samovolně vyskakující reklamy, stránky, nelze obnovit systém

Zpráva

DaJo · #1 Příspěvek od **DaJo** » 07 črc 2015 18:47

Dobrý den,

prosím o pomoc, po instalaci programu Bluestack, umožňující práci s programy pro Android na PC, se mi s největší pravděpodobností zaviroval počítač. Při každém otevření jakékoli stránky naběhnou reklamy, popř. další nechtěné stránky, stejný problém se děje i při jakémkoli pohybu na stránkách. Díky infekci nelze ani obnovit systém.

Předem moc děkuji za ochotu pomoci..

Dáša

Přikládám log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by djourova (administrator) on NBDJOUROVA on 07-07-2015 19:36:23
Running from C:\Users\djourova\Desktop
Loaded Profiles: djourova (Available Profiles: djourova & dagmar)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Authentec Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
() C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\knseFBE5.tmpfs
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(O2Micro International) C:\Windows\System32\o2flash.exe
() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
(Komprofi) C:\Program Files\PSDTray\PSDTrayMain.exe
(Komprofi) C:\Program Files\PSDTray\PSDTrayManager.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
() C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\hnsu2905.tmp
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
() C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\jnsk1371.tmp
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Komprofi) C:\Program Files\PSDTray\PSDTray.exe
(InstallMonetizer) C:\Program Files (x86)\Shop and Save Up\828ec04d-858f-435b-ad55-56616f7933ec-6.exe
(InstallMonetizer) C:\Program Files (x86)\Shop and Save Up\828ec04d-858f-435b-ad55-56616f7933ec-1-6.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
() C:\Windows\System32\cpuminer-gw64.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [698712 2013-02-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-16] (IDT, Inc.)
HKLM\...\Run: [TdmNotify] => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [371176 2012-12-22] (Wave Systems Corp.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4791024 2013-04-19] (Intel(R) Corporation)
HKLM\...\Run: [PSDTray] => C:\Program Files\PSDTray\PSDTray.exe [415744 2014-04-01] (Komprofi)
HKLM\...\Run: [cpuminer] => C:\Windows\system32\cpuminer-gw64.exe [4255416 2015-06-30] ()
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-11-13] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [462974 2011-12-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Check Point Endpoint Security] => C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe [801968 2011-09-14] (Check Point Software Technologies)
HKLM-x32\...\Run: [WMUAgent.exe] => C:\Program Files (x86)\WakeMeUp\WMUAgent.exe
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [gmsd_re_004010007] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-04] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (Authentec Inc.)
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [SoftonicAssistant] => C:\Users\djourova\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe [1835976 2015-03-25] ()
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [**asova**<*>] => [X] <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [cz.seznam.software.autoupdate] => "C:\Users\djourova\AppData\Roaming\Seznam.cz\szninstall.exe" -c
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [cz.seznam.software.szndesktop] => "C:\Users\djourova\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [WMUTray.exe] => C:\Program Files (x86)\WakeMeUp\WMUTray.exe
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [GoogleChromeAutoLaunch_37FC9444FDBBCB8836F89C2EF15C0FFE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.)
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\MountPoints2: {31a8c31b-fbb8-11e3-8116-c4d987a73f0e} - D:\VW100_Modem_Installation.exe
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-12-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\djourova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenVPN GUI.lnk [2014-06-02]
ShortcutTarget: OpenVPN GUI.lnk -> C:\Program Files\OpenVPN\bin\openvpn-gui.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-04] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2012-12-22] (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2012-12-22] (Wave Systems Corp.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.fastosearch.info/?l=1& ... Z&unqvl=55
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {09A42A57-18DF-4506-82D2-C1593809E1EC} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {116C6B29-6278-4CD9-8C8B-AF8DE3C09872} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {4E0ECA01-4641-4260-9352-3C9FBA1A80A8} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {59811090-18C8-4757-9F73-9ABA98A9E59C} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {65CA9C39-F969-42F5-8B1A-A071F10E703E} URL = http://search.creativetoolbars.com/resu ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {67DBC930-D14D-4B82-BCED-485F7B69F8E9} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {AAE443FD-D956-426C-89D1-7FE050A9F990} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {B32CBD43-F263-41E7-85B9-6862AE3FCDC4} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {DDEF7010-99F3-4E66-AA7E-36F2B1399A71} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {E524CB40-4E6B-469D-ABBB-795333A27B4D} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {E68F4E10-CC7D-4F7D-99A0-FFD9E3B8B753} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {FE868A59-944C-496B-BBE1-DB2FCF0AB1DF} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
BHO: Shopping App by Ask -> {4F524A2D-5354-2D53-5045-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Passport_x64.dll" No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-04] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Shopping App by Ask -> {4F524A2D-5354-2D53-5045-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Passport.dll" No File
BHO-x32: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files (x86)\MiuiTab\SupTab.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-04] (Avast Software s.r.o.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - Shopping App by Ask - {4F524A2D-5354-2D53-5045-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Passport_x64.dll" No File
Toolbar: HKLM-x32 - Shopping App by Ask - {4F524A2D-5354-2D53-5045-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Passport.dll" No File
DPF: HKLM-x32 {F8C6BC40-4D18-4B7C-B7D4-B21D9D27FB32} https://psdz.lpp.com.pl:8443/lpp/authority/PSDZX.ocx
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{2599484F-137B-483F-B030-2385E5A137BC}: [DhcpNameServer] 10.20.34.1
Tcpip\..\Interfaces\{7C426A94-D66C-442B-B5F8-A0072BC17AD5}: [DhcpNameServer] 10.0.1.1
Tcpip\..\Interfaces\{C06E16EF-4C51-4A7A-AEE7-9E44166037F3}: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{F68814A5-7D49-4B97-8762-8939D9586E95}: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... XXW3739JJA

