Prosím o kontrolu logu
Napsal: 19 kvě 2018 09:17
Dobrý den. Prosím o kontrolu logu. Předem děkuji 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by Jan (administrator) on PINC (19-05-2018 10:05:06)
Running from C:\Users\Jan\Downloads
Loaded Profiles: Jan (Available Profiles: Jan)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Solvusoft Corporation) C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google) C:\Users\Jan\AppData\Local\Google\Chrome\User Data\SwReporter\27.148.201\software_reporter_tool.exe
(Google) C:\Users\Jan\AppData\Local\Google\Chrome\User Data\SwReporter\27.148.201\software_reporter_tool.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7659224 2014-11-11] (Realtek Semiconductor)
HKLM\...\Run: [RtsCM] => C:\windows\RTSCM64.EXE [167128 2014-07-22] (Realtek Semiconductor Corp.)
HKLM\...\Run: [ISCT Tray] => c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-14] (Intel Corporation)
HKLM\...\Run: [CommonToolkitTray_Solvusoft] => C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe [1686088 2015-09-23] (Solvusoft Corporation)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [425608 2014-10-03] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2213592 2014-02-05] (Hewlett-Packard)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-04-12] (Piriform Ltd)
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-04-12] (Piriform Ltd)
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\...\MountPoints2: {d47103ef-be8c-11e6-8377-d0bf9c6605de} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\...\MountPoints2: {de0d6f2e-3c87-11e8-843c-d0bf9c6605de} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
BootExecute: autocheck autochk * OODBS
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{524BB503-A0A1-4CF2-B229-8C92F301A65C}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A373F59A-8F70-4EBE-B5BD-3E991C9CFAE1}: [DhcpNameServer] 172.16.0.5 172.16.10.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130847468358409566&GUID=B064B059-18DC-48C6-A293-660E22226AC5
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130847468358436923&GUID=B064B059-18DC-48C6-A293-660E22226AC5
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid=%7BF936386D-1505-4AB1-A16F-0EAAABC2930A%7D&mid=d2623995849e47cca10b01f6da82ec2d-877b912dc52678c860d9e7818b202cc8256227f1&lang=cs&ds=ZEN&coid=avgtbdisZE&cmpid=1215tb&pr=fr&d=2015-11-30%2008:55:32&v=4.3.1.831&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
SearchScopes: HKU\S-1-5-21-1368964924-2371328013-1095415700-1002 -> DefaultScope {2CD802F4-021E-42CB-9D8A-9E4CD9285F0D} URL =
SearchScopes: HKU\S-1-5-21-1368964924-2371328013-1095415700-1002 -> {1FE14225-851F-489E-BBA2-4EC758F9753E} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1368964924-2371328013-1095415700-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F936386D-1505-4AB1-A16F-0EAAABC2930A}&mid=d2623995849e47cca10b01f6da82ec2d-877b912dc52678c860d9e7818b202cc8256227f1&lang=cs&ds=ZEN&coid=avgtbdisZE&cmpid=0316tb&pr=fr&d=2015-11-30 08:55:32&v=4.3.5.160&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-09-25] (Intel Security)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-09-25] (Intel Security)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05] (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-09-25] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-09-25] (Intel Security)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=14402729 ... J9EFB16132
FireFox:
========
FF DefaultProfile: 40c1s16h.default-1496572259581
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\40c1s16h.default-1496572259581 [2018-05-19]
FF Extension: (FF Gallery) - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\40c1s16h.default-1496572259581\Extensions\{1dc6315f-9990-4e2e-a021-8d5341488603}.xpi [2018-03-17]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: (HP Client Security Manager) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2015-01-09] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\v60xkaex.default\extensions\defsearchp@gmail.com => not found
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\v60xkaex.default\extensions\deskCutv2@gmail.com => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-19] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2014-06-26] (DigitalPersona, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://www.booking.com/searchresults.cs.html?a ... lter=price
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default [2018-05-19]
CHR Extension: (Dokumenty) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-03]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-09]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-30]
CHR Extension: (Vyhledávání Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-30]
CHR Extension: (AVG SafePrice) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2018-05-19]
CHR Extension: (HP Client Security Manager) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2015-08-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-19]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-09]
CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-19]
CHR HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2014-06-26]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2014-03-31] () [File not signed]
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2014-07-28] (DigitalPersona, Inc.)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries)
S3 HotSpotSrv; C:\Program Files (x86)\Hewlett-Packard\HP Wireless Hotspot\HotSpotSrv.exe [372408 2013-12-10] (Hewlett-Packard Development Company, L.P.)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [93184 2014-08-21] (Hewlett-Packard Company) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
S2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [131312 2015-03-19] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\windows\system32\igfxCUIService.exe [359848 2015-09-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 ISCTAgent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-14] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-09-04] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255576 2017-11-22] (Synaptics Incorporated)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2018-03-29] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2018-03-29] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2018-03-29] (McAfee, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 DrvAgent64; C:\windows\SysWOW64\Drivers\DrvAgent64.SYS [13824 2015-06-28] (Phoenix Technologies) [File not signed]
R0 hotcore3; C:\Windows\SysWow64\drivers\hotcore3.sys [36368 2008-01-21] (Paragon Software Group)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [253680 2015-03-19] (Intel Corporation)
R3 ikbevent; C:\windows\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\windows\system32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R3 ISCT; C:\windows\System32\drivers\ISCTD.sys [44744 2014-05-27] ()
R3 MEIx64; C:\windows\System32\drivers\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3526400 2017-03-09] (Intel Corporation)
R0 PinFile; C:\windows\System32\DRIVERS\PinFile.sys [49856 2014-12-05] (WinMagic Inc.)
R3 RTSPER; C:\windows\system32\DRIVERS\RtsPer.sys [769752 2015-12-18] (Realsil Semiconductor Corporation)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [413912 2015-12-22] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [9127128 2014-07-22] (Realtek Semiconductor Corp.)
R0 SDDisk2K; C:\windows\System32\DRIVERS\SDDisk2K.sys [228544 2014-12-05] (WinMagic Inc.)
R0 SDDToki; C:\windows\System32\DRIVERS\SDDToki.sys [131264 2014-12-05] (WinMagic Inc.)
S3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2014-10-31] (Synaptics Incorporated)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 WirelessButtonDriver; C:\windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-23] (HP)
R3 WirelessButtonDriver64; C:\windows\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-23] (HP)
S3 RSUSBSTOR; \SystemRoot\System32\Drivers\RtsUStor.sys [X]
S3 RSUSBVSTOR; \SystemRoot\System32\Drivers\RtsUVStor.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-05-19 10:05 - 2018-05-19 10:08 - 000024942 _____ C:\Users\Jan\Downloads\FRST.txt
2018-05-19 10:04 - 2018-05-19 10:05 - 000000000 ____D C:\FRST
2018-05-19 10:03 - 2018-05-19 10:03 - 002413056 _____ (Farbar) C:\Users\Jan\Downloads\FRST64.exe
2018-05-19 09:53 - 2018-05-19 09:53 - 000003100 _____ C:\windows\System32\Tasks\{0312CC9B-611A-4A64-8861-423B53CAE21B}
2018-05-19 09:48 - 2018-05-19 09:49 - 000000000 ____D C:\ProgramData\install_clap
2018-05-19 09:29 - 2018-05-19 09:58 - 000001078 _____ C:\windows\system32dbgraw.bmp
2018-05-02 18:41 - 2018-05-02 18:41 - 000100738 _____ C:\Users\Jan\Documents\Roman plná moc.pdf
2018-04-21 11:38 - 2018-04-21 11:38 - 000211382 _____ C:\Users\Jan\Downloads\Potvrzení o úhradě ubytování MSBP18 JAR(1).pdf
2018-04-21 11:38 - 2018-04-21 11:38 - 000211344 _____ C:\Users\Jan\Downloads\Potvrzení o úhradě transportu MSBB18 JAR(1).pdf
2018-04-21 11:37 - 2018-04-21 11:37 - 000211354 _____ C:\Users\Jan\Downloads\Potvrzení o úhradě startovného MSBP18 JAR(1).pdf
2018-04-20 07:21 - 2018-04-20 07:21 - 000106699 _____ C:\Users\Jan\Downloads\New_Time_Table_-_IPF_World_Equipped_Bench_Press_Championships-South_Africa_April_2018.pdf
2018-04-20 06:48 - 2018-04-20 06:48 - 000211344 _____ C:\Users\Jan\Downloads\Potvrzení o úhradě transportu MSBB18 JAR.pdf
2018-04-20 06:47 - 2018-04-20 06:47 - 000211382 _____ C:\Users\Jan\Downloads\Potvrzení o úhradě ubytování MSBP18 JAR.pdf
2018-04-20 06:46 - 2018-04-20 06:46 - 000211354 _____ C:\Users\Jan\Downloads\Potvrzení o úhradě startovného MSBP18 JAR.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-05-19 10:05 - 2013-08-22 17:20 - 000000000 ____D C:\windows\CbsTemp
2018-05-19 09:58 - 2015-06-12 10:25 - 000000180 _____ C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-05-19 09:58 - 2015-06-12 10:25 - 000000000 __SHD C:\Users\Jan\IntelGraphicsProfiles
2018-05-19 09:57 - 2015-06-12 10:24 - 000000000 ____D C:\Users\Jan
2018-05-19 09:57 - 2013-08-22 16:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-05-19 09:56 - 2016-11-21 22:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-05-19 09:56 - 2015-11-24 10:20 - 000000000 ____D C:\Users\Jan\AppData\Roaming\AVG
2018-05-19 09:56 - 2015-11-24 10:15 - 000000000 ____D C:\ProgramData\Avg
2018-05-19 09:56 - 2015-11-24 10:15 - 000000000 ____D C:\Program Files (x86)\AVG
2018-05-19 09:56 - 2015-11-24 10:14 - 000000000 ____D C:\Users\Jan\AppData\Local\Avg
2018-05-19 09:56 - 2015-06-24 21:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-19 09:54 - 2015-08-22 21:44 - 000000000 ____D C:\Users\Jan\AppData\Roaming\Seznam.cz
2018-05-19 09:54 - 2015-06-24 21:25 - 000000000 ____D C:\Users\Jan\AppData\Roaming\StartMenu
2018-05-19 09:53 - 2015-08-22 21:44 - 000000000 ____D C:\Program Files (x86)\Seznam.cz
2018-05-19 09:53 - 2015-06-12 10:30 - 000003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1368964924-2371328013-1095415700-1002
2018-05-19 09:50 - 2015-06-12 10:26 - 000000000 ____D C:\Users\Jan\AppData\Roaming\hpqLog
2018-05-19 09:50 - 2015-01-09 19:06 - 000000000 ____D C:\ProgramData\HPQLOG
2018-05-19 09:50 - 2014-12-13 00:38 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2018-05-19 09:49 - 2015-01-09 19:20 - 000000000 ____D C:\ProgramData\CyberLink
2018-05-19 09:49 - 2015-01-09 18:48 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2018-05-19 09:49 - 2014-12-13 00:40 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-05-19 09:48 - 2015-01-09 19:19 - 000000000 ____D C:\ProgramData\Temp
2018-05-19 09:44 - 2016-11-22 08:50 - 000000000 ____D C:\Users\Jan\AppData\LocalLow\Mozilla
2018-05-19 09:43 - 2015-06-24 21:29 - 000001472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-05-19 09:37 - 2017-01-12 12:37 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2018-05-19 09:37 - 2015-11-24 09:54 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-19 09:36 - 2015-07-01 09:37 - 000003386 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-19 09:36 - 2015-07-01 09:37 - 000003258 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-19 09:35 - 2015-06-12 10:29 - 000003946 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{62EE1591-55BD-450E-9F1A-01E91757C1E3}
2018-05-19 09:32 - 2018-03-13 22:07 - 000004516 _____ C:\windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-05-19 09:32 - 2015-06-24 21:41 - 000004372 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-05-19 09:32 - 2013-08-22 17:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-05-19 09:32 - 2013-08-22 17:36 - 000000000 ____D C:\windows\system32\Macromed
2018-05-02 18:31 - 2018-03-26 15:47 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-05-02 18:31 - 2015-07-01 09:38 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-02 18:18 - 2016-12-09 12:28 - 000000000 ____D C:\Users\Jan\Desktop\Honza z telefonu do A2016
2018-05-02 18:17 - 2015-09-09 09:43 - 000000000 ____D C:\Users\Jan\AppData\Roaming\HpUpdate
2018-04-26 21:24 - 2013-08-22 15:25 - 000262144 ___SH C:\windows\system32\config\BBI
2018-04-21 11:13 - 2015-07-01 13:23 - 001063424 ___SH C:\Users\Jan\Desktop\Thumbs.db
2018-04-19 13:27 - 2013-08-22 17:36 - 000000000 ____D C:\windows\rescache
==================== Files in the root of some directories =======
2017-05-23 09:29 - 2017-05-23 09:29 - 000000000 _____ () C:\Users\Jan\AppData\Local\{62428F1B-7239-4333-8DFC-9A18085478DA}
Some files in TEMP:
====================
2018-05-19 09:53 - 2018-05-19 09:54 - 000534528 _____ () C:\Users\Jan\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-04-17 12:12
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by Jan (administrator) on PINC (19-05-2018 10:05:06)
Running from C:\Users\Jan\Downloads
Loaded Profiles: Jan (Available Profiles: Jan)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Solvusoft Corporation) C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google) C:\Users\Jan\AppData\Local\Google\Chrome\User Data\SwReporter\27.148.201\software_reporter_tool.exe
(Google) C:\Users\Jan\AppData\Local\Google\Chrome\User Data\SwReporter\27.148.201\software_reporter_tool.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7659224 2014-11-11] (Realtek Semiconductor)
HKLM\...\Run: [RtsCM] => C:\windows\RTSCM64.EXE [167128 2014-07-22] (Realtek Semiconductor Corp.)
HKLM\...\Run: [ISCT Tray] => c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-14] (Intel Corporation)
HKLM\...\Run: [CommonToolkitTray_Solvusoft] => C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe [1686088 2015-09-23] (Solvusoft Corporation)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [425608 2014-10-03] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2213592 2014-02-05] (Hewlett-Packard)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-04-12] (Piriform Ltd)
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-04-12] (Piriform Ltd)
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\...\MountPoints2: {d47103ef-be8c-11e6-8377-d0bf9c6605de} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\...\MountPoints2: {de0d6f2e-3c87-11e8-843c-d0bf9c6605de} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
BootExecute: autocheck autochk * OODBS
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{524BB503-A0A1-4CF2-B229-8C92F301A65C}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A373F59A-8F70-4EBE-B5BD-3E991C9CFAE1}: [DhcpNameServer] 172.16.0.5 172.16.10.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130847468358409566&GUID=B064B059-18DC-48C6-A293-660E22226AC5
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130847468358436923&GUID=B064B059-18DC-48C6-A293-660E22226AC5
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid=%7BF936386D-1505-4AB1-A16F-0EAAABC2930A%7D&mid=d2623995849e47cca10b01f6da82ec2d-877b912dc52678c860d9e7818b202cc8256227f1&lang=cs&ds=ZEN&coid=avgtbdisZE&cmpid=1215tb&pr=fr&d=2015-11-30%2008:55:32&v=4.3.1.831&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
SearchScopes: HKU\S-1-5-21-1368964924-2371328013-1095415700-1002 -> DefaultScope {2CD802F4-021E-42CB-9D8A-9E4CD9285F0D} URL =
SearchScopes: HKU\S-1-5-21-1368964924-2371328013-1095415700-1002 -> {1FE14225-851F-489E-BBA2-4EC758F9753E} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1368964924-2371328013-1095415700-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F936386D-1505-4AB1-A16F-0EAAABC2930A}&mid=d2623995849e47cca10b01f6da82ec2d-877b912dc52678c860d9e7818b202cc8256227f1&lang=cs&ds=ZEN&coid=avgtbdisZE&cmpid=0316tb&pr=fr&d=2015-11-30 08:55:32&v=4.3.5.160&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-09-25] (Intel Security)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-09-25] (Intel Security)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05] (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-09-25] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-09-25] (Intel Security)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=14402729 ... J9EFB16132
FireFox:
========
FF DefaultProfile: 40c1s16h.default-1496572259581
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\40c1s16h.default-1496572259581 [2018-05-19]
FF Extension: (FF Gallery) - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\40c1s16h.default-1496572259581\Extensions\{1dc6315f-9990-4e2e-a021-8d5341488603}.xpi [2018-03-17]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: (HP Client Security Manager) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2015-01-09] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\v60xkaex.default\extensions\defsearchp@gmail.com => not found
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\v60xkaex.default\extensions\deskCutv2@gmail.com => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-19] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2014-06-26] (DigitalPersona, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://www.booking.com/searchresults.cs.html?a ... lter=price
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default [2018-05-19]
CHR Extension: (Dokumenty) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-03]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-09]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-30]
CHR Extension: (Vyhledávání Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-30]
CHR Extension: (AVG SafePrice) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2018-05-19]
CHR Extension: (HP Client Security Manager) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2015-08-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-19]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-09]
CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-19]
CHR HKU\S-1-5-21-1368964924-2371328013-1095415700-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2014-06-26]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2014-03-31] () [File not signed]
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2014-07-28] (DigitalPersona, Inc.)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries)
S3 HotSpotSrv; C:\Program Files (x86)\Hewlett-Packard\HP Wireless Hotspot\HotSpotSrv.exe [372408 2013-12-10] (Hewlett-Packard Development Company, L.P.)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [93184 2014-08-21] (Hewlett-Packard Company) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
S2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [131312 2015-03-19] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\windows\system32\igfxCUIService.exe [359848 2015-09-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 ISCTAgent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-14] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-09-04] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255576 2017-11-22] (Synaptics Incorporated)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2018-03-29] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2018-03-29] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2018-03-29] (McAfee, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 DrvAgent64; C:\windows\SysWOW64\Drivers\DrvAgent64.SYS [13824 2015-06-28] (Phoenix Technologies) [File not signed]
R0 hotcore3; C:\Windows\SysWow64\drivers\hotcore3.sys [36368 2008-01-21] (Paragon Software Group)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [253680 2015-03-19] (Intel Corporation)
R3 ikbevent; C:\windows\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\windows\system32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R3 ISCT; C:\windows\System32\drivers\ISCTD.sys [44744 2014-05-27] ()
R3 MEIx64; C:\windows\System32\drivers\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3526400 2017-03-09] (Intel Corporation)
R0 PinFile; C:\windows\System32\DRIVERS\PinFile.sys [49856 2014-12-05] (WinMagic Inc.)
R3 RTSPER; C:\windows\system32\DRIVERS\RtsPer.sys [769752 2015-12-18] (Realsil Semiconductor Corporation)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [413912 2015-12-22] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [9127128 2014-07-22] (Realtek Semiconductor Corp.)
R0 SDDisk2K; C:\windows\System32\DRIVERS\SDDisk2K.sys [228544 2014-12-05] (WinMagic Inc.)
R0 SDDToki; C:\windows\System32\DRIVERS\SDDToki.sys [131264 2014-12-05] (WinMagic Inc.)
S3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2014-10-31] (Synaptics Incorporated)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 WirelessButtonDriver; C:\windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-23] (HP)
R3 WirelessButtonDriver64; C:\windows\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-23] (HP)
S3 RSUSBSTOR; \SystemRoot\System32\Drivers\RtsUStor.sys [X]
S3 RSUSBVSTOR; \SystemRoot\System32\Drivers\RtsUVStor.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-05-19 10:05 - 2018-05-19 10:08 - 000024942 _____ C:\Users\Jan\Downloads\FRST.txt
2018-05-19 10:04 - 2018-05-19 10:05 - 000000000 ____D C:\FRST
2018-05-19 10:03 - 2018-05-19 10:03 - 002413056 _____ (Farbar) C:\Users\Jan\Downloads\FRST64.exe
2018-05-19 09:53 - 2018-05-19 09:53 - 000003100 _____ C:\windows\System32\Tasks\{0312CC9B-611A-4A64-8861-423B53CAE21B}
2018-05-19 09:48 - 2018-05-19 09:49 - 000000000 ____D C:\ProgramData\install_clap
2018-05-19 09:29 - 2018-05-19 09:58 - 000001078 _____ C:\windows\system32dbgraw.bmp
2018-05-02 18:41 - 2018-05-02 18:41 - 000100738 _____ C:\Users\Jan\Documents\Roman plná moc.pdf
2018-04-21 11:38 - 2018-04-21 11:38 - 000211382 _____ C:\Users\Jan\Downloads\Potvrzení o úhradě ubytování MSBP18 JAR(1).pdf
2018-04-21 11:38 - 2018-04-21 11:38 - 000211344 _____ C:\Users\Jan\Downloads\Potvrzení o úhradě transportu MSBB18 JAR(1).pdf
2018-04-21 11:37 - 2018-04-21 11:37 - 000211354 _____ C:\Users\Jan\Downloads\Potvrzení o úhradě startovného MSBP18 JAR(1).pdf
2018-04-20 07:21 - 2018-04-20 07:21 - 000106699 _____ C:\Users\Jan\Downloads\New_Time_Table_-_IPF_World_Equipped_Bench_Press_Championships-South_Africa_April_2018.pdf
2018-04-20 06:48 - 2018-04-20 06:48 - 000211344 _____ C:\Users\Jan\Downloads\Potvrzení o úhradě transportu MSBB18 JAR.pdf
2018-04-20 06:47 - 2018-04-20 06:47 - 000211382 _____ C:\Users\Jan\Downloads\Potvrzení o úhradě ubytování MSBP18 JAR.pdf
2018-04-20 06:46 - 2018-04-20 06:46 - 000211354 _____ C:\Users\Jan\Downloads\Potvrzení o úhradě startovného MSBP18 JAR.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-05-19 10:05 - 2013-08-22 17:20 - 000000000 ____D C:\windows\CbsTemp
2018-05-19 09:58 - 2015-06-12 10:25 - 000000180 _____ C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-05-19 09:58 - 2015-06-12 10:25 - 000000000 __SHD C:\Users\Jan\IntelGraphicsProfiles
2018-05-19 09:57 - 2015-06-12 10:24 - 000000000 ____D C:\Users\Jan
2018-05-19 09:57 - 2013-08-22 16:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-05-19 09:56 - 2016-11-21 22:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-05-19 09:56 - 2015-11-24 10:20 - 000000000 ____D C:\Users\Jan\AppData\Roaming\AVG
2018-05-19 09:56 - 2015-11-24 10:15 - 000000000 ____D C:\ProgramData\Avg
2018-05-19 09:56 - 2015-11-24 10:15 - 000000000 ____D C:\Program Files (x86)\AVG
2018-05-19 09:56 - 2015-11-24 10:14 - 000000000 ____D C:\Users\Jan\AppData\Local\Avg
2018-05-19 09:56 - 2015-06-24 21:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-19 09:54 - 2015-08-22 21:44 - 000000000 ____D C:\Users\Jan\AppData\Roaming\Seznam.cz
2018-05-19 09:54 - 2015-06-24 21:25 - 000000000 ____D C:\Users\Jan\AppData\Roaming\StartMenu
2018-05-19 09:53 - 2015-08-22 21:44 - 000000000 ____D C:\Program Files (x86)\Seznam.cz
2018-05-19 09:53 - 2015-06-12 10:30 - 000003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1368964924-2371328013-1095415700-1002
2018-05-19 09:50 - 2015-06-12 10:26 - 000000000 ____D C:\Users\Jan\AppData\Roaming\hpqLog
2018-05-19 09:50 - 2015-01-09 19:06 - 000000000 ____D C:\ProgramData\HPQLOG
2018-05-19 09:50 - 2014-12-13 00:38 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2018-05-19 09:49 - 2015-01-09 19:20 - 000000000 ____D C:\ProgramData\CyberLink
2018-05-19 09:49 - 2015-01-09 18:48 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2018-05-19 09:49 - 2014-12-13 00:40 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-05-19 09:48 - 2015-01-09 19:19 - 000000000 ____D C:\ProgramData\Temp
2018-05-19 09:44 - 2016-11-22 08:50 - 000000000 ____D C:\Users\Jan\AppData\LocalLow\Mozilla
2018-05-19 09:43 - 2015-06-24 21:29 - 000001472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-05-19 09:37 - 2017-01-12 12:37 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2018-05-19 09:37 - 2015-11-24 09:54 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-19 09:36 - 2015-07-01 09:37 - 000003386 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-19 09:36 - 2015-07-01 09:37 - 000003258 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-19 09:35 - 2015-06-12 10:29 - 000003946 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{62EE1591-55BD-450E-9F1A-01E91757C1E3}
2018-05-19 09:32 - 2018-03-13 22:07 - 000004516 _____ C:\windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-05-19 09:32 - 2015-06-24 21:41 - 000004372 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-05-19 09:32 - 2013-08-22 17:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-05-19 09:32 - 2013-08-22 17:36 - 000000000 ____D C:\windows\system32\Macromed
2018-05-02 18:31 - 2018-03-26 15:47 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-05-02 18:31 - 2015-07-01 09:38 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-02 18:18 - 2016-12-09 12:28 - 000000000 ____D C:\Users\Jan\Desktop\Honza z telefonu do A2016
2018-05-02 18:17 - 2015-09-09 09:43 - 000000000 ____D C:\Users\Jan\AppData\Roaming\HpUpdate
2018-04-26 21:24 - 2013-08-22 15:25 - 000262144 ___SH C:\windows\system32\config\BBI
2018-04-21 11:13 - 2015-07-01 13:23 - 001063424 ___SH C:\Users\Jan\Desktop\Thumbs.db
2018-04-19 13:27 - 2013-08-22 17:36 - 000000000 ____D C:\windows\rescache
==================== Files in the root of some directories =======
2017-05-23 09:29 - 2017-05-23 09:29 - 000000000 _____ () C:\Users\Jan\AppData\Local\{62428F1B-7239-4333-8DFC-9A18085478DA}
Some files in TEMP:
====================
2018-05-19 09:53 - 2018-05-19 09:54 - 000534528 _____ () C:\Users\Jan\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-04-17 12:12
==================== End of FRST.txt ============================