins\avg-secure-search.xml [2017-03-06]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2017-02-21]
FF Extension: AVG Web TuneUp - C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\Extensions\avg@toolbar.xpi [2017-02-21]
FF Extension: Seznam lištička - C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-10]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2016-09-24] [not signed]
Chrome:
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR DefaultSearchURL: Default -> hxxp://www.omniboxes.com/web/?type=ds&ts=14486 ... earchTerms}
CHR DefaultSearchKeyword: Default -> omniboxes
CHR Profile: C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-30]
CHR Extension: (Dokumenty Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-01]
CHR Extension: (Disk Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (AVG Secure Search) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-02-24]
CHR Extension: (Vyhledávání Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Tabulky Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Website Logon) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbkhknacohfhbmmpnmbkgdffdbildof [2015-10-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-01-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
CHR Extension: (Gmail) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-01]
CHR Extension: (Chrome Media Router) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR HKU\S-1-5-21-3882090170-638525116-1017874946-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3882090170-638525116-1017874946-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hmbkhknacohfhbmmpnmbkgdffdbildof] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [971160 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337600 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [725976 2017-01-09] (AVG Technologies CZ, s.r.o.)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [339456 2016-11-11] (Microsoft Corporation)
S2 CDPUserSvc_8c764; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S2 CDPUserSvc_8c764; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-02-07] (HP)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [805888 2016-11-02] (Microsoft Corporation)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-12-25] (Hewlett-Packard Development Company, L.P.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-11-25] ()
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [668984 2013-02-07] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2017-02-06] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 RmSvc; C:\Windows\System32\RMapi.dll [140800 2016-10-04] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [260704 2016-09-02] (Synaptics Incorporated)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2013-03-19] () [File not signed]
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [349696 2016-10-04] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2016-10-04] (Microsoft Corporation)
R2 vToolbarUpdater40.3.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.7\ToolbarUpdater.exe [1354312 2017-02-21] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [635904 2016-11-02] (Microsoft Corporation)
S3 WpnUserService; C:\Windows\System32\WpnUserService.dll [74240 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_8c764; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_8c764; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [981576 2017-02-21] ()
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [18432 2016-07-16] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [15360 2016-07-16] (Microsoft Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533856 2016-07-16] (QLogic Corporation)
S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [346976 2016-07-16] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104160 2016-07-16] (Chelsio Communications)
R2 clreg; C:\Windows\System32\drivers\registry.sys [70144 2016-07-16] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-22] (Disc Soft Ltd)
S3 DxVGrb; C:\Windows\system32\drivers\DxVGrb.sys [222464 2012-01-10] (Dexetek ) [File not signed]
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18816 2016-11-25] (Huawei Technologies Co., Ltd.)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2014-08-18] (Sony Mobile Communications)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [73568 2016-10-04] (Microsoft Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2016-07-16] (Intel(R) Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [64512 2016-07-16] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [35840 2016-07-16] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [48992 2016-11-02] (Microsoft Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-12-12] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-02-13] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-11-27] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [192312 2015-06-23] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_7c553af4468727c1\nvlddmkm.sys [14311352 2017-02-10] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58720 2016-07-16] (Avago Technologies)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [88416 2016-07-16] (Microsoft Corporation)
S3 scmdisk0101; C:\Windows\System32\drivers\scmdisk0101.sys [123904 2016-07-16] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [71264 2016-09-02] (Synaptics Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-02-15] (AVG Netherlands B.V.)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [108544 2016-07-16] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2016-07-16] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16224 2016-07-16] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [119648 2016-10-04] (Microsoft Corporation)
R2 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [66560 2016-07-16] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2016-01-06] ()
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-06 18:05 - 2017-03-06 18:06 - 00023995 _____ C:\Users\jiří mansfeld\Desktop\FRST.txt
