Dobrý den, posielam log FRST a zabalený log Addition v rare podla návodu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-03-2017
Ran by Kostík a Irenočka (administrator) on PC-POKOJÍČEK (13-03-2017 19:03:54)
Running from C:\Users\Kostík a Irenočka\Desktop
Loaded Profiles: Kostík a Irenočka (Available Profiles: Kostík a Irenočka)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.10\bin\TrayPopupE\TrayTipAgentE.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15818872 2016-04-28] (Logitech Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-09-28] (cyberlink)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2014-12-17] (Bitleader)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-02] (AVAST Software)
HKLM-x32\...\Run: [EaseUS Cleanup] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.10\bin\CleanUpUI.exe [1243328 2016-09-20] (CHENGDU Yiwo Tech Development Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.10\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKU\S-1-5-21-2797029479-3473413081-1359486709-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-2797029479-3473413081-1359486709-1001\...\Run: [icq] => C:\Users\Kostík a Irenočka\AppData\Roaming\ICQM\icq.exe [36705800 2014-12-27] (ICQ)
HKU\S-1-5-21-2797029479-3473413081-1359486709-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [255224 2016-07-14] (TomTom)
HKU\S-1-5-21-2797029479-3473413081-1359486709-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office\Root\Office16\lync.exe [26527424 2017-03-04] (Microsoft Corporation)
HKU\S-1-5-21-2797029479-3473413081-1359486709-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-2797029479-3473413081-1359486709-1001\...\RunOnce: [Uninstall C:\Users\Kostík a Irenočka\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kostík a Irenočka\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-2797029479-3473413081-1359486709-1001\...\RunOnce: [Uninstall C:\Users\Kostík a Irenočka\AppData\Local\Microsoft\OneDrive\17.3.6201.1019] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kostík a Irenočka\AppData\Local\Microsoft\OneDrive\17.3.6201.1019"
HKU\S-1-5-21-2797029479-3473413081-1359486709-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [806400 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-02] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-02] (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-12-17]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TBSVHID.lnk [2016-04-26]
ShortcutTarget: TBSVHID.lnk -> C:\Program Files\TBS Software\TBS VHID\TBSVHID.exe (TBS Technologies)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{72bbc32a-3ad5-4d7b-9d77-ead3ea71866e}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9ad0070f-4241-4592-8b92-b8f12eca9912}: [NameServer] 77.234.40.79
Internet Explorer:
==================
HKU\S-1-5-21-2797029479-3473413081-1359486709-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.google.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-03-03] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-03-03] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-03-02] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-18] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-03-02] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-18] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - No Name - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - No File
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-03] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-03-02] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-03-02] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-03-02] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-03-02] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 0s2u9d0l.default
FF ProfilePath: C:\Users\Kostík a Irenočka\AppData\Roaming\TomTom\HOME\Profiles\k1u6xeov.default [2016-09-18]
FF Extension: (FiatTheme) - C:\Users\Kostík a Irenočka\AppData\Roaming\TomTom\HOME\Profiles\k1u6xeov.default\Extensions\
FiatTheme@tomtom.com [2015-05-02] [not signed]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\
MapShare-status@tomtom.com [2016-09-04] [not signed]
FF ProfilePath: C:\Users\Kostík a Irenočka\AppData\Roaming\Mozilla\Firefox\Profiles\0s2u9d0l.default [2017-03-13]
FF user.js: detected! => C:\Users\Kostík a Irenočka\AppData\Roaming\Mozilla\Firefox\Profiles\0s2u9d0l.default\user.js [2016-06-16]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\0s2u9d0l.default -> Google (avast)
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\0s2u9d0l.default -> hxxps://
www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\0s2u9d0l.default -> Google (avast)
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\0s2u9d0l.default -> Google (avast)
FF Homepage: Mozilla\Firefox\Profiles\0s2u9d0l.default -> hxxps://
www.e-quip.cz/
FF Keyword.URL: Mozilla\Firefox\Profiles\0s2u9d0l.default -> hxxps://
www.google.com/search/?trackid=sp-006
FF Extension: (Adblock Plus) - C:\Users\Kostík a Irenočka\AppData\Roaming\Mozilla\Firefox\Profiles\0s2u9d0l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-03-02]
FF SearchPlugin: C:\Users\Kostík a Irenočka\AppData\Roaming\Mozilla\Firefox\Profiles\0s2u9d0l.default\searchplugins\google-avast.xml [2014-12-18]
FF HKLM\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-03-02]
FF HKLM\...\Firefox\Extensions: [
sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-03-02]
FF HKLM-x32\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF HKLM-x32\...\Firefox\Extensions: [
sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-24] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-03] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-24] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-03-02] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-03-02] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://
www.centrum.cz/
CHR StartupUrls: Default -> "hxxp://google.cz/"
CHR NewTab: Default -> "chrome-extension://lhlflcpjmbmnhfehipheboagibdjgmog/page/app/index.html"
CHR Profile: C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default [2017-03-13]
CHR Extension: (Disk Google) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-29]
CHR Extension: (Počasie (rozšírenie)) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2017-03-13]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-02-23]
CHR Extension: (YouTube) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Adobe Acrobat) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (IP-Address) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghlojgpiinfelppegaabbiphgomaidml [2015-10-29]