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-11-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-11-13] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-04-30] (pdfforge GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-12-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-04]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-04]
CHR Extension: (Shop and Save Up) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\ablgnpngfaaficpckehadaljnjgjkhbi [2015-07-05]
CHR Extension: (Google Docs) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-04]
CHR Extension: (Google Drive) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-04]
CHR Extension: (YouTube) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-04]
CHR Extension: (Google Search) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-04]
CHR Extension: (Google Sheets) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-04]
CHR Extension: (Google Wallet) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-27]
CHR Extension: (Gmail) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-04]
CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2015-05-26]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2015-05-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-04]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-04] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-07-04] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-07-04] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [226824 2012-12-13] ()
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-05-11] (Foxit Software Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S3 InvProtectSvc; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2947856 2013-07-30] (Invincea, Inc.)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-11-13] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-04-19] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 O2FLASH; C:\Windows\system32\o2flash.exe [244328 2011-11-16] (O2Micro International)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
R2 PbaDrvSvc_x64; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [20480 2012-11-23] () [File not signed]
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PSDTrayMain; C:\Program Files\PSDTray\PSDTrayMain.exe [56320 2014-04-01] (Komprofi) [File not signed]
R2 PSDTrayManager; C:\Program Files\PSDTray\PSDTrayManager.exe [20480 2014-04-01] (Komprofi) [File not signed]
S3 SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [124616 2013-07-30] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2013-11-22] (SoftThinks SAS)
S2 tcsd_win32.exe; C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe [1643520 2012-05-11] () [File not signed]
R2 TracSrvWrapper; C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [4512952 2011-09-14] (Check Point Software Technologies)
R2 vicoqudu; C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\hnsu2905.tmp [165376 2015-07-04] () [File not signed]
R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1758720 2012-11-19] (Wave Systems Corp.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-04-27] (Microsoft Corporation)
S2 WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [254384 2012-11-08] (Wave Systems Corp.)
R2 zejytose; C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\jnsk1371.tmp [199168 2015-07-04] () [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3388144 2013-04-19] (Intel® Corporation)
R2 fuwypiwe; C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\knseFBE5.tmpfs [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-04] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-07-04] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-04] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-07-04] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-04] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-04] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-04] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-04] (Avast Software s.r.o.)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2015-07-04] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-04] ()
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [131968 2012-10-30] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1342848 2012-12-03] (Motorola Solutions, Inc.)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [39016 2012-09-23] (Dell Inc.)
S3 InvProtectDrv; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [34824 2013-07-30] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-11-13] (Intel Corporation)
S3 SboxDrv; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [202248 2013-07-30] ()
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [68208 2012-05-21] (STMicroelectronics)
S3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [48024 2013-01-29] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-04] (Avast Software)
R3 vna_ap; C:\Windows\System32\DRIVERS\vnaap.sys [161256 2011-09-14] (Check Point Software Technologies)
R1 vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [448168 2011-09-12] (Check Point Software Technologies Ltd.)
S3 XHCIPort; C:\Windows\System32\DRIVERS\XHCIPort.sys [194456 2013-01-29] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

#2 Příspěvek od **Rudy** » 07 črc 2015 19:30

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

DaJo · #3 Příspěvek od **DaJo** » 07 črc 2015 20:18

Pěkný večer, děkuji moc, že se mi věnujete

Zatím se zdá, že reklamy už nevyskakují, zkoušela jsem chvíli brouzdat a vše v pořádku. Systém jsem obnovit ještě ale nezkusila.

Přikládám log z Cleaneru:

# AdwCleaner v4.207 - Log vytvořen 07/07/2015 v 21:12:02
# Aktualizováno 21/06/2015 by Xplode
# Databáze : 2015-07-05.2 [Server]
# Operační system : Windows 7 Professional Service Pack 1 (x64)
# Uživatelské jméno : djourova - NBDJOUROVA
# Spuštěno z : C:\Users\djourova\Desktop\adwcleaner_4.207.exe
# Nastavení : Čištění

