Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-02-2023
Ran by xXx (administrator) on ASUSM70 (ASUSTeK Computer Inc. M70SR) (23-02-2023 04:50:16)
Running from C:\Users\xXx\Desktop
Loaded Profiles: xXx
Platform: Microsoft® Windows Vista™ Business  Service Pack 2 (X86) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe ->) (APN LLC -> APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(C:\Program Files\ATK Hotkey\AsLdrSrv.exe ->) () [File not signed] C:\Program Files\ATK Hotkey\MsgTranAgt.exe
(C:\Program Files\ATK Hotkey\AsLdrSrv.exe ->) () [File not signed] C:\Program Files\Wireless Console 2\wcourier.exe
(C:\Program Files\ATK Hotkey\AsLdrSrv.exe ->) (ATK0100) [File not signed] C:\Program Files\ATK Hotkey\HControl.exe
(C:\Program Files\ATK Hotkey\HControl.exe ->) () [File not signed] C:\Program Files\ATK Hotkey\ATKOSD.exe
(C:\Program Files\ATK Hotkey\HControl.exe ->) () [File not signed] C:\Program Files\ATK Hotkey\KBFiltr.exe
(C:\Program Files\ATK Hotkey\HControl.exe ->) () [File not signed] C:\Program Files\ATK Hotkey\WDC.exe
(C:\Program Files\PANDORA.TV\PanService\PandoraService.exe ->) (PandoraTV -> PandoraTV) C:\Program Files\PANDORA.TV\PanService\PanProcess.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynAsus.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(explorer.exe ->) (Polar Electro Oy) [File not signed] C:\Program Files\Polar\Polar FlowSync\flowsync.exe
(explorer.exe ->) (Synaptics Incorporated -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(services.exe ->) () [File not signed] C:\Program Files\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) () [File not signed] C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(services.exe ->) (APN LLC -> APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(services.exe ->) (Foxit Corporation -> Foxit Corporation) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe <2>
(services.exe ->) (PandoraTV -> Pandora.TV) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
(services.exe ->) (Skype Technologies SA -> Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mobsync.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4874240 2008-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-11-16] (Synaptics Incorporated -> Synaptics, Inc.)
HKLM\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] () [File not signed]
HKLM\...\Run: [] => [X]
HKLM\...\Run: [ApnTBMon] => C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1600072 2016-02-12] (APN LLC -> APN)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3926274421-1707633955-194683952-1000\...\Run: [Polar FlowSync] => C:\Program Files\Polar\Polar FlowSync\FlowSync.exe [1397248 2018-09-17] (Polar Electro Oy) [File not signed]
HKU\S-1-5-21-3926274421-1707633955-194683952-1001\...\Run: [Facebook Update] => C:\Users\Verka\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-05-08] (Facebook, Inc. -> Facebook Inc.)
HKU\S-1-5-21-3926274421-1707633955-194683952-1001\...\Run: [MsgCenterExe] => "C:\Program Files\Real\RealPlayer\update\RealOneMessageCenter.exe"  -osboot (No File)
HKU\S-1-5-21-3926274421-1707633955-194683952-1001\...\Run: [GoogleChromeAutoLaunch_0B8A6CD12CC0DEDE73735E73F18D8066] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window [874648 2016-04-06] (Google Inc -> Google Inc.)