CHR Extension: (AdBlock) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-03-02]
CHR Extension: (Avast Online Security) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-13]
CHR Extension: (Downloads) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb [2015-05-02]
CHR Extension: (Tlačidlo Google +1) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgoepmocgafhnchmokaimcmlojpnlkhp [2015-05-02]
CHR Extension: (Watch Live Football Streaming Online For Free) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\legocaboiicfjgofnmlgnogcngeokmga [2016-10-17]
CHR Extension: (IP Address and Domain Information) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhgkegeccnckoiliokondpaaalbhafoa [2015-12-20]
CHR Extension: (Zdokonalená úvodná stránka) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhlflcpjmbmnhfehipheboagibdjgmog [2016-04-20]
CHR Extension: (Ghostery) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2017-02-20]
CHR Extension: (ČSFD Vyhledávač) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnomkaadjmphnfnjihfmdkabiahgjmfb [2015-05-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-13]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2017-03-02]
CHR Extension: (Desktop) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pafkcccccfmnjkhhndjfffifnflhkpdo [2016-11-03]
CHR Extension: (Gmail) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-13]
CHR Profile: C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-03-02]
CHR Extension: (Prezentácie Google) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-02]
CHR Extension: (Dokumenty Google) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-02]
CHR Extension: (Disk Google) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-01]
CHR Extension: (Počasie (rozšírenie)) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2016-03-01]
CHR Extension: (YouTube) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-01]
CHR Extension: (Adblock Plus) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-15]
CHR Extension: (Google Search) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-01]
CHR Extension: (Tabuľky Google) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-02]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-20]
CHR Extension: (Avast Online Security) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-03-01]
CHR Extension: (Downloads) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jfchnphgogjhineanplmfkofljiagjfb [2015-05-02]
CHR Extension: (Tlačidlo Google +1) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jgoepmocgafhnchmokaimcmlojpnlkhp [2015-05-02]
CHR Extension: (Wood) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kgicbkmmehfjkbbiflaajnnpdhmfnkgi [2015-05-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-20]
CHR Extension: (365Scores - Live Scores,Sports News & Alerts) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmpppefjehmjbiplimkfjeamnohldmko [2015-05-02]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2016-04-20]
CHR Extension: (CSFD Vyhľadávanie & Rozšírenia) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ookhejngpnlkejplknjeligcfnegimip [2016-03-01]
CHR Extension: (Gmail) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-02]
CHR Profile: C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\System Profile [2017-03-02]
CHR Extension: (Prezentácie Google) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-02]
CHR Extension: (Dokumenty Google) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-02]
CHR Extension: (Disk Google) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-02]
CHR Extension: (YouTube) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-02]
CHR Extension: (Google Search) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-02]
CHR Extension: (Tabuľky Google) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-02]
CHR Extension: (Gmail) - C:\Users\Kostík a Irenočka\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-02]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] ()
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-02] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-02] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [278784 2017-03-02] (AVAST Software)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3735744 2017-03-02] (Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-04-28] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
U2 WinArchiver Service; C:\Program Files\WinArchiver\WAService.exe [264840 2016-02-21] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmdag.sys [26568848 2017-01-25] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys [536600 2017-01-25] (Advanced Micro Devices, Inc.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309272 2017-03-02] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-03-02] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-03-02] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-03-02] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-03-02] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32088 2017-03-02] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126600 2017-03-02] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [461640 2017-03-02] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-03-02] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-03-02] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [993608 2017-03-02] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [548928 2017-03-13] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-03-02] (AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2015-03-15] (The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337592 2017-03-02] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 dvdfab; C:\WINDOWS\System32\drivers\dvdfab.sys [79232 2011-08-15] (Fengtao Software Inc.)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [33448 2016-12-07] ()
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [21496 2016-01-14] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2016-07-11] ()
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2016-07-11] ()
R1 Eve; C:\WINDOWS\system32\DRIVERS\eve.sys [41304 2014-04-10] ()
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-13] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-03-13] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-13] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-13] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92088 2017-03-13] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2014-04-18] (Riverbed Technology, Inc.)
