Prosim o kontrolu logu
Napsal: 05 kvě 2018 14:28
Prosim o kontrolu logu, PC je extrémně pomalý, spousta aplikací padá a padají i celý W.
Log z nouzového režimu.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.05.2018
Ran by admin (administrator) on E130-1 (05-05-2018 15:21:27)
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available Profiles: admin)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Ghisler Software GmbH) C:\Program Files\Total_CMD\TOTALCMD64.EXE
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [HotKeysCmds] => C:\windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\windows\system32\igfxpers.exe
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [222720 2012-08-24] (Lenovo.)
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [1010784 2012-08-20] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [564320 2012-08-13] (Lenovo Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2950456 2012-10-02] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [IntelSBA] => C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4267784 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-736925393-32956484-3246383293-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\admin\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-736925393-32956484-3246383293-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\admin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-736925393-32956484-3246383293-1001\...\Run: [icq] => C:\Users\admin\AppData\Roaming\ICQM\icq.exe -CU
HKU\S-1-5-21-736925393-32956484-3246383293-1001\...\Run: [Dropbox Update] => C:\Users\admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-736925393-32956484-3246383293-1001\...\Run: [DoUSBC120] => C:\Users\admin\AppData\Local\Temp\dlusb_launcherC120.exe [110592 2011-10-06] (Grain Media, Inc.) <==== ATTENTION
HKU\S-1-5-21-736925393-32956484-3246383293-1001\...\MountPoints2: {cd481d36-f3ed-11e7-803b-84a6c8a94d08} - "D:\dlusb_launcherC120.exe"
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-11-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CHR HKU\S-1-5-21-736925393-32956484-3246383293-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{1263D2F0-6501-4E35-9CCB-D6E624B0475F}: [NameServer] 192.168.0.1
Tcpip\..\Interfaces\{F1AD31C3-019C-41FD-9E73-206B93866F0A}: [DhcpNameServer] 192.168.11.1
Internet Explorer:
==================
HKU\S-1-5-21-736925393-32956484-3246383293-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-736925393-32956484-3246383293-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {2DF0B86C-122F-4496-A785-EFE9B3E4600A} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {33F9CBF5-35F3-412B-8AB5-CA68F4D7E81C} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {4D27816B-AEF9-4569-8FB0-4CA6AE51ABF2} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {5A50FCE8-E568-4C85-A91B-E7BD025917DF} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {7B717EA5-A003-4CFD-A3A9-C0A9B946DC27} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://mysearch.avg.com/search?cid={948B22DD-3FD1-42C0-B561-DA1D4B3AEE25}&mid=0c6b0b7ec7e247d29d70d9d747d1633a-dd53ade549d18eb4c64b805618243655e25a774c&lang=en&ds=sc011&coid=avgtbdissc&cmpid=&pr=sa&d=2014-05-02 11:56:48&v=18.1.0.443&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {95BFC9E7-A066-4B46-9187-58280AB03E59} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {CC3E3C79-05F7-4AD1-800C-3F34A4EA9ED2} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {D662B72E-B19D-48EE-9BEF-5A64C9C5D13A} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {FA2BEAB7-E831-4D61-82D7-7AE3F875B0A8} URL = hxxp://tuvaro.com/ws/?source=4c3f95e5&tbp=rbox&toolbarid=base&u=9443e5c000000000000086a6c8a94d05&q={searchTerms}
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {FBB57CC0-8630-4093-B3E5-1CCD3A737A7E} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-02-15] (Microsoft Corporation)
BHO: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL [2012-08-31] (AuthenTec Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll => No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH)
BHO-x32: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll [2012-08-31] (AuthenTec Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll [2014-08-11] (AVG Secure Search)
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF => not found
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: (PDF Architect 2 Creator) - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-01-15] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: (ESET Smart Security Extension) - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-10-20] [Legacy] [not signed]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll [2012-08-31] (AuthenTec, Inc)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
Chrome:
=======
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2018-05-05]
CHR Extension: (Prezentace) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-05]
CHR Extension: (Dokumenty) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-05]
CHR Extension: (Disk Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-05]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-05]
CHR Extension: (Adobe Acrobat) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-05-05]
CHR Extension: (Tabulky) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-05-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-05]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-05-05]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-05]
CHR HKU\S-1-5-21-736925393-32956484-3246383293-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
S2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139496 2012-08-31] (AuthenTec, Inc)
S2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-19] (Intel Corporation)
S2 intelsba; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [47368 2012-07-12] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
S2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [559504 2012-08-16] (LENOVO INCORPORATED.)
S2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [222304 2012-08-13] (Lenovo Corporation)
S2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-11] (Lenovo Group Limited)
S2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [457824 2012-08-20] (Lenovo)
S2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [458336 2012-08-15] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21928 2012-08-16] ()
S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
S3 TrueService; "C:\Program Files\Common Files\AuthenTec\TrueService.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [29208 2014-08-12] ()
S1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
S1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
S2 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
S0 epfwwfp; C:\WINDOWS\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
S3 MbmUsbSerial; C:\WINDOWS\System32\Drivers\MbmUsbSerial.sys [72704 2012-07-04] (Ericsson AB)
R3 MkBusFilter; C:\WINDOWS\System32\drivers\MbmDeviceFilter.sys [25600 2012-06-08] (Ericsson AB)
S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [922968 2016-10-12] (Microsoft Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-02] (Synaptics Incorporated)
S3 SWIX64; C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys [33856 2011-06-16] (Lenovo Group Limited)
S3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [1049984 2013-04-30] (Vimicro Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 XHCIPort; C:\WINDOWS\System32\drivers\XHCIPort.sys [188384 2012-08-10] (Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-05-05 15:21 - 2018-05-05 15:22 - 000019491 _____ C:\Users\admin\Desktop\FRST.txt
2018-05-05 15:20 - 2018-05-05 15:21 - 000000000 ____D C:\FRST
2018-05-05 15:20 - 2018-05-05 15:20 - 000000000 ____D C:\Users\admin\Desktop\zachrana
2018-05-05 15:20 - 2018-05-05 15:14 - 002405376 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2018-05-05 15:04 - 2018-05-05 15:04 - 000000000 __SHD C:\found.003
2018-05-05 14:49 - 2018-05-05 14:49 - 000000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics
2018-05-05 13:58 - 2018-05-05 13:58 - 002405376 _____ (Farbar) C:\Users\admin\Downloads\FRST64 (1).exe
2018-05-05 13:57 - 2018-05-05 13:58 - 002405376 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2018-05-05 13:42 - 2018-05-05 13:42 - 000112640 _____ (forum.viry.cz) C:\Users\admin\Downloads\4a10af8e-a405-47b9-a41e-354010654514.tmp
2018-05-05 13:35 - 2018-05-05 13:35 - 000000000 ____D C:\Users\admin\AppData\Local\Google
2018-05-05 13:23 - 2018-05-05 13:23 - 000000000 _____ C:\Recovery.txt
2018-05-05 13:17 - 2018-05-05 13:17 - 000286440 _____ C:\WINDOWS\Minidump\050518-16640-01.dmp
2018-05-05 13:16 - 2018-05-05 13:16 - 000290192 _____ C:\WINDOWS\Minidump\050518-16484-01.dmp
2018-05-05 12:41 - 2018-05-05 12:41 - 000288760 _____ C:\WINDOWS\Minidump\050518-29984-01.dmp
2018-05-05 12:01 - 2018-05-05 12:01 - 000289632 _____ C:\WINDOWS\Minidump\050518-133906-01.dmp
2018-05-03 19:42 - 2018-05-03 19:42 - 000000000 __SHD C:\found.002
2018-05-03 19:24 - 2018-05-03 19:24 - 000290192 _____ C:\WINDOWS\Minidump\050318-18921-01.dmp
2018-05-03 18:24 - 2018-05-03 18:24 - 000000000 __SHD C:\found.001
2018-05-02 22:31 - 2018-05-02 22:31 - 000290192 _____ C:\WINDOWS\Minidump\050218-19781-01.dmp
2018-05-02 20:57 - 2018-05-02 20:58 - 000290136 _____ C:\WINDOWS\Minidump\050218-22703-01.dmp
2018-05-02 20:50 - 2018-05-02 20:50 - 000000000 ____D C:\Users\admin\AppData\Roaming\vlc
2018-05-02 20:08 - 2018-05-02 20:08 - 000290192 _____ C:\WINDOWS\Minidump\050218-33656-01.dmp
2018-05-02 19:27 - 2018-05-02 19:27 - 000000000 ____D C:\ProgramData\TrueSuite
2018-05-02 19:26 - 2018-05-02 19:26 - 000290192 _____ C:\WINDOWS\Minidump\050218-31234-01.dmp
2018-05-02 18:54 - 2018-05-02 18:54 - 000290192 _____ C:\WINDOWS\Minidump\050218-31140-01.dmp
2018-05-02 18:10 - 2018-05-02 18:10 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2018-05-02 18:09 - 2018-05-02 18:10 - 000290192 _____ C:\WINDOWS\Minidump\050218-120390-01.dmp
2018-05-02 17:43 - 2018-05-02 17:43 - 000289272 _____ C:\WINDOWS\Minidump\050218-127703-01.dmp
2018-05-02 17:20 - 2018-05-02 17:20 - 000000000 __SHD C:\found.000
2018-05-01 22:57 - 2018-05-01 22:57 - 000290224 _____ C:\WINDOWS\Minidump\050118-132812-01.dmp
2018-05-01 21:52 - 2018-05-01 21:53 - 000286840 _____ C:\WINDOWS\Minidump\050118-28390-01.dmp
2018-05-01 21:21 - 2018-05-01 21:21 - 000286696 _____ C:\WINDOWS\Minidump\050118-24671-01.dmp
2018-05-01 20:45 - 2018-05-01 20:46 - 000290240 _____ C:\WINDOWS\Minidump\050118-134734-01.dmp
2018-04-26 23:07 - 2018-04-26 23:07 - 000000000 ____D C:\Users\admin\AppData\Roaming\vlc-BackupByVLCPortable
2018-04-19 19:33 - 2018-04-19 19:34 - 000290120 _____ C:\WINDOWS\Minidump\041918-160875-01.dmp
2018-04-18 19:33 - 2018-04-18 19:33 - 000290240 _____ C:\WINDOWS\Minidump\041818-132609-01.dmp
2018-04-11 18:26 - 2018-03-23 15:50 - 004168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2018-04-11 18:26 - 2018-03-23 01:00 - 025742336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-04-11 18:26 - 2018-03-22 23:26 - 020287488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-04-11 18:26 - 2018-03-22 23:17 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-04-11 18:26 - 2018-03-22 23:15 - 005780480 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-04-11 18:26 - 2018-03-22 23:06 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-04-11 18:26 - 2018-03-22 22:52 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-04-11 18:26 - 2018-03-22 22:42 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-04-11 18:26 - 2018-03-22 22:37 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-04-11 18:26 - 2018-03-22 22:29 - 015282688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-04-11 18:26 - 2018-03-22 22:29 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-04-11 18:26 - 2018-03-22 22:29 - 000728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-04-11 18:26 - 2018-03-22 22:29 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-04-11 18:26 - 2018-03-22 22:27 - 002135552 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-04-11 18:26 - 2018-03-22 22:21 - 004496896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-04-11 18:26 - 2018-03-22 22:20 - 013680128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-04-11 18:26 - 2018-03-22 22:20 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-04-11 18:26 - 2018-03-22 22:15 - 003241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-04-11 18:26 - 2018-03-22 22:15 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-04-11 18:26 - 2018-03-22 22:15 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-04-11 18:26 - 2018-03-22 22:14 - 002059776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-04-11 18:26 - 2018-03-22 22:04 - 001545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-04-11 18:26 - 2018-03-22 21:55 - 002767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-04-11 18:26 - 2018-03-22 21:53 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-04-11 18:26 - 2018-03-22 21:52 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-04-11 18:26 - 2018-03-22 21:51 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-04-11 18:26 - 2018-03-10 19:50 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-04-11 18:26 - 2018-03-10 02:16 - 001549136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-04-11 18:26 - 2018-03-10 02:16 - 000388440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-04-11 18:26 - 2018-03-09 23:20 - 007405392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-04-11 18:26 - 2018-03-09 23:20 - 001737592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-04-11 18:26 - 2018-03-09 23:20 - 001676056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-04-11 18:26 - 2018-03-09 23:20 - 001536112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-04-11 18:26 - 2018-03-09 23:20 - 001500424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-04-11 18:26 - 2018-03-09 23:20 - 001371344 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-04-11 18:26 - 2018-03-09 23:20 - 000418640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-04-11 18:26 - 2018-03-09 21:59 - 000121168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-04-11 18:26 - 2018-03-09 16:52 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-04-11 18:26 - 2018-03-09 16:52 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-04-11 18:26 - 2018-03-09 16:52 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-04-11 18:26 - 2018-03-09 16:52 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-04-11 18:26 - 2018-03-08 20:15 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2018-04-11 18:26 - 2018-03-08 20:14 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2018-04-11 18:26 - 2018-03-08 16:21 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-04-11 18:26 - 2018-03-08 01:46 - 000202576 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-04-11 18:26 - 2018-03-08 01:42 - 000174928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-04-11 18:26 - 2018-03-07 21:28 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsnmp32.dll
2018-04-11 18:26 - 2018-03-07 20:26 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsnmp32.dll
2018-04-11 18:26 - 2018-03-03 19:44 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-04-11 18:26 - 2018-03-03 19:04 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-04-11 18:26 - 2018-02-10 03:29 - 000531632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-04-11 18:26 - 2018-02-10 03:25 - 001137872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-04-11 18:26 - 2018-02-09 19:44 - 000276304 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-04-11 18:26 - 2018-02-09 19:21 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-04-11 18:26 - 2018-02-08 20:53 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2018-04-11 18:26 - 2018-02-08 20:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2018-04-11 18:26 - 2018-02-08 20:18 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-04-11 18:26 - 2018-02-08 20:03 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-04-11 18:26 - 2018-02-08 19:49 - 000289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2018-04-11 18:26 - 2018-02-08 19:42 - 001001984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2018-04-11 18:26 - 2018-02-08 19:42 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2018-04-11 18:26 - 2018-02-08 19:40 - 001096192 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-04-11 18:26 - 2018-02-08 19:38 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-04-11 18:26 - 2018-02-08 19:27 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2018-04-11 18:26 - 2018-02-08 19:24 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-04-11 18:26 - 2018-02-08 19:03 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2018-04-11 18:26 - 2018-02-08 19:03 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2018-04-11 18:26 - 2018-01-25 16:19 - 000995272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-04-11 18:26 - 2018-01-25 16:14 - 000922944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-04-11 18:24 - 2018-03-16 20:51 - 000144000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-04-11 18:24 - 2018-03-14 15:23 - 001993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-04-11 18:24 - 2018-03-14 15:23 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-04-11 18:24 - 2018-03-14 15:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-04-11 18:24 - 2018-03-14 15:23 - 000656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-04-11 18:24 - 2018-03-14 15:23 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-04-11 18:24 - 2018-03-14 15:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2018-04-11 18:24 - 2018-03-14 15:23 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-04-11 18:24 - 2018-03-14 15:23 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-04-11 18:24 - 2018-03-14 15:23 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-05-05 15:20 - 2014-09-24 18:23 - 000005426 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-05 15:20 - 2014-09-24 17:39 - 000732608 _____ C:\WINDOWS\system32\perfh005.dat
2018-05-05 15:20 - 2014-09-24 17:39 - 000149518 _____ C:\WINDOWS\system32\perfc005.dat
2018-05-05 15:20 - 2013-06-26 21:21 - 000000000 ____D C:\Users\admin\AppData\Local\GHISLER
2018-05-05 14:48 - 2014-10-20 11:54 - 001841860 _____ C:\WINDOWS\ntbtlog.txt
2018-05-05 14:43 - 2015-08-29 14:25 - 000000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0e255bd4c6ddf.job
2018-05-05 14:43 - 2013-06-26 19:18 - 000000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2018-05-05 14:42 - 2016-02-02 18:30 - 000000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d15dd7f79d79c.job
2018-05-05 14:42 - 2015-05-17 14:18 - 000000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0909ba687ea90.job
2018-05-05 14:42 - 2014-05-28 09:57 - 000000388 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_0414c_rmv.job
2018-05-05 14:42 - 2014-05-28 09:57 - 000000388 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_0414c_rel.job
2018-05-05 14:42 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-05 14:37 - 2012-12-08 04:39 - 000000000 ____D C:\Users\admin\AppData\LocalLow\AuthenTec
2018-05-05 14:30 - 2013-10-01 09:26 - 001129984 ___SH C:\Users\admin\Desktop\Thumbs.db
2018-05-05 14:30 - 2013-06-26 19:18 - 000000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2018-05-05 14:01 - 2017-12-10 21:43 - 343742297 _____ C:\WINDOWS\MEMORY.DMP
2018-05-05 13:59 - 2012-10-26 13:35 - 004020617 _____ C:\ProgramData\MH_ErrorLog.txt
2018-05-05 13:57 - 2013-11-13 15:54 - 000000000 ___RD C:\Users\admin\Dropbox
2018-05-05 13:49 - 2014-11-05 13:16 - 000000000 ____D C:\Users\admin
2018-05-05 13:38 - 2013-10-18 14:01 - 000000000 ____D C:\Users\admin\AppData\Roaming\Seznam.cz
2018-05-05 13:21 - 2015-06-28 20:16 - 000000932 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-736925393-32956484-3246383293-1001UA.job
2018-05-05 13:17 - 2017-12-10 21:44 - 000000000 ____D C:\WINDOWS\Minidump
2018-05-02 17:57 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2018-05-01 21:08 - 2016-05-11 18:31 - 000003050 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d1aba28685bd79
2018-04-27 07:29 - 2012-12-07 23:43 - 000003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-736925393-32956484-3246383293-1001
2018-04-27 00:33 - 2013-06-26 19:19 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-04-27 00:33 - 2013-06-26 19:19 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-04-23 21:25 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-04-17 21:12 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
2018-04-17 20:52 - 2018-02-20 19:41 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-04-17 20:51 - 2013-08-22 16:44 - 000521696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-04-17 20:45 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData
2018-04-11 19:56 - 2013-09-28 15:59 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-04-11 19:51 - 2013-07-18 18:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-04-11 19:41 - 2017-10-12 21:29 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-04-11 19:41 - 2012-12-16 20:36 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-04-11 19:41 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-04-11 19:34 - 2012-07-26 07:26 - 000000167 _____ C:\WINDOWS\win.ini
==================== Files in the root of some directories =======
2012-12-08 04:40 - 2012-12-12 15:52 - 000001524 _____ () C:\Users\admin\AppData\Roaming\AbsoluteReminder.xml
2013-07-08 23:39 - 2015-06-07 20:41 - 000012288 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Files to move or delete:
====================
C:\Users\admin\AppData\Local\Temp\dlusb_launcherC120.exe
Some files in TEMP:
====================
2018-01-11 18:48 - 2011-07-25 11:30 - 000434176 _____ () C:\Users\admin\AppData\Local\Temp\awiscale.dll
2018-01-11 18:48 - 2011-09-15 14:08 - 000147456 _____ () C:\Users\admin\AppData\Local\Temp\DLCapAPI.dll
2018-01-11 18:48 - 2011-10-06 04:28 - 000110592 _____ (Grain Media, Inc.) C:\Users\admin\AppData\Local\Temp\dlusb_launcherC120.exe
2018-05-02 17:59 - 2018-05-02 17:59 - 000000000 _____ () C:\Users\admin\AppData\Local\Temp\x5nvllvu.dll
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\nsprs.dll
C:\Windows\SysWOW64\serauth1.dll
C:\Windows\SysWOW64\serauth2.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-03 19:35
==================== End of FRST.txt ============================
Log z nouzového režimu.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.05.2018
Ran by admin (administrator) on E130-1 (05-05-2018 15:21:27)
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available Profiles: admin)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Ghisler Software GmbH) C:\Program Files\Total_CMD\TOTALCMD64.EXE
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [HotKeysCmds] => C:\windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\windows\system32\igfxpers.exe
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [222720 2012-08-24] (Lenovo.)
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [1010784 2012-08-20] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [564320 2012-08-13] (Lenovo Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2950456 2012-10-02] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [IntelSBA] => C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4267784 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-736925393-32956484-3246383293-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\admin\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-736925393-32956484-3246383293-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\admin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-736925393-32956484-3246383293-1001\...\Run: [icq] => C:\Users\admin\AppData\Roaming\ICQM\icq.exe -CU
HKU\S-1-5-21-736925393-32956484-3246383293-1001\...\Run: [Dropbox Update] => C:\Users\admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-736925393-32956484-3246383293-1001\...\Run: [DoUSBC120] => C:\Users\admin\AppData\Local\Temp\dlusb_launcherC120.exe [110592 2011-10-06] (Grain Media, Inc.) <==== ATTENTION
HKU\S-1-5-21-736925393-32956484-3246383293-1001\...\MountPoints2: {cd481d36-f3ed-11e7-803b-84a6c8a94d08} - "D:\dlusb_launcherC120.exe"
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-11-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CHR HKU\S-1-5-21-736925393-32956484-3246383293-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{1263D2F0-6501-4E35-9CCB-D6E624B0475F}: [NameServer] 192.168.0.1
Tcpip\..\Interfaces\{F1AD31C3-019C-41FD-9E73-206B93866F0A}: [DhcpNameServer] 192.168.11.1
Internet Explorer:
==================
HKU\S-1-5-21-736925393-32956484-3246383293-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-736925393-32956484-3246383293-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {2DF0B86C-122F-4496-A785-EFE9B3E4600A} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {33F9CBF5-35F3-412B-8AB5-CA68F4D7E81C} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {4D27816B-AEF9-4569-8FB0-4CA6AE51ABF2} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {5A50FCE8-E568-4C85-A91B-E7BD025917DF} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {7B717EA5-A003-4CFD-A3A9-C0A9B946DC27} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://mysearch.avg.com/search?cid={948B22DD-3FD1-42C0-B561-DA1D4B3AEE25}&mid=0c6b0b7ec7e247d29d70d9d747d1633a-dd53ade549d18eb4c64b805618243655e25a774c&lang=en&ds=sc011&coid=avgtbdissc&cmpid=&pr=sa&d=2014-05-02 11:56:48&v=18.1.0.443&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {95BFC9E7-A066-4B46-9187-58280AB03E59} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {CC3E3C79-05F7-4AD1-800C-3F34A4EA9ED2} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {D662B72E-B19D-48EE-9BEF-5A64C9C5D13A} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {FA2BEAB7-E831-4D61-82D7-7AE3F875B0A8} URL = hxxp://tuvaro.com/ws/?source=4c3f95e5&tbp=rbox&toolbarid=base&u=9443e5c000000000000086a6c8a94d05&q={searchTerms}
SearchScopes: HKU\S-1-5-21-736925393-32956484-3246383293-1001 -> {FBB57CC0-8630-4093-B3E5-1CCD3A737A7E} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-02-15] (Microsoft Corporation)
BHO: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL [2012-08-31] (AuthenTec Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll => No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH)
BHO-x32: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll [2012-08-31] (AuthenTec Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll [2014-08-11] (AVG Secure Search)
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF => not found
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: (PDF Architect 2 Creator) - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-01-15] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: (ESET Smart Security Extension) - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-10-20] [Legacy] [not signed]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll [2012-08-31] (AuthenTec, Inc)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
Chrome:
=======
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2018-05-05]
CHR Extension: (Prezentace) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-05]
CHR Extension: (Dokumenty) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-05]
CHR Extension: (Disk Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-05]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-05]
CHR Extension: (Adobe Acrobat) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-05-05]
CHR Extension: (Tabulky) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-05-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-05]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-05-05]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-05]
CHR HKU\S-1-5-21-736925393-32956484-3246383293-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
S2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139496 2012-08-31] (AuthenTec, Inc)
S2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-19] (Intel Corporation)
S2 intelsba; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [47368 2012-07-12] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
S2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [559504 2012-08-16] (LENOVO INCORPORATED.)