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\apn
Složka Smazáno : C:\ProgramData\AskPartnerNetwork
Složka Smazáno : C:\ProgramData\SNT
Složka Smazáno : C:\ProgramData\WindowsMangerProtect
Složka Smazáno : C:\ProgramData\IHProtectUpDate
Složka Smazáno : C:\ProgramData\BrilliantInstaller
Složka Smazáno : C:\ProgramData\save on
Složka Smazáno : C:\ProgramData\YoutubeAdblocker
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
Složka Smazáno : C:\Program Files (x86)\AskPartnerNetwork
Složka Smazáno : C:\Program Files (x86)\globalUpdate
Složka Smazáno : C:\Program Files (x86)\predm
Složka Smazáno : C:\Program Files (x86)\SNT
Složka Smazáno : C:\Program Files (x86)\GUPlayer
Složka Smazáno : C:\Program Files (x86)\Shop and Save Up
Složka Smazáno : C:\Program Files (x86)\save on
Složka Smazáno : C:\Program Files (x86)\YoutubeAdblocker
Složka Smazáno : C:\Program Files (x86)\MediaPlayerVid2.4
Složka Smazáno : C:\Program Files (x86)\gmsd_re_002020020
Složka Smazáno : C:\Users\djourova\AppData\Local\Temp\apn
Složka Smazáno : C:\Users\djourova\AppData\Local\Temp\mt_ffx
Složka Smazáno : C:\Users\Administrator\AppData\Local\Chromatic Browser
Složka Smazáno : C:\Users\Administrator\AppData\Local\torch
Složka Smazáno : C:\Users\Administrator\AppData\Local\Crossbrowse
Složka Smazáno : C:\Users\dagmar\AppData\Local\Chromatic Browser
Složka Smazáno : C:\Users\dagmar\AppData\Local\torch
Složka Smazáno : C:\Users\dagmar\AppData\Local\Crossbrowse
Složka Smazáno : C:\Users\djourova\AppData\Local\AskPartnerNetwork
Složka Smazáno : C:\Users\djourova\AppData\Local\globalUpdate
Složka Smazáno : C:\Users\djourova\AppData\Local\SoftonicAssistant
Složka Smazáno : C:\Users\djourova\AppData\Local\gmsd_re_002020020
Složka Smazáno : C:\Users\djourova\AppData\LocalLow\HPAppData
Složka Smazáno : C:\Users\djourova\AppData\Roaming\AnyProtectEx
Složka Smazáno : C:\Users\djourova\AppData\Roaming\ASP
Složka Smazáno : C:\Users\djourova\AppData\Roaming\OpenCandy
Složka Smazáno : C:\Users\djourova\AppData\Roaming\pdfforge
Složka Smazáno : C:\Users\djourova\AppData\Roaming\Systweak
Složka Smazáno : C:\Users\djourova\AppData\Roaming\cpuminer
Složka Smazáno : C:\Users\Guest\AppData\Local\Chromatic Browser
Složka Smazáno : C:\Users\Guest\AppData\Local\torch
Složka Smazáno : C:\Users\Guest\AppData\Local\Crossbrowse
Složka Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\ablgnpngfaaficpckehadaljnjgjkhbi
Složka Smazáno : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadhnfmfibhpillahcnbdafmjacokgac
Složka Smazáno : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadhnfmfibhpillahcnbdafmjacokgac
Složka Smazáno : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadhnfmfibhpillahcnbdafmjacokgac
Složka Smazáno : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp
Složka Smazáno : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp
Složka Smazáno : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp
Složka Smazáno : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaahmmecfijeglheffakiigfjhfaabbk
Složka Smazáno : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaahmmecfijeglheffakiigfjhfaabbk
Složka Smazáno : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaahmmecfijeglheffakiigfjhfaabbk
Složka Smazáno : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgibdgfcolobfihhimbcneekenebnknm
Složka Smazáno : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgibdgfcolobfihhimbcneekenebnknm
Složka Smazáno : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgibdgfcolobfihhimbcneekenebnknm
Složka Smazáno : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\memnfmjndahheikfmbcepadhbflhmelc
Složka Smazáno : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\memnfmjndahheikfmbcepadhbflhmelc
Složka Smazáno : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\memnfmjndahheikfmbcepadhbflhmelc
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadhnfmfibhpillahcnbdafmjacokgac
[/!\] Ne Smazáno ( Junction ) : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadhnfmfibhpillahcnbdafmjacokgac
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadhnfmfibhpillahcnbdafmjacokgac
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp
[/!\] Ne Smazáno ( Junction ) : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaahmmecfijeglheffakiigfjhfaabbk
[/!\] Ne Smazáno ( Junction ) : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaahmmecfijeglheffakiigfjhfaabbk
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaahmmecfijeglheffakiigfjhfaabbk
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgibdgfcolobfihhimbcneekenebnknm
[/!\] Ne Smazáno ( Junction ) : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgibdgfcolobfihhimbcneekenebnknm
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgibdgfcolobfihhimbcneekenebnknm
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\memnfmjndahheikfmbcepadhbflhmelc
[/!\] Ne Smazáno ( Junction ) : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\memnfmjndahheikfmbcepadhbflhmelc
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\memnfmjndahheikfmbcepadhbflhmelc
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadhnfmfibhpillahcnbdafmjacokgac
[/!\] Ne Smazáno ( Junction ) : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadhnfmfibhpillahcnbdafmjacokgac
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadhnfmfibhpillahcnbdafmjacokgac
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp
[/!\] Ne Smazáno ( Junction ) : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaahmmecfijeglheffakiigfjhfaabbk
[/!\] Ne Smazáno ( Junction ) : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaahmmecfijeglheffakiigfjhfaabbk
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaahmmecfijeglheffakiigfjhfaabbk
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgibdgfcolobfihhimbcneekenebnknm
[/!\] Ne Smazáno ( Junction ) : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgibdgfcolobfihhimbcneekenebnknm
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgibdgfcolobfihhimbcneekenebnknm
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\memnfmjndahheikfmbcepadhbflhmelc
[/!\] Ne Smazáno ( Junction ) : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\memnfmjndahheikfmbcepadhbflhmelc
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\memnfmjndahheikfmbcepadhbflhmelc
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0.localstorage
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0.localstorage-journal
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jecgbfoconhopjngaaijjgffhokohlac
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ablgnpngfaaficpckehadaljnjgjkhbi_0.localstorage
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ablgnpngfaaficpckehadaljnjgjkhbi_0.localstorage-journal
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ablgnpngfaaficpckehadaljnjgjkhbi_0
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ablgnpngfaaficpckehadaljnjgjkhbi
Soubor Smazáno : C:\Windows\System32\roboot64.exe
Soubor Smazáno : C:\Windows\System32\cpuminer-conf.json
Soubor Smazáno : C:\Windows\System32\cpuminer-gw64.exe
Soubor Smazáno : C:\Users\djourova\AppData\Roaming\BYAIAMUF
Soubor Smazáno : C:\Users\djourova\Desktop\Live PC Help.lnk
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_internetspeedtracker.dl.tb.ask.com_0.localstorage
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_internetspeedtracker.dl.tb.ask.com_0.localstorage-journal
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.search.ask.com_0.localstorage
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.search.ask.com_0.localstorage-journal