R3 PciSPorts; C:\WINDOWS\system32\DRIVERS\PciSPorts.sys [122880 2008-12-19] ()
R3 TBS6928_64; C:\WINDOWS\system32\DRIVERS\TBS6928_64.sys [1934792 2012-12-19] (
http://www.tbsdtv.com)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-13 19:03 - 2017-03-13 19:04 - 00033813 _____ C:\Users\Kostík a Irenočka\Desktop\FRST.txt
2017-03-13 19:03 - 2017-03-13 19:03 - 02424832 _____ (Farbar) C:\Users\Kostík a Irenočka\Desktop\FRST64.exe
2017-03-13 19:03 - 2017-03-13 19:03 - 00000000 ____D C:\FRST
2017-03-13 18:23 - 2017-03-13 18:23 - 00000000 __SHD C:\Users\Kostík a Irenočka\AppData\Local\EmieBrowserModeList
2017-03-13 18:22 - 2017-03-13 18:22 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-13 11:16 - 2017-03-13 11:16 - 00000643 _____ C:\Users\Kostík a Irenočka\Desktop\DVB Dream.lnk
2017-03-13 11:16 - 2017-03-13 11:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVB Dream
2017-03-13 10:43 - 2017-03-13 10:43 - 00000000 ____D C:\Users\Kostík a Irenočka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2017-03-13 10:39 - 2017-03-13 10:39 - 00001276 _____ C:\Users\Kostík a Irenočka\Desktop\Any Audio Converter.lnk
2017-03-13 10:39 - 2017-03-13 10:39 - 00000000 ____D C:\Users\Kostík a Irenočka\Documents\Any Audio Converter
2017-03-13 10:31 - 2017-03-13 10:31 - 00001350 _____ C:\Users\Public\Desktop\Bigasoft Total Video Converter 5.lnk
2017-03-13 10:31 - 2017-03-13 10:31 - 00000000 ____D C:\Users\Kostík a Irenočka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bigasoft
2017-03-13 10:31 - 2017-03-13 10:31 - 00000000 ____D C:\Program Files (x86)\Bigasoft
2017-03-13 10:26 - 2017-03-13 10:26 - 00001080 _____ C:\Users\Public\Desktop\UltraISO.lnk
2017-03-13 10:26 - 2017-03-13 10:26 - 00000000 ____D C:\Users\Kostík a Irenočka\Documents\My ISO Files
2017-03-13 10:26 - 2017-03-13 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
2017-03-13 10:22 - 2017-03-13 10:22 - 00000000 ____D C:\Users\Kostík a Irenočka\AppData\Roaming\epm
2017-03-13 10:21 - 2017-03-13 10:21 - 00001418 _____ C:\Users\Public\Desktop\EaseUS Partition Master 11.10.lnk
2017-03-13 10:21 - 2017-03-13 10:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 11.10
2017-03-13 10:21 - 2016-12-07 14:53 - 03852480 _____ C:\WINDOWS\system32\BootMan.exe
2017-03-13 10:21 - 2016-12-07 14:53 - 02938560 _____ C:\WINDOWS\SysWOW64\BootMan.exe
2017-03-13 10:21 - 2016-12-07 13:26 - 00033448 _____ C:\WINDOWS\system32\epmntdrv.sys
2017-03-13 10:21 - 2016-07-11 10:01 - 00101984 _____ C:\WINDOWS\system32\setupempdrvx64.exe
2017-03-13 10:21 - 2016-07-11 10:01 - 00088160 _____ C:\WINDOWS\SysWOW64\setupempdrv03.exe
2017-03-13 10:21 - 2016-07-11 10:01 - 00010848 _____ C:\WINDOWS\system32\EuGdiDrv.sys
2017-03-13 10:21 - 2016-07-11 10:01 - 00010208 _____ C:\WINDOWS\SysWOW64\EuGdiDrv.sys
2017-03-13 10:21 - 2016-07-08 15:28 - 00248832 _____ C:\WINDOWS\SysWOW64\epmntdrv.pdb
2017-03-13 10:21 - 2016-01-14 10:05 - 00021496 _____ C:\WINDOWS\SysWOW64\epmntdrv.sys
2017-03-13 10:21 - 2014-11-18 14:46 - 00021088 _____ C:\WINDOWS\SysWOW64\EuEpmGdi.dll
2017-03-13 10:21 - 2014-11-18 14:46 - 00017504 _____ C:\WINDOWS\system32\EuEpmGdi.dll
2017-03-13 10:13 - 2017-03-13 10:13 - 00001362 _____ C:\Users\Kostík a Irenočka\Desktop\Subtitle Edit.lnk
2017-03-13 10:13 - 2017-03-13 10:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit
2017-03-02 10:12 - 2017-03-02 10:12 - 00398408 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-02-24 15:46 - 2017-03-13 18:37 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-24 15:46 - 2017-03-13 18:36 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-24 15:46 - 2017-03-13 18:36 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-02-24 15:46 - 2017-03-13 18:36 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-02-24 15:46 - 2017-03-13 18:36 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-24 15:46 - 2017-03-13 18:35 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-24 15:46 - 2017-02-24 15:46 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-24 15:46 - 2017-02-24 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-24 15:45 - 2017-02-24 15:45 - 00000000 ____D C:\WINDOWS\system32\Drivers\etc\BACKUP
2017-02-24 15:45 - 2017-02-24 15:45 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-23 09:00 - 2017-02-23 09:00 - 00002808 _____ C:\Users\Kostík a Irenočka\Desktop\BitTorrent.lnk
2017-02-23 09:00 - 2017-02-23 09:00 - 00002808 _____ C:\Users\Kostík a Irenočka\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2017-02-23 01:27 - 2017-03-13 15:14 - 00000000 ____D C:\Users\Kostík a Irenočka\Desktop\torrenty
2017-02-20 13:17 - 2017-02-20 13:17 - 00001779 _____ C:\Users\Public\Desktop\MKVToolNix GUI.lnk
2017-02-20 13:17 - 2017-02-20 13:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2017-02-20 13:17 - 2017-02-20 13:17 - 00000000 ____D C:\Program Files\MKVToolNix
2017-02-20 13:11 - 2017-02-20 13:11 - 00002888 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-02-20 13:11 - 2017-02-20 13:11 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-02-20 13:11 - 2017-02-20 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-02-20 13:04 - 2017-02-23 20:31 - 00001494 _____ C:\Users\Kostík a Irenočka\Desktop\Lacey.lnk
2017-02-20 12:50 - 2017-02-20 12:50 - 00000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙
2017-02-20 12:38 - 2017-03-02 10:13 - 00003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-02-20 12:38 - 2017-03-02 10:11 - 00334600 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-02-20 12:38 - 2017-03-02 10:11 - 00309272 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-02-20 12:38 - 2017-03-02 10:11 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-02-20 12:38 - 2017-03-02 10:11 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-13 19:00 - 2015-06-15 09:58 - 00000000 ____D C:\Users\Kostík a Irenočka\AppData\Local\ClassicShell
2017-03-13 18:57 - 2016-11-21 12:09 - 00000000 ____D C:\Users\Kostík a Irenočka\AppData\LocalLow\Mozilla
2017-03-13 18:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-13 18:21 - 2016-08-05 19:03 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-13 18:21 - 2015-07-31 16:42 - 00142832 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys
2017-03-13 18:20 - 2016-11-01 12:45 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-03-13 18:20 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-13 18:15 - 2015-03-15 15:08 - 00548928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2017-03-13 18:07 - 2016-08-07 15:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-13 18:07 - 2014-12-18 19:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-13 18:06 - 2016-08-05 18:47 - 00000000 ____D C:\Users\Kostík a Irenočka
2017-03-13 18:06 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-13 17:59 - 2014-12-17 20:07 - 00000000 ____D C:\Users\Kostík a Irenočka\AppData\Roaming\vlc
2017-03-13 17:37 - 2014-12-16 18:04 - 00000000 ____D C:\Users\Kostík a Irenočka\AppData\Local\Packages
