VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Neustálé hlášky Avastu - URL:Mal

https://forum.viry.cz:443/viewtopic.php?t=151612

Stránka 1 z 1

Neustálé hlášky Avastu - URL:Mal

Napsal: 11 bře 2017 22:25
od tompson606
Dobrý večer,
prosím o kontrolu PC. Avast začal hlásit co pár minut nějakou hrozbu URL:Mal. Název infekce stejný, jen se pokaždé liší ta URL adresa - viz. screen. Přitom mám momentálně v Chromu otevřenou jen stránku forum.viry.cz, nic jiného. Jen při vkládání tohoto příspěvku to vyskočilo asi pětkrát. Předem díky.
Zde log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-03-2017 01
Ran by tompson606 (administrator) on TOMAS-NB (11-03-2017 21:59:17)
Running from C:\Users\tompson606\Desktop
Loaded Profiles: tompson606 & NeroMediaHomeUser.4 (Available Profiles: tompson606 & AC & NeroMediaHomeUser.4)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Users\tompson606\Downloads\CoreTemp32\Core Temp.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\56.0.2924.51\remoting_host.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\56.0.2924.51\remoting_host.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Spotify Ltd) C:\Users\tompson606\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(POTI, Inc.) C:\Program Files (x86)\Songbird\songbird.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-02-07] (IDT, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285832 2013-01-02] (Intel Corporation)
HKLM-x32\...\Run: [CLWCSM] => c:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe [249096 2013-02-20] (cyberlink)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [13685464 2013-03-06] (Hewlett-Packard)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2013-02-01] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167488 2013-02-01] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-11-21] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493088 2012-11-21] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-02-12] (AVAST Software)
HKLM-x32\...\Run: [DataCardMonitor] => C:\Program Files (x86)\3G HSDPA Modem\drv\DataCardMonitor.exe [345088 2011-03-07] (TODO: <Company name>)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-05-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKLM-x32\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5179880 2012-12-20] (Nero AG)
HKLM-x32\...\Run: [NBKeyScan] => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
HKLM-x32\...\Run: [HP HD Webcam Driver_Monitor] => C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1193728 2016-08-10] (PDF Complete Inc)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [Spotify Web Helper] => C:\Users\tompson606\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2541160 2015-10-18] (Spotify Ltd)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [PC Remote Server] => C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe [1190648 2014-10-12] (PC Remote)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe /start
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2162152 2015-08-06] (Gemfor s.r.o.)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [Akamai NetSession Interface] => C:\Users\tompson606\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Policies\Explorer: []
HKU\S-1-5-21-2051496915-2526895320-1986910058-1009\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2162152 2015-08-06] (Gemfor s.r.o.)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-12] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-12] (AVAST Software)
ShellIconOverlayIdentifiers: [0TheftProtectionDll] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2015 Rychlé spuštění.lnk [2015-10-09]
ShortcutTarget: SOLIDWORKS 2015 Rychlé spuštění.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Nástroj pro stahování na pozadí.lnk [2015-10-09]
ShortcutTarget: SolidWorks Nástroj pro stahování na pozadí.lnk -> C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2017-02-20]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\tompson606\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2016-01-26]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{24A026BC-CCEF-498E-98D4-252C5090C956}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6A9453B1-EE4F-48DF-91E6-82FE433C4AE4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A698B053-B5BD-4A11-A171-BDCA219ACBE8}: [DhcpNameServer] 10.1.0.1
Tcpip\..\Interfaces\{D96A244D-7C27-4AE7-B655-D0523BAD79C0}: [DhcpNameServer] 192.168.44.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&r ... d=ie7&rlz=
URLSearchHook: [S-1-5-21-2051496915-2526895320-1986910058-1009] ATTENTION => Default URLSearchHook is missing
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-24] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-02-12] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-24] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-02-12] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-24] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-01-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\tompson606\AppData\Roaming\Songbird2\Profiles\ra7fsnxg.default [2017-03-10]
FF NetworkProxy: Songbird2\Profiles\ra7fsnxg.default -> no_proxies_on", "127.0.0.1;localhost"
FF Extension: (Artwork Extras) - C:\Program Files (x86)\Songbird\extensions\albumart@songbirdnest.com [2016-04-25] [not signed]
FF Extension: (gonzo) - C:\Program Files (x86)\Songbird\extensions\gonzo@songbirdnest.com [2016-04-25] [not signed]
FF Extension: (Philips addon manager) - C:\Program Files (x86)\Songbird\extensions\philips-addon-manager@songbirdnest.com [2016-04-25] [not signed]
FF Extension: (Pink Martini) - C:\Program Files (x86)\Songbird\extensions\pinkmartini@songbirdnest.com [2016-04-25] [not signed]
FF Extension: (Purple Rain) - C:\Program Files (x86)\Songbird\extensions\purplerain@songbirdnest.com [2016-04-25] [not signed]
FF Extension: (Media Sharing) - C:\Program Files (x86)\Songbird\extensions\sharing@songbirdnest.com [2016-04-25] [not signed]
FF Extension: (Songbird.me) - C:\Program Files (x86)\Songbird\extensions\soundboard@songbirdnest.com [2016-04-25] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-02-02]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-02-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: (HP Client Security Manager) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2016-01-03] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-17] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-24] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-17] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2015-09-28] (DigitalPersona, Inc.)
FF Plugin HKU\S-1-5-21-2051496915-2526895320-1986910058-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\tompson606\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2051496915-2526895320-1986910058-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-08-09] (Ubisoft)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> http://www.google.com
CHR StartupUrls: Default -> "www.google.com"
CHR Profile: C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default [2017-03-11]
CHR Extension: (Disk Google) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (James White) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2014-04-11]
CHR Extension: (YouTube) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Pushbullet) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2016-10-28]
CHR Extension: (Vyhledávání Google) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Unit Converter) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbiicdapcioonpclifmhmcnhhdegnpke [2016-04-14]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-02-08]
CHR Extension: (AdBlock) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-25]
CHR Extension: (Avast Online Security) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-03]
CHR Profile: C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-02-24]
CHR HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2015-09-28]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7142136 2017-02-14] (AVAST Software s.r.o.)
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-02-12] (AVAST Software)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\56.0.2924.51\remoting_host.exe [72024 2017-01-03] (Google Inc.)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [502232 2015-09-28] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [556856 2013-03-04] (Hewlett-Packard Company)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-10-08] (Freemake) [File not signed]
S3 HotSpotSrv; C:\Program Files (x86)\Hewlett-Packard\HP Wireless Hotspot\HotSpotSrv.exe [372920 2013-09-18] (Hewlett-Packard Development Company, L.P.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [318568 2015-02-07] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [130592 2012-10-22] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166432 2012-10-22] (Intel Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [419096 2015-08-25] (Gemfor s.r.o.)
R2 NeroMediaHomeService.4; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [518632 2012-12-20] (Nero AG)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3535512 2015-11-29] (INCA Internet Co., Ltd.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-03-21] (Electronic Arts)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1719040 2016-08-10] (PDF Complete Inc)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-12-16] ()
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2013-11-15] (SolidWorks) [File not signed]
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-02-07] (IDT, Inc.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309784 2017-02-12] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-02-12] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-02-12] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-02-12] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-02-12] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32088 2017-02-12] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126088 2017-02-12] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-02-12] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [74680 2017-02-12] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [991496 2017-02-12] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [547904 2017-02-12] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-02-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337080 2017-02-12] (AVAST Software)