***** [ Naplánované úlohy ] *****

Úloha Smazáno : APSnotifierPP1
Úloha Smazáno : APSnotifierPP2
Úloha Smazáno : APSnotifierPP3
Úloha Smazáno : LaunchPreSignup
Úloha Smazáno : 828ec04d-858f-435b-ad55-56616f7933ec-1-6
Úloha Smazáno : 828ec04d-858f-435b-ad55-56616f7933ec-1-7
Úloha Smazáno : 828ec04d-858f-435b-ad55-56616f7933ec-3
Úloha Smazáno : 828ec04d-858f-435b-ad55-56616f7933ec-5
Úloha Smazáno : 828ec04d-858f-435b-ad55-56616f7933ec-5_user
Úloha Smazáno : 828ec04d-858f-435b-ad55-56616f7933ec-6
Úloha Smazáno : 828ec04d-858f-435b-ad55-56616f7933ec-7

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Klíč Smazáno : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\speedupmypc
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
Klíč Smazáno : HKLM\SOFTWARE\5e2a0629-02a3-4f6c-9a33-2a93e4c18d0b
Klíč Smazáno : HKLM\SOFTWARE\db444fda-7ad7-4bc5-af1c-c5e18f0d3f33
Klíč Smazáno : HKLM\SOFTWARE\ed6082fd-b0ac-402d-b68b-44ef0e584153
Klíč Smazáno : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-5103664119
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{4F524A2D-5354-2D53-5045-7A786E7484D7}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5354-2D53-5045-7A786E7484D7}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0CFBE80D-5608-4309-A0F5-3B1414833432}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5354-2D53-5045-7A786E7484D7}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0CFBE80D-5608-4309-A0F5-3B1414833432}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F524A2D-5354-2D53-5045-7A786E7484D7}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4F524A2D-5354-2D53-5045-7A786E7484D7}]
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{4F524A2D-5354-2D53-5045-7A786E7484D7}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5354-2D53-5045-7A786E7484D7}
Hodnota Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4F524A2D-5354-2D53-5045-7A786E7484D7}]
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Data Obnoveno : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{09A42A57-18DF-4506-82D2-C1593809E1EC}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{116C6B29-6278-4CD9-8C8B-AF8DE3C09872}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4E0ECA01-4641-4260-9352-3C9FBA1A80A8}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{59811090-18C8-4757-9F73-9ABA98A9E59C}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{65CA9C39-F969-42F5-8B1A-A071F10E703E}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67DBC930-D14D-4B82-BCED-485F7B69F8E9}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AAE443FD-D956-426C-89D1-7FE050A9F990}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B32CBD43-F263-41E7-85B9-6862AE3FCDC4}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DDEF7010-99F3-4E66-AA7E-36F2B1399A71}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E524CB40-4E6B-469D-ABBB-795333A27B4D}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E68F4E10-CC7D-4F7D-99A0-FFD9E3B8B753}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FE868A59-944C-496B-BBE1-DB2FCF0AB1DF}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\AnyProtect
Klíč Smazáno : HKCU\Software\APN PIP
Klíč Smazáno : HKCU\Software\AskPartnerNetwork
Klíč Smazáno : HKCU\Software\GlobalUpdate
Klíč Smazáno : HKCU\Software\HomeTab
Klíč Smazáno : HKCU\Software\InstalledBrowserExtensions
Klíč Smazáno : HKCU\Software\RegisteredApplicationsEx
Klíč Smazáno : HKCU\Software\simplytech
Klíč Smazáno : HKCU\Software\Softonic
Klíč Smazáno : HKCU\Software\systweak
Klíč Smazáno : HKCU\Software\Tutorials
Klíč Smazáno : HKCU\Software\TutoTag
Klíč Smazáno : HKCU\Software\WajIEnhance
Klíč Smazáno : HKCU\Software\TNT2
Klíč Smazáno : HKCU\Software\WajIntEnhance
Klíč Smazáno : HKCU\Software\SearchProtectWS
Klíč Smazáno : HKCU\Software\Crossbrowse
Klíč Smazáno : HKCU\Software\Linkey
Klíč Smazáno : HKCU\Software\YorkNewCin
Klíč Smazáno : HKCU\Software\HighDefAction
Klíč Smazáno : HKCU\Software\ArenaHD
Klíč Smazáno : HKCU\Software\Shop and Save Up
Klíč Smazáno : HKCU\Software\Kromtech
Klíč Smazáno : HKCU\Software\MediaPlayerVid2.4
Klíč Smazáno : HKCU\Software\MediaPlayerVid2.4-nv
Klíč Smazáno : HKCU\Software\MediaPlayerVid2.4-nv-ie
Klíč Smazáno : HKCU\Software\Shop and Save Up-nv
Klíč Smazáno : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Crossrider
Klíč Smazáno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíč Smazáno : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Klíč Smazáno : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Klíč Smazáno : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Klíč Smazáno : HKLM\SOFTWARE\AskPartnerNetwork
Klíč Smazáno : HKLM\SOFTWARE\Conduit
Klíč Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíč Smazáno : HKLM\SOFTWARE\Iminent
Klíč Smazáno : HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Smazáno : HKLM\SOFTWARE\istartsurfSoftware
Klíč Smazáno : HKLM\SOFTWARE\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\SupDp
Klíč Smazáno : HKLM\SOFTWARE\SupTab
Klíč Smazáno : HKLM\SOFTWARE\supWindowsMangerProtect
Klíč Smazáno : HKLM\SOFTWARE\systweak
Klíč Smazáno : HKLM\SOFTWARE\Tutorials
Klíč Smazáno : HKLM\SOFTWARE\Uniblue
Klíč Smazáno : HKLM\SOFTWARE\mystartsearchSoftware
Klíč Smazáno : HKLM\SOFTWARE\GAMESDESKTOP
Klíč Smazáno : HKLM\SOFTWARE\IHProtect
Klíč Smazáno : HKLM\SOFTWARE\WajIntEnhance
Klíč Smazáno : HKLM\SOFTWARE\Crossbrowse
Klíč Smazáno : HKLM\SOFTWARE\SpeedBit
Klíč Smazáno : HKLM\SOFTWARE\AIM Toolbar
Klíč Smazáno : HKLM\SOFTWARE\YorkNewCin
Klíč Smazáno : HKLM\SOFTWARE\HighDefAction
Klíč Smazáno : HKLM\SOFTWARE\ArenaHD
Klíč Smazáno : HKLM\SOFTWARE\searchult
Klíč Smazáno : HKLM\SOFTWARE\Shop and Save Up
Klíč Smazáno : HKLM\SOFTWARE\MediaPlayerVid2.4
Klíč Smazáno : HKLM\SOFTWARE\MediaPlayerVid2.4-nv
Klíč Smazáno : HKLM\SOFTWARE\MediaPlayerVid2.4-nv-ie
Klíč Smazáno : HKLM\SOFTWARE\Shop and Save Up-nv
Klíč Smazáno : HKU\.DEFAULT\Software\AskPartnerNetwork
Klíč Smazáno : HKU\.DEFAULT\Software\MediaPlayerVid2.4-nv
Klíč Smazáno : HKU\.DEFAULT\Software\MediaPlayerVid2.4-nv-ie
Klíč Smazáno : HKU\.DEFAULT\Software\Shop and Save Up-nv
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftonicAssistant
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shop and Save Up
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5354-2D53-5045-A758B70C1C01}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MediaPlayerVid2.4
Klíč Smazáno : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Klíč Smazáno : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Smazáno : [x64] HKLM\SOFTWARE\YorkNewCin
Klíč Smazáno : [x64] HKLM\SOFTWARE\HighDefAction
Klíč Smazáno : [x64] HKLM\SOFTWARE\ArenaHD
Klíč Smazáno : [x64] HKLM\SOFTWARE\Shop and Save Up-nv
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Features\93BAD29AC2E44034A96BCB446EB8552E
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840

Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v43.0.2357.130

[C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://search.creativetoolbars.com/results?src=tb&id=smartbar&g=&q={searchTerms}
[C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://websearch.fastosearch.info/?l=1&q={searchTerms}&pid=685&r=2014/06/07&hid=17813821933316187004&lg=EN&cc=CZ&unqvl=55
[C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.search.smartshopping.com/websearch1 ... Z_KW_001_X
[C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Smazáno [Homepage] : management","nativeMessaging","searchProvider","startupPages","storage","tabs","webRequest","webRequestBlocking"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"manifest_permissions":[],"scriptable_host":["*://*.ask.com/

*************************

AdwCleaner[R0].txt - [36410 bytů] - [07/07/2015 21:06:43]
AdwCleaner[S0].txt - [30772 bytů] - [07/07/2015 21:12:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [30831 bytů] ##########

#4 Příspěvek od **Rudy** » 07 črc 2015 20:27

Dejte nový log FRST.

DaJo · #5 Příspěvek od **DaJo** » 07 črc 2015 20:32

přikládám nový log z FRST :

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by djourova at 2015-07-07 21:30:29
Running from C:\Users\djourova\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3841182015-3767386443-1143244361-500 - Administrator - Disabled)
dagmar (S-1-5-21-3841182015-3767386443-1143244361-1000 - Administrator - Enabled) => C:\Users\dagmar
Guest (S-1-5-21-3841182015-3767386443-1143244361-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 15 Pepper (HKLM-x32\...\Adobe Flash Player Pepper) (Version: 15.0.0.215 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{deff5bea-aa8c-46fb-b17d-1cc69b242494}) (Version: 15.8.0 - Intel Corporation)
Avast Premier (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Collage Maker (HKLM-x32\...\{05F2884D-89AC-4DE4-A63D-7DB3FE3398DC}) (Version: 3.80 - Galleria Software)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Custom (Version: 01.00.00.002 - Wave Systems Corp.) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.0 - Dell Inc.)
Dell Client System Update (HKLM-x32\...\{04566294-A6B6-4462-9721-031073EB3694}) (Version: 1.3.0 - Dell Inc.)
Dell Custom Help (Version: 15.08.0000.0172 - Intel Corporation) Hidden
Dell Data Protection | Access (HKLM\...\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}) (Version: 2.3.00002.041 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{03A9F528-A754-460F-B2C1-AC125A147114}) (Version: 2.8.5000.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Protected Workspace (HKLM-x32\...\{E2CAA395-66B3-4772-85E3-6134DBAB244E}) (Version: 2.3.15835 - Invincea, Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.127 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.54 - Creative Technology Ltd)
DellAccess (Version: 01.03.00.058 - Wave Systems Corp.) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DJ_AIO_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
EMBASSY Client Core (Version: 01.03.00.105 - Wave Systems Corp.) Hidden
ERAS Connector (Version: 02.09.05.0335 - Wave Systems Corp) Hidden
F2100 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
F2100_Help (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.4.96.511 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.0.429 - Foxit Corporation)
Gemalto (Version: 01.64.01.0010 - Wave Systems Corp) Hidden
GemPcCCID (Version: 2.0.1 - Gemalto) Hidden
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.64.5211 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet All-In-One Driver Software 13.0 Rel. 1 (HKLM\...\{EB773820-0871-46A8-9B96-F2B04F8B34F0}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Check Point VPN (HKLM-x32\...\{db6ec6e6-fe11-4edf-ab81-ef8b6917d628}) (Version: 75.20.0000 - CheckPoint)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Network Connections 17.3.63.0 (HKLM\...\PROSetDX) (Version: 17.3.63.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3040 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{DA2600C1-6BDF-4FD1-1212-148929CC1385}) (Version: 2.6.1212.0302 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.2.0.1006 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{62E7C369-64FF-452C-8F46-6BE9B77FF097}) (Version: 4.0.18.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Lync Basic 2013 (HKLM-x32\...\Office15.LYNCENTRY) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MV2Player (remove only) (HKLM-x32\...\MV2Player) (Version: - )