2017-03-13 17:00 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-13 16:46 - 2016-08-05 18:41 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-13 15:51 - 2014-12-16 21:38 - 00000000 __RDO C:\Users\Kostík a Irenočka\OneDrive
2017-03-13 15:38 - 2016-02-29 17:22 - 00002439 _____ C:\Users\Kostík a Irenočka\Desktop\Word 2016.lnk
2017-03-13 14:54 - 2016-11-22 16:07 - 00000000 ____D C:\Users\Kostík a Irenočka\AppData\Roaming\BitTorrent
2017-03-13 13:34 - 2015-03-15 16:12 - 00002255 _____ C:\Users\Kostík a Irenočka\Desktop\Xilisoft Video Converter Ultimate.lnk
2017-03-13 11:20 - 2014-12-17 20:12 - 00000000 ____D C:\dvbdream
2017-03-13 11:05 - 2014-12-17 19:38 - 00000000 ____D C:\Users\Kostík a Irenočka\AppData\Local\Nokia
2017-03-13 10:47 - 2014-12-17 19:38 - 00000000 ____D C:\ProgramData\Nokia
2017-03-13 10:43 - 2016-07-25 10:15 - 00001080 _____ C:\Users\Public\Desktop\ClipGrab.lnk
2017-03-13 10:43 - 2016-07-25 10:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClipGrab
2017-03-13 10:43 - 2016-07-25 10:15 - 00000000 ____D C:\Program Files (x86)\ClipGrab
2017-03-13 10:43 - 2015-06-17 15:48 - 00000865 _____ C:\Users\Kostík a Irenočka\Desktop\HandBrake.lnk
2017-03-13 10:43 - 2015-06-17 15:48 - 00000000 ____D C:\Program Files\Handbrake
2017-03-13 10:41 - 2014-12-17 19:13 - 00000000 ____D C:\ProgramData\Temp
2017-03-13 10:40 - 2015-03-29 16:48 - 00000000 ____D C:\Users\Kostík a Irenočka\AppData\Roaming\AnvSoft
2017-03-13 10:31 - 2014-12-18 19:23 - 00000000 ____D C:\Users\Kostík a Irenočka\Documents\Bigasoft Total Video Converter
2017-03-13 10:29 - 2016-08-05 19:03 - 00004016 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1450638431
2017-03-13 10:29 - 2015-12-20 20:07 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-13 10:26 - 2014-12-17 20:01 - 00000000 ____D C:\Program Files (x86)\UltraISO
2017-03-13 10:21 - 2014-12-17 19:58 - 00000000 ____D C:\Program Files (x86)\EaseUS
2017-03-13 10:16 - 2015-03-15 16:06 - 00000000 ____D C:\Program Files\Lacey
2017-03-13 10:13 - 2016-02-11 12:31 - 00000000 ____D C:\Program Files (x86)\Subtitle Edit
2017-03-13 10:11 - 2014-12-17 19:41 - 00000000 ____D C:\Users\Kostík a Irenočka\AppData\Roaming\Skype
2017-03-13 10:08 - 2016-02-11 10:25 - 00000000 ____D C:\Users\Kostík a Irenočka\AppData\Roaming\AIMP
2017-03-13 10:08 - 2016-02-11 10:25 - 00000000 ____D C:\Program Files (x86)\AIMP
2017-03-13 09:58 - 2017-01-04 14:20 - 00003250 _____ C:\WINDOWS\System32\Tasks\klcp_update
2017-03-13 09:58 - 2017-01-04 14:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2017-03-13 09:58 - 2016-04-20 12:49 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2017-03-13 09:56 - 2016-06-14 08:35 - 00002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-13 09:56 - 2016-06-14 08:35 - 00002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-13 09:54 - 2016-02-29 17:09 - 00000000 ____D C:\Program Files\Microsoft Office
2017-03-02 11:23 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-02 10:12 - 2015-03-29 16:29 - 00032088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-03-02 10:12 - 2015-03-15 15:08 - 00993608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-03-02 10:12 - 2015-03-15 15:08 - 00337592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-03-02 10:12 - 2015-03-15 15:08 - 00162528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-03-02 10:12 - 2015-03-15 15:08 - 00126600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-03-02 10:12 - 2015-03-15 15:08 - 00100640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-03-02 10:12 - 2015-03-15 15:08 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-03-02 10:12 - 2015-03-15 15:08 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-03-02 10:11 - 2016-02-11 13:03 - 00461640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2017-03-02 06:49 - 2014-12-18 19:49 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-24 16:04 - 2014-12-18 18:55 - 00000000 ____D C:\ProgramData\ashampoo
2017-02-24 15:45 - 2015-01-02 22:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-24 15:37 - 2016-05-23 07:45 - 00000000 ____D C:\ProgramData\AMD
2017-02-24 15:35 - 2015-01-17 20:21 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-24 01:51 - 2016-08-05 19:03 - 00003900 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-02-24 01:51 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-24 01:51 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-23 22:09 - 2016-11-17 20:37 - 00002042 _____ C:\Users\Kostík a Irenočka\Desktop\dreamboxEDIT (x64).lnk
2017-02-23 20:31 - 2015-10-29 14:20 - 00001666 _____ C:\Users\Kostík a Irenočka\Desktop\File Joiner.lnk
2017-02-23 15:58 - 2015-11-17 12:07 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-23 09:30 - 2014-12-16 19:22 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 09:22 - 2014-12-16 19:22 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 09:17 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 09:15 - 2014-12-17 19:14 - 00000000 ____D C:\Users\Kostík a Irenočka\AppData\Local\ElevatedDiagnostics
2017-02-23 08:57 - 2014-12-17 19:41 - 00000000 ____D C:\ProgramData\Skype
2017-02-20 13:15 - 2014-12-21 22:55 - 00000000 ____D C:\Users\Kostík a Irenočka\AppData\Roaming\Notepad++
2017-02-20 13:11 - 2014-12-18 17:46 - 00000000 ____D C:\Program Files\CCleaner
2017-02-20 13:01 - 2014-12-16 19:11 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-02-20 12:37 - 2015-03-15 15:08 - 00337080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.148759070714004
==================== Files in the root of some directories =======
2014-07-10 07:16 - 2014-07-10 07:16 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2015-06-10 14:22 - 2015-06-10 14:30 - 0001043 _____ () C:\Users\Kostík a Irenočka\AppData\Roaming\coreavc.ini
2015-01-01 23:14 - 2015-01-01 23:14 - 0000055 _____ () C:\Users\Kostík a Irenočka\AppData\Roaming\pcouffin.log
2016-11-22 16:05 - 2016-11-22 16:05 - 0000218 _____ () C:\Users\Kostík a Irenočka\AppData\Local\recently-used.xbel
2014-12-27 13:12 - 2014-12-27 13:12 - 0007597 _____ () C:\Users\Kostík a Irenočka\AppData\Local\Resmon.ResmonCfg
2016-08-05 18:42 - 2016-08-05 18:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-17 18:41 - 2014-12-17 18:49 - 0000871 _____ () C:\ProgramData\hpzinstall.log
2016-04-26 13:17 - 2016-04-26 13:17 - 0000016 _____ () C:\ProgramData\mntemp
2016-03-21 14:08 - 2016-03-21 14:08 - 0012579 _____ () C:\ProgramData\mxnhytee.feu
Some files in TEMP:
====================
2017-03-13 10:42 - 2017-03-13 10:42 - 10563556 _____ () C:\Users\Kostík a Irenočka\AppData\Local\Temp\handbrake-setup.exe
2017-03-13 10:47 - 2017-03-13 10:47 - 0001536 _____ () C:\Users\Kostík a Irenočka\AppData\Local\Temp\NOSEventMessages.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-03-13 10:54
==================== End of FRST.txt ============================
