Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
blooder212
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 20 led 2016 16:42

Prosím o kontrolu logu

#1 Příspěvek od blooder212 »

Dobrý den. Prosím o kontrolu logu. Předem děkuji :)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by Jan (administrator) on PINC (19-05-2018 10:05:06)
Running from C:\Users\Jan\Downloads
Loaded Profiles: Jan (Available Profiles: Jan)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Solvusoft Corporation) C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google) C:\Users\Jan\AppData\Local\Google\Chrome\User Data\SwReporter\27.148.201\software_reporter_tool.exe
(Google) C:\Users\Jan\AppData\Local\Google\Chrome\User Data\SwReporter\27.148.201\software_reporter_tool.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7659224 2014-11-11] (Realtek Semiconductor)
HKLM\...\Run: [RtsCM] => C:\windows\RTSCM64.EXE [167128 2014-07-22] (Realtek Semiconductor Corp.)
HKLM\...\Run: [ISCT Tray] => c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-14] (Intel Corporation)
HKLM\...\Run: [CommonToolkitTray_Solvusoft] => C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe [1686088 2015-09-23] (Solvusoft Corporation)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [425608 2014-10-03] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2213592 2014-02-05] (Hewlett-Packard)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-04-12] (Piriform Ltd)
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-04-12] (Piriform Ltd)
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\...\MountPoints2: {d47103ef-be8c-11e6-8377-d0bf9c6605de} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\...\MountPoints2: {de0d6f2e-3c87-11e8-843c-d0bf9c6605de} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
BootExecute: autocheck autochk * OODBS
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{524BB503-A0A1-4CF2-B229-8C92F301A65C}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A373F59A-8F70-4EBE-B5BD-3E991C9CFAE1}: [DhcpNameServer] 172.16.0.5 172.16.10.1 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130847468358409566&GUID=B064B059-18DC-48C6-A293-660E22226AC5
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130847468358436923&GUID=B064B059-18DC-48C6-A293-660E22226AC5
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid=%7BF936386D-1505-4AB1-A16F-0EAAABC2930A%7D&mid=d2623995849e47cca10b01f6da82ec2d-877b912dc52678c860d9e7818b202cc8256227f1&lang=cs&ds=ZEN&coid=avgtbdisZE&cmpid=1215tb&pr=fr&d=2015-11-30%2008:55:32&v=4.3.1.831&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
SearchScopes: HKU\S-1-5-21-1368964924-2371328013-1095415700-1002 -> DefaultScope {2CD802F4-021E-42CB-9D8A-9E4CD9285F0D} URL =
SearchScopes: HKU\S-1-5-21-1368964924-2371328013-1095415700-1002 -> {1FE14225-851F-489E-BBA2-4EC758F9753E} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1368964924-2371328013-1095415700-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F936386D-1505-4AB1-A16F-0EAAABC2930A}&mid=d2623995849e47cca10b01f6da82ec2d-877b912dc52678c860d9e7818b202cc8256227f1&lang=cs&ds=ZEN&coid=avgtbdisZE&cmpid=0316tb&pr=fr&d=2015-11-30 08:55:32&v=4.3.5.160&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-09-25] (Intel Security)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-09-25] (Intel Security)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05] (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-09-25] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-09-25] (Intel Security)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=14402729 ... J9EFB16132