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
OpenVPN 2.3.2-I003 (HKLM\...\OpenVPN) (Version: 2.3.2-I003 - )
PBA Driver (Version: 1.0.1.7 - Dell Inc.) Hidden
PC Chrono 1.1.0.6 (HKLM-x32\...\{C1C910A7-0B89-4260-8845-FE221D9285E8}_is1) (Version: - highspheres.com)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{46889070-D447-4936-A5D3-246DB972FA2E}) (Version: 2.0.6.16537 - pdfforge GmbH)
PDF Compress 2.02 (HKLM-x32\...\PDF Compress_is1) (Version: - Bureausoft Corporation)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PhotoFiltre 7 (HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\PhotoFiltre 7) (Version: - )
Picture Collage Maker Pro 4.0.0 (HKLM-x32\...\{6D308A90-6C14-4A02-9B04-CB0EF17894A9}_is1) (Version: 4.0.0 - PearlMountain Technology Co., Ltd)
Preboot Manager (Version: 03.05.00.032 - Wave Systems Corp.) Hidden
Private Information Manager (Version: 07.03.00.016 - Wave Systems Corp.) Hidden
Reduce PDF Size (HKLM-x32\...\{32BD8FD9-8990-46A0-B86B-857F11014DF6}_is1) (Version: - reducepdfsize.com)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C1D00}) (Version: 12.29.0.197 - APN, LLC) <==== ATTENTION
Seznam Software (HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\SeznamInstall) (Version: - Seznam.cz)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SI TSS (Version: 2.1.41 - Security Innovation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SPBA (WBF) 5.9 (Version: 5.9.7.7232 - Authentec Inc.) Hidden
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0036 - ST Microelectronics)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
toolkit32for64bit (x32 Version: 7.68.85.0013 - Wave Systems Corp) Hidden
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Trusted Drive Manager (Version: 5.0.1.12 - Wave Systems Corp.) Hidden
TurboFLOORPLAN Dum & Interiér & Zahrada Pro (HKLM-x32\...\InstallShield_{74F541C8-EB78-4606-8234-0955ED803787}) (Version: 12.1 - IMSIDesign)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
UnZip Me (HKLM-x32\...\UnZip Me) (Version: 1.0 - Camtech 2000)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Wave Crypto Runtime 2.0.9.0 x64 (Version: 02.00.09.0000 - Wave Systems Corp) Hidden
Wave Crypto Runtime 2.0.9.0 x86 (x32 Version: 02.00.09.0000 - Wave Systems Corp) Hidden
Wave Infrastructure Installer (Version: 07.68.85.0014 - Wave Systems Corp) Hidden
Wave Support Software Installer (Version: 05.15.00.021 - Wave Systems Corp) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinPdf Writer (HKLM\...\WinPdf Writer) (Version: - )
WinPDF Writer (HKLM-x32\...\{16E72583-459E-428C-B4E7-C2CC4538FFED}) (Version: 1.0.0 - TopByteLabs Ltd.)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
WinZip 19.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E4}) (Version: 19.0.11293 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1177238915-1935655697-839522115-3371_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\djourova\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177238915-1935655697-839522115-3371_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\djourova\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177238915-1935655697-839522115-3371_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\djourova\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177238915-1935655697-839522115-3371_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\djourova\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177238915-1935655697-839522115-3371_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\djourova\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

23-06-2015 19:11:21 Windows Update
30-06-2015 14:17:39 Windows Update
03-07-2015 17:42:12 Windows Update
03-07-2015 21:14:21 Uniblue SpeedUpMyPC installation
03-07-2015 21:22:03 Removed BlueStacks Notification Center
04-07-2015 02:43:49 Windows Defender Checkpoint
04-07-2015 03:04:46 avast! antivirus system restore point
04-07-2015 03:10:28 Instalace balíčku ovladače zařízení: Avast Síťová služba
04-07-2015 03:20:33 Removed Google Drive
04-07-2015 03:24:32 Instalace balíčku ovladače zařízení: TAP-Windows Provider V9 Síťové adaptéry
04-07-2015 10:06:37 Operace obnovení
04-07-2015 10:55:19 Removed Skype™ 6.16
06-07-2015 22:10:23 Operace obnovení
07-07-2015 21:20:21 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-05-20 11:19 - 00000897 ____A C:\Windows\system32\Drivers\etc\hosts
10.0.1.24 instores
10.0.1.71 intranet.headquarter.company.lpp.com.pl