HKU\S-1-5-21-3926274421-1707633955-194683952-1001\...\Run: [Zoner Photo Studio Autoupdate] => "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE" (No File)
HKU\S-1-5-21-3926274421-1707633955-194683952-1001\...\Run: [Polar FlowSync] => C:\Program Files\Polar\Polar FlowSync\flowsync.exe [1397248 2018-09-17] (Polar Electro Oy) [File not signed]
HKU\S-1-5-21-3926274421-1707633955-194683952-1001\...\MountPoints2: {06e75586-146b-11e2-97db-806e6f6e6963} - E:\setup.exe
HKU\S-1-5-21-3926274421-1707633955-194683952-1002\...\Run: [World of Tanks] => "C:\Games\World_of_Tanks\WargamingGameUpdater.exe" (No File)
HKU\S-1-5-21-3926274421-1707633955-194683952-1002\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3926274421-1707633955-194683952-1002\...\Run: [World of Warships] => "C:\Games\World_of_Warships\WargamingGameUpdater.exe" (No File)
HKU\S-1-5-21-3926274421-1707633955-194683952-1003\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3926274421-1707633955-194683952-1004\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows NT x86\Print Processors\hpcpp130: C:\Windows\System32\spool\prtprocs\W32X86\hpcpp130.dll [428032 2012-04-24] (Hewlett-Packard Corporation) [File not signed]
HKLM\...\Windows NT x86\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\W32X86\hpzpplhn.dll [89600 2008-01-21] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows NT x86\Print Processors\winprint: localspl.dll (No File)
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\Windows\system32\HPMPW081.DLL [56320 2012-04-24] (Hewlett-Packard) [File not signed]
HKLM\...\Print\Monitors\HPMLM121: C:\Windows\system32\hpmlm121.dll [87552 2011-12-13] (Hewlett-Packard Company) [File not signed]
HKLM\...\Print\Monitors\PDFCreator: C:\Windows\system32\pdfcmnnt.dll [116224 2001-10-28] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2021-06-17] (Google Inc -> Google Inc.)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {024215D6-54E8-4BDB-B98C-C0FB39B344BC} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3926274421-1707633955-194683952-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe /scheduledcheck (No File)
Task: {278C9191-EABE-41B6-BF1B-8759CEC82FD4} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3926274421-1707633955-194683952-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck (No File)
Task: {294E223F-EB85-478E-855D-AD04CDCDEA94} - System32\Tasks\DriverToolkit Autorun => C:\Program Files\DriverToolkit\DriverToolkit.exe --autorun (No File)
Task: {29BCE4CC-22AB-4E2A-9EC1-1DF5B54FF236} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [175024 2014-01-28] (Ask.com -> ) <==== ATTENTION
Task: {58D6143F-2402-49E2-A4E9-27584054D237} - System32\Tasks\{769C24C6-2D1D-4ECF-856A-6A39B587671D} => C:\Program Files\Internet Explorer\iexplore.exe [758512 2016-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {6F11502C-0191-4C88-9287-E19C7A6CFB12} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [269504 2016-02-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {8EBB674B-084A-4125-B169-EFB254D499BA} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3926274421-1707633955-194683952-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe /bgrecordaliveevent (No File)
Task: {9A42A771-7D52-4B2F-A4B3-2AF33ADE8807} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3926274421-1707633955-194683952-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe /logoncheck (No File)
Task: {9D2E9D70-D5A7-4662-B542-BAE455D63997} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {B3560342-8279-4D6F-A4B0-5C8DA8B754F3} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3926274421-1707633955-194683952-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe /logoncheck (No File)
Task: {BA0F4D57-5F95-494E-9E34-E9F6460AE27D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {CC8186DB-864C-4AA1-B3B4-75D16A05F542} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3926274421-1707633955-194683952-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe /logoncheck (No File)
Task: {D1DE3EC5-5846-400B-B9F7-5A1CB94E16FD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3926274421-1707633955-194683952-1001UA => C:\Users\Verka\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-05-08] (Facebook, Inc. -> Facebook Inc.)
Task: {E928E2FD-A880-4667-BECD-7296065ECBDC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3926274421-1707633955-194683952-1001Core => C:\Users\Verka\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-05-08] (Facebook, Inc. -> Facebook Inc.)