U3 BthHFSrv; C:\WINDOWS\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
U3 BthHFSrv; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 clwcsm; C:\WINDOWS\system32\DRIVERS\clwcsm.sys [42944 2013-02-19] (CyberLink Corporation)
R3 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
S3 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [65752 2013-02-18] (Hewlett-Packard Company)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-12-17] (Disc Soft Ltd)
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2013-02-04] (GEAR Software Inc.)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [43968 2017-03-11] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251840 2017-03-11] (Malwarebytes)
R3 netr28x; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2432656 2014-08-12] (MediaTek Inc.)
S3 OSFMount; C:\Program Files (x86)\Counter-Strike Global Offensive\image\x64\OSFMount.sys [552888 2013-10-18] (PassMark Software)
R0 PinFile; C:\WINDOWS\System32\DRIVERS\PinFile.sys [49856 2013-08-22] (WinMagic Inc.)
S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1205872 2016-01-29] (Ralink Technology, Corp.)
S3 RTSPER; C:\WINDOWS\System32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
R0 SDDisk2K; C:\WINDOWS\System32\DRIVERS\SDDisk2K.sys [228544 2013-08-22] (WinMagic Inc.)
R0 SDDToki; C:\WINDOWS\System32\DRIVERS\SDDToki.sys [131264 2013-08-22] (WinMagic Inc.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11616 2000-09-05] () [File not signed]
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-01-11] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [32496 2013-01-11] (Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv_x64.sys [1513208 2016-04-01] (Sunplus)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-24] (HP)
R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-24] (HP)
R3 ALSysIO; \??\C:\Users\TOMPSO~1\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 BtAudioBusSrv; \SystemRoot\System32\Drivers\BtAudioBus.sys [X]
S3 BthL2caScoIfSrv; \SystemRoot\System32\Drivers\BtL2caScoIf.sys [X]
S3 btUrbFilterDrv; \SystemRoot\System32\Drivers\IvtUrbBtFlt.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-11 21:59 - 2017-03-11 22:00 - 00035800 _____ C:\Users\tompson606\Desktop\FRST.txt
2017-03-11 21:55 - 2017-03-11 21:55 - 02424320 _____ (Farbar) C:\Users\tompson606\Desktop\FRST64.exe
2017-03-11 20:21 - 2017-03-11 20:21 - 00001078 _____ C:\WINDOWS\system32dbgraw.bmp
2017-03-11 01:05 - 2017-03-11 01:16 - 00000000 ___HD C:\Users\tompson606\AppData\Local\SysHashTable
2017-03-10 22:24 - 2017-03-11 01:06 - 00000000 ____D C:\Users\tompson606\Downloads\Siemens Solid Edge ST9
2017-03-10 22:23 - 2017-03-10 22:23 - 00033013 _____ C:\Users\tompson606\Downloads\Siemens Solid Edge ST9.torrent
2017-03-10 20:59 - 2017-03-10 20:59 - 00003892 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1473791175
2017-03-10 20:59 - 2017-03-10 20:59 - 00001032 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-10 20:47 - 2017-03-10 20:47 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-10 20:42 - 2017-03-10 20:43 - 01133504 _____ C:\WINDOWS\Minidump\031017-28671-01.dmp
2017-03-10 09:14 - 2017-03-10 20:43 - 00000370 _____ C:\WINDOWS\Tasks\HPCeeScheduleFortompson606.job
2017-03-10 09:14 - 2017-03-10 09:14 - 00003194 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleFortompson606
2017-03-08 19:37 - 2017-03-08 19:37 - 00088741 _____ C:\Users\tompson606\Downloads\HŘÍDEL-Model.pdf
2017-03-08 10:57 - 2017-03-10 20:42 - 809383283 _____ C:\WINDOWS\MEMORY.DMP
2017-03-08 10:57 - 2017-03-08 10:58 - 01141664 _____ C:\WINDOWS\Minidump\030817-28671-01.dmp
2017-03-05 12:40 - 2017-03-06 00:32 - 00000000 ____D C:\Users\tompson606\Downloads\PARTserver02017030512403033420818192d056f
2017-03-05 12:40 - 2017-03-05 12:40 - 00030706 _____ C:\Users\tompson606\Downloads\PARTserver02017030512403033420818192d056f.zip
2017-03-05 12:20 - 2017-03-05 12:41 - 00000000 ____D C:\Users\tompson606\Downloads\PARTserver02017030512201973520239192d056f
2017-03-05 12:20 - 2017-03-05 12:20 - 00036735 _____ C:\Users\tompson606\Downloads\PARTserver02017030512201973520239192d056f.zip
2017-03-05 00:11 - 2017-03-05 00:11 - 00012196 _____ C:\Users\tompson606\Downloads\Kolik-si-Tvůj-oblíbený-youtuber-vydělal-na-videu..xlsx
2017-03-04 20:18 - 2017-03-04 20:18 - 01099064 _____ C:\WINDOWS\Minidump\030417-46312-01.dmp
2017-03-01 18:21 - 2017-03-01 18:21 - 00020653 _____ C:\Users\tompson606\Downloads\[CzT]Autodesk_AutoCAD_2016_x64_CZ_.torrent
2017-02-28 22:18 - 2017-02-28 22:18 - 00745660 _____ C:\Users\tompson606\Downloads\[CzT]Autodesk_AutoCAD_2017_x64_CZ_.torrent
2017-02-27 20:59 - 2017-02-27 20:59 - 00285008 _____ C:\WINDOWS\Minidump\022717-31187-01.dmp
2017-02-24 23:41 - 2017-03-11 20:54 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-02-24 23:41 - 2017-03-04 20:30 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-24 23:41 - 2017-02-24 23:41 - 00001858 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-24 23:41 - 2017-02-24 23:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-24 23:40 - 2017-02-24 23:40 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-02-24 23:40 - 2017-02-24 23:40 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-24 23:40 - 2017-02-24 23:34 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2017-02-24 23:35 - 2017-02-24 23:38 - 62970488 _____ C:\Users\tompson606\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-02-24 23:34 - 2017-02-24 23:34 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-02-24 10:33 - 2017-02-24 14:18 - 00000000 ____D C:\Users\tompson606\Downloads\Mentalista.Mentalista
2017-02-22 23:57 - 2017-02-22 23:57 - 00133443 _____ C:\Users\tompson606\Downloads\[CzT]Mentalista_The_Mentalist_1_5_serie_CZ_TVRip_.torrent
2017-02-22 16:36 - 2017-02-22 16:36 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-20 23:40 - 2017-02-20 23:41 - 00200506 _____ C:\Users\tompson606\Downloads\cisco_vpn_client_cfg-1 (1).pdf
2017-02-20 23:39 - 2017-02-20 23:39 - 00002243 _____ C:\Users\tompson606\Desktop\Disky UTB.LNK
2017-02-20 23:32 - 2017-02-20 23:35 - 00001594 _____ C:\WINDOWS\VPNInstall.MIF
2017-02-20 23:32 - 2017-02-20 23:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Systems VPN Client
2017-02-20 23:32 - 2017-02-20 23:32 - 00000000 ____D C:\Program Files\Common Files\Deterministic Networks
2017-02-20 23:32 - 2017-02-20 23:32 - 00000000 ____D C:\Program Files (x86)\Cisco Systems
2017-02-20 23:30 - 2017-02-20 23:31 - 05026816 _____ C:\Users\tompson606\Downloads\vpnclient-winx64-msi-5.0.07.0440-k9 (1).exe
2017-02-20 23:29 - 2017-02-20 23:29 - 00200506 _____ C:\Users\tompson606\Downloads\cisco_vpn_client_cfg-1.pdf
2017-02-17 13:50 - 2017-02-17 13:50 - 00123153 _____ C:\Users\tompson606\Downloads\Titulni list slozky (1).pdf
2017-02-14 23:14 - 2017-02-14 23:14 - 00703976 _____ C:\Users\tompson606\Downloads\vasina-1.pdf
2017-02-14 19:41 - 2017-02-14 19:41 - 00000000 ____D C:\Solid Edge Standard Parts
2017-02-14 19:32 - 2017-02-14 19:32 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\Unigraphics Solutions
2017-02-14 19:09 - 2017-02-14 19:09 - 00000000 ____D C:\Users\tompson606\AppData\Local\Femap
2017-02-14 19:07 - 2017-02-14 19:07 - 00002080 _____ C:\Users\Public\Desktop\Solid Edge ST8.lnk
2017-02-14 19:07 - 2017-02-14 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solid Edge ST8
2017-02-14 19:02 - 2017-02-14 19:07 - 00000000 ____D C:\Program Files\Solid Edge ST8
2017-02-14 07:29 - 2017-02-14 07:29 - 00000000 ____D C:\Users\tompson606\Downloads\Siemens Solid Edge ST8 CZ Win64 SSQ
2017-02-13 20:55 - 2017-02-13 20:57 - 00073407 _____ C:\Users\tompson606\Downloads\vpnclient-winx64-msi-5.0.07.0440-k9.exe
2017-02-13 20:51 - 2017-02-14 07:28 - 3727810552 _____ C:\Users\tompson606\Downloads\Siemens Solid Edge ST8 CZ Win64 SSQ.rar
2017-02-13 20:42 - 2017-02-13 20:42 - 00018263 _____ C:\Users\tompson606\Downloads\[CzT]Siemens_Solid_Edge_ST8_x64_CZ_.torrent
2017-02-13 20:21 - 2017-02-13 20:21 - 06523656 _____ C:\Users\tompson606\Downloads\M2Skripta.pdf
2017-02-13 20:16 - 2017-02-13 20:18 - 06523656 _____ C:\Users\tompson606\Downloads\M1-C-Diferenciální počet2.0.pdf
2017-02-13 20:06 - 2017-02-13 20:07 - 01307353 _____ C:\Users\tompson606\Downloads\M1-C-Diferenciální počet.pdf
2017-02-13 20:04 - 2017-02-13 20:05 - 00683119 _____ C:\Users\tompson606\Downloads\M-2-cv.pdf
2017-02-12 15:50 - 2017-03-08 11:07 - 00004172 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-02-12 15:50 - 2017-02-12 15:50 - 00337080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2017-02-12 15:50 - 2017-02-12 15:49 - 00547904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-02-12 15:50 - 2017-02-12 15:49 - 00337080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.148691104371804
2017-02-12 15:50 - 2017-02-12 15:49 - 00162528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-02-12 15:50 - 2017-02-12 15:49 - 00126088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-02-12 15:50 - 2017-02-12 15:49 - 00100640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-02-12 15:50 - 2017-02-12 15:49 - 00074680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-02-12 15:50 - 2017-02-12 15:49 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-02-12 15:50 - 2017-02-12 15:48 - 00991496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-02-12 15:50 - 2017-02-12 15:48 - 00032088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-02-12 15:50 - 2017-02-12 15:47 - 00334600 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-02-12 15:50 - 2017-02-12 15:47 - 00309784 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-02-12 15:50 - 2017-02-12 15:47 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-02-12 15:50 - 2017-02-12 15:47 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-02-12 15:49 - 2017-02-12 15:49 - 00398408 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-02-12 11:58 - 2017-02-12 11:58 - 00077778 _____ C:\Users\tompson606\Downloads\[CzT]Lida_Baarova_2016_CZ_1080pHD_.torrent
2017-02-12 11:51 - 2017-02-12 11:56 - 77322400 _____ C:\Users\tompson606\Downloads\La-Coka-Nostra---2009---A-Brand-You-Can-Trust.rar
2017-02-10 22:46 - 2017-02-10 22:59 - 1549791232 _____ C:\Users\tompson606\Downloads\Zúčtování.avi
2017-02-10 22:46 - 2017-02-10 22:46 - 00015241 _____ C:\Users\tompson606\Downloads\[CzT]Zuctovani_The_Accountant_2016_CZ_.torrent

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-11 21:59 - 2016-08-01 22:02 - 00000000 ____D C:\FRST
2017-03-11 21:56 - 2013-12-07 14:05 - 00000000 ___RD C:\Users\tompson606\Desktop\Programy
2017-03-11 21:53 - 2013-12-30 00:04 - 00269312 ___SH C:\Users\tompson606\Downloads\Thumbs.db
2017-03-11 21:50 - 2014-04-13 13:01 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-03-11 21:42 - 2015-03-01 12:41 - 00003990 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9B5F1473-7408-4B3F-8AA1-ED110E51ED37}
2017-03-11 20:54 - 2014-04-13 14:14 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-11 20:54 - 2014-04-13 14:14 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-03-11 20:54 - 2014-04-13 14:14 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-11 20:54 - 2014-04-13 14:14 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-11 18:44 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2017-03-11 01:06 - 2013-11-02 00:45 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\uTorrent
2017-03-10 23:11 - 2013-10-31 14:46 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2051496915-2526895320-1986910058-1002
2017-03-10 20:46 - 2014-11-26 17:21 - 00000000 __SHD C:\Users\tompson606\IntelGraphicsProfiles
2017-03-10 20:45 - 2013-04-29 06:58 - 00000000 ____D C:\ProgramData\PDFC
2017-03-10 20:43 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-10 20:42 - 2015-01-15 19:32 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-10 16:36 - 2015-02-27 13:03 - 00000000 ____D C:\Users\tompson606\Desktop\SmartShare Folder
2017-03-08 19:38 - 2014-09-24 17:23 - 01938474 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-08 19:38 - 2014-09-24 16:39 - 00803244 _____ C:\WINDOWS\system32\perfh005.dat
2017-03-08 19:38 - 2014-09-24 16:39 - 00184236 _____ C:\WINDOWS\system32\perfc005.dat
2017-03-08 17:32 - 2013-12-24 13:15 - 01133568 ___SH C:\Users\tompson606\Desktop\Thumbs.db
2017-03-07 00:53 - 2014-12-06 15:10 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-03-04 15:40 - 2015-08-31 20:40 - 00003204 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForTOMAS-NB$
2017-03-04 15:40 - 2015-08-31 20:40 - 00000368 _____ C:\WINDOWS\Tasks\HPCeeScheduleForTOMAS-NB$.job
2017-03-02 19:32 - 2014-06-14 20:07 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\vlc
2017-03-01 19:20 - 2013-10-31 14:40 - 00000000 ____D C:\Users\tompson606\AppData\Local\PDFC
2017-03-01 18:01 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2017-02-28 21:23 - 2016-10-03 20:20 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\Autodesk
2017-02-28 21:23 - 2016-10-03 20:20 - 00000000 ____D C:\ProgramData\Autodesk
2017-02-27 21:01 - 2014-11-26 01:03 - 00000000 ____D C:\Users\tompson606
2017-02-27 21:00 - 2015-02-27 13:02 - 00000000 ____D C:\Users\NeroMediaHomeUser.4
2017-02-25 09:51 - 2013-10-31 19:21 - 00000000 ____D C:\Program Files (x86)\WinRAR
2017-02-25 00:01 - 2017-02-02 23:24 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-02-24 23:45 - 2017-02-03 12:11 - 00001003 _____ C:\Users\tompson606\Desktop\Youtube Downloader HD.lnk
2017-02-24 23:40 - 2014-04-13 14:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-24 23:40 - 2013-11-14 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-02-24 23:39 - 2014-10-17 19:15 - 00000000 ____D C:\Program Files (x86)\Java
2017-02-24 23:39 - 2013-11-03 14:18 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\DAEMON Tools Lite
2017-02-24 23:34 - 2014-01-27 02:35 - 00000000 ____D C:\Program Files\Java
2017-02-24 23:31 - 2013-10-31 19:21 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-24 23:31 - 2013-10-31 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-24 23:30 - 2014-05-21 19:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-02-24 23:30 - 2014-05-21 19:33 - 00000000 ____D C:\Program Files (x86)\7-Zip
2017-02-24 15:46 - 2016-08-17 21:46 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\Audacity
2017-02-24 13:40 - 2015-08-04 19:04 - 00000000 ____D C:\Users\tompson606\Downloads\Harry Potter - Gold colection
2017-02-24 13:40 - 2015-07-28 21:13 - 00000000 ____D C:\Users\tompson606\Downloads\Fury.2014.480p.BRRip.XviD.AC3.CZ-4play
2017-02-24 13:40 - 2015-01-22 16:42 - 00000000 ____D C:\Users\tompson606\Downloads\Ctyri pokoje-Four Rooms
2017-02-24 12:13 - 2015-07-24 22:09 - 00000000 ____D C:\Users\tompson606\Downloads\The.Hunger.Games.Mockingjay.2014.480p.BRRip.XviD.AC3.CZ-4play
2017-02-23 00:50 - 2014-12-24 21:56 - 00000000 ____D C:\ProgramData\Skype
2017-02-22 18:03 - 2013-10-31 21:07 - 00000000 ____D C:\Nová složka
2017-02-17 13:58 - 2014-01-03 14:11 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-17 13:50 - 2014-04-13 13:01 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-02-17 13:50 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-17 13:50 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-14 19:34 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-14 19:13 - 2013-08-22 15:44 - 00632368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-13 20:53 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-12 17:42 - 2014-02-05 10:58 - 00000000 ____D C:\Program Files (x86)\World_of_Tanks
2017-02-12 15:56 - 2013-11-16 16:48 - 00000000 ____D C:\Temp