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03EFE6E3-8D8A-4916-8A75-BA43050FD64C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-01] (Google Inc.)
Task: {0B4EAE5A-7F02-4BD4-ABF3-7954CF5031F3} - System32\Tasks\Microsoft Office 15 Sync Maintenance for CZECH-djourova nbdjourova.czech.lpp.com.pl => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
Task: {1D072CDC-6808-4F62-AF0A-CE31ACBAD1F3} - System32\Tasks\{6208229D-E29A-406F-A1DA-DC2792B86E4C} => pcalua.exe -a C:\Users\djourova\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=tugs
Task: {2A2D2CD9-F27F-4DAA-AA01-BA2E8DBC26AC} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe
Task: {5B02C32A-040E-466F-93BD-7F60A00962B7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {5C23A40A-3821-44F1-9D65-1F7D2A929126} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-01] (Google Inc.)
Task: {7692FB4A-0FA3-40E1-9587-C1C6792B4030} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-04] (Avast Software s.r.o.)
Task: {7ADC7FE5-5259-456A-8502-7D531A499853} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {7EA64C29-9818-47EB-9C15-9A64026F1EDE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {9537BBB9-EF65-4EBA-95F5-EAF14F9075F6} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {D2310483-FCE5-4ACE-BA2B-2CCFE2302ED3} - System32\Tasks\WSCEAA => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\RemoteManagement\WSCEAA.exe [2012-11-28] (Wave Systems Corp.)
Task: {EB45A24F-4577-457B-8094-57EF2E7A795C} - System32\Tasks\{CA08D9E3-249D-46D5-8894-786D74E4E8FA} => pcalua.exe -a C:\Users\djourova\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=cmi
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-06-02 12:01 - 2006-11-30 16:41 - 00087040 _____ () C:\Windows\System32\custmon64.dll
2012-12-13 13:11 - 2012-12-13 13:11 - 00226824 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
2012-12-13 13:11 - 2012-12-13 13:11 - 00039432 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\DeviceStatus.dll
2015-07-04 02:01 - 2015-07-07 21:25 - 00141824 _____ () C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\knseFBE5.tmpfs
2012-11-23 23:34 - 2012-11-23 23:34 - 00020480 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
2014-04-27 03:51 - 2013-08-19 16:21 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2014-04-27 03:51 - 2013-08-19 16:21 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2015-07-04 02:44 - 2015-07-04 02:44 - 00165376 _____ () C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\hnsu2905.tmp
2015-07-04 02:43 - 2015-07-04 02:43 - 00199168 _____ () C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\jnsk1371.tmp
2014-04-27 04:45 - 2013-02-23 01:43 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-08-22 15:25 - 2013-08-22 15:25 - 00411960 _____ () C:\Program Files\OpenVPN\bin\openvpn-gui.exe
2014-04-27 03:51 - 2013-11-22 00:22 - 00484880 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2015-07-04 03:07 - 2015-07-04 03:07 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-04 03:07 - 2015-07-04 03:07 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-07 19:28 - 2015-07-07 19:28 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15070701\algo.dll
2011-09-14 23:11 - 2011-09-14 23:11 - 04993024 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Connect\QtGui4.dll
2011-09-14 23:11 - 2011-09-14 23:11 - 01302528 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Connect\QtCore4.dll
2011-09-14 23:11 - 2011-09-14 23:11 - 00028672 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Connect\imageformats\qgif4.dll
2015-07-04 03:08 - 2015-07-04 03:08 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-06-23 00:18 - 2015-06-20 07:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-23 00:18 - 2015-06-20 07:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll
2014-10-17 03:35 - 2014-10-17 03:35 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\2dace9622c68c6ce58d55a6950eeaa95\IsdiInterop.ni.dll
2014-04-27 03:31 - 2012-05-30 20:55 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-04-27 03:26 - 2013-11-13 23:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-06-23 00:18 - 2015-06-20 07:46 - 15003976 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll
2014-04-27 03:51 - 2013-11-21 22:00 - 01904928 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2014-04-27 03:51 - 2012-11-26 05:20 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2014-04-27 03:51 - 2012-11-26 05:20 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3229
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3280
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3381
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\djourova\Downloads\nova_zprava_od_nikyb.2007.eml:OECustomProperty

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\lpp.com.pl -> hxxps://psdz.lpp.com.pl
IE trusted site: HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\lpp.com.pl -> hxxps://psdz.lpp.com.pl
IE trusted site: HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\sharepoint -> hxxp://sharepoint

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Control Panel\Desktop\\Wallpaper -> C:\Users\djourova\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.255.255.10 - 10.255.255.20

