Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-11-2015
Ran by Moravskesluzby.cz (administrator) on MUS (28-11-2015 16:19:45)
Running from C:\Users\Moravskesluzby.cz\Downloads
Loaded Profiles: Moravskesluzby.cz (Available Profiles: Moravskesluzby.cz)
Platform: Windows 8.1 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [453448 2014-08-13] ()
HKLM\...\Run: [HotKeysCmds] => "C:\windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\windows\system32\igfxpers.exe"
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2014-01-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2014-01-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2014-01-08] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2013-11-09] (Realtek semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-02-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-02-11] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7004376 2015-11-28] (AVAST Software)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2463396478-638413890-950990422-1001\...\Run: [T-Mobile Communication Centre] => C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [1347496 2010-03-02] (Gemfor s.r.o.)
HKU\S-1-5-21-2463396478-638413890-950990422-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-04-30] (TomTom)
HKU\S-1-5-21-2463396478-638413890-950990422-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2463396478-638413890-950990422-1001\...\MountPoints2: {061f8eb0-9a2b-11e4-8277-fcf8ae9a50aa} - "E:\Autorun.exe"
HKU\S-1-5-21-2463396478-638413890-950990422-1001\...\MountPoints2: {22f85b4f-41a6-11e4-825c-fcf8ae9a50aa} - "E:\Autorun.exe"
HKU\S-1-5-21-2463396478-638413890-950990422-1001\...\MountPoints2: {22f87608-41a6-11e4-825c-fcf8ae9a50aa} - "F:\Autorun.exe"
HKU\S-1-5-21-2463396478-638413890-950990422-1001\...\MountPoints2: {256d0598-46e8-11e4-825c-fcf8ae9a50aa} - "F:\Autorun.exe"
HKU\S-1-5-21-2463396478-638413890-950990422-1001\...\MountPoints2: {2f650a16-5a8e-11e4-8263-fcf8ae9a50aa} - "E:\Autorun.exe"
HKU\S-1-5-21-2463396478-638413890-950990422-1001\...\MountPoints2: {3d42b5b5-4fa7-11e4-825f-fcf8ae9a50a6} - "F:\Autorun.exe"
HKU\S-1-5-21-2463396478-638413890-950990422-1001\...\MountPoints2: {538b5131-3f43-11e4-8258-c4544427ae85} - "F:\Autorun.exe"
HKU\S-1-5-21-2463396478-638413890-950990422-1001\...\MountPoints2: {538b51e4-3f43-11e4-8258-c4544427ae85} - "F:\Autorun.exe"
HKU\S-1-5-21-2463396478-638413890-950990422-1001\...\MountPoints2: {6c0ddd77-2be7-11e5-82a7-fcf8ae9a50aa} - "E:\Autorun.exe"
HKU\S-1-5-21-2463396478-638413890-950990422-1001\...\MountPoints2: {8c8612c7-ded5-11e4-828d-fcf8ae9a50aa} - "E:\Autorun.exe"
HKU\S-1-5-21-2463396478-638413890-950990422-1001\...\MountPoints2: {c893e0f5-7a28-11e5-82bd-fcf8ae9a50aa} - "E:\autorun.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-11-28] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2015-11-28]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6213C738-918D-4CEA-B0A4-D588EC011F70}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D80BE040-95D7-457F-9DC2-939FF46C2614}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2463396478-638413890-950990422-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhomeHKU\S-1-5-21-2463396478-638413890-950990422-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
hxxp://www.lenovo.comHKU\S-1-5-21-2463396478-638413890-950990422-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
hxxp://www.lenovo.comURLSearchHook: [S-1-5-21-2463396478-638413890-950990422-1001] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2463396478-638413890-950990422-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL =
hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2463396478-638413890-950990422-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL =
hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-28] (AVAST Software)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-28] (AVAST Software)
FireFox:
========
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-11-28]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-11-28]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
Chrome:
=======
CHR Profile: C:\Users\Moravskesluzby.cz\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Moravskesluzby.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-28]
CHR Extension: (Dokumenty Google) - C:\Users\Moravskesluzby.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-28]
CHR Extension: (Disk Google) - C:\Users\Moravskesluzby.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-28]
CHR Extension: (YouTube) - C:\Users\Moravskesluzby.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Moravskesluzby.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-28]
CHR Extension: (Tabulky Google) - C:\Users\Moravskesluzby.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Moravskesluzby.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-28]
CHR Extension: (Avast Online Security) - C:\Users\Moravskesluzby.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Moravskesluzby.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-28]
CHR Extension: (Gmail) - C:\Users\Moravskesluzby.cz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-28]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ameisvc; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [67312 2010-03-02] (Gemfor s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [174416 2015-11-28] (AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324424 2014-08-13] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-19] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-02] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [163624 2013-10-18] (PointGrab LTD)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-02-11] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
S4 McMPFSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 McNaiAnn; "C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 mfecore; "C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe" [X]
S4 MSK80Service; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-11-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-11-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-11-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-11-28] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [154256 2015-11-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-11-28] (AVAST Software)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [62976 2013-08-22] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-06] (Motorola Solutions, Inc.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-25] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [100072 2013-08-03] (GenesysLogic)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-09-04] (LogMeIn Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [118728 2013-09-19] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-02] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-02] ()
R3 INETMON; C:\windows\System32\Drivers\INETMON.sys [29088 2013-08-02] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-02] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-28] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
U5 mfencbdc; C:\Windows\System32\Drivers\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3607520 2013-10-14] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8876248 2013-11-09] (Realtek Semiconductor Corp.)
R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-11] (Synaptics Incorporated)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [867064 2015-11-15] (Duplex Secure Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 hwusbdev; \SystemRoot\system32\DRIVERS\ewusbdev.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-28 16:19 - 2015-11-28 16:20 - 00021195 _____ C:\Users\Moravskesluzby.cz\Downloads\FRST.txt
2015-11-28 16:19 - 2015-11-28 16:19 - 00000000 ____D C:\FRST
2015-11-28 16:18 - 2015-11-28 16:18 - 02349056 _____ (Farbar) C:\Users\Moravskesluzby.cz\Downloads\FRST64.exe
2015-11-28 16:16 - 2015-11-28 16:16 - 00010922 _____ C:\Users\Moravskesluzby.cz\Desktop\zoek-results.txt
2015-11-28 16:13 - 2015-11-28 15:55 - 00024064 _____ C:\windows\zoek-delete.exe
2015-11-28 15:55 - 2015-11-28 16:12 - 00000000 ____D C:\zoek_backup
2015-11-28 15:53 - 2015-11-28 15:53 - 00008432 _____ C:\Users\Moravskesluzby.cz\Desktop\rogue.txt
2015-11-28 15:38 - 2015-11-28 15:39 - 01309184 _____ C:\Users\Moravskesluzby.cz\Desktop\zoek.exe
2015-11-28 12:35 - 2015-11-28 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Final Doom - Plutonia (ZDoom engine)
2015-11-28 12:34 - 2015-11-28 12:35 - 00000000 ____D C:\Program Files (x86)\Final ZDoom - Plutonia
2015-11-28 11:59 - 2015-11-28 15:38 - 00037624 _____ C:\windows\system32\Drivers\TrueSight.sys
2015-11-28 11:59 - 2015-11-28 12:00 - 00000000 ____D C:\ProgramData\RogueKiller
2015-11-28 11:59 - 2015-11-28 11:59 - 23719496 _____ C:\Users\Moravskesluzby.cz\Downloads\RogueKillerX64.exe
2015-11-28 11:57 - 2015-11-28 11:57 - 00001193 _____ C:\Users\Moravskesluzby.cz\Desktop\JRT1.txt
2015-11-28 11:57 - 2015-11-28 11:57 - 00001193 _____ C:\Users\Moravskesluzby.cz\Desktop\JRT.txt
2015-11-28 11:52 - 2015-11-28 11:52 - 01599336 _____ (Malwarebytes) C:\Users\Moravskesluzby.cz\Downloads\JRT.exe
2015-11-28 11:50 - 2015-11-28 11:50 - 00000080 _____ C:\Users\Moravskesluzby.cz\Desktop\uTorrent.lnk
2015-11-28 11:50 - 2015-11-28 11:50 - 00000080 _____ C:\Users\Moravskesluzby.cz\AppData\Roaming\Microsoft\Windows\Start Menu\uTorrent.lnk
2015-11-28 11:31 - 2015-11-28 11:32 - 00000666 _____ C:\Users\Moravskesluzby.cz\Desktop\AdwCleaner[S3].txt
2015-11-28 10:38 - 2015-11-28 11:37 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-28 10:37 - 2015-11-28 11:51 - 00001119 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-28 10:37 - 2015-11-28 10:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-28 10:37 - 2015-11-28 10:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-28 10:37 - 2015-11-28 10:37 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Moravskesluzby.cz\Downloads\mbam-setup-2.1.4.1018.exe
2015-11-28 10:37 - 2015-11-28 10:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-28 10:37 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2015-11-28 10:37 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-11-28 10:37 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2015-11-28 10:33 - 2015-11-28 10:33 - 22908888 _____ (Malwarebytes ) C:\Users\Moravskesluzby.cz\Downloads\Nepotvrzeno 806780.crdownload
2015-11-28 10:32 - 2015-11-28 10:32 - 00000758 _____ C:\Users\Moravskesluzby.cz\Desktop\AdwCleaner[C2].txt
2015-11-28 10:30 - 2015-11-28 10:30 - 01733632 _____ C:\Users\Moravskesluzby.cz\Downloads\adwcleaner_5.022 (2).exe
2015-11-28 10:26 - 2015-11-28 10:26 - 01733632 _____ C:\Users\Moravskesluzby.cz\Downloads\adwcleaner_5.022 (1).exe
2015-11-28 10:20 - 2015-11-28 11:51 - 00000913 _____ C:\Users\Moravskesluzby.cz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Temp File Cleaner.lnk
2015-11-28 10:20 - 2015-11-28 11:50 - 00000907 _____ C:\Users\Moravskesluzby.cz\Desktop\Temp File Cleaner.lnk
2015-11-28 10:20 - 2015-11-28 10:20 - 02073320 _____ C:\Users\Moravskesluzby.cz\Downloads\TempFileCleaner_4.4.0_Setup.exe
2015-11-28 10:20 - 2015-11-28 10:20 - 00000000 ____D C:\Users\Moravskesluzby.cz\AppData\Roaming\addpcs
2015-11-28 10:20 - 2015-11-28 10:20 - 00000000 ____D C:\Program Files\Temp File Cleaner
2015-11-28 00:13 - 2015-11-28 00:13 - 00388608 _____ (Trend Micro Inc.) C:\Users\Moravskesluzby.cz\Downloads\hijackthis.exe
2015-11-28 00:02 - 2015-11-28 00:02 - 00386096 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2015-11-28 00:02 - 2015-11-28 00:02 - 00043112 _____ (AVAST Software) C:\windows\avastSS.scr
2015-11-27 23:59 - 2015-11-27 23:59 - 04372040 _____ (UltimateOutsider) C:\Users\Moravskesluzby.cz\Downloads\GWX_stopper.exe
2015-11-27 23:26 - 2015-11-28 11:36 - 00000000 ____D C:\AdwCleaner
2015-11-27 23:26 - 2015-11-27 23:26 - 01733632 _____ C:\Users\Moravskesluzby.cz\Downloads\adwcleaner_5.022.exe
2015-11-27 23:20 - 2015-11-27 23:20 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Moravskesluzby.cz\Downloads\SpyHunter-Installer.exe
2015-11-27 23:11 - 2015-11-27 23:12 - 14045413 _____ C:\Users\Moravskesluzby.cz\Downloads\Final_Doom-The_Plutonia_Experiment_with_engine_ZDoom_for_Windows_7_32bit-64bit.rar
2015-11-27 23:06 - 2015-11-28 16:15 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-11-27 23:06 - 2015-11-27 23:07 - 00000129 _____ C:\windows\SysWOW64\L
2015-11-27 23:06 - 2015-11-27 23:06 - 00000008 __RSH C:\Users\Moravskesluzby.cz\ntuser.pol
2015-11-27 23:05 - 2015-11-27 23:05 - 00000000 ____D C:\Users\Moravskesluzby.cz\Downloads\Torrentex
2015-11-26 13:57 - 2015-11-26 13:57 - 00390244 _____ C:\Users\Moravskesluzby.cz\Downloads\19_ZDROJE_FINANCOVÁNÍ_MAJETKU (1).pptx
2015-11-26 13:26 - 2015-11-26 13:26 - 00236281 _____ C:\Users\Moravskesluzby.cz\Downloads\32-10-21.pptx
2015-11-22 15:06 - 2015-11-22 15:06 - 00000000 ____D C:\Users\Moravskesluzby.cz\Downloads\Hercules_0
2015-11-22 14:59 - 2015-11-22 15:15 - 383930950 _____ C:\Users\Moravskesluzby.cz\Downloads\Crash_Bandicoot_Wrath_Of_Cortex_PAL__DVD_.rar
2015-11-22 14:55 - 2015-11-22 14:55 - 00000000 ____D C:\Users\Moravskesluzby.cz\Downloads\wcx_7zip_0.7.6.5a.bin
2015-11-22 14:54 - 2015-11-22 14:55 - 00612889 _____ C:\Users\Moravskesluzby.cz\Downloads\wcx_7zip_0.7.6.5a.bin.zip
2015-11-22 14:53 - 2015-11-22 14:53 - 01093126 _____ (Igor Pavlov) C:\Users\Moravskesluzby.cz\Downloads\7z1512.exe
2015-11-22 14:53 - 2015-11-22 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-11-22 14:53 - 2015-11-22 14:53 - 00000000 ____D C:\Program Files (x86)\7-Zip
2015-11-22 14:48 - 2015-11-22 14:57 - 221329669 _____ C:\Users\Moravskesluzby.cz\Downloads\Hercules_0.7z
2015-11-22 14:44 - 2015-11-22 14:48 - 109188287 _____ C:\Users\Moravskesluzby.cz\Downloads\HercsAdventures.7z
2015-11-22 14:36 - 2015-11-22 14:42 - 91638234 _____ C:\Users\Moravskesluzby.cz\Downloads\Tom and Jerry in house Trap.rar
2015-11-21 22:04 - 2015-11-21 22:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Alert
2015-11-21 21:58 - 2015-11-21 21:58 - 00000000 ____D C:\Games
2015-11-21 21:56 - 2015-11-21 21:57 - 11107039 _____ (FunkyFr3sh ) C:\Users\Moravskesluzby.cz\Downloads\RA1installer.exe
2015-11-21 21:50 - 2015-11-22 00:58 - 00000000 ____D C:\Users\Moravskesluzby.cz\Downloads\red alert cac
2015-11-21 21:40 - 2015-11-21 22:40 - 361670181 _____ C:\Users\Moravskesluzby.cz\Downloads\red_alert.zip
2015-11-21 21:37 - 2015-11-21 21:45 - 526433084 _____ C:\Users\Moravskesluzby.cz\Downloads\RedAlert1_SovietDisc.rar
2015-11-21 21:35 - 2015-11-21 22:04 - 00000000 ____D C:\Users\Moravskesluzby.cz\Downloads\1.serie
2015-11-21 21:29 - 2015-11-21 21:29 - 00019874 _____ C:\Users\Moravskesluzby.cz\Downloads\[CzT]Command_Conquer_Red_Alert_Datadisky_Counterstike_The_Aftermath_1996_.torrent
2015-11-21 21:23 - 2015-11-21 21:24 - 51431065 _____ C:\Users\Moravskesluzby.cz\Downloads\command-conquer-red-alert_Stare-hry_cz.zip
2015-11-21 17:55 - 2015-11-21 17:55 - 00014790 _____ C:\Users\Moravskesluzby.cz\Downloads\[CzT]Jak_funguji_drogy_Konopi_How_Drugs_Work_Cannabis_1_3_2011_TVRip_.torrent
2015-11-21 17:51 - 2015-11-21 17:51 - 00014114 _____ C:\Users\Moravskesluzby.cz\Downloads\[CzT]Konec_sveta_byl_a_bude_2012_TVRip_ (1).torrent
2015-11-20 20:29 - 2015-11-20 20:29 - 00000000 ____D C:\Users\Moravskesluzby.cz\Desktop\jpeg resampler
2015-11-20 20:28 - 2015-11-20 20:28 - 01338232 _____ C:\Users\Moravskesluzby.cz\Downloads\JR2010.zip
2015-11-20 19:50 - 2015-11-20 23:18 - 00008192 _____ C:\Users\Moravskesluzby.cz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-20 09:09 - 2015-11-20 09:09 - 00000135 _____ C:\Users\Moravskesluzby.cz\Downloads\SwissGroove.m3u
2015-11-19 19:40 - 2015-11-19 20:01 - 00000000 ____D C:\Users\Moravskesluzby.cz\Downloads\gens-win32-bin-2.14
2015-11-19 19:40 - 2015-11-19 19:40 - 02254463 _____ C:\Users\Moravskesluzby.cz\Downloads\sonic2knuckles.zip
2015-11-19 19:39 - 2015-11-19 19:39 - 00587213 _____ C:\Users\Moravskesluzby.cz\Downloads\gens-win32-bin-2.14.zip
2015-11-17 12:55 - 2015-11-17 12:57 - 00000000 ____D C:\Users\Moravskesluzby.cz\Downloads\h114
2015-11-17 10:28 - 2015-11-17 12:49 - 1004560520 _____ C:\Users\Moravskesluzby.cz\Downloads\h114.rar
2015-11-16 19:16 - 2015-11-16 19:16 - 00187624 _____ C:\Users\Moravskesluzby.cz\Downloads\stopangin-pil.pdf
2015-11-16 12:45 - 2015-11-16 12:45 - 00000000 ____D C:\Users\Moravskesluzby.cz\Documents\Doom PS1
2015-11-15 21:16 - 2015-11-15 21:16 - 00000000 ____D C:\Users\Moravskesluzby.cz\Documents\Ashampoo Burning Studio FREE
2015-11-15 21:01 - 2015-11-15 21:01 - 07716056 _____ (Alcohol Soft Development Team) C:\Users\Moravskesluzby.cz\Downloads\Alcohol120_trial_2.0.3.6839.exe
2015-11-15 20:51 - 2015-11-15 21:09 - 00867064 _____ (Duplex Secure Ltd.) C:\windows\system32\Drivers\sptd.sys
2015-11-15 20:47 - 2015-11-15 20:48 - 09140460 _____ C:\Users\Moravskesluzby.cz\Downloads\alkohol-120%.rar
2015-11-15 20:39 - 2015-11-28 11:51 - 00001324 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio FREE.lnk
2015-11-15 20:39 - 2015-11-15 20:39 - 00000000 ____D C:\Users\Moravskesluzby.cz\AppData\Roaming\Ashampoo
2015-11-15 20:39 - 2015-11-15 20:39 - 00000000 ____D C:\Users\Moravskesluzby.cz\AppData\Local\ashampoo
2015-11-15 20:39 - 2015-11-15 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2015-11-15 20:39 - 2015-11-15 20:39 - 00000000 ____D C:\ProgramData\Ashampoo
2015-11-15 20:39 - 2015-11-15 20:39 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2015-11-15 20:34 - 2015-11-15 20:35 - 32884120 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Moravskesluzby.cz\Downloads\ashampoo_burning_studio_free_21520.exe
2015-11-15 18:01 - 2015-11-15 18:01 - 01207668 _____ C:\Users\Moravskesluzby.cz\Downloads\Red.Alert-XP.Patch.zip
2015-11-14 19:18 - 2015-11-15 18:16 - 00000000 ____D C:\Program Files (x86)\Oldgames
2015-11-14 19:17 - 2015-11-14 19:18 - 43740563 _____ (DJ,
dj@oldgames.sk) C:\Users\Moravskesluzby.cz\Downloads\Command.and.Conquer.Red.Alert-www.oldgames.sk-Compilation.exe
2015-11-12 23:57 - 2015-11-13 00:00 - 41205696 _____ C:\Users\Moravskesluzby.cz\Downloads\Atomic-Bomberman.zip
2015-11-12 23:52 - 2015-11-12 23:53 - 09280291 _____ C:\Users\Moravskesluzby.cz\Downloads\atomic-bomberman_95.zip
2015-11-12 23:06 - 2015-11-12 23:06 - 00324487 _____ C:\Users\Moravskesluzby.cz\Downloads\MMO.pdf
2015-11-12 20:38 - 2015-11-12 21:06 - 496988719 _____ C:\Users\Moravskesluzby.cz\Downloads\C2.SLES_109.49.rar
2015-11-12 19:58 - 2015-11-12 19:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doom (ZDoom engine)
2015-11-12 19:57 - 2015-11-12 19:58 - 00000000 ____D C:\Program Files (x86)\ZDoom
2015-11-12 19:54 - 2015-11-12 19:55 - 09968410 _____ C:\Users\Moravskesluzby.cz\Downloads\doom_with_engine_zdoom_for_windows_7_32bit-64bit.rar
2015-11-12 17:10 - 2015-11-12 17:10 - 02637222 _____ C:\Users\Moravskesluzby.cz\Downloads\ZQTD_690_EEC.pdf
2015-11-12 17:07 - 2015-11-12 17:08 - 09198170 _____ C:\Users\Moravskesluzby.cz\Downloads\ZQTD_Baterie_LiFePO4_48V_45Ah.rar
2015-11-11 21:57 - 2015-11-11 21:57 - 02218175 _____ C:\Users\Moravskesluzby.cz\Downloads\doom.zip
2015-11-11 10:04 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-11-11 10:04 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-11-11 10:04 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-11-11 10:04 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-11-11 10:04 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-11-11 10:04 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-11-11 10:04 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-11-11 10:04 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-11-11 10:04 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-11-11 10:04 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-11-11 10:04 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-11-11 10:04 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-11-11 10:04 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-11-11 10:04 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-11-11 10:04 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-11-11 10:04 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-11-11 10:04 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-11-11 10:04 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-11-11 10:04 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-11-11 10:04 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-11-11 10:04 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-11-11 10:04 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-11-11 10:04 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-11-11 10:04 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-11-11 10:04 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-11-11 10:04 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-11-11 10:04 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-11-11 10:04 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2015-11-11 10:04 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-11-11 10:04 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-11-11 10:04 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-11-11 10:04 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-11-11 10:04 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-11-11 10:04 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-11-11 10:04 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-11-11 10:04 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-11-11 10:04 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-11-11 10:04 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-11-11 10:04 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-11-11 10:04 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-11-11 10:04 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-11-11 10:04 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-11-11 10:04 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-11-11 10:04 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2015-11-11 10:04 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2015-11-11 10:04 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2015-11-11 10:04 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2015-11-11 10:04 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-11-11 10:04 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-11-11 10:04 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\windows\system32\ncryptsslp.dll
2015-11-11 10:04 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncryptsslp.dll
2015-11-11 10:04 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-11-11 10:04 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-11-11 10:04 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-11-11 10:04 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-11-11 10:04 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-11-11 10:04 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-11-11 10:04 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-11-11 10:04 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-11-11 10:04 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-11-11 10:04 - 2015-09-29 13:24 - 00155480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2015-11-11 10:04 - 2015-09-12 14:47 - 00414559 _____ C:\windows\system32\ApnDatabase.xml
2015-11-11 10:04 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2015-11-11 10:04 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
2015-11-11 10:04 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2015-11-11 10:04 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tunnel.sys
2015-11-11 10:04 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\windows\system32\AuthHost.exe
2015-11-11 10:04 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-11-11 10:04 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-11-11 10:04 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2015-11-11 10:04 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2015-11-11 10:03 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2015-11-11 10:03 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2015-11-11 10:03 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2015-11-11 10:03 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2015-11-11 10:03 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2015-11-11 10:03 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2015-11-11 10:03 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2015-11-09 14:27 - 2015-11-09 14:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-11-09 14:27 - 2015-11-09 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-11-03 14:42 - 2015-11-03 14:42 - 00181223 _____ C:\Users\Moravskesluzby.cz\Downloads\trittico-ac-150-pil.pdf
2015-10-31 21:21 - 2015-10-31 21:21 - 00000000 ____D C:\Users\Moravskesluzby.cz\AppData\Local\DOSBox
2015-10-31 21:19 - 2015-10-31 21:19 - 00389805 _____ C:\Users\Moravskesluzby.cz\Downloads\wgens211.zip
2015-10-31 21:17 - 2015-10-31 21:20 - 46143609 _____ C:\Users\Moravskesluzby.cz\Downloads\doom2.zip
2015-10-31 21:15 - 2015-10-31 21:15 - 06003907 _____ C:\Users\Moravskesluzby.cz\Downloads\59.rar
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-28 16:19 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-11-28 16:16 - 2014-09-19 14:46 - 00000000 ____D C:\Users\Moravskesluzby.cz\AppData\Local\CrashDumps
2015-11-28 16:15 - 2014-09-16 11:35 - 00000970 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-28 16:14 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-11-28 16:14 - 2013-08-22 14:25 - 00262144 ___SH C:\windows\system32\config\BBI
2015-11-28 16:13 - 2014-02-11 02:36 - 00016896 _____ C:\windows\system32\VfService.trf
2015-11-28 16:10 - 2013-08-22 16:36 - 00000000 ____D C:\windows\SysWOW64\GroupPolicy
2015-11-28 16:10 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\GroupPolicy
2015-11-28 15:48 - 2014-09-16 05:18 - 00003594 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2463396478-638413890-950990422-1001
2015-11-28 15:45 - 2014-02-11 02:30 - 00740946 _____ C:\windows\system32\perfh005.dat
2015-11-28 15:45 - 2014-02-11 02:30 - 00152150 _____ C:\windows\system32\perfc005.dat
2015-11-28 15:45 - 2013-10-07 19:27 - 01749406 _____ C:\windows\system32\PerfStringBackup.INI
2015-11-28 15:45 - 2013-08-22 14:36 - 00000000 ____D C:\windows\Inf
2015-11-28 15:23 - 2014-09-16 11:35 - 00000974 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-28 13:07 - 2014-10-16 16:26 - 00000000 ___RD C:\Users\Moravskesluzby.cz\Desktop\Hry
2015-11-28 11:51 - 2015-10-28 14:43 - 00001054 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-11-28 11:51 - 2015-10-28 14:43 - 00001048 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-11-28 11:51 - 2015-10-25 14:44 - 00002002 _____ C:\Users\Public\Desktop\PCSX2 1.2.1 (r5875).lnk
2015-11-28 11:51 - 2015-10-25 14:37 - 00001997 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2015-11-28 11:51 - 2015-10-25 14:24 - 00001915 _____ C:\Users\Public\Desktop\DOSBox 0.74.lnk
2015-11-28 11:51 - 2015-09-20 09:20 - 00000922 _____ C:\Users\Public\Desktop\AIMP3.lnk
2015-11-28 11:51 - 2014-10-12 17:38 - 00002741 _____ C:\Users\Public\Desktop\Skype.lnk
2015-11-28 11:51 - 2014-09-17 17:42 - 00002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
2015-11-28 11:51 - 2014-09-15 21:08 - 00000899 _____ C:\Users\Public\Desktop\Total Commander.lnk
2015-11-28 11:51 - 2014-09-15 20:56 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-11-28 11:51 - 2014-02-11 02:27 - 00001985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2015-11-28 11:51 - 2013-08-22 07:57 - 00002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk
2015-11-28 11:51 - 2013-08-22 07:57 - 00002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk
2015-11-28 11:51 - 2013-08-22 07:57 - 00000853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2015-11-28 11:51 - 2013-08-22 07:54 - 00002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2015-11-28 11:51 - 2013-08-22 07:48 - 00002269 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk
2015-11-28 11:50 - 2014-11-01 16:38 - 00000947 _____ C:\Users\Moravskesluzby.cz\Desktop\IHR3040n.lnk
2015-11-28 10:29 - 2014-09-16 19:04 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-11-28 10:21 - 2014-10-09 12:27 - 00000000 ____D C:\windows\Minidump
2015-11-28 10:21 - 2014-10-04 21:17 - 00000000 ____D C:\Temp
2015-11-28 10:21 - 2014-02-11 02:29 - 00000000 ____D C:\ProgramData\Temp
2015-11-28 00:02 - 2014-09-16 19:04 - 01059656 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2015-11-28 00:02 - 2014-09-16 19:04 - 00449992 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2015-11-28 00:02 - 2014-09-16 19:04 - 00273784 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2015-11-28 00:02 - 2014-09-16 19:04 - 00154256 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2015-11-28 00:02 - 2014-09-16 19:04 - 00097648 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2015-11-28 00:02 - 2014-09-16 19:04 - 00093528 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2015-11-28 00:02 - 2014-09-16 19:04 - 00065224 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2015-11-28 00:02 - 2014-09-16 19:04 - 00028656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2015-11-27 23:07 - 2015-07-14 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-11-27 23:06 - 2014-09-16 03:45 - 00000000 ____D C:\Users\Moravskesluzby.cz
2015-11-27 23:05 - 2014-09-16 11:35 - 00002233 ____R C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk
2015-11-27 23:05 - 2014-09-16 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-27 23:05 - 2014-09-16 03:45 - 00002067 ____R C:\Users\Moravskesluzby.cz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехplоrеr.lnk
2015-11-27 00:30 - 2014-09-15 19:56 - 00000000 ____D C:\Users\Moravskesluzby.cz\AppData\Roaming\AIMP3
2015-11-23 13:26 - 2014-09-15 20:12 - 00000000 ____D C:\Users\Moravskesluzby.cz\AppData\Roaming\uTorrent
2015-11-22 15:34 - 2015-09-20 16:33 - 827659350 ____R C:\Users\Moravskesluzby.cz\Downloads\Ano, šéfe s Gordonem Ramsaym USA S05E07.mp4
2015-11-19 19:41 - 2000-04-26 08:36 - 03408384 _____ C:\Users\Moravskesluzby.cz\Desktop\Sonic 2 & Knuckles.smd
2015-11-19 15:14 - 2014-09-21 15:48 - 00000000 ____D C:\Users\Moravskesluzby.cz\Desktop\Moravské úklidové služby
2015-11-16 12:47 - 2013-08-22 16:36 - 00000000 ____D C:\windows\AppReadiness
2015-11-13 19:09 - 2013-08-22 16:36 - 00000000 ____D C:\windows\rescache
2015-11-12 11:51 - 2013-08-22 15:44 - 00495944 _____ C:\windows\system32\FNTCACHE.DAT
2015-11-11 23:49 - 2013-08-22 16:36 - 00000000 ___RD C:\windows\ToastData
2015-11-11 10:45 - 2013-08-22 16:20 - 00000000 ____D C:\windows\CbsTemp
2015-11-11 10:36 - 2014-09-15 20:03 - 00000000 ____D C:\windows\system32\MRT
2015-11-11 10:25 - 2014-09-15 20:03 - 145617392 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-11-10 09:18 - 2014-02-11 02:37 - 00000000 ____D C:\ProgramData\Energy Manager
2015-11-10 00:18 - 2014-10-12 17:38 - 00000000 ____D C:\Users\Moravskesluzby.cz\AppData\Roaming\Skype
2015-11-09 14:27 - 2014-10-12 17:38 - 00000000 ____D C:\ProgramData\Skype
2015-11-03 01:23 - 2014-09-15 21:20 - 00810488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:23 - 2014-09-15 21:20 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2014-09-16 03:46 - 2014-09-17 16:32 - 0003040 _____ () C:\Users\Moravskesluzby.cz\AppData\Roaming\AbsoluteReminder.xml
2015-11-20 19:50 - 2015-11-20 23:18 - 0008192 _____ () C:\Users\Moravskesluzby.cz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-11 02:16 - 2014-02-11 02:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-23 21:56
==================== End of FRST.txt ============================