==================== Files in the root of some directories =======

2013-02-26 07:28 - 2013-02-26 07:28 - 0027762 _____ () C:\Program Files (x86)\changes.txt
2013-02-26 07:56 - 2013-02-26 07:56 - 2391736 _____ (Beepa P/L) C:\Program Files (x86)\fraps.exe
2013-02-26 07:34 - 2013-02-26 07:34 - 0234168 _____ (Beepa P/L) C:\Program Files (x86)\fraps32.dll
2013-02-26 07:56 - 2013-02-26 07:56 - 0068792 _____ (Beepa P/L) C:\Program Files (x86)\fraps64.dat
2013-02-26 07:34 - 2013-02-26 07:34 - 0186552 _____ (Beepa P/L) C:\Program Files (x86)\fraps64.dll
2013-02-26 07:54 - 2013-02-26 07:54 - 0139776 _____ (Beepa P/L) C:\Program Files (x86)\frapslcd.dll
2013-02-26 07:27 - 2013-02-26 07:27 - 0001894 _____ () C:\Program Files (x86)\README.HTM
2015-03-24 22:09 - 2015-03-24 22:09 - 0000027 _____ () C:\Users\tompson606\AppData\Roaming\SoundCloudDownloaderSettings.ini
2014-06-19 12:43 - 2014-06-19 12:43 - 0000024 _____ () C:\Users\tompson606\AppData\Roaming\temp.ini
2014-04-14 15:56 - 2016-02-16 17:09 - 0007680 _____ () C:\Users\tompson606\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-05 23:23 - 2016-10-05 23:23 - 0001432 _____ () C:\Users\tompson606\AppData\Local\recently-used.xbel
2013-11-02 00:57 - 2016-07-26 21:58 - 0007646 _____ () C:\Users\tompson606\AppData\Local\Resmon.ResmonCfg
2015-08-08 00:06 - 2016-01-03 14:16 - 14216652 _____ () C:\ProgramData\hpcsmmsilogs.log
2016-10-03 22:53 - 2016-10-03 22:53 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2015-10-04 22:24 - 2015-11-14 13:33 - 0113240 _____ () C:\ProgramData\SynFPRmsiLogs.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-03-10 23:11

==================== End of FRST.txt ============================

Re: Neustálé hlášky Avastu - URL:Mal

Napsal: 12 bře 2017 11:06
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Neustálé hlášky Avastu - URL:Mal

Napsal: 12 bře 2017 15:43
od tompson606
# AdwCleaner v3.023 - Report created 12/03/2017 at 15:34:58
# Updated 01/04/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : tompson606 - TOMAS-NB
# Running from : C:\Users\tompson606\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\~0
Folder Deleted : C:\Users\tompson606\AppData\Local\eSupport.com

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Conduit

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.18124


-\\ Google Chrome v56.0.2924.87

[ File : C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\AC\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3557 octets] - [13/04/2014 10:45:23]
AdwCleaner[R1].txt - [3617 octets] - [13/04/2014 11:20:36]
AdwCleaner[R2].txt - [3426 octets] - [02/08/2016 21:51:35]
AdwCleaner[R3].txt - [1307 octets] - [12/03/2017 15:32:52]
AdwCleaner[S0].txt - [3451 octets] - [13/04/2014 11:21:22]
AdwCleaner[S1].txt - [3475 octets] - [02/08/2016 21:52:19]
AdwCleaner[S2].txt - [1197 octets] - [12/03/2017 15:34:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1257 octets] ##########

Re: Neustálé hlášky Avastu - URL:Mal

Napsal: 12 bře 2017 16:19
od tompson606
No teda, zkopíruju log AdwCleanera, vložím jako příspěvek na forum, zavřu Google Chrome, spustím launcher World of Tanks a bum. BSoD s chybou THREAD_STUCK_IN_DEVICE_DRIVER. Už půl hodiny je tam 100% dokončeno a ne a ne se restartovat.

Re: Neustálé hlášky Avastu - URL:Mal

Napsal: 12 bře 2017 18:04
od Rudy
Na to se podíváme potom. Restartujte natvrdo a dejte nový log FRST.

Re: Neustálé hlášky Avastu - URL:Mal

Napsal: 12 bře 2017 23:31
od tompson606
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-03-2017
Ran by tompson606 (administrator) on TOMAS-NB (12-03-2017 23:26:14)
Running from C:\Users\tompson606\Desktop
Loaded Profiles: tompson606 & NeroMediaHomeUser.4 (Available Profiles: tompson606 & AC & NeroMediaHomeUser.4)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\56.0.2924.51\remoting_host.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\56.0.2924.51\remoting_host.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Users\tompson606\Downloads\CoreTemp32\Core Temp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Spotify Ltd) C:\Users\tompson606\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-02-07] (IDT, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285832 2013-01-02] (Intel Corporation)
HKLM-x32\...\Run: [CLWCSM] => c:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe [249096 2013-02-20] (cyberlink)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [13685464 2013-03-06] (Hewlett-Packard)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2013-02-01] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167488 2013-02-01] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-11-21] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493088 2012-11-21] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-12] (AVAST Software)
HKLM-x32\...\Run: [DataCardMonitor] => C:\Program Files (x86)\3G HSDPA Modem\drv\DataCardMonitor.exe [345088 2011-03-07] (TODO: <Company name>)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-05-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKLM-x32\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5179880 2012-12-20] (Nero AG)
HKLM-x32\...\Run: [NBKeyScan] => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
HKLM-x32\...\Run: [HP HD Webcam Driver_Monitor] => C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1193728 2016-08-10] (PDF Complete Inc)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [Spotify Web Helper] => C:\Users\tompson606\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2541160 2015-10-18] (Spotify Ltd)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [PC Remote Server] => C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe [1190648 2014-10-12] (PC Remote)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe /start
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2162152 2015-08-06] (Gemfor s.r.o.)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [Akamai NetSession Interface] => C:\Users\tompson606\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Policies\Explorer: []
HKU\S-1-5-21-2051496915-2526895320-1986910058-1009\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2162152 2015-08-06] (Gemfor s.r.o.)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-12] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-12] (AVAST Software)
ShellIconOverlayIdentifiers: [0TheftProtectionDll] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tompson606\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2015 Rychlé spuštění.lnk [2015-10-09]
ShortcutTarget: SOLIDWORKS 2015 Rychlé spuštění.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Nástroj pro stahování na pozadí.lnk [2015-10-09]
ShortcutTarget: SolidWorks Nástroj pro stahování na pozadí.lnk -> C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2017-02-20]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\tompson606\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2016-01-26]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 195.178.88.66
Tcpip\..\Interfaces\{24A026BC-CCEF-498E-98D4-252C5090C956}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6A9453B1-EE4F-48DF-91E6-82FE433C4AE4}: [DhcpNameServer] 195.178.88.66
Tcpip\..\Interfaces\{A698B053-B5BD-4A11-A171-BDCA219ACBE8}: [DhcpNameServer] 10.1.0.1
Tcpip\..\Interfaces\{D96A244D-7C27-4AE7-B655-D0523BAD79C0}: [DhcpNameServer] 192.168.44.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&r ... d=ie7&rlz=
URLSearchHook: [S-1-5-21-2051496915-2526895320-1986910058-1009] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-24] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-12] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-24] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-12] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-24] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-01-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\tompson606\AppData\Roaming\Songbird2\Profiles\ra7fsnxg.default [2017-03-12]
FF NetworkProxy: Songbird2\Profiles\ra7fsnxg.default -> no_proxies_on", "127.0.0.1;localhost"
FF Extension: (Artwork Extras) - C:\Program Files (x86)\Songbird\extensions\albumart@songbirdnest.com [2016-04-25] [not signed]
FF Extension: (gonzo) - C:\Program Files (x86)\Songbird\extensions\gonzo@songbirdnest.com [2016-04-25] [not signed]
FF Extension: (Philips addon manager) - C:\Program Files (x86)\Songbird\extensions\philips-addon-manager@songbirdnest.com [2016-04-25] [not signed]
FF Extension: (Pink Martini) - C:\Program Files (x86)\Songbird\extensions\pinkmartini@songbirdnest.com [2016-04-25] [not signed]
FF Extension: (Purple Rain) - C:\Program Files (x86)\Songbird\extensions\purplerain@songbirdnest.com [2016-04-25] [not signed]
FF Extension: (Media Sharing) - C:\Program Files (x86)\Songbird\extensions\sharing@songbirdnest.com [2016-04-25] [not signed]
FF Extension: (Songbird.me) - C:\Program Files (x86)\Songbird\extensions\soundboard@songbirdnest.com [2016-04-25] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-02-02]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-02-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: (HP Client Security Manager) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2016-01-03] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-17] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-24] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-17] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2015-09-28] (DigitalPersona, Inc.)
FF Plugin HKU\S-1-5-21-2051496915-2526895320-1986910058-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\tompson606\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2051496915-2526895320-1986910058-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-08-09] (Ubisoft)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> www.google.com
CHR StartupUrls: Default -> "www.google.com"
CHR Profile: C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default [2017-03-12]
CHR Extension: (Disk Google) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (James White) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2014-04-11]
CHR Extension: (YouTube) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Pushbullet) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2016-10-28]
CHR Extension: (Vyhledávání Google) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Unit Converter) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbiicdapcioonpclifmhmcnhhdegnpke [2016-04-14]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-02-08]
CHR Extension: (AdBlock) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-25]
CHR Extension: (Avast Online Security) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-03]
CHR Profile: C:\Users\tompson606\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-02-24]
CHR HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2015-09-28]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-12] (AVAST Software s.r.o.)
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-12] (AVAST Software)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\56.0.2924.51\remoting_host.exe [72024 2017-01-03] (Google Inc.)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [502232 2015-09-28] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [556856 2013-03-04] (Hewlett-Packard Company)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-10-08] (Freemake) [File not signed]
S3 HotSpotSrv; C:\Program Files (x86)\Hewlett-Packard\HP Wireless Hotspot\HotSpotSrv.exe [372920 2013-09-18] (Hewlett-Packard Development Company, L.P.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [318568 2015-02-07] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [130592 2012-10-22] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166432 2012-10-22] (Intel Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [419096 2015-08-25] (Gemfor s.r.o.)
R2 NeroMediaHomeService.4; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [518632 2012-12-20] (Nero AG)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3535512 2015-11-29] (INCA Internet Co., Ltd.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-03-21] (Electronic Arts)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1719040 2016-08-10] (PDF Complete Inc)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-12-16] ()
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2013-11-15] (SolidWorks) [File not signed]
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-02-07] (IDT, Inc.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309272 2017-03-12] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-03-12] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-03-12] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-03-12] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-03-12] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32088 2017-03-12] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126600 2017-03-12] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-03-12] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-03-12] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [993608 2017-03-12] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [548928 2017-03-12] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-03-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337592 2017-03-12] (AVAST Software)
U3 BthHFSrv; C:\WINDOWS\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
U3 BthHFSrv; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 clwcsm; C:\WINDOWS\system32\DRIVERS\clwcsm.sys [42944 2013-02-19] (CyberLink Corporation)
R3 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
S3 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [65752 2013-02-18] (Hewlett-Packard Company)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-12-17] (Disc Soft Ltd)
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2013-02-04] (GEAR Software Inc.)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [43968 2017-03-11] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251840 2017-03-12] (Malwarebytes)
R3 netr28x; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2432656 2014-08-12] (MediaTek Inc.)
S3 OSFMount; C:\Program Files (x86)\Counter-Strike Global Offensive\image\x64\OSFMount.sys [552888 2013-10-18] (PassMark Software)
R0 PinFile; C:\WINDOWS\System32\DRIVERS\PinFile.sys [49856 2013-08-22] (WinMagic Inc.)
S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1205872 2016-01-29] (Ralink Technology, Corp.)
S3 RTSPER; C:\WINDOWS\System32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
R0 SDDisk2K; C:\WINDOWS\System32\DRIVERS\SDDisk2K.sys [228544 2013-08-22] (WinMagic Inc.)
R0 SDDToki; C:\WINDOWS\System32\DRIVERS\SDDToki.sys [131264 2013-08-22] (WinMagic Inc.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11616 2000-09-05] () [File not signed]
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-01-11] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [32496 2013-01-11] (Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv_x64.sys [1513208 2016-04-01] (Sunplus)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-24] (HP)
R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-24] (HP)
R3 ALSysIO; \??\C:\Users\TOMPSO~1\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 BtAudioBusSrv; \SystemRoot\System32\Drivers\BtAudioBus.sys [X]
S3 BthL2caScoIfSrv; \SystemRoot\System32\Drivers\BtL2caScoIf.sys [X]
S3 btUrbFilterDrv; \SystemRoot\System32\Drivers\IvtUrbBtFlt.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-12 23:26 - 2017-03-12 23:26 - 00000000 ____D C:\Users\tompson606\Desktop\FRST-OlderVersion
2017-03-12 23:25 - 2017-03-12 23:26 - 02424832 _____ (Farbar) C:\Users\tompson606\Desktop\FRST64.exe
2017-03-12 22:53 - 2017-03-12 22:53 - 00001078 _____ C:\WINDOWS\system32dbgraw.bmp
2017-03-12 16:59 - 2017-03-12 16:59 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-12 16:44 - 2017-03-12 16:44 - 00285008 _____ C:\WINDOWS\Minidump\031217-31500-01.dmp
2017-03-12 14:34 - 2017-03-12 14:34 - 00003892 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1473791175
2017-03-12 14:34 - 2017-03-12 14:34 - 00001032 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-12 01:52 - 2017-03-12 01:52 - 00988048 _____ C:\WINDOWS\Minidump\031217-64828-01.dmp
2017-03-12 01:22 - 2017-03-12 01:22 - 00548928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2017-03-12 01:22 - 2017-03-12 01:22 - 00547904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.148927817590604
2017-03-12 01:22 - 2017-03-12 01:22 - 00398408 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-03-12 01:22 - 2017-03-12 01:22 - 00337592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-03-12 01:22 - 2017-03-12 01:22 - 00162528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-03-12 01:22 - 2017-03-12 01:22 - 00126600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-03-12 01:22 - 2017-03-12 01:22 - 00100640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-03-12 01:22 - 2017-03-12 01:22 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-03-12 01:22 - 2017-03-12 01:22 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-03-12 01:22 - 2017-03-12 01:22 - 00003914 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-03-12 01:22 - 2017-03-12 01:21 - 00993608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-03-12 01:22 - 2017-03-12 01:21 - 00334600 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-03-12 01:22 - 2017-03-12 01:21 - 00309272 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-03-12 01:22 - 2017-03-12 01:21 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-03-12 01:22 - 2017-03-12 01:21 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-03-12 01:22 - 2017-03-12 01:21 - 00032088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-03-11 22:00 - 2017-03-11 22:03 - 00100116 _____ C:\Users\tompson606\Desktop\Addition.txt
2017-03-11 21:59 - 2017-03-12 23:26 - 00035609 _____ C:\Users\tompson606\Desktop\FRST.txt
2017-03-11 01:05 - 2017-03-11 01:16 - 00000000 ___HD C:\Users\tompson606\AppData\Local\SysHashTable
2017-03-10 22:24 - 2017-03-11 01:06 - 00000000 ____D C:\Users\tompson606\Downloads\Siemens Solid Edge ST9
2017-03-10 22:23 - 2017-03-10 22:23 - 00033013 _____ C:\Users\tompson606\Downloads\Siemens Solid Edge ST9.torrent
2017-03-10 20:42 - 2017-03-10 20:43 - 01133504 _____ C:\WINDOWS\Minidump\031017-28671-01.dmp
2017-03-10 09:14 - 2017-03-10 20:43 - 00000370 _____ C:\WINDOWS\Tasks\HPCeeScheduleFortompson606.job
2017-03-10 09:14 - 2017-03-10 09:14 - 00003194 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleFortompson606
2017-03-08 19:37 - 2017-03-08 19:37 - 00088741 _____ C:\Users\tompson606\Downloads\HŘÍDEL-Model.pdf
2017-03-08 10:57 - 2017-03-08 10:58 - 01141664 _____ C:\WINDOWS\Minidump\030817-28671-01.dmp
2017-03-05 12:40 - 2017-03-06 00:32 - 00000000 ____D C:\Users\tompson606\Downloads\PARTserver02017030512403033420818192d056f
2017-03-05 12:40 - 2017-03-05 12:40 - 00030706 _____ C:\Users\tompson606\Downloads\PARTserver02017030512403033420818192d056f.zip
2017-03-05 12:20 - 2017-03-05 12:41 - 00000000 ____D C:\Users\tompson606\Downloads\PARTserver02017030512201973520239192d056f
2017-03-05 12:20 - 2017-03-05 12:20 - 00036735 _____ C:\Users\tompson606\Downloads\PARTserver02017030512201973520239192d056f.zip
2017-03-05 00:11 - 2017-03-05 00:11 - 00012196 _____ C:\Users\tompson606\Downloads\Kolik-si-Tvůj-oblíbený-youtuber-vydělal-na-videu..xlsx
2017-03-04 20:18 - 2017-03-04 20:18 - 01099064 _____ C:\WINDOWS\Minidump\030417-46312-01.dmp
2017-03-01 18:21 - 2017-03-01 18:21 - 00020653 _____ C:\Users\tompson606\Downloads\[CzT]Autodesk_AutoCAD_2016_x64_CZ_.torrent
2017-02-28 22:18 - 2017-02-28 22:18 - 00745660 _____ C:\Users\tompson606\Downloads\[CzT]Autodesk_AutoCAD_2017_x64_CZ_.torrent
2017-02-27 20:59 - 2017-02-27 20:59 - 00285008 _____ C:\WINDOWS\Minidump\022717-31187-01.dmp
2017-02-24 23:41 - 2017-03-11 20:54 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-02-24 23:41 - 2017-03-04 20:30 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-24 23:41 - 2017-02-24 23:41 - 00001858 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-24 23:41 - 2017-02-24 23:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-24 23:40 - 2017-02-24 23:40 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-02-24 23:40 - 2017-02-24 23:40 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-24 23:40 - 2017-02-24 23:34 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2017-02-24 23:35 - 2017-02-24 23:38 - 62970488 _____ C:\Users\tompson606\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-02-24 23:34 - 2017-02-24 23:34 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-02-24 10:33 - 2017-02-24 14:18 - 00000000 ____D C:\Users\tompson606\Downloads\Mentalista.Mentalista
2017-02-22 23:57 - 2017-02-22 23:57 - 00133443 _____ C:\Users\tompson606\Downloads\[CzT]Mentalista_The_Mentalist_1_5_serie_CZ_TVRip_.torrent
2017-02-22 16:36 - 2017-02-22 16:36 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-20 23:40 - 2017-02-20 23:41 - 00200506 _____ C:\Users\tompson606\Downloads\cisco_vpn_client_cfg-1 (1).pdf
2017-02-20 23:39 - 2017-02-20 23:39 - 00002243 _____ C:\Users\tompson606\Desktop\Disky UTB.LNK
2017-02-20 23:32 - 2017-02-20 23:35 - 00001594 _____ C:\WINDOWS\VPNInstall.MIF
2017-02-20 23:32 - 2017-02-20 23:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Systems VPN Client
2017-02-20 23:32 - 2017-02-20 23:32 - 00000000 ____D C:\Program Files\Common Files\Deterministic Networks
2017-02-20 23:32 - 2017-02-20 23:32 - 00000000 ____D C:\Program Files (x86)\Cisco Systems
2017-02-20 23:30 - 2017-02-20 23:31 - 05026816 _____ C:\Users\tompson606\Downloads\vpnclient-winx64-msi-5.0.07.0440-k9 (1).exe
2017-02-20 23:29 - 2017-02-20 23:29 - 00200506 _____ C:\Users\tompson606\Downloads\cisco_vpn_client_cfg-1.pdf
2017-02-17 13:50 - 2017-02-17 13:50 - 00123153 _____ C:\Users\tompson606\Downloads\Titulni list slozky (1).pdf
2017-02-14 23:14 - 2017-02-14 23:14 - 00703976 _____ C:\Users\tompson606\Downloads\vasina-1.pdf
2017-02-14 19:41 - 2017-02-14 19:41 - 00000000 ____D C:\Solid Edge Standard Parts
2017-02-14 19:32 - 2017-02-14 19:32 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\Unigraphics Solutions
2017-02-14 19:09 - 2017-02-14 19:09 - 00000000 ____D C:\Users\tompson606\AppData\Local\Femap
2017-02-14 19:07 - 2017-02-14 19:07 - 00002080 _____ C:\Users\Public\Desktop\Solid Edge ST8.lnk
2017-02-14 19:07 - 2017-02-14 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solid Edge ST8
2017-02-14 19:02 - 2017-02-14 19:07 - 00000000 ____D C:\Program Files\Solid Edge ST8
2017-02-14 07:29 - 2017-02-14 07:29 - 00000000 ____D C:\Users\tompson606\Downloads\Siemens Solid Edge ST8 CZ Win64 SSQ
2017-02-13 20:55 - 2017-02-13 20:57 - 00073407 _____ C:\Users\tompson606\Downloads\vpnclient-winx64-msi-5.0.07.0440-k9.exe
2017-02-13 20:51 - 2017-02-14 07:28 - 3727810552 _____ C:\Users\tompson606\Downloads\Siemens Solid Edge ST8 CZ Win64 SSQ.rar
2017-02-13 20:42 - 2017-02-13 20:42 - 00018263 _____ C:\Users\tompson606\Downloads\[CzT]Siemens_Solid_Edge_ST8_x64_CZ_.torrent
2017-02-13 20:21 - 2017-02-13 20:21 - 06523656 _____ C:\Users\tompson606\Downloads\M2Skripta.pdf
2017-02-13 20:16 - 2017-02-13 20:18 - 06523656 _____ C:\Users\tompson606\Downloads\M1-C-Diferenciální počet2.0.pdf
2017-02-13 20:06 - 2017-02-13 20:07 - 01307353 _____ C:\Users\tompson606\Downloads\M1-C-Diferenciální počet.pdf
2017-02-13 20:04 - 2017-02-13 20:05 - 00683119 _____ C:\Users\tompson606\Downloads\M-2-cv.pdf
2017-02-12 15:50 - 2017-02-12 15:49 - 00337080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.148691104371804
2017-02-12 11:58 - 2017-02-12 11:58 - 00077778 _____ C:\Users\tompson606\Downloads\[CzT]Lida_Baarova_2016_CZ_1080pHD_.torrent
2017-02-12 11:51 - 2017-02-12 11:56 - 77322400 _____ C:\Users\tompson606\Downloads\La-Coka-Nostra---2009---A-Brand-You-Can-Trust.rar
2017-02-10 22:46 - 2017-02-10 22:59 - 1549791232 _____ C:\Users\tompson606\Downloads\Zúčtování.avi
2017-02-10 22:46 - 2017-02-10 22:46 - 00015241 _____ C:\Users\tompson606\Downloads\[CzT]Zuctovani_The_Accountant_2016_CZ_.torrent

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-12 23:26 - 2016-08-01 22:02 - 00000000 ____D C:\FRST
2017-03-12 23:10 - 2013-10-31 14:46 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2051496915-2526895320-1986910058-1002
2017-03-12 22:55 - 2014-09-24 17:23 - 01938474 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-12 22:55 - 2014-09-24 16:39 - 00803244 _____ C:\WINDOWS\system32\perfh005.dat
2017-03-12 22:55 - 2014-09-24 16:39 - 00184236 _____ C:\WINDOWS\system32\perfc005.dat
2017-03-12 22:55 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2017-03-12 22:54 - 2015-03-01 12:41 - 00003990 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9B5F1473-7408-4B3F-8AA1-ED110E51ED37}
2017-03-12 17:50 - 2014-04-13 13:01 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-03-12 17:01 - 2014-11-26 17:21 - 00000000 __SHD C:\Users\tompson606\IntelGraphicsProfiles
2017-03-12 16:47 - 2014-11-26 01:03 - 00000000 ____D C:\Users\tompson606
2017-03-12 16:47 - 2014-04-13 14:14 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-12 16:46 - 2013-04-29 06:58 - 00000000 ____D C:\ProgramData\PDFC
2017-03-12 16:45 - 2015-02-27 13:02 - 00000000 ____D C:\Users\NeroMediaHomeUser.4
2017-03-12 16:44 - 2015-01-15 19:32 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-12 16:44 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-12 15:36 - 2017-02-02 23:24 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-03-12 15:35 - 2014-04-13 10:44 - 00000000 ____D C:\AdwCleaner
2017-03-12 15:31 - 2013-12-07 14:05 - 00000000 ___RD C:\Users\tompson606\Desktop\Programy
2017-03-11 22:23 - 2013-12-24 13:15 - 01256448 ___SH C:\Users\tompson606\Desktop\Thumbs.db
2017-03-11 21:53 - 2013-12-30 00:04 - 00269312 ___SH C:\Users\tompson606\Downloads\Thumbs.db
2017-03-11 20:54 - 2014-04-13 14:14 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-03-11 20:54 - 2014-04-13 14:14 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-11 20:54 - 2014-04-13 14:14 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-11 01:06 - 2013-11-02 00:45 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\uTorrent
2017-03-10 16:36 - 2015-02-27 13:03 - 00000000 ____D C:\Users\tompson606\Desktop\SmartShare Folder
2017-03-07 00:53 - 2014-12-06 15:10 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-03-04 15:40 - 2015-08-31 20:40 - 00003204 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForTOMAS-NB$
2017-03-04 15:40 - 2015-08-31 20:40 - 00000368 _____ C:\WINDOWS\Tasks\HPCeeScheduleForTOMAS-NB$.job
2017-03-02 19:32 - 2014-06-14 20:07 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\vlc
2017-03-01 19:20 - 2013-10-31 14:40 - 00000000 ____D C:\Users\tompson606\AppData\Local\PDFC
2017-03-01 18:01 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2017-02-28 21:23 - 2016-10-03 20:20 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\Autodesk
2017-02-28 21:23 - 2016-10-03 20:20 - 00000000 ____D C:\ProgramData\Autodesk
2017-02-25 09:51 - 2013-10-31 19:21 - 00000000 ____D C:\Program Files (x86)\WinRAR
2017-02-24 23:45 - 2017-02-03 12:11 - 00001003 _____ C:\Users\tompson606\Desktop\Youtube Downloader HD.lnk
2017-02-24 23:40 - 2014-04-13 14:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-24 23:40 - 2013-11-14 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-02-24 23:39 - 2014-10-17 19:15 - 00000000 ____D C:\Program Files (x86)\Java
2017-02-24 23:39 - 2013-11-03 14:18 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\DAEMON Tools Lite
2017-02-24 23:34 - 2014-01-27 02:35 - 00000000 ____D C:\Program Files\Java
2017-02-24 23:31 - 2013-10-31 19:21 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-24 23:31 - 2013-10-31 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-24 23:30 - 2014-05-21 19:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-02-24 23:30 - 2014-05-21 19:33 - 00000000 ____D C:\Program Files (x86)\7-Zip
2017-02-24 15:46 - 2016-08-17 21:46 - 00000000 ____D C:\Users\tompson606\AppData\Roaming\Audacity
2017-02-24 13:40 - 2015-08-04 19:04 - 00000000 ____D C:\Users\tompson606\Downloads\Harry Potter - Gold colection
2017-02-24 13:40 - 2015-07-28 21:13 - 00000000 ____D C:\Users\tompson606\Downloads\Fury.2014.480p.BRRip.XviD.AC3.CZ-4play
2017-02-24 13:40 - 2015-01-22 16:42 - 00000000 ____D C:\Users\tompson606\Downloads\Ctyri pokoje-Four Rooms
2017-02-24 12:13 - 2015-07-24 22:09 - 00000000 ____D C:\Users\tompson606\Downloads\The.Hunger.Games.Mockingjay.2014.480p.BRRip.XviD.AC3.CZ-4play
2017-02-23 00:50 - 2014-12-24 21:56 - 00000000 ____D C:\ProgramData\Skype
2017-02-22 18:03 - 2013-10-31 21:07 - 00000000 ____D C:\Nová složka
2017-02-17 13:58 - 2014-01-03 14:11 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-17 13:50 - 2014-04-13 13:01 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-02-17 13:50 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-17 13:50 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-14 19:34 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-14 19:13 - 2013-08-22 15:44 - 00632368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-13 20:53 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-12 17:42 - 2014-02-05 10:58 - 00000000 ____D C:\Program Files (x86)\World_of_Tanks
2017-02-12 15:56 - 2013-11-16 16:48 - 00000000 ____D C:\Temp