FireFox:
========
FF DefaultProfile: 40c1s16h.default-1496572259581
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\40c1s16h.default-1496572259581 [2018-05-19]
FF Extension: (FF Gallery) - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\40c1s16h.default-1496572259581\Extensions\{1dc6315f-9990-4e2e-a021-8d5341488603}.xpi [2018-03-17]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: (HP Client Security Manager) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2015-01-09] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\v60xkaex.default\extensions\defsearchp@gmail.com => not found
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\v60xkaex.default\extensions\deskCutv2@gmail.com => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-19] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2014-06-26] (DigitalPersona, Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://www.booking.com/searchresults.cs.html?a ... lter=price
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default [2018-05-19]
CHR Extension: (Dokumenty) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-03]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-09]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-30]
CHR Extension: (Vyhledávání Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-30]
CHR Extension: (AVG SafePrice) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2018-05-19]
CHR Extension: (HP Client Security Manager) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2015-08-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-19]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-09]
CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-19]
CHR HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2014-06-26]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2014-03-31] () [File not signed]
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2014-07-28] (DigitalPersona, Inc.)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries)
S3 HotSpotSrv; C:\Program Files (x86)\Hewlett-Packard\HP Wireless Hotspot\HotSpotSrv.exe [372408 2013-12-10] (Hewlett-Packard Development Company, L.P.)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [93184 2014-08-21] (Hewlett-Packard Company) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
S2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [131312 2015-03-19] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\windows\system32\igfxCUIService.exe [359848 2015-09-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 ISCTAgent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-14] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-09-04] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255576 2017-11-22] (Synaptics Incorporated)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2018-03-29] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2018-03-29] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2018-03-29] (McAfee, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 DrvAgent64; C:\windows\SysWOW64\Drivers\DrvAgent64.SYS [13824 2015-06-28] (Phoenix Technologies) [File not signed]
R0 hotcore3; C:\Windows\SysWow64\drivers\hotcore3.sys [36368 2008-01-21] (Paragon Software Group)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [253680 2015-03-19] (Intel Corporation)
R3 ikbevent; C:\windows\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\windows\system32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R3 ISCT; C:\windows\System32\drivers\ISCTD.sys [44744 2014-05-27] ()
R3 MEIx64; C:\windows\System32\drivers\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3526400 2017-03-09] (Intel Corporation)
R0 PinFile; C:\windows\System32\DRIVERS\PinFile.sys [49856 2014-12-05] (WinMagic Inc.)
R3 RTSPER; C:\windows\system32\DRIVERS\RtsPer.sys [769752 2015-12-18] (Realsil Semiconductor Corporation)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [413912 2015-12-22] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [9127128 2014-07-22] (Realtek Semiconductor Corp.)
R0 SDDisk2K; C:\windows\System32\DRIVERS\SDDisk2K.sys [228544 2014-12-05] (WinMagic Inc.)
R0 SDDToki; C:\windows\System32\DRIVERS\SDDToki.sys [131264 2014-12-05] (WinMagic Inc.)
S3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2014-10-31] (Synaptics Incorporated)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 WirelessButtonDriver; C:\windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-23] (HP)
R3 WirelessButtonDriver64; C:\windows\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-23] (HP)
S3 RSUSBSTOR; \SystemRoot\System32\Drivers\RtsUStor.sys [X]
S3 RSUSBVSTOR; \SystemRoot\System32\Drivers\RtsUVStor.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-19 10:05 - 2018-05-19 10:08 - 000024942 _____ C:\Users\Jan\Downloads\FRST.txt
2018-05-19 10:04 - 2018-05-19 10:05 - 000000000 ____D C:\FRST
2018-05-19 10:03 - 2018-05-19 10:03 - 002413056 _____ (Farbar) C:\Users\Jan\Downloads\FRST64.exe
2018-05-19 09:53 - 2018-05-19 09:53 - 000003100 _____ C:\windows\System32\Tasks\{0312CC9B-611A-4A64-8861-423B53CAE21B}
2018-05-19 09:48 - 2018-05-19 09:49 - 000000000 ____D C:\ProgramData\install_clap
2018-05-19 09:29 - 2018-05-19 09:58 - 000001078 _____ C:\windows\system32dbgraw.bmp
2018-05-02 18:41 - 2018-05-02 18:41 - 000100738 _____ C:\Users\Jan\Documents\Roman plná moc.pdf
2018-04-21 11:38 - 2018-04-21 11:38 - 000211382 _____ C:\Users\Jan\Downloads\Potvrzení o úhradě ubytování MSBP18 JAR(1).pdf
2018-04-21 11:38 - 2018-04-21 11:38 - 000211344 _____ C:\Users\Jan\Downloads\Potvrzení o úhradě transportu MSBB18 JAR(1).pdf
2018-04-21 11:37 - 2018-04-21 11:37 - 000211354 _____ C:\Users\Jan\Downloads\Potvrzení o úhradě startovného MSBP18 JAR(1).pdf
2018-04-20 07:21 - 2018-04-20 07:21 - 000106699 _____ C:\Users\Jan\Downloads\New_Time_Table_-_IPF_World_Equipped_Bench_Press_Championships-South_Africa_April_2018.pdf
2018-04-20 06:48 - 2018-04-20 06:48 - 000211344 _____ C:\Users\Jan\Downloads\Potvrzení o úhradě transportu MSBB18 JAR.pdf
2018-04-20 06:47 - 2018-04-20 06:47 - 000211382 _____ C:\Users\Jan\Downloads\Potvrzení o úhradě ubytování MSBP18 JAR.pdf
2018-04-20 06:46 - 2018-04-20 06:46 - 000211354 _____ C:\Users\Jan\Downloads\Potvrzení o úhradě startovného MSBP18 JAR.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-19 10:05 - 2013-08-22 17:20 - 000000000 ____D C:\windows\CbsTemp
2018-05-19 09:58 - 2015-06-12 10:25 - 000000180 _____ C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-05-19 09:58 - 2015-06-12 10:25 - 000000000 __SHD C:\Users\Jan\IntelGraphicsProfiles
2018-05-19 09:57 - 2015-06-12 10:24 - 000000000 ____D C:\Users\Jan
2018-05-19 09:57 - 2013-08-22 16:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-05-19 09:56 - 2016-11-21 22:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-05-19 09:56 - 2015-11-24 10:20 - 000000000 ____D C:\Users\Jan\AppData\Roaming\AVG
2018-05-19 09:56 - 2015-11-24 10:15 - 000000000 ____D C:\ProgramData\Avg
2018-05-19 09:56 - 2015-11-24 10:15 - 000000000 ____D C:\Program Files (x86)\AVG
2018-05-19 09:56 - 2015-11-24 10:14 - 000000000 ____D C:\Users\Jan\AppData\Local\Avg
2018-05-19 09:56 - 2015-06-24 21:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-19 09:54 - 2015-08-22 21:44 - 000000000 ____D C:\Users\Jan\AppData\Roaming\Seznam.cz
2018-05-19 09:54 - 2015-06-24 21:25 - 000000000 ____D C:\Users\Jan\AppData\Roaming\StartMenu
2018-05-19 09:53 - 2015-08-22 21:44 - 000000000 ____D C:\Program Files (x86)\Seznam.cz
2018-05-19 09:53 - 2015-06-12 10:30 - 000003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1368964924-2371328013-1095415700-1002
2018-05-19 09:50 - 2015-06-12 10:26 - 000000000 ____D C:\Users\Jan\AppData\Roaming\hpqLog
2018-05-19 09:50 - 2015-01-09 19:06 - 000000000 ____D C:\ProgramData\HPQLOG
2018-05-19 09:50 - 2014-12-13 00:38 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2018-05-19 09:49 - 2015-01-09 19:20 - 000000000 ____D C:\ProgramData\CyberLink
2018-05-19 09:49 - 2015-01-09 18:48 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2018-05-19 09:49 - 2014-12-13 00:40 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-05-19 09:48 - 2015-01-09 19:19 - 000000000 ____D C:\ProgramData\Temp
2018-05-19 09:44 - 2016-11-22 08:50 - 000000000 ____D C:\Users\Jan\AppData\LocalLow\Mozilla
2018-05-19 09:43 - 2015-06-24 21:29 - 000001472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-05-19 09:37 - 2017-01-12 12:37 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2018-05-19 09:37 - 2015-11-24 09:54 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-19 09:36 - 2015-07-01 09:37 - 000003386 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-19 09:36 - 2015-07-01 09:37 - 000003258 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-19 09:35 - 2015-06-12 10:29 - 000003946 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{62EE1591-55BD-450E-9F1A-01E91757C1E3}
2018-05-19 09:32 - 2018-03-13 22:07 - 000004516 _____ C:\windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-05-19 09:32 - 2015-06-24 21:41 - 000004372 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-05-19 09:32 - 2013-08-22 17:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-05-19 09:32 - 2013-08-22 17:36 - 000000000 ____D C:\windows\system32\Macromed
2018-05-02 18:31 - 2018-03-26 15:47 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-05-02 18:31 - 2015-07-01 09:38 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-02 18:18 - 2016-12-09 12:28 - 000000000 ____D C:\Users\Jan\Desktop\Honza z telefonu do A2016
2018-05-02 18:17 - 2015-09-09 09:43 - 000000000 ____D C:\Users\Jan\AppData\Roaming\HpUpdate
2018-04-26 21:24 - 2013-08-22 15:25 - 000262144 ___SH C:\windows\system32\config\BBI
2018-04-21 11:13 - 2015-07-01 13:23 - 001063424 ___SH C:\Users\Jan\Desktop\Thumbs.db
2018-04-19 13:27 - 2013-08-22 17:36 - 000000000 ____D C:\windows\rescache

==================== Files in the root of some directories =======

2017-05-23 09:29 - 2017-05-23 09:29 - 000000000 _____ () C:\Users\Jan\AppData\Local\{62428F1B-7239-4333-8DFC-9A18085478DA}

Some files in TEMP:
====================
2018-05-19 09:53 - 2018-05-19 09:54 - 000534528 _____ () C:\Users\Jan\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-04-17 12:12

==================== End of FRST.txt ============================
Přílohy
Nový WinRAR archiv.rar
(19.33 KiB) Staženo 96 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Preventivní kontroly logů“