Task: {F1514490-E824-4950-98A4-B7B86DBD0AA8} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3926274421-1707633955-194683952-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck (No File)
Task: {F594BC11-3CE4-4C22-A0D9-8E3A2BCD241D} - System32\Tasks\{54EDC524-4344-4266-9852-34D4FCF2FB2B} => c:\program files\google\chrome\application\chrome.exe [874648 2016-04-06] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files\DriverToolkit\DriverToolkit.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3926274421-1707633955-194683952-1001Core.job => C:\Users\Verka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3926274421-1707633955-194683952-1001UA.job => C:\Users\Verka\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Microsoft Windows -> Společnost Microsoft)
Tcpip\..\Interfaces\{5DD33601-DFC2-446D-A5F7-A40830A4AE07}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8573255E-7F23-483E-9408-E4406CBF9335}: [NameServer] 8.8.8.8,8.8.4.4
HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,192.168.0.1,-1]

FireFox:
========
FF ProfilePath: C:\Users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\hb1697jm.default-1612006878480 [2021-10-31]
FF Extension: (Hotfix for Firefox bug 1548973 (armagaddon 2.0) mitigation) - C:\Users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\hb1697jm.default-1612006878480\features\{cb7e9559-86fb-4ed0-a25a-3b4a076a18dc}\hotfix-bug-1548973@mozilla.org.xpi [2021-09-30] [Legacy]
FF Extension: (Skype Click to Call) - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2020-10-20] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-10-14] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: (Freemake Video Converter Plugin) - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2012-12-17] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] (Adobe Systems Incorporated -> )
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation -> Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-3926274421-1707633955-194683952-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Verka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited)

Chrome: 
=======
CHR DefaultProfile: Default"},"promo":{"ntp_notification_promo":[{"closed":false,"end":1363733940.0,"group":0,"increment":1,"increment_frequency":0,"increment_max":1,"max_views":15,"num_groups":1,"segment":1,"start":1362524400.0,"text":"Novinka! Nejnovější verze mobilních aplikací pro Chrome jsou nyní k dispozici v obchodech \u003Ca href=\"hxxps://play.google.com/store/apps/details?id=com.android.chrome&pcampaignid=ntppromo\">Google Play\u003C/a> a \u003Ca href=\"hxxps://itunes.apple.com/app/chrome/id535886823?mt=8\">App Store\u003C/a>.
CHR Profile: C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default [2023-02-23]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR HomePage: Default -> search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP"
CHR DefaultSearchURL: Default -> hxxps://www.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.ask.com
CHR DefaultSuggestURL: Default -> hxxps://lss.sse-iacapps.com/lss/api?token=466638d2-530f-3fe4-a57c-7db505bac25f&hi=0&q={searchTerms}
CHR Extension: (Ask Search) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf [2019-10-16]
CHR Extension: (YouTube) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-18]
CHR Extension: (Sticky Password - správce hesel) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnfdmghkeppfadphbnkjcicejfepnbfe [2020-10-22]
CHR Extension: (Vyhledávání Google) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-18]
CHR Extension: (AdBlock) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-06-26]
CHR Extension: (Open in VLC™ media player) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihpiinojhnfhpdmmacgmpoonphhimkaj [2020-10-15]
CHR Extension: (Freemake Video Converter) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2012-12-17]
CHR Extension: (Skype) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2008-03-21]
CHR Extension: (SendToQnap) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfempnnehcbjgepmchnbciegaefgbdfb [2020-08-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-16]
CHR Extension: (Gmail) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-26]
CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2016-02-12]
CHR HKLM\...\Chrome\Extension: [aaaaoggiphohkihibdkcnhnokmkfmhnj] - C:\Users\xXx\AppData\Local\APN\GoogleCRXs\aaaaoggiphohkihibdkcnhnokmkfmhnj_7.17.2.0.crx [2013-01-02]
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2012-12-17]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKU\S-1-5-21-3926274421-1707633955-194683952-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [269504 2016-02-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [198216 2016-01-05] (APN LLC -> APN LLC.)
R2 ASLDRService; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208 2007-10-02] () [File not signed]
R2 Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [643072 2007-12-20] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-07] () [File not signed]
R2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation -> Foxit Corporation)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [45568 2012-02-08] (Hewlett-Packard) [File not signed]
R2 PanService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (PandoraTV -> Pandora.TV)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [55808 2012-02-08] (Hewlett-Packard) [File not signed]
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies SA -> Skype Technologies S.A.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (ArcSoft, Inc. -> Arcsoft, Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23040 2012-07-03] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2012-07-03] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] (ASUSTeK Computer Inc. -> )
R3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [3478528 2007-12-20] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Microsoft Windows -> Společnost Microsoft)
S4 iteatapi; C:\Windows\system32\drivers\iteatapi.sys [35944 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.)
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [49664 2007-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
S4 iteraid; C:\Windows\system32\drivers\iteraid.sys [35944 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.)
R0 JGOGO; C:\Windows\System32\DRIVERS\JGOGO.sys [6912 2006-02-07] (Microsoft Windows Hardware Compatibility Publisher -> JMicron)
R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [48000 2007-04-11] (Microsoft Windows Hardware Compatibility Publisher -> JMicron Technology Corp.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [5632 2007-01-24] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 mod7700; C:\Windows\System32\Drivers\dvb7700all.sys [428800 2007-04-19] (Microsoft Windows Hardware Compatibility Publisher -> DiBcom)
S4 Mraid35x; C:\Windows\system32\drivers\mraid35x.sys [33384 2006-11-02] (Microsoft Windows -> LSI Logic Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (Microsoft Windows Hardware Compatibility Publisher -> ATK0100)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1082232 2013-03-03] (Microsoft Windows -> Společnost Microsoft)
S4 ntrigdigi; C:\Windows\system32\drivers\ntrigdigi.sys [20608 2006-11-02] (Microsoft Windows -> N-trig Innovative Technologies)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [508416 2007-06-12] (Asian Information Technology Inc -> PixArt Imaging Inc.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [17160 2015-03-05] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13064 2015-03-05] (MiniTool Solution Ltd -> )
R2 rimmptsk; C:\Windows\System32\DRIVERS\rimmptsk.sys [45568 2007-08-08] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 rimsptsk; C:\Windows\System32\DRIVERS\rimsptsk.sys [43008 2007-07-30] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 rismxdp; C:\Windows\System32\DRIVERS\rixdptsk.sys [38400 2007-07-30] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 smserial; C:\Windows\System32\DRIVERS\smserial.sys [982272 2006-11-22] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1769984 2007-10-01] (Microsoft Windows Hardware Compatibility Publisher -> )
S4 uliahci; C:\Windows\system32\drivers\uliahci.sys [238648 2008-01-21] (Microsoft Windows -> ULi Electronics Inc.)
S4 UlSata; C:\Windows\system32\drivers\ulsata.sys [98408 2006-11-02] (Microsoft Windows -> Promise Technology, Inc.)
S4 ulsata2; C:\Windows\system32\drivers\ulsata2.sys [115816 2008-01-21] (Microsoft Windows -> Promise Technology, Inc.)
R3 yukonwlh; C:\Windows\System32\DRIVERS\yk60x86.sys [246784 2007-05-24] (Microsoft Windows Hardware Compatibility Publisher -> Marvell)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S1 MpKsl9a7b0e01; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1C078F2E-7498-44DD-A6C6-06128B49EABB}\MpKsl9a7b0e01.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-23 04:50 - 2023-02-23 04:51 - 000025226 _____ C:\Users\xXx\Desktop\FRST.txt
2023-02-23 04:49 - 2023-02-23 04:49 - 000000000 ____D C:\Users\xXx\Desktop\Nová složka
2023-02-22 18:32 - 2023-02-23 04:50 - 000000000 ____D C:\FRST
2023-02-22 18:29 - 2023-02-22 18:30 - 002080256 _____ (Farbar) C:\Users\xXx\Desktop\FRST.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-23 04:48 - 2018-03-22 09:11 - 000000342 _____ C:\Windows\Tasks\DriverToolkit Autorun.job
2023-02-23 04:48 - 2012-10-12 17:00 - 000000000 ____D C:\Program Files\Google
2023-02-23 04:28 - 2013-05-08 06:24 - 000000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3926274421-1707633955-194683952-1001UA.job
2023-02-23 04:23 - 2012-12-24 23:00 - 000000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2023-02-23 04:22 - 2008-01-21 07:02 - 001531810 _____ C:\Windows\system32\PerfStringBackup.INI
2023-02-23 04:22 - 2008-01-21 07:01 - 000645078 _____ C:\Windows\system32\perfh005.dat
2023-02-23 04:22 - 2008-01-21 07:01 - 000137716 _____ C:\Windows\system32\perfc005.dat
2023-02-23 04:22 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\inf
2023-02-23 04:16 - 2006-11-02 14:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-02-23 04:16 - 2006-11-02 13:47 - 000004096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2023-02-23 04:16 - 2006-11-02 13:47 - 000004096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2023-02-22 19:30 - 2012-10-12 13:52 - 000001076 _____ C:\Windows\bthservsdp.dat