==================== Files in the root of some directories =======

2013-02-26 07:28 - 2013-02-26 07:28 - 0027762 _____ () C:\Program Files (x86)\changes.txt
2013-02-26 07:56 - 2013-02-26 07:56 - 2391736 _____ (Beepa P/L) C:\Program Files (x86)\fraps.exe
2013-02-26 07:34 - 2013-02-26 07:34 - 0234168 _____ (Beepa P/L) C:\Program Files (x86)\fraps32.dll
2013-02-26 07:56 - 2013-02-26 07:56 - 0068792 _____ (Beepa P/L) C:\Program Files (x86)\fraps64.dat
2013-02-26 07:34 - 2013-02-26 07:34 - 0186552 _____ (Beepa P/L) C:\Program Files (x86)\fraps64.dll
2013-02-26 07:54 - 2013-02-26 07:54 - 0139776 _____ (Beepa P/L) C:\Program Files (x86)\frapslcd.dll
2013-02-26 07:27 - 2013-02-26 07:27 - 0001894 _____ () C:\Program Files (x86)\README.HTM
2015-03-24 22:09 - 2015-03-24 22:09 - 0000027 _____ () C:\Users\tompson606\AppData\Roaming\SoundCloudDownloaderSettings.ini
2014-06-19 12:43 - 2014-06-19 12:43 - 0000024 _____ () C:\Users\tompson606\AppData\Roaming\temp.ini
2014-04-14 15:56 - 2016-02-16 17:09 - 0007680 _____ () C:\Users\tompson606\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-05 23:23 - 2016-10-05 23:23 - 0001432 _____ () C:\Users\tompson606\AppData\Local\recently-used.xbel
2013-11-02 00:57 - 2016-07-26 21:58 - 0007646 _____ () C:\Users\tompson606\AppData\Local\Resmon.ResmonCfg
2015-08-08 00:06 - 2016-01-03 14:16 - 14216652 _____ () C:\ProgramData\hpcsmmsilogs.log
2016-10-03 22:53 - 2016-10-03 22:53 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2015-10-04 22:24 - 2015-11-14 13:33 - 0113240 _____ () C:\ProgramData\SynFPRmsiLogs.log

Some files in TEMP:
====================
2014-03-02 21:39 - 2014-04-01 10:49 - 0918016 _____ () C:\Users\tompson606\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-03-12 16:56

==================== End of FRST.txt ============================

Re: Neustálé hlášky Avastu - URL:Mal

Napsal: 13 bře 2017 18:56
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [Akamai NetSession Interface] => C:\Users\tompson606\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
C:\Users\tompson606\AppData\Local\Akamai
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Policies\Explorer: []
ShellIconOverlayIdentifiers: [0TheftProtectionDll] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
URLSearchHook: [S-1-5-21-2051496915-2526895320-1986910058-1009] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
R3 ALSysIO; \??\C:\Users\TOMPSO~1\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
C:\Users\tompson606\AppData\Local\Temp

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Neustálé hlášky Avastu - URL:Mal

Napsal: 13 bře 2017 20:08
od tompson606
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-03-2017
Ran by tompson606 (13-03-2017 19:59:57) Run:2
Running from C:\Users\tompson606\Desktop
Loaded Profiles: tompson606 & NeroMediaHomeUser.4 (Available Profiles: tompson606 & AC & NeroMediaHomeUser.4)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Run: [Akamai NetSession Interface] => C:\Users\tompson606\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
C:\Users\tompson606\AppData\Local\Akamai
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\...\Policies\Explorer: []
ShellIconOverlayIdentifiers: [0TheftProtectionDll] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
URLSearchHook: [S-1-5-21-2051496915-2526895320-1986910058-1009] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
R3 ALSysIO; \??\C:\Users\TOMPSO~1\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
C:\Users\tompson606\AppData\Local\Temp

EmptyTemp:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value removed successfully
C:\Users\tompson606\AppData\Local\Akamai => moved successfully
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\0TheftProtectionDll => key removed successfully
HKCR\CLSID\{3B5B973C-92A4-4855-9D3F-0F3D23332208} => key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-2051496915-2526895320-1986910058-1002\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
Could not restore Default URLSearchHook.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
ALSysIO => Unable to stop service.
HKLM\System\CurrentControlSet\Services\ALSysIO => key removed successfully
ALSysIO => service removed successfully

"C:\Users\tompson606\AppData\Local\Temp" folder move:

Could not move "C:\Users\tompson606\AppData\Local\Temp" => Scheduled to move on reboot.


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27383804 B
Java, Flash, Steam htmlcache => 45629472 B
Windows/system/drivers => 139185708 B
Edge => 0 B
Chrome => 286763514 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 48494 B
NetworkService => 0 B
tompson606 => 49079842 B
AC => 8569143 B
NeroMediaHomeUser.4 => 128 B

RecycleBin => 475068 B
EmptyTemp: => 539.3 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-03-2017 20:04:07)

C:\Users\tompson606\AppData\Local\Temp => moved successfully

==== End of Fixlog 20:04:11 ====

Re: Neustálé hlášky Avastu - URL:Mal

Napsal: 13 bře 2017 20:57
od Rudy
Smazáno. Nastala nějaká změna?

Re: Neustálé hlášky Avastu - URL:Mal

Napsal: 14 bře 2017 15:45
od tompson606
Přestalo to víceméně už po tom tvrdým restartu, jak jsem psal v neděli. Díky za pomoc.

Re: Neustálé hlášky Avastu - URL:Mal

Napsal: 14 bře 2017 18:30
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz