Ztráta dat
Napsal: 15 črc 2018 21:30
Zdravím ztratila se mi všechna data z části pevného disku, a mám 2 otázky: 1. Co to způsobilo 2. Zda lze data získat zpět. Děkuji za pomoc.
Log zde:Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.07.2018
Ran by Honza23 (administrator) on HONZA23-PC (15-07-2018 22:23:11)
Running from C:\Users\Honza23\Desktop\SERVIS COMP
Loaded Profiles: Honza23 (Available Profiles: Honza23)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\AsusWSPanel.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-07-15] (AVAST Software)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-06-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\AsusWSPanel.exe [3417984 2012-05-17] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd)
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: H - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {2dc9cb8e-967e-11e3-867b-50465ddb6ba6} - I:\autorun.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {2dc9cb92-967e-11e3-867b-50465ddb6ba6} - D:\autorun.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {2f4f1274-5f58-11e8-98be-50465ddb6ba6} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {3d984395-61c0-11e8-81b8-50465ddb6ba6} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {4c261314-a14b-11e7-8bc4-50465ddb6ba6} - G:\autorun.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {60675448-56d3-11e8-9814-50465ddb6ba6} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {60675465-56d3-11e8-9814-50465ddb6ba6} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4BEFD505-647D-4AD0-90FC-8C43D4CCE8E3}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{9ABF9E5E-300B-481F-8A24-4335870CBA37}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1544955830-4211015516-3942192515-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-07-15] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-07-15] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
FireFox:
========
FF ProfilePath: C:\Users\Honza23\AppData\Roaming\Mozilla\Firefox\Profiles\giqmo9xt.default [2018-07-15]
FF Homepage: Mozilla\Firefox\Profiles\giqmo9xt.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\giqmo9xt.default -> about:newtab
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Honza23\AppData\Roaming\Mozilla\Firefox\Profiles\giqmo9xt.default\Extensions\sko-extension@firma.seznam.cz.xpi [2017-11-29]
FF Extension: (Avast SafePrice) - C:\Users\Honza23\AppData\Roaming\Mozilla\Firefox\Profiles\giqmo9xt.default\Extensions\sp@avast.com.xpi [2018-06-06]
FF Extension: (Avast Online Security) - C:\Users\Honza23\AppData\Roaming\Mozilla\Firefox\Profiles\giqmo9xt.default\Extensions\wrc@avast.com.xpi [2018-05-25]
FF Extension: (Adblock Plus) - C:\Users\Honza23\AppData\Roaming\Mozilla\Firefox\Profiles\giqmo9xt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-05-17]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Honza23\AppData\Roaming\Mozilla\Firefox\Profiles\giqmo9xt.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-25]
FF Extension: (WebCompat Reporter) - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi [2018-07-15] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-10] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> E:\Picasa3\npPicasa3.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2013-02-14] (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default [2018-07-12]
CHR Extension: (Prezentace) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-25]
CHR Extension: (Dokumenty) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-18]
CHR Extension: (Disk Google) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-18]
CHR Extension: (YouTube) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-18]
CHR Extension: (Avast SafePrice) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-06-18]
CHR Extension: (Tabulky) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-04-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-06-18]
CHR Extension: (Avast Online Security) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-18]
CHR Extension: (Gmail) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-18]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-07-15] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-08] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-07-15] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-08] (AVAST Software)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [197160 2018-07-15] (AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdrivera.sys [229392 2018-07-15] (AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsha.sys [201328 2018-07-15] (AVAST Software)
R0 aswblog; C:\windows\System32\drivers\aswbloga.sys [346664 2018-07-15] (AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniva.sys [59592 2018-07-15] (AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [239680 2018-07-15] (AVAST Software)
S3 aswHwid; C:\windows\System32\drivers\aswHwid.sys [46976 2018-07-15] (AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [159640 2018-07-15] (AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [111872 2018-07-15] (AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [85968 2018-07-15] (AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [1027728 2018-07-15] (AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [463080 2018-07-15] (AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [211160 2018-07-15] (AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [381584 2018-07-15] (AVAST Software)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-15] (Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2017-07-26] (Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\windows\System32\DRIVERS\ZDDriver.sys [122496 2010-01-20] (ZD Secret Incorporated)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [253880 2018-02-25] (Malwarebytes)
R3 netr28x; C:\windows\System32\DRIVERS\netr28x.sys [2473616 2014-12-10] (MediaTek Inc.)
