Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.02.2018
Ran by Václav (administrator) on VASIK (21-02-2018 11:52:49)
Running from C:\Users\Václav\Desktop
Loaded Profiles: Václav (Available Profiles: Václav)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
() C:\Windows\Temp\opera autoupdate\CProgram Files (x86)Opera\ready\installer.exe
() C:\Windows\Temp\opera autoupdate\CProgram Files (x86)Opera\ready\installer.exe
() C:\Windows\Temp\opera autoupdate\CProgram Files (x86)Opera\ready\installer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\installer.exe
(Opera Software) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7547608 2014-03-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1380056 2014-03-19] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [519256 2014-02-17] (Waves Audio Ltd.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3775816 2014-02-27] (Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [134784 2014-08-14] (Qualcomm®Atheros®)
HKU\S-1-5-21-3434384294-2672202141-610711606-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-3434384294-2672202141-610711606-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3434384294-2672202141-610711606-1001\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [1332736 2018-01-12] (Adobe Systems Incorporated)
Startup: C:\Users\Václav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DllHostSystem32.exe [2018-01-29] ()
Startup: C:\Users\Václav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DllHostSystem32.exe.js [2018-01-29] ()
InternetURL: C:\Users\Václav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DllHostSystem32.exe.URL -> URL: file:///E:/RevengeRAT/Client.exe
Startup: C:\Users\Václav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DllHostSystem32.exe.vbs [2018-01-29] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{E3043865-F82C-410D-897D-9B75B0A66140}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3434384294-2672202141-610711606-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3434384294-2672202141-610711606-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3434384294-2672202141-610711606-1001 -> DefaultScope {BCAAC4CE-5B4A-4FB3-902B-4A7AA683EBE4} URL = 
SearchScopes: HKU\S-1-5-21-3434384294-2672202141-610711606-1001 -> {BCAAC4CE-5B4A-4FB3-902B-4A7AA683EBE4} URL = 

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=C211CZ105D20151119&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Václav\AppData\Local\Google\Chrome\User Data\Default [2018-02-01]
CHR Extension: (Prezentace) - C:\Users\Václav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-09]
CHR Extension: (Dokumenty) - C:\Users\Václav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-09]
CHR Extension: (Disk Google) - C:\Users\Václav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-01]
CHR Extension: (YouTube) - C:\Users\Václav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Vyhledávání Google) - C:\Users\Václav\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-01]
CHR Extension: (Tabulky) - C:\Users\Václav\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Václav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Václav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Gmail) - C:\Users\Václav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-09]
CHR Extension: (Chrome Media Router) - C:\Users\Václav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-25]

Opera: 
=======
OPR Extension: (Adblock Plus) - C:\Users\Václav\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-02-21]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [322176 2014-08-14] (Windows (R) Win 7 DDK provider) [File not signed]
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2017-12-14] (Dell Inc.)
S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294608 2017-12-14] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2017-12-14] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc.)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [232320 2017-11-21] (Dell Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2014-04-04] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2017-12-22] (Dell Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3903488 2014-07-11] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-08-14] (Qualcomm Atheros)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Dell Inc.)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [41208 2017-12-14] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R1 MpKsl6517bbd1; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0217A0F5-BF27-48AB-83DD-FB2F3FD60254}\MpKsl6517bbd1.sys [58120 2018-01-29] (Microsoft Corporation)
S3 RTLU3E8023-W8-64; C:\Windows\system32\DRIVERS\rtu30x64w8.sys [92376 2013-10-10] (Realtek )
R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 ST_ACCEL; C:\Windows\system32\DRIVERS\ST_Accel.sys [83968 2013-11-21] (STMicroelectronics)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-03-11] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-21 11:52 - 2018-02-21 11:54 - 000014587 _____ C:\Users\Václav\Desktop\FRST.txt
2018-02-21 11:52 - 2018-02-21 11:52 - 000000000 ____D C:\FRST
2018-02-21 11:51 - 2018-02-21 11:52 - 002403328 _____ (Farbar) C:\Users\Václav\Desktop\FRST64.exe
2018-02-01 19:08 - 2018-02-01 19:08 - 000000000 ___RD C:\Users\Václav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2018-01-29 02:10 - 2018-02-01 19:01 - 000000000 ____D C:\Users\Václav\Desktop\STREAM
2018-01-29 02:05 - 2018-01-29 02:09 - 000000000 ____D C:\Users\Václav\Desktop\100CANON
2018-01-29 01:57 - 2018-02-01 18:20 - 000000000 __SHD C:\RevengeRAT
2018-01-29 01:57 - 2018-01-29 01:57 - 000000000 __SHD C:\ProgramData\RevengeRAT
2018-01-23 12:26 - 2018-01-23 12:26 - 001040528 _____ C:\Users\Václav\Downloads\2017-11-20T10-01_Transakce_._1352124128231443-2958090.pdf
2018-01-23 12:26 - 2018-01-23 12:26 - 001040528 _____ C:\Users\Václav\Desktop\2017-11-20T10-01_Transakce_._1352124128231443-2958090.pdf
2018-01-23 12:26 - 2018-01-23 12:26 - 001040048 _____ C:\Users\Václav\Downloads\2017-12-31T02-58_Transakce_._1413498712093983-3063854.pdf
2018-01-23 12:26 - 2018-01-23 12:26 - 001040048 _____ C:\Users\Václav\Desktop\2017-12-31T02-58_Transakce_._1413498712093983-3063854.pdf
2018-01-23 12:26 - 2018-01-23 12:25 - 001039301 _____ C:\Users\Václav\Desktop\2017-10-31T08-11_Transakce_._1307545496022637-2905830.pdf
2018-01-23 12:25 - 2018-01-23 12:25 - 001039301 _____ C:\Users\Václav\Downloads\2017-10-31T08-11_Transakce_._1307545496022637-2905830.pdf
2018-01-22 21:56 - 2018-01-22 17:10 - 007125984 _____ (SOSVirus) C:\Users\Václav\Desktop\UsbFix_2018.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-21 11:55 - 2017-07-11 21:31 - 000001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2018-02-21 11:55 - 2016-05-11 21:40 - 000003840 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1439137090
2018-02-21 11:55 - 2015-08-09 17:34 - 000004488 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-02-21 11:55 - 2015-08-09 17:34 - 000004372 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-02-21 11:54 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-02-21 11:54 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\Macromed
2018-02-21 11:51 - 2015-08-09 17:17 - 000000000 ____D C:\Program Files (x86)\Opera
2018-02-21 11:48 - 2015-08-09 16:42 - 000003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4B0A7614-6A6E-4B6A-83B4-FA11864B5CA9}
2018-02-21 11:43 - 2015-08-10 22:27 - 000000000 ____D C:\Users\Václav\AppData\Roaming\Skype
2018-02-01 19:09 - 2015-10-28 23:01 - 000905216 ___SH C:\Users\Václav\Desktop\Thumbs.db
2018-02-01 19:09 - 2014-10-15 13:02 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2018-02-01 19:08 - 2015-08-09 16:38 - 000000000 ____D C:\Users\Václav\OneDrive
2018-02-01 19:06 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-02-01 19:05 - 2013-08-22 14:25 - 000524288 ___SH C:\Windows\system32\config\BBI
2018-02-01 19:02 - 2015-08-09 20:33 - 000375808 ___SH C:\Users\Václav\Downloads\Thumbs.db
2018-01-29 01:57 - 2014-10-15 12:21 - 001745984 _____ C:\Windows\system32\PerfStringBackup.INI
2018-01-29 01:57 - 2013-08-22 23:08 - 000739924 _____ C:\Windows\system32\perfh005.dat
2018-01-29 01:57 - 2013-08-22 23:08 - 000151610 _____ C:\Windows\system32\perfc005.dat
2018-01-29 01:57 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2018-01-24 20:07 - 2015-08-09 16:37 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3434384294-2672202141-610711606-1001
2018-01-23 19:58 - 2016-02-03 01:50 - 000548000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2017-12-25 16:42 - 2017-12-25 16:42 - 000000132 _____ () C:\Users\Václav\AppData\Roaming\Adobe Formát PNG CS6 – předvolby

Some files in TEMP:
====================
2015-08-05 05:18 - 2011-01-13 21:13 - 001232128 _____ () C:\Users\Václav\AppData\Local\Temp\Angry Birds.exe
2015-09-01 12:11 - 2015-09-01 12:11 - 000120336 _____ (McAfee, Inc.) C:\Users\Václav\AppData\Local\Temp\McCSPInstall.dll
2017-12-30 13:51 - 2015-09-01 12:11 - 000162120 _____ (McAfee Inc.) C:\Users\Václav\AppData\Local\Temp\mccspuninstall.exe
2014-09-12 00:44 - 2014-09-12 00:44 - 004216840 _____ (Microsoft Corporation) C:\Users\Václav\AppData\Local\Temp\vcredist9_x86.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-29 03:58

==================== End of FRST.txt ============================