2023-02-22 19:30 - 2006-11-02 14:01 - 000032618 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2023-02-22 18:20 - 2021-09-30 04:23 - 000000000 ____D C:\Users\xXx\AppData\Roaming\AVAST Software
2023-02-22 18:20 - 2021-09-30 04:23 - 000000000 ____D C:\Users\xXx\AppData\Local\AVAST Software
2023-02-22 18:20 - 2021-09-30 04:07 - 000000000 ____D C:\ProgramData\AVAST Software
2023-02-12 10:37 - 2013-05-08 06:24 - 000000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3926274421-1707633955-194683952-1001Core.job
2023-02-11 23:19 - 2021-10-19 09:43 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2023-02-11 23:19 - 2018-03-22 09:11 - 000002692 _____ C:\Windows\system32\Tasks\DriverToolkit Autorun
2023-02-11 23:19 - 2014-09-30 09:28 - 000002996 _____ C:\Windows\system32\Tasks\{769C24C6-2D1D-4ECF-856A-6A39B587671D}
2023-02-11 23:19 - 2013-11-28 15:40 - 000002994 _____ C:\Windows\system32\Tasks\{54EDC524-4344-4266-9852-34D4FCF2FB2B}
2023-02-11 23:19 - 2013-08-17 19:06 - 000003326 _____ C:\Windows\system32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3926274421-1707633955-194683952-1001
2023-02-11 23:19 - 2013-08-17 19:06 - 000003192 _____ C:\Windows\system32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3926274421-1707633955-194683952-1001
2023-02-11 23:19 - 2013-07-16 06:18 - 000003344 _____ C:\Windows\system32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3926274421-1707633955-194683952-1000
2023-02-11 23:19 - 2013-05-08 06:24 - 000003824 _____ C:\Windows\system32\Tasks\FacebookUpdateTaskUserS-1-5-21-3926274421-1707633955-194683952-1001UA
2023-02-11 23:19 - 2013-05-08 06:24 - 000003456 _____ C:\Windows\system32\Tasks\FacebookUpdateTaskUserS-1-5-21-3926274421-1707633955-194683952-1001Core
2023-02-11 23:19 - 2013-01-02 13:02 - 000003800 _____ C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar
2023-02-11 23:19 - 2012-12-24 23:02 - 000003364 _____ C:\Windows\system32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3926274421-1707633955-194683952-1000
2023-02-11 23:19 - 2012-12-24 23:02 - 000003206 _____ C:\Windows\system32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3926274421-1707633955-194683952-1000
2023-02-11 23:19 - 2012-12-24 23:00 - 000003768 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2023-02-11 23:19 - 2012-12-24 22:52 - 000003322 _____ C:\Windows\system32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3926274421-1707633955-194683952-1000
2023-02-11 23:19 - 2012-12-24 22:52 - 000003184 _____ C:\Windows\system32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3926274421-1707633955-194683952-1000
2023-02-11 23:19 - 2012-10-12 17:00 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-02-11 23:19 - 2012-10-12 17:00 - 000003248 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-02-03 17:56 - 2013-01-03 15:04 - 000000000 ____D C:\Users\xXx\AppData\Roaming\Canon
2023-02-02 16:06 - 2018-06-23 23:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2023-02-02 16:06 - 2018-06-23 23:14 - 000000000 ____D C:\Program Files\7-Zip

==================== Files in the root of some directories ========

2012-10-12 14:05 - 2012-10-12 14:05 - 000000552 _____ () C:\Users\xXx\AppData\Local\d3d8caps.dat
2012-10-12 13:57 - 2014-08-11 03:00 - 000001356 _____ () C:\Users\xXx\AppData\Local\d3d9caps.dat
2012-11-08 21:22 - 2021-10-06 14:54 - 000240128 _____ () C:\Users\xXx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-09-29 13:51 - 2020-09-29 13:51 - 000000218 _____ () C:\Users\xXx\AppData\Local\recently-used.xbel

==================== FLock ==============================

2023-02-22 19:30 C:\Windows\bthservsdp.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2023-02-23 04:31
==================== End of FRST.txt ========================