2017-03-06 18:03 - 2017-03-06 18:03 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-06 18:03 - 2017-03-06 18:03 - 00000000 ___HD C:\OneDriveTemp
2017-03-06 18:03 - 2017-03-06 18:03 - 00000000 ____D C:\_MEI96882
2017-03-06 18:01 - 2017-03-06 18:03 - 00008929 _____ C:\Users\jiří mansfeld\Desktop\Fixlog.txt
2017-03-05 20:56 - 2017-03-05 20:56 - 21983120 _____ C:\Users\jiří mansfeld\Downloads\DataCenter-win-5.1.19-000.exe
2017-03-05 20:56 - 2017-03-05 20:56 - 00002105 _____ C:\Users\jiří mansfeld\Desktop\SIGMA DATA CENTER.lnk
2017-03-05 20:56 - 2017-03-05 20:56 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sigma Data Center
2017-03-04 21:00 - 2017-03-04 21:00 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-03-04 21:00 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-03-04 21:00 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-03-04 21:00 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-03-04 21:00 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-03-04 20:59 - 2017-03-04 20:59 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-02-11 13:31 - 2017-02-06 12:07 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-10 20:06 - 2017-02-10 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sigma Data Center
2017-02-10 20:05 - 2017-02-10 20:06 - 21982992 _____ C:\Users\jiří mansfeld\Downloads\DataCenter-win-5.1.18-000.exe
2017-02-10 17:59 - 2017-02-10 17:59 - 00048688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2017-02-10 17:58 - 2017-02-10 17:58 - 34719160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 28212784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 00956856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 00907704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 00446904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 00397240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 40132536 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 35231160 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 02958904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 02594744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 01995704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437682.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 01600056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437682.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 01052216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 00989752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-02-10 17:50 - 2017-02-10 17:50 - 11017016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-02-10 17:50 - 2017-02-10 17:50 - 10907872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-02-10 17:50 - 2017-02-10 17:50 - 09247336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-02-10 17:50 - 2017-02-10 17:50 - 09000328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 10453848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 08847008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00818496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00698728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00658400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00586968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00407240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00339144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-02-10 17:48 - 2017-02-10 17:48 - 03516760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-06 18:05 - 2015-10-20 17:59 - 00000000 ____D C:\FRST
2017-03-06 18:03 - 2017-01-01 12:25 - 00000000 ___RD C:\Users\jiří mansfeld\Disk Google
2017-03-06 18:03 - 2016-10-04 10:18 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-03-06 18:03 - 2016-10-04 10:02 - 00000000 ____D C:\Users\jiří mansfeld
2017-03-06 18:03 - 2016-01-01 12:14 - 00000000 ____D C:\ProgramData\MFAData
2017-03-06 18:03 - 2015-08-02 17:59 - 00000000 __SHD C:\Users\jiří mansfeld\IntelGraphicsProfiles
2017-03-06 18:03 - 2015-01-01 15:04 - 00000000 ____D C:\Temp
2017-03-06 18:03 - 2014-01-03 18:02 - 00000000 __RDO C:\Users\jiří mansfeld\SkyDrive
2017-03-06 18:03 - 2013-09-24 09:26 - 00000000 ____D C:\Users\jiří mansfeld\AppData\LocalLow\AuthenTec
2017-03-06 18:02 - 2016-10-04 10:19 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-06 18:02 - 2016-10-04 09:57 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-06 18:02 - 2016-07-16 07:04 - 02097152 _____ C:\WINDOWS\system32\config\BBI
2017-03-06 17:41 - 2016-10-04 09:55 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-06 17:13 - 2013-09-24 14:06 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz
2017-03-06 17:11 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-06 17:11 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-05 20:56 - 2016-09-14 19:44 - 00000000 ____D C:\Program Files (x86)\Sigma Data Center
2017-03-05 16:38 - 2014-05-09 09:32 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\Seznam.cz
2017-03-05 16:32 - 2015-08-03 19:11 - 00000000 __SHD C:\Users\Lenka\IntelGraphicsProfiles
2017-03-05 16:32 - 2014-05-09 09:31 - 00000000 ____D C:\Users\Lenka\AppData\LocalLow\AuthenTec
2017-03-04 21:21 - 2015-09-30 19:46 - 00000000 ____D C:\Users\jiYí mansfeld\AppData\Local\JDownloader v2.0
2017-03-04 20:59 - 2016-10-04 09:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-04 20:59 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-04 20:25 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-28 21:39 - 2015-08-03 19:12 - 00002429 _____ C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-28 21:39 - 2014-05-09 09:33 - 00000000 ___RD C:\Users\Lenka\OneDrive
2017-02-28 13:33 - 2017-01-09 11:36 - 00000000 ____D C:\Users\jiří mansfeld\Desktop\dres 2017
2017-02-28 13:09 - 2016-12-13 12:01 - 00003284 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-28 13:09 - 2015-08-02 18:03 - 00002453 _____ C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-25 11:15 - 2016-10-04 10:02 - 02326886 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-25 11:15 - 2016-07-16 23:25 - 00866482 _____ C:\WINDOWS\system32\perfh005.dat
2017-02-25 11:15 - 2016-07-16 23:25 - 00221994 _____ C:\WINDOWS\system32\perfc005.dat
2017-02-25 11:07 - 2016-10-04 10:02 - 00000000 ____D C:\Users\Lenka
2017-02-24 19:49 - 2013-09-25 20:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 19:45 - 2013-09-25 20:41 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-22 20:48 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-21 20:24 - 2016-06-09 06:34 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2017-02-21 20:24 - 2016-06-09 06:34 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2017-02-21 09:29 - 2016-01-07 12:01 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-02-19 17:02 - 2016-05-03 20:01 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Local\CrashDumps
2017-02-14 21:44 - 2013-09-24 12:19 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\AIMP3
2017-02-11 13:31 - 2016-10-04 09:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-11 13:31 - 2016-10-04 09:57 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-10 17:58 - 2017-01-17 05:56 - 14311352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2017-02-10 17:48 - 2016-09-12 20:10 - 03980944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-02-10 13:24 - 2016-08-02 23:05 - 00042286 _____ C:\WINDOWS\system32\nvinfo.pb
2017-02-06 21:38 - 2013-09-24 10:07 - 00002535 _____ C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 20:48 - 2017-01-11 20:13 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2017-01-11 20:13 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-06 17:03 - 2016-06-09 06:34 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2017-02-06 12:37 - 2016-10-04 09:57 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
==================== Files in the root of some directories =======
2014-03-17 19:44 - 2016-03-09 10:38 - 0030455 _____ () C:\Users\jiří mansfeld\AppData\Local\MRDownloader.err
2014-10-01 11:23 - 2014-10-01 11:33 - 0000188 _____ () C:\Users\jiří mansfeld\AppData\Local\MRDownloader.log
2014-03-15 11:22 - 2016-03-09 10:38 - 0001120 _____ () C:\Users\jiří mansfeld\AppData\Local\MRDownloader.nast
2016-02-12 20:48 - 2016-02-12 20:48 - 0000017 _____ () C:\Users\jiří mansfeld\AppData\Local\resmon.resmoncfg
2013-09-26 19:17 - 2014-03-14 21:45 - 0043734 _____ () C:\Users\jiří mansfeld\AppData\Local\SRDownloader.err
2013-09-24 20:18 - 2014-03-14 21:45 - 0001088 _____ () C:\Users\jiří mansfeld\AppData\Local\SRDownloader.nast
Some files in TEMP:
====================
C:\Users\Lenka\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-03-05 19:07
==================== End of FRST.txt ============================
Ran by jiří mansfeld (administrator) on MANY (06-03-2017 18:05:35)
Running from C:\Users\jiří mansfeld\Desktop
Loaded Profiles: jiří mansfeld (Available Profiles: jiří mansfeld & Lenka)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
==================== Registry (Whitelisted) ===========================
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 81.25.16.250 81.25.28.250
Tcpip\..\Interfaces\{94dc49ed-1706-48b3-8b8e-1adbee222ddc}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{989a064c-99a7-4eda-b4d4-31b13298ee7a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{c471df3e-ffe3-429c-992f-92d3274af196}: [DhcpNameServer] 81.25.16.250 81.25.28.250
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3882090170-638525116-1017874946-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={6E1F8504-17F2-476B-A85B-702898208AE8}&mid=58358efceac647ccbadc71015a0d1678-ed51f830362347a4016d7987d3a64985d7e8bf86&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0616avz&pr=fr&d=2016-06-09 07:34:57&v=4.3.1.831&pid=wtu&sg=&sap=hp
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={6E1F8504-17F2-476B-A85B-702898208AE8}&mid=58358efceac647ccbadc71015a0d1678-ed51f830362347a4016d7987d3a64985d7e8bf86&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0616avz&pr=fr&d=2016-06-09 07:34:57&v=4.3.7.452&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {05352811-120A-494E-8D4E-A6BD0F4C0C5B} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {2E566CD0-E8BA-4608-B344-F593C6FB56E6} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {62973BDC-4714-4A76-B3D1-C59FB833E61A} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {8728D987-ADA0-4D34-82FB-7EDCFBD49073} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {8E7DAC10-3779-44A8-A908-E5C182D6C8DA} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={6E1F8504-17F2-476B-A85B-702898208AE8}&mid=58358efceac647ccbadc71015a0d1678-ed51f830362347a4016d7987d3a64985d7e8bf86&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0616avz&pr=fr&d=2016-06-09 07:34:57&v=4.3.7.452&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {A8504CF6-41FC-4237-8AF5-E83697A17758} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {CB9B3FC0-DDFF-4C6E-BC50-14C71BB58511} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {E676738A-5897-4A6F-B632-9DCB5C22BF90} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> {FABA9D78-58A9-4288-A8B9-E68CDF299DD6} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll [2017-02-21] (AVG)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-27] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll [2017-02-21] (AVG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-27] (Oracle Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3882090170-638525116-1017874946-1002 -> hxxp://www.delta-homes.com/?type=hp&ts=1444635 ... 9_C8F2D239
FireFox:
========
FF ProfilePath: C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll [2013-02-07] ( HP)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.7\\npsitesafety.dll [No File]
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3882090170-638525116-1017874946-1002: @tools.google.com/Google Update;version=3 -> C:\Users\jiří mansfeld\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-3882090170-638525116-1017874946-1002: @tools.google.com/Google Update;version=9 -> C:\Users\jiří mansfeld\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-09] (Google Inc.)
FF SearchPlugin: C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\searchplugins\avg-secure-search.xml [2017-03-06]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2017-02-21]
FF Extension: AVG Web TuneUp - C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\Extensions\avg@toolbar.xpi [2017-02-21]
FF Extension: Seznam lištička - C:\Users\jiří mansfeld\AppData\Roaming\Mozilla\Firefox\Profiles\u1d1ubb9.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-10]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2016-09-24] [not signed]
Chrome:
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR DefaultSearchURL: Default -> hxxp://www.omniboxes.com/web/?type=ds&ts=14486 ... earchTerms}
CHR DefaultSearchKeyword: Default -> omniboxes
CHR Profile: C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-30]
CHR Extension: (Dokumenty Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-01]
CHR Extension: (Disk Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (AVG Secure Search) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-02-24]
CHR Extension: (Vyhledávání Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Tabulky Google) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Website Logon) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbkhknacohfhbmmpnmbkgdffdbildof [2015-10-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-01-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
CHR Extension: (Gmail) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-01]
CHR Extension: (Chrome Media Router) - C:\Users\jiří mansfeld\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR HKU\S-1-5-21-3882090170-638525116-1017874946-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3882090170-638525116-1017874946-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hmbkhknacohfhbmmpnmbkgdffdbildof] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [971160 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337600 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [725976 2017-01-09] (AVG Technologies CZ, s.r.o.)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [339456 2016-11-11] (Microsoft Corporation)
S2 CDPUserSvc_8c764; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S2 CDPUserSvc_8c764; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-02-07] (HP)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [805888 2016-11-02] (Microsoft Corporation)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-12-25] (Hewlett-Packard Development Company, L.P.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-11-25] ()
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [668984 2013-02-07] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2017-02-06] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 RmSvc; C:\Windows\System32\RMapi.dll [140800 2016-10-04] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [260704 2016-09-02] (Synaptics Incorporated)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2013-03-19] () [File not signed]
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [349696 2016-10-04] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2016-10-04] (Microsoft Corporation)
R2 vToolbarUpdater40.3.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.7\ToolbarUpdater.exe [1354312 2017-02-21] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [635904 2016-11-02] (Microsoft Corporation)
S3 WpnUserService; C:\Windows\System32\WpnUserService.dll [74240 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_8c764; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_8c764; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [981576 2017-02-21] ()
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [18432 2016-07-16] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [15360 2016-07-16] (Microsoft Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533856 2016-07-16] (QLogic Corporation)
S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [346976 2016-07-16] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104160 2016-07-16] (Chelsio Communications)
R2 clreg; C:\Windows\System32\drivers\registry.sys [70144 2016-07-16] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-22] (Disc Soft Ltd)
S3 DxVGrb; C:\Windows\system32\drivers\DxVGrb.sys [222464 2012-01-10] (Dexetek ) [File not signed]
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18816 2016-11-25] (Huawei Technologies Co., Ltd.)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2014-08-18] (Sony Mobile Communications)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [73568 2016-10-04] (Microsoft Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2016-07-16] (Intel(R) Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [64512 2016-07-16] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [35840 2016-07-16] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [48992 2016-11-02] (Microsoft Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-12-12] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-02-13] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-11-27] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [192312 2015-06-23] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_7c553af4468727c1\nvlddmkm.sys [14311352 2017-02-10] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58720 2016-07-16] (Avago Technologies)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [88416 2016-07-16] (Microsoft Corporation)
S3 scmdisk0101; C:\Windows\System32\drivers\scmdisk0101.sys [123904 2016-07-16] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [71264 2016-09-02] (Synaptics Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-02-15] (AVG Netherlands B.V.)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [108544 2016-07-16] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2016-07-16] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16224 2016-07-16] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [119648 2016-10-04] (Microsoft Corporation)
R2 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [66560 2016-07-16] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2016-01-06] ()
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-06 18:05 - 2017-03-06 18:06 - 00023995 _____ C:\Users\jiří mansfeld\Desktop\FRST.txt
2017-03-06 18:03 - 2017-03-06 18:03 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-06 18:03 - 2017-03-06 18:03 - 00000000 ___HD C:\OneDriveTemp
2017-03-06 18:03 - 2017-03-06 18:03 - 00000000 ____D C:\_MEI96882
2017-03-06 18:01 - 2017-03-06 18:03 - 00008929 _____ C:\Users\jiří mansfeld\Desktop\Fixlog.txt
2017-03-05 20:56 - 2017-03-05 20:56 - 21983120 _____ C:\Users\jiří mansfeld\Downloads\DataCenter-win-5.1.19-000.exe
2017-03-05 20:56 - 2017-03-05 20:56 - 00002105 _____ C:\Users\jiří mansfeld\Desktop\SIGMA DATA CENTER.lnk
2017-03-05 20:56 - 2017-03-05 20:56 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sigma Data Center
2017-03-04 21:00 - 2017-03-04 21:00 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-03-04 21:00 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-03-04 21:00 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-03-04 21:00 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-03-04 21:00 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-03-04 20:59 - 2017-03-04 20:59 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-02-11 13:31 - 2017-02-06 12:07 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-10 20:06 - 2017-02-10 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sigma Data Center
2017-02-10 20:05 - 2017-02-10 20:06 - 21982992 _____ C:\Users\jiří mansfeld\Downloads\DataCenter-win-5.1.18-000.exe
2017-02-10 17:59 - 2017-02-10 17:59 - 00048688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2017-02-10 17:58 - 2017-02-10 17:58 - 34719160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 28212784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 00956856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 00907704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 00446904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-02-10 17:58 - 2017-02-10 17:58 - 00397240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 40132536 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 35231160 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 02958904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 02594744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 01995704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437682.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 01600056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437682.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 01052216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-02-10 17:57 - 2017-02-10 17:57 - 00989752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-02-10 17:50 - 2017-02-10 17:50 - 11017016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-02-10 17:50 - 2017-02-10 17:50 - 10907872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-02-10 17:50 - 2017-02-10 17:50 - 09247336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-02-10 17:50 - 2017-02-10 17:50 - 09000328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 10453848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 08847008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00818496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00698728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00658400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00586968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00407240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-02-10 17:49 - 2017-02-10 17:49 - 00339144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-02-10 17:48 - 2017-02-10 17:48 - 03516760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-06 18:05 - 2015-10-20 17:59 - 00000000 ____D C:\FRST
2017-03-06 18:03 - 2017-01-01 12:25 - 00000000 ___RD C:\Users\jiří mansfeld\Disk Google
2017-03-06 18:03 - 2016-10-04 10:18 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-03-06 18:03 - 2016-10-04 10:02 - 00000000 ____D C:\Users\jiří mansfeld
2017-03-06 18:03 - 2016-01-01 12:14 - 00000000 ____D C:\ProgramData\MFAData
2017-03-06 18:03 - 2015-08-02 17:59 - 00000000 __SHD C:\Users\jiří mansfeld\IntelGraphicsProfiles
2017-03-06 18:03 - 2015-01-01 15:04 - 00000000 ____D C:\Temp
2017-03-06 18:03 - 2014-01-03 18:02 - 00000000 __RDO C:\Users\jiří mansfeld\SkyDrive
2017-03-06 18:03 - 2013-09-24 09:26 - 00000000 ____D C:\Users\jiří mansfeld\AppData\LocalLow\AuthenTec
2017-03-06 18:02 - 2016-10-04 10:19 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-06 18:02 - 2016-10-04 09:57 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-06 18:02 - 2016-07-16 07:04 - 02097152 _____ C:\WINDOWS\system32\config\BBI
2017-03-06 17:41 - 2016-10-04 09:55 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-06 17:13 - 2013-09-24 14:06 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\Seznam.cz
2017-03-06 17:11 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-06 17:11 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-05 20:56 - 2016-09-14 19:44 - 00000000 ____D C:\Program Files (x86)\Sigma Data Center
2017-03-05 16:38 - 2014-05-09 09:32 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\Seznam.cz
2017-03-05 16:32 - 2015-08-03 19:11 - 00000000 __SHD C:\Users\Lenka\IntelGraphicsProfiles
2017-03-05 16:32 - 2014-05-09 09:31 - 00000000 ____D C:\Users\Lenka\AppData\LocalLow\AuthenTec
2017-03-04 21:21 - 2015-09-30 19:46 - 00000000 ____D C:\Users\jiYí mansfeld\AppData\Local\JDownloader v2.0
2017-03-04 20:59 - 2016-10-04 09:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-04 20:59 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-04 20:25 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-28 21:39 - 2015-08-03 19:12 - 00002429 _____ C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-28 21:39 - 2014-05-09 09:33 - 00000000 ___RD C:\Users\Lenka\OneDrive
2017-02-28 13:33 - 2017-01-09 11:36 - 00000000 ____D C:\Users\jiří mansfeld\Desktop\dres 2017
2017-02-28 13:09 - 2016-12-13 12:01 - 00003284 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-28 13:09 - 2015-08-02 18:03 - 00002453 _____ C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-25 11:15 - 2016-10-04 10:02 - 02326886 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-25 11:15 - 2016-07-16 23:25 - 00866482 _____ C:\WINDOWS\system32\perfh005.dat
2017-02-25 11:15 - 2016-07-16 23:25 - 00221994 _____ C:\WINDOWS\system32\perfc005.dat
2017-02-25 11:07 - 2016-10-04 10:02 - 00000000 ____D C:\Users\Lenka
2017-02-24 19:49 - 2013-09-25 20:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 19:45 - 2013-09-25 20:41 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-22 20:48 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-21 20:24 - 2016-06-09 06:34 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2017-02-21 20:24 - 2016-06-09 06:34 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2017-02-21 09:29 - 2016-01-07 12:01 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-02-19 17:02 - 2016-05-03 20:01 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Local\CrashDumps
2017-02-14 21:44 - 2013-09-24 12:19 - 00000000 ____D C:\Users\jiří mansfeld\AppData\Roaming\AIMP3
2017-02-11 13:31 - 2016-10-04 09:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-11 13:31 - 2016-10-04 09:57 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-10 17:58 - 2017-01-17 05:56 - 14311352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2017-02-10 17:48 - 2016-09-12 20:10 - 03980944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-02-10 13:24 - 2016-08-02 23:05 - 00042286 _____ C:\WINDOWS\system32\nvinfo.pb
2017-02-06 21:38 - 2013-09-24 10:07 - 00002535 _____ C:\Users\jiří mansfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 20:48 - 2017-01-11 20:13 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2017-01-11 20:13 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-06 17:03 - 2016-06-09 06:34 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2017-02-06 12:37 - 2016-10-04 09:57 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-02-06 12:37 - 2016-10-04 09:57 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
==================== Files in the root of some directories =======
2014-03-17 19:44 - 2016-03-09 10:38 - 0030455 _____ () C:\Users\jiří mansfeld\AppData\Local\MRDownloader.err
2014-10-01 11:23 - 2014-10-01 11:33 - 0000188 _____ () C:\Users\jiří mansfeld\AppData\Local\MRDownloader.log
2014-03-15 11:22 - 2016-03-09 10:38 - 0001120 _____ () C:\Users\jiří mansfeld\AppData\Local\MRDownloader.nast
2016-02-12 20:48 - 2016-02-12 20:48 - 0000017 _____ () C:\Users\jiří mansfeld\AppData\Local\resmon.resmoncfg
2013-09-26 19:17 - 2014-03-14 21:45 - 0043734 _____ () C:\Users\jiří mansfeld\AppData\Local\SRDownloader.err
2013-09-24 20:18 - 2014-03-14 21:45 - 0001088 _____ () C:\Users\jiří mansfeld\AppData\Local\SRDownloader.nast
Some files in TEMP:
====================
C:\Users\Lenka\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-03-05 19:07
==================== End of FRST.txt ============================