S2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [222304 2012-08-13] (Lenovo Corporation)
S2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-11] (Lenovo Group Limited)
S2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [457824 2012-08-20] (Lenovo)
S2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [458336 2012-08-15] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21928 2012-08-16] ()
S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
S3 TrueService; "C:\Program Files\Common Files\AuthenTec\TrueService.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [29208 2014-08-12] ()
S1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
S1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
S2 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
S0 epfwwfp; C:\WINDOWS\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
S3 MbmUsbSerial; C:\WINDOWS\System32\Drivers\MbmUsbSerial.sys [72704 2012-07-04] (Ericsson AB)
R3 MkBusFilter; C:\WINDOWS\System32\drivers\MbmDeviceFilter.sys [25600 2012-06-08] (Ericsson AB)
S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [922968 2016-10-12] (Microsoft Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-02] (Synaptics Incorporated)
S3 SWIX64; C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys [33856 2011-06-16] (Lenovo Group Limited)
S3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [1049984 2013-04-30] (Vimicro Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 XHCIPort; C:\WINDOWS\System32\drivers\XHCIPort.sys [188384 2012-08-10] (Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-05-05 15:21 - 2018-05-05 15:22 - 000019491 _____ C:\Users\admin\Desktop\FRST.txt
2018-05-05 15:20 - 2018-05-05 15:21 - 000000000 ____D C:\FRST
2018-05-05 15:20 - 2018-05-05 15:20 - 000000000 ____D C:\Users\admin\Desktop\zachrana
2018-05-05 15:20 - 2018-05-05 15:14 - 002405376 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2018-05-05 15:04 - 2018-05-05 15:04 - 000000000 __SHD C:\found.003
2018-05-05 14:49 - 2018-05-05 14:49 - 000000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics
2018-05-05 13:58 - 2018-05-05 13:58 - 002405376 _____ (Farbar) C:\Users\admin\Downloads\FRST64 (1).exe
2018-05-05 13:57 - 2018-05-05 13:58 - 002405376 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2018-05-05 13:42 - 2018-05-05 13:42 - 000112640 _____ (forum.viry.cz) C:\Users\admin\Downloads\4a10af8e-a405-47b9-a41e-354010654514.tmp
2018-05-05 13:35 - 2018-05-05 13:35 - 000000000 ____D C:\Users\admin\AppData\Local\Google
2018-05-05 13:23 - 2018-05-05 13:23 - 000000000 _____ C:\Recovery.txt
2018-05-05 13:17 - 2018-05-05 13:17 - 000286440 _____ C:\WINDOWS\Minidump\050518-16640-01.dmp
2018-05-05 13:16 - 2018-05-05 13:16 - 000290192 _____ C:\WINDOWS\Minidump\050518-16484-01.dmp
2018-05-05 12:41 - 2018-05-05 12:41 - 000288760 _____ C:\WINDOWS\Minidump\050518-29984-01.dmp
2018-05-05 12:01 - 2018-05-05 12:01 - 000289632 _____ C:\WINDOWS\Minidump\050518-133906-01.dmp
2018-05-03 19:42 - 2018-05-03 19:42 - 000000000 __SHD C:\found.002
2018-05-03 19:24 - 2018-05-03 19:24 - 000290192 _____ C:\WINDOWS\Minidump\050318-18921-01.dmp
2018-05-03 18:24 - 2018-05-03 18:24 - 000000000 __SHD C:\found.001
2018-05-02 22:31 - 2018-05-02 22:31 - 000290192 _____ C:\WINDOWS\Minidump\050218-19781-01.dmp
2018-05-02 20:57 - 2018-05-02 20:58 - 000290136 _____ C:\WINDOWS\Minidump\050218-22703-01.dmp
2018-05-02 20:50 - 2018-05-02 20:50 - 000000000 ____D C:\Users\admin\AppData\Roaming\vlc
2018-05-02 20:08 - 2018-05-02 20:08 - 000290192 _____ C:\WINDOWS\Minidump\050218-33656-01.dmp
2018-05-02 19:27 - 2018-05-02 19:27 - 000000000 ____D C:\ProgramData\TrueSuite
2018-05-02 19:26 - 2018-05-02 19:26 - 000290192 _____ C:\WINDOWS\Minidump\050218-31234-01.dmp
2018-05-02 18:54 - 2018-05-02 18:54 - 000290192 _____ C:\WINDOWS\Minidump\050218-31140-01.dmp
2018-05-02 18:10 - 2018-05-02 18:10 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2018-05-02 18:09 - 2018-05-02 18:10 - 000290192 _____ C:\WINDOWS\Minidump\050218-120390-01.dmp
2018-05-02 17:43 - 2018-05-02 17:43 - 000289272 _____ C:\WINDOWS\Minidump\050218-127703-01.dmp
2018-05-02 17:20 - 2018-05-02 17:20 - 000000000 __SHD C:\found.000
2018-05-01 22:57 - 2018-05-01 22:57 - 000290224 _____ C:\WINDOWS\Minidump\050118-132812-01.dmp
2018-05-01 21:52 - 2018-05-01 21:53 - 000286840 _____ C:\WINDOWS\Minidump\050118-28390-01.dmp
2018-05-01 21:21 - 2018-05-01 21:21 - 000286696 _____ C:\WINDOWS\Minidump\050118-24671-01.dmp
2018-05-01 20:45 - 2018-05-01 20:46 - 000290240 _____ C:\WINDOWS\Minidump\050118-134734-01.dmp
2018-04-26 23:07 - 2018-04-26 23:07 - 000000000 ____D C:\Users\admin\AppData\Roaming\vlc-BackupByVLCPortable
2018-04-19 19:33 - 2018-04-19 19:34 - 000290120 _____ C:\WINDOWS\Minidump\041918-160875-01.dmp
2018-04-18 19:33 - 2018-04-18 19:33 - 000290240 _____ C:\WINDOWS\Minidump\041818-132609-01.dmp
2018-04-11 18:26 - 2018-03-23 15:50 - 004168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2018-04-11 18:26 - 2018-03-23 01:00 - 025742336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-04-11 18:26 - 2018-03-22 23:26 - 020287488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-04-11 18:26 - 2018-03-22 23:17 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-04-11 18:26 - 2018-03-22 23:15 - 005780480 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-04-11 18:26 - 2018-03-22 23:06 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-04-11 18:26 - 2018-03-22 22:52 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-04-11 18:26 - 2018-03-22 22:42 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-04-11 18:26 - 2018-03-22 22:37 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-04-11 18:26 - 2018-03-22 22:29 - 015282688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-04-11 18:26 - 2018-03-22 22:29 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-04-11 18:26 - 2018-03-22 22:29 - 000728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-04-11 18:26 - 2018-03-22 22:29 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-04-11 18:26 - 2018-03-22 22:27 - 002135552 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-04-11 18:26 - 2018-03-22 22:21 - 004496896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-04-11 18:26 - 2018-03-22 22:20 - 013680128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-04-11 18:26 - 2018-03-22 22:20 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-04-11 18:26 - 2018-03-22 22:15 - 003241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-04-11 18:26 - 2018-03-22 22:15 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-04-11 18:26 - 2018-03-22 22:15 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-04-11 18:26 - 2018-03-22 22:14 - 002059776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-04-11 18:26 - 2018-03-22 22:04 - 001545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-04-11 18:26 - 2018-03-22 21:55 - 002767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-04-11 18:26 - 2018-03-22 21:53 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-04-11 18:26 - 2018-03-22 21:52 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-04-11 18:26 - 2018-03-22 21:51 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-04-11 18:26 - 2018-03-10 19:50 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-04-11 18:26 - 2018-03-10 02:16 - 001549136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-04-11 18:26 - 2018-03-10 02:16 - 000388440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-04-11 18:26 - 2018-03-09 23:20 - 007405392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-04-11 18:26 - 2018-03-09 23:20 - 001737592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-04-11 18:26 - 2018-03-09 23:20 - 001676056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-04-11 18:26 - 2018-03-09 23:20 - 001536112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-04-11 18:26 - 2018-03-09 23:20 - 001500424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-04-11 18:26 - 2018-03-09 23:20 - 001371344 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-04-11 18:26 - 2018-03-09 23:20 - 000418640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-04-11 18:26 - 2018-03-09 21:59 - 000121168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-04-11 18:26 - 2018-03-09 16:52 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-04-11 18:26 - 2018-03-09 16:52 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-04-11 18:26 - 2018-03-09 16:52 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-04-11 18:26 - 2018-03-09 16:52 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-04-11 18:26 - 2018-03-08 20:15 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2018-04-11 18:26 - 2018-03-08 20:14 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2018-04-11 18:26 - 2018-03-08 16:21 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-04-11 18:26 - 2018-03-08 01:46 - 000202576 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-04-11 18:26 - 2018-03-08 01:42 - 000174928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-04-11 18:26 - 2018-03-07 21:28 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsnmp32.dll
2018-04-11 18:26 - 2018-03-07 20:26 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsnmp32.dll
2018-04-11 18:26 - 2018-03-03 19:44 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-04-11 18:26 - 2018-03-03 19:04 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-04-11 18:26 - 2018-02-10 03:29 - 000531632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-04-11 18:26 - 2018-02-10 03:25 - 001137872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-04-11 18:26 - 2018-02-09 19:44 - 000276304 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-04-11 18:26 - 2018-02-09 19:21 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-04-11 18:26 - 2018-02-08 20:53 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2018-04-11 18:26 - 2018-02-08 20:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2018-04-11 18:26 - 2018-02-08 20:18 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-04-11 18:26 - 2018-02-08 20:03 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-04-11 18:26 - 2018-02-08 19:49 - 000289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2018-04-11 18:26 - 2018-02-08 19:42 - 001001984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2018-04-11 18:26 - 2018-02-08 19:42 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2018-04-11 18:26 - 2018-02-08 19:40 - 001096192 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-04-11 18:26 - 2018-02-08 19:38 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-04-11 18:26 - 2018-02-08 19:27 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2018-04-11 18:26 - 2018-02-08 19:24 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-04-11 18:26 - 2018-02-08 19:03 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2018-04-11 18:26 - 2018-02-08 19:03 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2018-04-11 18:26 - 2018-01-25 16:19 - 000995272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-04-11 18:26 - 2018-01-25 16:14 - 000922944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-04-11 18:24 - 2018-03-16 20:51 - 000144000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-04-11 18:24 - 2018-03-14 15:23 - 001993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-04-11 18:24 - 2018-03-14 15:23 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-04-11 18:24 - 2018-03-14 15:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-04-11 18:24 - 2018-03-14 15:23 - 000656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-04-11 18:24 - 2018-03-14 15:23 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-04-11 18:24 - 2018-03-14 15:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2018-04-11 18:24 - 2018-03-14 15:23 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-04-11 18:24 - 2018-03-14 15:23 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-04-11 18:24 - 2018-03-14 15:23 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-05-05 15:20 - 2014-09-24 18:23 - 000005426 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-05 15:20 - 2014-09-24 17:39 - 000732608 _____ C:\WINDOWS\system32\perfh005.dat
2018-05-05 15:20 - 2014-09-24 17:39 - 000149518 _____ C:\WINDOWS\system32\perfc005.dat
2018-05-05 15:20 - 2013-06-26 21:21 - 000000000 ____D C:\Users\admin\AppData\Local\GHISLER
2018-05-05 14:48 - 2014-10-20 11:54 - 001841860 _____ C:\WINDOWS\ntbtlog.txt
2018-05-05 14:43 - 2015-08-29 14:25 - 000000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0e255bd4c6ddf.job
2018-05-05 14:43 - 2013-06-26 19:18 - 000000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2018-05-05 14:42 - 2016-02-02 18:30 - 000000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d15dd7f79d79c.job
2018-05-05 14:42 - 2015-05-17 14:18 - 000000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0909ba687ea90.job
2018-05-05 14:42 - 2014-05-28 09:57 - 000000388 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_0414c_rmv.job
2018-05-05 14:42 - 2014-05-28 09:57 - 000000388 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_0414c_rel.job
2018-05-05 14:42 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-05 14:37 - 2012-12-08 04:39 - 000000000 ____D C:\Users\admin\AppData\LocalLow\AuthenTec
2018-05-05 14:30 - 2013-10-01 09:26 - 001129984 ___SH C:\Users\admin\Desktop\Thumbs.db
2018-05-05 14:30 - 2013-06-26 19:18 - 000000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2018-05-05 14:01 - 2017-12-10 21:43 - 343742297 _____ C:\WINDOWS\MEMORY.DMP
2018-05-05 13:59 - 2012-10-26 13:35 - 004020617 _____ C:\ProgramData\MH_ErrorLog.txt
2018-05-05 13:57 - 2013-11-13 15:54 - 000000000 ___RD C:\Users\admin\Dropbox
2018-05-05 13:49 - 2014-11-05 13:16 - 000000000 ____D C:\Users\admin
2018-05-05 13:38 - 2013-10-18 14:01 - 000000000 ____D C:\Users\admin\AppData\Roaming\Seznam.cz
2018-05-05 13:21 - 2015-06-28 20:16 - 000000932 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-736925393-32956484-3246383293-1001UA.job
2018-05-05 13:17 - 2017-12-10 21:44 - 000000000 ____D C:\WINDOWS\Minidump
2018-05-02 17:57 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2018-05-01 21:08 - 2016-05-11 18:31 - 000003050 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d1aba28685bd79
2018-04-27 07:29 - 2012-12-07 23:43 - 000003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-736925393-32956484-3246383293-1001
2018-04-27 00:33 - 2013-06-26 19:19 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-04-27 00:33 - 2013-06-26 19:19 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-04-23 21:25 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-04-17 21:12 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
2018-04-17 20:52 - 2018-02-20 19:41 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-04-17 20:51 - 2013-08-22 16:44 - 000521696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-04-17 20:45 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData
2018-04-11 19:56 - 2013-09-28 15:59 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-04-11 19:51 - 2013-07-18 18:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-04-11 19:41 - 2017-10-12 21:29 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-04-11 19:41 - 2012-12-16 20:36 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-04-11 19:41 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-04-11 19:34 - 2012-07-26 07:26 - 000000167 _____ C:\WINDOWS\win.ini
==================== Files in the root of some directories =======
2012-12-08 04:40 - 2012-12-12 15:52 - 000001524 _____ () C:\Users\admin\AppData\Roaming\AbsoluteReminder.xml
2013-07-08 23:39 - 2015-06-07 20:41 - 000012288 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Files to move or delete:
====================
C:\Users\admin\AppData\Local\Temp\dlusb_launcherC120.exe
Some files in TEMP:
====================
2018-01-11 18:48 - 2011-07-25 11:30 - 000434176 _____ () C:\Users\admin\AppData\Local\Temp\awiscale.dll
2018-01-11 18:48 - 2011-09-15 14:08 - 000147456 _____ () C:\Users\admin\AppData\Local\Temp\DLCapAPI.dll
2018-01-11 18:48 - 2011-10-06 04:28 - 000110592 _____ (Grain Media, Inc.) C:\Users\admin\AppData\Local\Temp\dlusb_launcherC120.exe
2018-05-02 17:59 - 2018-05-02 17:59 - 000000000 _____ () C:\Users\admin\AppData\Local\Temp\x5nvllvu.dll
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\nsprs.dll
C:\Windows\SysWOW64\serauth1.dll
C:\Windows\SysWOW64\serauth2.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-03 19:35
==================== End of FRST.txt ============================
Stiahni AdwCleaner: