prosim o kontrolu logu - vyskakovaci okna
Napsal: 04 úno 2019 11:34
Dobry den, velice Vas prosim okontrolu logu. V prohlizecich vyskakuji okna. Predem dekuji za pomoc.
log:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 4-02-2019
Ran by W (administrator) on W-PC (04-02-2019 11:18:40)
Running from C:\Users\W\Desktop
Loaded Profiles: W (Available Profiles: W)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(Intel Corporation) C:\Program Files\Intel\AMT\atchksrv.exe
(Google Inc.) C:\Program Files\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
(Google Inc.) C:\Program Files\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(HP) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
(HP) C:\Windows\System32\HPSIsvc.exe
() C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
(Intel) C:\Program Files\Intel\AMT\LMS.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Intel) C:\Program Files\Intel\AMT\UNS.exe
(Acresso) C:\Program Files\Vivid WorkshopData ATI\WorkshopDBServer.exe
(Sun Microsystems, Inc.) C:\Program Files\Vivid WorkshopData ATI\jre\bin\java.exe
(Intel Corporation) C:\Program Files\Intel\AMT\atchk.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_32_0_0_114_ActiveX.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [atchk] => C:\Program Files\Intel\AMT\atchk.exe [401408 2009-12-01] (Intel Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: E - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {026bfc4a-155f-11e7-9cd1-00219b41bed2} - E:\Startme.exe
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {8f2712a7-2e96-11e4-99ec-00219b41bed2} - F:\Viewer\ppview32.exe agaxzs\auto.ppt
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {9574b6d6-23b7-11e9-8b3a-00219b41bed2} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {ed2524cd-4450-11e7-ada3-00219b41bed2} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Drivers32: [msacm.l3pacm] => C:\Windows\system32\l3codecp.acm [220672 2009-07-14] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [msacm.aacacm] => C:\Windows\system32\AACACM.acm [294912 2012-07-21] (fccHandler)
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\system32\lameACM.acm [756224 2012-02-28] (hxxp://www.mp3dev.org/)
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [122880 2012-07-21] (fccHandler)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-08] ( )
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\system32\ac3filter.acm [1679360 2013-04-05] ()
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw.dll [3649536 2013-03-17] (x264vfw project)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\72.0.3626.81\Installer\chrmstp.exe [2019-01-29] (Google LLC -> Google Inc.)
Startup: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2015-01-09]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 77.236.129.130 88.86.107.235
Tcpip\..\Interfaces\{F4677CA5-C69F-417E-8AFC-6816A18C768D}: [DhcpNameServer] 77.236.129.130 88.86.107.235
ManualProxies: 0hxxp://web-quick.com/wpad.dat?d237324aa363cadab7cc6569550bd09136767860
Internet Explorer:
==================
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.cz/
SearchScopes: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> DefaultScope {20AB443D-4725-4468-8421-390C3683039A} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> {20AB443D-4725-4468-8421-390C3683039A} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> {A6D5F998-18F9-473B-B930-4006E4F71A7B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle America, Inc. -> Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> is enabled.
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
FireFox:
========
FF ProfilePath: C:\Users\W\AppData\Roaming\TomTom\HOME\Profiles\r3glec6n.default [2018-06-11]
FF ProfilePath: C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\g26uf1fk.default [2019-02-04]
FF user.js: detected! => C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\g26uf1fk.default\user.js [2014-04-15]
FF Homepage: Mozilla\Firefox\Profiles\g26uf1fk.default -> hxxp://www.seznam.cz/
FF Session Restore: Mozilla\Firefox\Profiles\g26uf1fk.default -> is enabled.
FF Extension: (Seznam pro Firefox - Email) - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\g26uf1fk.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-12-06]
FF HKLM\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2014-12-15] [Legacy] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3274311375-3095276521-1623220161-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\W\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies ApS)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.seznam.cz/
CHR StartupUrls: Profile 1 -> "hxxp://www.volny.cz/","hxxp://www.seznam.cz/"
CHR Session Restore: Profile 1 -> is enabled.
CHR Profile: C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-02-03]
CHR Extension: (Prezentace) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-19]
CHR Extension: (Dokumenty) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-19]
CHR Extension: (Disk Google) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-19]
CHR Extension: (YouTube) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-19]
CHR Extension: (Tabulky) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-19]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-10-19]
CHR Extension: (QR Code Generator) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gcmhlmapohffdglflokbgknlknnmogbb [2018-10-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-19]
CHR Extension: (Chrome Remote Desktop) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2018-10-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-19]
CHR Extension: (Gmail) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-19]
CHR Extension: (Chrome Media Router) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-02]
CHR Profile: C:\Users\W\AppData\Local\Google\Chrome\User Data\System Profile [2018-10-19]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 atchksrv; C:\Program Files\Intel\AMT\atchksrv.exe [176128 2009-12-01] (Intel Corporation) [File not signed]
R2 chromoting; C:\Program Files\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe [73048 2018-10-18] (Google Inc -> Google Inc.)
R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
R2 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [153600 2017-04-24] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [121856 2017-04-24] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [File not signed]
R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [247712 2012-07-25] (Hewlett-Packard Company -> HP)
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [100232 2012-11-08] (Hewlett-Packard Company -> HP)
R2 HPSLPSVC; C:\Users\W\AppData\Local\Temp\7zS17B2\hpslpsvc32.dll [701288 2013-07-19] (Hewlett Packard -> Hewlett-Packard Co.) <==== ATTENTION
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [154432 2018-12-12] (Huawei Technologies Co., Ltd. -> )
R2 LMS; C:\Program Files\Intel\AMT\LMS.exe [102400 2009-12-01] (Intel) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation -> Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [45568 2013-05-16] (Hewlett-Packard) [File not signed]
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation -> Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [55808 2013-05-16] (Hewlett-Packard) [File not signed]
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH -> TeamViewer GmbH)
R2 UNS; C:\Program Files\Intel\AMT\UNS.exe [2519040 2009-12-01] (Intel) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WorkshopDBService; C:\Program Files\Vivid WorkshopData ATI\WorkshopDBServer.exe [114688 2017-06-14] (Acresso) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ADIHdAudAddService; C:\Windows\System32\drivers\ADIHdAud.sys [382976 2010-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.)
S3 adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [422976 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [297552 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [146512 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [70720 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 aliide; C:\Windows\system32\drivers\aliide.sys [14400 2009-07-14] (Microsoft Windows -> Acer Laboratories Inc.)
S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [80256 2014-04-15] (Microsoft Windows -> Advanced Micro Devices)
S3 amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [159312 2009-07-14] (Microsoft Windows -> AMD Technologies Inc.)
R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [22400 2014-04-15] (Microsoft Windows -> Advanced Micro Devices)
S3 arc; C:\Windows\system32\DRIVERS\arc.sys [76368 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [86608 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbdx.sys [430080 2009-07-13] (Microsoft Windows -> Broadcom Corporation)
S3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-13] (Microsoft Windows -> Broadcom Corporation)
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [13568 2009-07-13] (Microsoft Windows -> Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [5248 2009-07-13] (Microsoft Windows -> Brother Industries, Ltd.)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-14] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-13] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-13] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-13] (Microsoft Windows -> Brother Industries Ltd.)
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [15952 2009-07-14] (Microsoft Windows -> CMD Technology, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-08-28] (Disc Soft Ltd -> Disc Soft Ltd)
R3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [232312 2012-10-29] (Intel Corporation -> Intel Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbdx.sys [3100160 2009-07-13] (Microsoft Windows -> Broadcom Corporation)
S3 elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [453712 2009-07-14] (Microsoft Windows -> Emulex)
R3 GMLXDFltr01; C:\Windows\System32\drivers\GMLXDFltr01.sys [17696 2016-05-27] (Microsoft Windows Hardware Compatibility Publisher -> LXD Development, Inc.)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [26624 2009-07-13] (Microsoft Windows -> Hauppauge Computer Works, Inc.)
R3 HECI; C:\Windows\System32\DRIVERS\HECI.sys [45184 2009-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 HP1210FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [13824 2012-11-08] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [67152 2009-07-14] (Microsoft Windows -> Hewlett-Packard Company)
S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [332160 2014-04-15] (Microsoft Windows -> Intel Corporation)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [4808192 2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [41040 2009-07-14] (Microsoft Windows -> Intel Corp./ICP vortex GmbH)
S3 LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [95824 2009-07-14] (Microsoft Windows -> LSI Corporation)
S3 LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [89168 2009-07-14] (Microsoft Windows -> LSI Corporation)
S3 LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [54864 2009-07-14] (Microsoft Windows -> LSI Corporation)
S3 LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [96848 2009-07-14] (Microsoft Windows -> LSI Corporation)
S3 megasas; C:\Windows\system32\DRIVERS\megasas.sys [30800 2009-07-14] (Microsoft Windows -> LSI Corporation)
S3 MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [235584 2009-07-14] (Microsoft Windows -> LSI Corporation, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation -> Microsoft Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [16896 2012-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Microsoft Windows -> Ralink Technology Corp.)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [21638 2008-08-22] () [File not signed]
S3 nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [44624 2009-07-14] (Microsoft Windows -> IBM Corporation)
S3 nmwcd; C:\Windows\System32\drivers\ccdcmb.sys [18176 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbo.sys [23168 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [137600 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [117120 2014-04-15] (Microsoft Windows -> NVIDIA Corporation)
S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [143744 2014-04-15] (Microsoft Windows -> NVIDIA Corporation)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfd.sys [19072 2012-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [1383488 2009-07-14] (Microsoft Windows -> QLogic Corporation)
S3 ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [106064 2009-07-14] (Microsoft Windows -> QLogic Corporation)
R2 secdrv; C:\Windows\system32\Drivers\secdrv.sys [20480 2009-07-13] (Microsoft Windows -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [77888 2009-07-14] (Microsoft Windows -> Silicon Integrated Systems)
S3 stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [21072 2009-07-14] (Microsoft Windows -> Promise Technology)
R3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2014-06-06] (Microsoft Windows Hardware Compatibility Publisher -> TeamViewer GmbH)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [141904 2009-07-14] (Microsoft Windows -> VIA Technologies Inc.,Ltd)
S3 eapihdrv; \??\C:\Users\W\AppData\Local\Temp\ehdrv.sys [X] <==== ATTENTION
S1 efhdshit; \??\C:\Windows\system32\drivers\efhdshit.sys [X]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S1 qjfgucbk; \??\C:\Windows\system32\drivers\qjfgucbk.sys [X]
S1 sauugxsj; \??\C:\Windows\system32\drivers\sauugxsj.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-04 11:18 - 2019-02-04 11:19 - 000027234 _____ C:\Users\W\Desktop\FRST.txt
2019-02-04 11:18 - 2019-02-04 11:18 - 001790976 _____ (Farbar) C:\Users\W\Desktop\FRST.exe
2019-02-04 11:16 - 2019-02-04 11:18 - 000000000 ____D C:\FRST
2019-02-04 11:16 - 2019-02-04 11:16 - 001790976 _____ (Farbar) C:\Users\W\Downloads\FRST.exe
2019-02-04 09:36 - 2019-02-04 09:36 - 000000000 ____D C:\Users\W\Desktop\product key viewer
2019-01-31 09:37 - 2019-01-31 09:37 - 000000953 _____ C:\Users\Public\Desktop\HiSuite.lnk
2019-01-31 09:37 - 2019-01-31 09:37 - 000000000 ____D C:\Users\W\Documents\HiSuite
2019-01-31 09:37 - 2019-01-31 09:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2019-01-31 09:36 - 2019-01-31 09:37 - 000000000 ____D C:\Program Files\HiSuite
2019-01-31 09:36 - 2018-12-12 11:32 - 001837296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFUpdate_01009.dll
2019-01-31 09:36 - 2018-12-12 11:32 - 001461992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01009.dll
2019-01-31 09:36 - 2018-12-12 11:32 - 000851176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusbcoinstaller2.dll
2019-01-31 09:36 - 2018-12-12 11:32 - 000249856 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbnet.sys
2019-01-31 09:36 - 2018-12-12 11:32 - 000199680 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys
2019-01-31 09:36 - 2018-12-12 11:32 - 000113792 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_cdcacm.sys
2019-01-31 09:36 - 2018-12-12 11:32 - 000102272 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys
2019-01-31 09:36 - 2018-12-12 11:32 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2019-01-31 09:36 - 2018-12-12 11:32 - 000015360 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbccgpfilter.sys
2019-01-31 09:35 - 2019-01-31 09:38 - 000000000 ____D C:\Users\W\AppData\Local\HiSuite
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-04 11:05 - 2014-09-02 10:34 - 000000000 ____D C:\Users\W\Documents\Soubory aplikace Outlook
2019-02-04 10:00 - 2014-04-14 11:18 - 001611044 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-04 10:00 - 2009-07-14 09:44 - 000677214 _____ C:\Windows\system32\perfh005.dat
2019-02-04 10:00 - 2009-07-14 09:44 - 000146112 _____ C:\Windows\system32\perfc005.dat
2019-02-04 10:00 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2019-02-04 08:46 - 2009-07-14 05:34 - 000014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-04 08:46 - 2009-07-14 05:34 - 000014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-04 08:38 - 2017-06-14 16:19 - 000000000 ____D C:\ProgramData\organiser
2019-02-04 08:38 - 2014-06-25 12:33 - 000000000 ____D C:\Program Files\TeamViewer
2019-02-04 08:38 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-02 14:18 - 2015-04-22 11:52 - 000000000 ____D C:\Users\W\Desktop\inz
2019-02-02 12:38 - 2015-03-19 16:06 - 000000000 ____D C:\Users\W\Documents\já
2019-01-31 10:03 - 2014-04-14 12:43 - 000000000 ____D C:\Users\W\AppData\Roaming\vlc
2019-01-29 23:50 - 2014-04-14 12:46 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-29 23:50 - 2014-04-14 12:46 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-01-29 13:21 - 2018-12-27 12:42 - 000987136 ___SH C:\Users\W\Documents\Thumbs.db
2019-01-23 10:22 - 2015-10-16 11:31 - 000000000 ____D C:\Users\W\Documents\_pojistky
2019-01-18 11:33 - 2015-04-13 16:42 - 000000000 ____D C:\Users\W\Documents\_PGS
2019-01-09 08:31 - 2014-04-14 13:00 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2019-01-09 08:31 - 2014-04-14 13:00 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-01-09 08:31 - 2014-04-14 13:00 - 000000000 ____D C:\Windows\system32\Macromed
2019-01-09 08:00 - 2017-11-20 19:57 - 000000000 ____D C:\Program Files\CCleaner
==================== Files in the root of some directories =======
2014-10-06 14:25 - 2006-11-01 11:05 - 000154424 _____ () C:\Users\W\Volumeid.exe
2014-05-30 08:17 - 2014-05-30 08:17 - 000000089 _____ () C:\Users\W\AppData\Local\fusioncache.dat
2014-05-07 17:16 - 2015-05-22 15:45 - 000013030 _____ () C:\Users\W\AppData\Local\PDOXUSRS.NET
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2019-02-02 00:39
==================== End of FRST.txt ============================
log:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 4-02-2019
Ran by W (administrator) on W-PC (04-02-2019 11:18:40)
Running from C:\Users\W\Desktop
Loaded Profiles: W (Available Profiles: W)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(Intel Corporation) C:\Program Files\Intel\AMT\atchksrv.exe
(Google Inc.) C:\Program Files\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
(Google Inc.) C:\Program Files\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(HP) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
(HP) C:\Windows\System32\HPSIsvc.exe
() C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
(Intel) C:\Program Files\Intel\AMT\LMS.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Intel) C:\Program Files\Intel\AMT\UNS.exe
(Acresso) C:\Program Files\Vivid WorkshopData ATI\WorkshopDBServer.exe
(Sun Microsystems, Inc.) C:\Program Files\Vivid WorkshopData ATI\jre\bin\java.exe
(Intel Corporation) C:\Program Files\Intel\AMT\atchk.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_32_0_0_114_ActiveX.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [atchk] => C:\Program Files\Intel\AMT\atchk.exe [401408 2009-12-01] (Intel Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: E - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {026bfc4a-155f-11e7-9cd1-00219b41bed2} - E:\Startme.exe
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {8f2712a7-2e96-11e4-99ec-00219b41bed2} - F:\Viewer\ppview32.exe agaxzs\auto.ppt
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {9574b6d6-23b7-11e9-8b3a-00219b41bed2} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\...\MountPoints2: {ed2524cd-4450-11e7-ada3-00219b41bed2} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Drivers32: [msacm.l3pacm] => C:\Windows\system32\l3codecp.acm [220672 2009-07-14] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [msacm.aacacm] => C:\Windows\system32\AACACM.acm [294912 2012-07-21] (fccHandler)
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\system32\lameACM.acm [756224 2012-02-28] (hxxp://www.mp3dev.org/)
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [122880 2012-07-21] (fccHandler)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-08] ( )
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\system32\ac3filter.acm [1679360 2013-04-05] ()
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw.dll [3649536 2013-03-17] (x264vfw project)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\72.0.3626.81\Installer\chrmstp.exe [2019-01-29] (Google LLC -> Google Inc.)
Startup: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2015-01-09]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 77.236.129.130 88.86.107.235
Tcpip\..\Interfaces\{F4677CA5-C69F-417E-8AFC-6816A18C768D}: [DhcpNameServer] 77.236.129.130 88.86.107.235
ManualProxies: 0hxxp://web-quick.com/wpad.dat?d237324aa363cadab7cc6569550bd09136767860
Internet Explorer:
==================
HKU\S-1-5-21-3274311375-3095276521-1623220161-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.cz/
SearchScopes: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> DefaultScope {20AB443D-4725-4468-8421-390C3683039A} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> {20AB443D-4725-4468-8421-390C3683039A} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> {A6D5F998-18F9-473B-B930-4006E4F71A7B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle America, Inc. -> Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-3274311375-3095276521-1623220161-1000 -> is enabled.
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
FireFox:
========
FF ProfilePath: C:\Users\W\AppData\Roaming\TomTom\HOME\Profiles\r3glec6n.default [2018-06-11]
FF ProfilePath: C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\g26uf1fk.default [2019-02-04]
FF user.js: detected! => C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\g26uf1fk.default\user.js [2014-04-15]
FF Homepage: Mozilla\Firefox\Profiles\g26uf1fk.default -> hxxp://www.seznam.cz/
FF Session Restore: Mozilla\Firefox\Profiles\g26uf1fk.default -> is enabled.
FF Extension: (Seznam pro Firefox - Email) - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\g26uf1fk.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-12-06]
FF HKLM\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2014-12-15] [Legacy] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3274311375-3095276521-1623220161-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\W\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies ApS)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.seznam.cz/
CHR StartupUrls: Profile 1 -> "hxxp://www.volny.cz/","hxxp://www.seznam.cz/"
CHR Session Restore: Profile 1 -> is enabled.
CHR Profile: C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-02-03]
CHR Extension: (Prezentace) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-19]
CHR Extension: (Dokumenty) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-19]
CHR Extension: (Disk Google) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-19]
CHR Extension: (YouTube) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-19]
CHR Extension: (Tabulky) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-19]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-10-19]
CHR Extension: (QR Code Generator) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gcmhlmapohffdglflokbgknlknnmogbb [2018-10-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-19]
CHR Extension: (Chrome Remote Desktop) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2018-10-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-19]
CHR Extension: (Gmail) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-19]
CHR Extension: (Chrome Media Router) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-02]
CHR Profile: C:\Users\W\AppData\Local\Google\Chrome\User Data\System Profile [2018-10-19]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 atchksrv; C:\Program Files\Intel\AMT\atchksrv.exe [176128 2009-12-01] (Intel Corporation) [File not signed]
R2 chromoting; C:\Program Files\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe [73048 2018-10-18] (Google Inc -> Google Inc.)
R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
R2 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [153600 2017-04-24] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [121856 2017-04-24] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [File not signed]
R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [247712 2012-07-25] (Hewlett-Packard Company -> HP)
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [100232 2012-11-08] (Hewlett-Packard Company -> HP)
R2 HPSLPSVC; C:\Users\W\AppData\Local\Temp\7zS17B2\hpslpsvc32.dll [701288 2013-07-19] (Hewlett Packard -> Hewlett-Packard Co.) <==== ATTENTION
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [154432 2018-12-12] (Huawei Technologies Co., Ltd. -> )
R2 LMS; C:\Program Files\Intel\AMT\LMS.exe [102400 2009-12-01] (Intel) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation -> Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [45568 2013-05-16] (Hewlett-Packard) [File not signed]
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation -> Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [55808 2013-05-16] (Hewlett-Packard) [File not signed]
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH -> TeamViewer GmbH)
R2 UNS; C:\Program Files\Intel\AMT\UNS.exe [2519040 2009-12-01] (Intel) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WorkshopDBService; C:\Program Files\Vivid WorkshopData ATI\WorkshopDBServer.exe [114688 2017-06-14] (Acresso) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ADIHdAudAddService; C:\Windows\System32\drivers\ADIHdAud.sys [382976 2010-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.)
S3 adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [422976 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [297552 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [146512 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [70720 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 aliide; C:\Windows\system32\drivers\aliide.sys [14400 2009-07-14] (Microsoft Windows -> Acer Laboratories Inc.)
S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [80256 2014-04-15] (Microsoft Windows -> Advanced Micro Devices)
S3 amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [159312 2009-07-14] (Microsoft Windows -> AMD Technologies Inc.)
R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [22400 2014-04-15] (Microsoft Windows -> Advanced Micro Devices)
S3 arc; C:\Windows\system32\DRIVERS\arc.sys [76368 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [86608 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbdx.sys [430080 2009-07-13] (Microsoft Windows -> Broadcom Corporation)
S3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-13] (Microsoft Windows -> Broadcom Corporation)
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [13568 2009-07-13] (Microsoft Windows -> Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [5248 2009-07-13] (Microsoft Windows -> Brother Industries, Ltd.)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-14] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-13] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-13] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-13] (Microsoft Windows -> Brother Industries Ltd.)
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [15952 2009-07-14] (Microsoft Windows -> CMD Technology, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-08-28] (Disc Soft Ltd -> Disc Soft Ltd)
R3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [232312 2012-10-29] (Intel Corporation -> Intel Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbdx.sys [3100160 2009-07-13] (Microsoft Windows -> Broadcom Corporation)
S3 elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [453712 2009-07-14] (Microsoft Windows -> Emulex)
R3 GMLXDFltr01; C:\Windows\System32\drivers\GMLXDFltr01.sys [17696 2016-05-27] (Microsoft Windows Hardware Compatibility Publisher -> LXD Development, Inc.)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [26624 2009-07-13] (Microsoft Windows -> Hauppauge Computer Works, Inc.)
R3 HECI; C:\Windows\System32\DRIVERS\HECI.sys [45184 2009-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 HP1210FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [13824 2012-11-08] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [67152 2009-07-14] (Microsoft Windows -> Hewlett-Packard Company)
S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [332160 2014-04-15] (Microsoft Windows -> Intel Corporation)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [4808192 2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [41040 2009-07-14] (Microsoft Windows -> Intel Corp./ICP vortex GmbH)
S3 LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [95824 2009-07-14] (Microsoft Windows -> LSI Corporation)
S3 LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [89168 2009-07-14] (Microsoft Windows -> LSI Corporation)
S3 LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [54864 2009-07-14] (Microsoft Windows -> LSI Corporation)
S3 LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [96848 2009-07-14] (Microsoft Windows -> LSI Corporation)
S3 megasas; C:\Windows\system32\DRIVERS\megasas.sys [30800 2009-07-14] (Microsoft Windows -> LSI Corporation)
S3 MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [235584 2009-07-14] (Microsoft Windows -> LSI Corporation, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation -> Microsoft Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [16896 2012-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Microsoft Windows -> Ralink Technology Corp.)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [21638 2008-08-22] () [File not signed]
S3 nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [44624 2009-07-14] (Microsoft Windows -> IBM Corporation)
S3 nmwcd; C:\Windows\System32\drivers\ccdcmb.sys [18176 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbo.sys [23168 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [137600 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [117120 2014-04-15] (Microsoft Windows -> NVIDIA Corporation)
S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [143744 2014-04-15] (Microsoft Windows -> NVIDIA Corporation)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfd.sys [19072 2012-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [1383488 2009-07-14] (Microsoft Windows -> QLogic Corporation)
S3 ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [106064 2009-07-14] (Microsoft Windows -> QLogic Corporation)
R2 secdrv; C:\Windows\system32\Drivers\secdrv.sys [20480 2009-07-13] (Microsoft Windows -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [77888 2009-07-14] (Microsoft Windows -> Silicon Integrated Systems)
S3 stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [21072 2009-07-14] (Microsoft Windows -> Promise Technology)
R3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2014-06-06] (Microsoft Windows Hardware Compatibility Publisher -> TeamViewer GmbH)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [141904 2009-07-14] (Microsoft Windows -> VIA Technologies Inc.,Ltd)
S3 eapihdrv; \??\C:\Users\W\AppData\Local\Temp\ehdrv.sys [X] <==== ATTENTION
S1 efhdshit; \??\C:\Windows\system32\drivers\efhdshit.sys [X]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S1 qjfgucbk; \??\C:\Windows\system32\drivers\qjfgucbk.sys [X]
S1 sauugxsj; \??\C:\Windows\system32\drivers\sauugxsj.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-04 11:18 - 2019-02-04 11:19 - 000027234 _____ C:\Users\W\Desktop\FRST.txt
2019-02-04 11:18 - 2019-02-04 11:18 - 001790976 _____ (Farbar) C:\Users\W\Desktop\FRST.exe
2019-02-04 11:16 - 2019-02-04 11:18 - 000000000 ____D C:\FRST
2019-02-04 11:16 - 2019-02-04 11:16 - 001790976 _____ (Farbar) C:\Users\W\Downloads\FRST.exe
2019-02-04 09:36 - 2019-02-04 09:36 - 000000000 ____D C:\Users\W\Desktop\product key viewer
2019-01-31 09:37 - 2019-01-31 09:37 - 000000953 _____ C:\Users\Public\Desktop\HiSuite.lnk
2019-01-31 09:37 - 2019-01-31 09:37 - 000000000 ____D C:\Users\W\Documents\HiSuite
2019-01-31 09:37 - 2019-01-31 09:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2019-01-31 09:36 - 2019-01-31 09:37 - 000000000 ____D C:\Program Files\HiSuite
2019-01-31 09:36 - 2018-12-12 11:32 - 001837296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFUpdate_01009.dll
2019-01-31 09:36 - 2018-12-12 11:32 - 001461992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01009.dll
2019-01-31 09:36 - 2018-12-12 11:32 - 000851176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusbcoinstaller2.dll
2019-01-31 09:36 - 2018-12-12 11:32 - 000249856 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbnet.sys
2019-01-31 09:36 - 2018-12-12 11:32 - 000199680 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys
2019-01-31 09:36 - 2018-12-12 11:32 - 000113792 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_cdcacm.sys
2019-01-31 09:36 - 2018-12-12 11:32 - 000102272 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys
2019-01-31 09:36 - 2018-12-12 11:32 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2019-01-31 09:36 - 2018-12-12 11:32 - 000015360 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbccgpfilter.sys
2019-01-31 09:35 - 2019-01-31 09:38 - 000000000 ____D C:\Users\W\AppData\Local\HiSuite
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-04 11:05 - 2014-09-02 10:34 - 000000000 ____D C:\Users\W\Documents\Soubory aplikace Outlook
2019-02-04 10:00 - 2014-04-14 11:18 - 001611044 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-04 10:00 - 2009-07-14 09:44 - 000677214 _____ C:\Windows\system32\perfh005.dat
2019-02-04 10:00 - 2009-07-14 09:44 - 000146112 _____ C:\Windows\system32\perfc005.dat
2019-02-04 10:00 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2019-02-04 08:46 - 2009-07-14 05:34 - 000014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-04 08:46 - 2009-07-14 05:34 - 000014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-04 08:38 - 2017-06-14 16:19 - 000000000 ____D C:\ProgramData\organiser
2019-02-04 08:38 - 2014-06-25 12:33 - 000000000 ____D C:\Program Files\TeamViewer
2019-02-04 08:38 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-02 14:18 - 2015-04-22 11:52 - 000000000 ____D C:\Users\W\Desktop\inz
2019-02-02 12:38 - 2015-03-19 16:06 - 000000000 ____D C:\Users\W\Documents\já
2019-01-31 10:03 - 2014-04-14 12:43 - 000000000 ____D C:\Users\W\AppData\Roaming\vlc
2019-01-29 23:50 - 2014-04-14 12:46 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-29 23:50 - 2014-04-14 12:46 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-01-29 13:21 - 2018-12-27 12:42 - 000987136 ___SH C:\Users\W\Documents\Thumbs.db
2019-01-23 10:22 - 2015-10-16 11:31 - 000000000 ____D C:\Users\W\Documents\_pojistky
2019-01-18 11:33 - 2015-04-13 16:42 - 000000000 ____D C:\Users\W\Documents\_PGS
2019-01-09 08:31 - 2014-04-14 13:00 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2019-01-09 08:31 - 2014-04-14 13:00 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-01-09 08:31 - 2014-04-14 13:00 - 000000000 ____D C:\Windows\system32\Macromed
2019-01-09 08:00 - 2017-11-20 19:57 - 000000000 ____D C:\Program Files\CCleaner
==================== Files in the root of some directories =======
2014-10-06 14:25 - 2006-11-01 11:05 - 000154424 _____ () C:\Users\W\Volumeid.exe
2014-05-30 08:17 - 2014-05-30 08:17 - 000000089 _____ () C:\Users\W\AppData\Local\fusioncache.dat
2014-05-07 17:16 - 2015-05-22 15:45 - 000013030 _____ () C:\Users\W\AppData\Local\PDOXUSRS.NET
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2019-02-02 00:39
==================== End of FRST.txt ============================