S3 Secdrv; C:\windows\SysWOW64\drivers\SECDRV.SYS [11616 2001-08-03] () [File not signed]
S0 sptd; C:\windows\System32\Drivers\sptd.sys [868848 2014-02-15] (Duplex Secure Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-10-16] ()
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-07-15 22:01 - 2018-07-15 22:00 - 000378072 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2018-07-11 17:56 - 2018-07-11 17:56 - 000000000 ____D C:\Users\Honza23\AppData\Local\{96CF92D9-D14D-40AF-8184-6BA144B76FE3}
2018-06-18 20:50 - 2018-06-18 20:50 - 021572217 _____ C:\Users\Honza23\Downloads\classroom-399587-a.zip
2018-06-18 20:38 - 2018-06-18 20:38 - 015582663 _____ C:\Users\Honza23\Downloads\classroom-95380-a.zip
2018-06-18 11:37 - 2018-06-18 11:37 - 000211715 _____ C:\Users\Honza23\Downloads\Nabídka_1000113657020001.pdf
2018-06-17 23:27 - 2018-06-17 23:27 - 000000000 ____D C:\Users\Honza23\AppData\Local\{E947C105-CDFB-4276-99EF-21F0B9C1074E}
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-07-15 22:23 - 2018-02-22 21:33 - 000000000 ____D C:\Users\Honza23\Desktop\SERVIS COMP
2018-07-15 22:23 - 2016-10-07 16:53 - 000000000 ____D C:\FRST
2018-07-15 22:19 - 2016-11-19 00:44 - 000000000 ____D C:\Users\Honza23\AppData\LocalLow\Mozilla
2018-07-15 22:18 - 2016-09-26 18:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-07-15 22:12 - 2009-07-14 06:45 - 000018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-07-15 22:12 - 2009-07-14 06:45 - 000018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-07-15 22:06 - 2018-04-08 19:19 - 000000000 ____D C:\Users\Honza23\AppData\Local\AVAST Software
2018-07-15 22:03 - 2013-05-16 23:18 - 000000380 _____ C:\Users\Honza23\AppData\Roaming\sp_data.sys
2018-07-15 22:02 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-07-15 22:01 - 2017-03-20 18:50 - 000003910 _____ C:\windows\System32\Tasks\Avast Emergency Update
2018-07-15 22:00 - 2017-11-17 12:37 - 000197160 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2018-07-15 22:00 - 2016-11-01 21:09 - 001027728 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2018-07-15 22:00 - 2016-11-01 21:09 - 000463080 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2018-07-15 22:00 - 2016-11-01 21:09 - 000381584 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2018-07-15 22:00 - 2016-11-01 21:09 - 000211160 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2018-07-15 22:00 - 2016-11-01 21:09 - 000159640 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2018-07-15 22:00 - 2016-11-01 21:09 - 000111872 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2018-07-15 22:00 - 2016-11-01 21:09 - 000085968 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2018-07-15 22:00 - 2016-11-01 21:09 - 000046976 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2018-07-15 21:59 - 2017-10-16 14:36 - 000239680 _____ (AVAST Software) C:\windows\system32\Drivers\aswHdsKe.sys
2018-07-15 21:59 - 2017-03-20 18:50 - 000346664 _____ (AVAST Software) C:\windows\system32\Drivers\aswbloga.sys
2018-07-15 21:59 - 2017-03-20 18:50 - 000229392 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdrivera.sys
2018-07-15 21:59 - 2017-03-20 18:50 - 000201328 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsha.sys
2018-07-15 21:59 - 2017-03-20 18:50 - 000059592 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniva.sys
2018-07-15 21:24 - 2013-06-18 15:07 - 000203776 _____ C:\Users\Honza23\Desktop\Výpočet dodák 2.xls
2018-07-15 20:28 - 2011-02-19 07:36 - 000672408 _____ C:\windows\system32\perfh005.dat
2018-07-15 20:28 - 2011-02-19 07:36 - 000142972 _____ C:\windows\system32\perfc005.dat
2018-07-15 20:28 - 2009-07-14 07:13 - 001593302 _____ C:\windows\system32\PerfStringBackup.INI
2018-07-15 20:28 - 2009-07-14 05:20 - 000000000 ____D C:\windows\inf
2018-07-12 19:09 - 2018-02-18 12:27 - 000000000 ____D C:\Users\Honza23\Desktop\Foto různé
2018-07-12 18:14 - 2015-11-15 11:40 - 000000000 ____D C:\Users\Honza23\Desktop\věci
2018-07-10 17:36 - 2018-03-13 12:24 - 000004536 _____ C:\windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-10 17:36 - 2012-06-27 14:17 - 000842240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2018-07-10 17:36 - 2012-06-27 14:17 - 000175104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-10 17:36 - 2012-06-27 14:17 - 000004312 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-07-10 17:36 - 2012-06-27 14:17 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-07-10 17:36 - 2012-06-27 14:17 - 000000000 ____D C:\windows\system32\Macromed
2018-07-05 11:35 - 2014-01-22 17:49 - 000000000 ____D C:\Users\Honza23\Documents\HiSuite
2018-06-25 21:58 - 2013-06-03 14:28 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-18 20:40 - 2016-10-04 16:58 - 000000000 ____D C:\Users\Honza23\Downloads\sztš
2018-06-18 15:12 - 2014-01-13 19:11 - 000000000 ____D C:\Users\Honza23\AppData\Local\ElevatedDiagnostics
2018-06-17 23:29 - 2018-03-13 17:48 - 000004128 _____ C:\windows\System32\Tasks\CCleaner Update
==================== Files in the root of some directories =======
2013-05-23 16:54 - 2013-05-23 16:54 - 000000021 _____ () C:\Users\Honza23\AppData\Roaming\my_intel.sys
2013-05-16 23:18 - 2018-07-15 22:03 - 000000380 _____ () C:\Users\Honza23\AppData\Roaming\sp_data.sys
2015-12-30 17:26 - 2015-12-30 17:26 - 000033193 _____ () C:\Users\Honza23\AppData\Roaming\UserTile.png
2014-02-19 21:10 - 2018-04-27 14:32 - 000007595 _____ () C:\Users\Honza23\AppData\Local\Resmon.ResmonCfg
2018-01-10 12:13 - 2018-01-10 12:13 - 000000000 _____ () C:\Users\Honza23\AppData\Local\{B8CBBB76-99A3-41F0-B54B-5057AB3C1F71}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-07-08 21:18
==================== End of FRST.txt ============================
Log zde:Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.07.2018
Ran by Honza23 (administrator) on HONZA23-PC (15-07-2018 22:23:11)
Running from C:\Users\Honza23\Desktop\SERVIS COMP
Loaded Profiles: Honza23 (Available Profiles: Honza23)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\AsusWSPanel.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-07-15] (AVAST Software)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-06-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\AsusWSPanel.exe [3417984 2012-05-17] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd)
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: H - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {2dc9cb8e-967e-11e3-867b-50465ddb6ba6} - I:\autorun.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {2dc9cb92-967e-11e3-867b-50465ddb6ba6} - D:\autorun.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {2f4f1274-5f58-11e8-98be-50465ddb6ba6} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {3d984395-61c0-11e8-81b8-50465ddb6ba6} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {4c261314-a14b-11e7-8bc4-50465ddb6ba6} - G:\autorun.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {60675448-56d3-11e8-9814-50465ddb6ba6} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {60675465-56d3-11e8-9814-50465ddb6ba6} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4BEFD505-647D-4AD0-90FC-8C43D4CCE8E3}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{9ABF9E5E-300B-481F-8A24-4335870CBA37}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1544955830-4211015516-3942192515-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-07-15] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-07-15] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
FireFox:
========
FF ProfilePath: C:\Users\Honza23\AppData\Roaming\Mozilla\Firefox\Profiles\giqmo9xt.default [2018-07-15]
FF Homepage: Mozilla\Firefox\Profiles\giqmo9xt.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\giqmo9xt.default -> about:newtab
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Honza23\AppData\Roaming\Mozilla\Firefox\Profiles\giqmo9xt.default\Extensions\sko-extension@firma.seznam.cz.xpi [2017-11-29]
FF Extension: (Avast SafePrice) - C:\Users\Honza23\AppData\Roaming\Mozilla\Firefox\Profiles\giqmo9xt.default\Extensions\sp@avast.com.xpi [2018-06-06]
FF Extension: (Avast Online Security) - C:\Users\Honza23\AppData\Roaming\Mozilla\Firefox\Profiles\giqmo9xt.default\Extensions\wrc@avast.com.xpi [2018-05-25]
FF Extension: (Adblock Plus) - C:\Users\Honza23\AppData\Roaming\Mozilla\Firefox\Profiles\giqmo9xt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-05-17]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Honza23\AppData\Roaming\Mozilla\Firefox\Profiles\giqmo9xt.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-25]
FF Extension: (WebCompat Reporter) - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi [2018-07-15] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-10] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> E:\Picasa3\npPicasa3.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2013-02-14] (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default [2018-07-12]
CHR Extension: (Prezentace) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-25]
CHR Extension: (Dokumenty) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-18]
CHR Extension: (Disk Google) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-18]
CHR Extension: (YouTube) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-18]
CHR Extension: (Avast SafePrice) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-06-18]
CHR Extension: (Tabulky) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-04-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-06-18]
CHR Extension: (Avast Online Security) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-18]
CHR Extension: (Gmail) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-18]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-07-15] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-08] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-07-15] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-08] (AVAST Software)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [197160 2018-07-15] (AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdrivera.sys [229392 2018-07-15] (AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsha.sys [201328 2018-07-15] (AVAST Software)
R0 aswblog; C:\windows\System32\drivers\aswbloga.sys [346664 2018-07-15] (AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniva.sys [59592 2018-07-15] (AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [239680 2018-07-15] (AVAST Software)
S3 aswHwid; C:\windows\System32\drivers\aswHwid.sys [46976 2018-07-15] (AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [159640 2018-07-15] (AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [111872 2018-07-15] (AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [85968 2018-07-15] (AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [1027728 2018-07-15] (AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [463080 2018-07-15] (AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [211160 2018-07-15] (AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [381584 2018-07-15] (AVAST Software)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-15] (Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2017-07-26] (Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\windows\System32\DRIVERS\ZDDriver.sys [122496 2010-01-20] (ZD Secret Incorporated)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [253880 2018-02-25] (Malwarebytes)
R3 netr28x; C:\windows\System32\DRIVERS\netr28x.sys [2473616 2014-12-10] (MediaTek Inc.)
S3 Secdrv; C:\windows\SysWOW64\drivers\SECDRV.SYS [11616 2001-08-03] () [File not signed]
S0 sptd; C:\windows\System32\Drivers\sptd.sys [868848 2014-02-15] (Duplex Secure Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-10-16] ()
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-07-15 22:01 - 2018-07-15 22:00 - 000378072 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2018-07-11 17:56 - 2018-07-11 17:56 - 000000000 ____D C:\Users\Honza23\AppData\Local\{96CF92D9-D14D-40AF-8184-6BA144B76FE3}
2018-06-18 20:50 - 2018-06-18 20:50 - 021572217 _____ C:\Users\Honza23\Downloads\classroom-399587-a.zip
2018-06-18 20:38 - 2018-06-18 20:38 - 015582663 _____ C:\Users\Honza23\Downloads\classroom-95380-a.zip
2018-06-18 11:37 - 2018-06-18 11:37 - 000211715 _____ C:\Users\Honza23\Downloads\Nabídka_1000113657020001.pdf
2018-06-17 23:27 - 2018-06-17 23:27 - 000000000 ____D C:\Users\Honza23\AppData\Local\{E947C105-CDFB-4276-99EF-21F0B9C1074E}
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-07-15 22:23 - 2018-02-22 21:33 - 000000000 ____D C:\Users\Honza23\Desktop\SERVIS COMP
2018-07-15 22:23 - 2016-10-07 16:53 - 000000000 ____D C:\FRST
2018-07-15 22:19 - 2016-11-19 00:44 - 000000000 ____D C:\Users\Honza23\AppData\LocalLow\Mozilla
2018-07-15 22:18 - 2016-09-26 18:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-07-15 22:12 - 2009-07-14 06:45 - 000018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-07-15 22:12 - 2009-07-14 06:45 - 000018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-07-15 22:06 - 2018-04-08 19:19 - 000000000 ____D C:\Users\Honza23\AppData\Local\AVAST Software
2018-07-15 22:03 - 2013-05-16 23:18 - 000000380 _____ C:\Users\Honza23\AppData\Roaming\sp_data.sys
2018-07-15 22:02 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-07-15 22:01 - 2017-03-20 18:50 - 000003910 _____ C:\windows\System32\Tasks\Avast Emergency Update
2018-07-15 22:00 - 2017-11-17 12:37 - 000197160 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2018-07-15 22:00 - 2016-11-01 21:09 - 001027728 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2018-07-15 22:00 - 2016-11-01 21:09 - 000463080 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2018-07-15 22:00 - 2016-11-01 21:09 - 000381584 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2018-07-15 22:00 - 2016-11-01 21:09 - 000211160 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2018-07-15 22:00 - 2016-11-01 21:09 - 000159640 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2018-07-15 22:00 - 2016-11-01 21:09 - 000111872 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2018-07-15 22:00 - 2016-11-01 21:09 - 000085968 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2018-07-15 22:00 - 2016-11-01 21:09 - 000046976 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2018-07-15 21:59 - 2017-10-16 14:36 - 000239680 _____ (AVAST Software) C:\windows\system32\Drivers\aswHdsKe.sys
2018-07-15 21:59 - 2017-03-20 18:50 - 000346664 _____ (AVAST Software) C:\windows\system32\Drivers\aswbloga.sys
2018-07-15 21:59 - 2017-03-20 18:50 - 000229392 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdrivera.sys
2018-07-15 21:59 - 2017-03-20 18:50 - 000201328 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsha.sys
2018-07-15 21:59 - 2017-03-20 18:50 - 000059592 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniva.sys
2018-07-15 21:24 - 2013-06-18 15:07 - 000203776 _____ C:\Users\Honza23\Desktop\Výpočet dodák 2.xls
2018-07-15 20:28 - 2011-02-19 07:36 - 000672408 _____ C:\windows\system32\perfh005.dat
2018-07-15 20:28 - 2011-02-19 07:36 - 000142972 _____ C:\windows\system32\perfc005.dat
2018-07-15 20:28 - 2009-07-14 07:13 - 001593302 _____ C:\windows\system32\PerfStringBackup.INI
2018-07-15 20:28 - 2009-07-14 05:20 - 000000000 ____D C:\windows\inf
2018-07-12 19:09 - 2018-02-18 12:27 - 000000000 ____D C:\Users\Honza23\Desktop\Foto různé
2018-07-12 18:14 - 2015-11-15 11:40 - 000000000 ____D C:\Users\Honza23\Desktop\věci
2018-07-10 17:36 - 2018-03-13 12:24 - 000004536 _____ C:\windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-10 17:36 - 2012-06-27 14:17 - 000842240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2018-07-10 17:36 - 2012-06-27 14:17 - 000175104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-10 17:36 - 2012-06-27 14:17 - 000004312 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-07-10 17:36 - 2012-06-27 14:17 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-07-10 17:36 - 2012-06-27 14:17 - 000000000 ____D C:\windows\system32\Macromed
2018-07-05 11:35 - 2014-01-22 17:49 - 000000000 ____D C:\Users\Honza23\Documents\HiSuite
2018-06-25 21:58 - 2013-06-03 14:28 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-18 20:40 - 2016-10-04 16:58 - 000000000 ____D C:\Users\Honza23\Downloads\sztš
2018-06-18 15:12 - 2014-01-13 19:11 - 000000000 ____D C:\Users\Honza23\AppData\Local\ElevatedDiagnostics
2018-06-17 23:29 - 2018-03-13 17:48 - 000004128 _____ C:\windows\System32\Tasks\CCleaner Update
==================== Files in the root of some directories =======
2013-05-23 16:54 - 2013-05-23 16:54 - 000000021 _____ () C:\Users\Honza23\AppData\Roaming\my_intel.sys
2013-05-16 23:18 - 2018-07-15 22:03 - 000000380 _____ () C:\Users\Honza23\AppData\Roaming\sp_data.sys
2015-12-30 17:26 - 2015-12-30 17:26 - 000033193 _____ () C:\Users\Honza23\AppData\Roaming\UserTile.png
2014-02-19 21:10 - 2018-04-27 14:32 - 000007595 _____ () C:\Users\Honza23\AppData\Local\Resmon.ResmonCfg
2018-01-10 12:13 - 2018-01-10 12:13 - 000000000 _____ () C:\Users\Honza23\AppData\Local\{B8CBBB76-99A3-41F0-B54B-5057AB3C1F71}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-07-08 21:18
==================== End of FRST.txt ============================