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{777B89C4-D263-4CE8-B48D-23479C9B6472}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{C7252F88-1F9E-4E28-9AEF-1C08EEB63849}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{FFD6B7DF-04AE-4EAC-A24B-91C5860633FB}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{226011F1-99CE-4EBF-BDE5-DA8362783111}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{A1A0A973-B514-4374-A813-1A5F2FD0D698}] => (Allow) C:\Users\djourova\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{82F4BEAD-65C9-42B4-92EB-C8A21B835C99}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{F8FF8F8C-53DD-4328-B7B1-A18758C04D89}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{6F315E7C-1441-4462-8E33-C002DE8C67FD}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{9A05CD1B-1B8A-4D0F-BEC6-1909022E69F4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{7C225884-0CFB-4E21-891E-C7D2248F4EE2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{8B174557-193A-4C36-B1E7-CA3E892B33EB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{BB5AE393-5476-4EF7-9D78-B70A56D8C4FF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{D18291EF-BA14-48CC-863E-86D988E5FC34}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{EE6752E9-7D42-400E-934A-C139EBBB6DF8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{EDE96066-BE72-41E6-B956-77DA56D2C505}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{B637EF2A-1169-4E9E-AD81-C055FDFC7EF2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{747B6A63-0739-434F-9CE4-0F7EA7D389C4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{5D54A0BF-C981-41D7-854F-DA00E6E41F35}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{158D15CD-5857-4C4D-BC75-CF63AAEEDB60}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{7E5855AC-B20A-44B1-B0BB-BD6A061230DA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{7F0F2019-19FD-4F6C-986C-1443FA84A5E8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{0BDBEA6B-DC47-4B27-A64F-2F4A92DF2AB4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{79CD3BC0-107E-4C3E-ABCD-D233089839F4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{688F7127-8CD2-4549-9E88-16ACCD026A96}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{A60630CF-7A1A-47B6-A308-35AEBD6DDB59}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{D7EADD81-15F5-4BB5-8F7F-62198ACD06BB}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{5F4817BE-59F9-4F29-9ADC-F8DC6F356D04}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{542EEE35-7FFC-417A-8E4A-2B9ABC8E2250}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{5160174C-FA61-4B49-A3A3-67640052EAC2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C6451895-C9A4-4172-BF5B-C9B7043B8523}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{AE33D1E6-638C-41B5-863C-5280EDFF51EF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [TCP Query User{8A5B6582-417F-4AEB-93F5-89795B50B678}C:\program files (x86)\microsoft office\office15\lync.exe] => (Block) C:\program files (x86)\microsoft office\office15\lync.exe
FirewallRules: [UDP Query User{9EC95683-86BB-4E65-A416-EA56BFC98974}C:\program files (x86)\microsoft office\office15\lync.exe] => (Block) C:\program files (x86)\microsoft office\office15\lync.exe
FirewallRules: [{4F86E610-FC8D-4224-89B4-2E70CD5AE728}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
FirewallRules: [{3F1A1F3B-CEF6-4D7E-8375-4D3E387265EA}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe
FirewallRules: [{27BDF381-0D9F-4809-832D-372656667D77}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{801C103F-70BC-4176-B7A7-4A6ACF84172B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{E8F459C4-89FF-4108-B465-8279834167AA}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (07/07/2015 09:15:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ZeroConfigService.exe, verze: 15.8.0.0, časové razítko: 0x51709701
Název chybujícího modulu: MurocApi.dll, verze: 15.8.0.0, časové razítko: 0x5170961c
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000026990
ID chybujícího procesu: 0xd98
Čas spuštění chybující aplikace: 0xZeroConfigService.exe0
Cesta k chybující aplikaci: ZeroConfigService.exe1
Cesta k chybujícímu modulu: ZeroConfigService.exe2
ID zprávy: ZeroConfigService.exe3

Error: (07/07/2015 09:15:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 07:43:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 5.7.2015.1 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 15fc

Čas spuštění: 01d0b8da1451d5cf

Čas ukončení: 5

Cesta k aplikaci: C:\Users\djourova\Desktop\FRST64.exe

ID hlášení:

Error: (07/07/2015 09:32:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 00:33:33 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Během obnovení systému došlo k nespecifikované chybě: (Windows Update). Další informace: 0x80070005.

Error: (07/07/2015 00:33:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 00:10:10 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Během obnovení systému došlo k nespecifikované chybě: (Windows Update). Další informace: 0x80070005.

Error: (07/07/2015 00:10:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 00:06:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Uninstall.exe_unknown, verze: 0.0.0.0, časové razítko: 0x55968858
Název chybujícího modulu: Uninstall.exe, verze: 0.0.0.0, časové razítko: 0x55968858
Kód výjimky: 0xc0000005
Posun chyby: 0x00003d76
ID chybujícího procesu: 0x1a58
Čas spuštění chybující aplikace: 0xUninstall.exe_unknown0
Cesta k chybující aplikaci: Uninstall.exe_unknown1
Cesta k chybujícímu modulu: Uninstall.exe_unknown2
ID zprávy: Uninstall.exe_unknown3

Error: (07/07/2015 00:05:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Uninstall.exe_unknown, verze: 0.0.0.0, časové razítko: 0x55968858
Název chybujícího modulu: Uninstall.exe, verze: 0.0.0.0, časové razítko: 0x55968858
Kód výjimky: 0xc0000005
Posun chyby: 0x00003d76
ID chybujícího procesu: 0xbc
Čas spuštění chybující aplikace: 0xUninstall.exe_unknown0
Cesta k chybující aplikaci: Uninstall.exe_unknown1
Cesta k chybujícímu modulu: Uninstall.exe_unknown2
ID zprávy: Uninstall.exe_unknown3

System errors:
=============
Error: (07/07/2015 09:17:41 PM) (Source: TermService) (EventID: 1067) (User: )
Description: Terminálový server nemohl pro používání k ověření serveru zaregistrovat hlavní název služby TERMSRV. Došlo k následující chybě: Zadaná doména neexistuje nebo není k dispozici.
.

Error: (07/07/2015 09:15:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Zero Configuration Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/07/2015 09:14:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (07/07/2015 09:14:52 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: CZECH)
Description: Zpracování zásad skupiny selhalo v důsledku toho, že se nebylo v síti možné připojit k řadiči domény. Může se jednat o přechodný stav. Po připojení počítače k řadiči domény a úspěšném zpracování zásad skupiny bude odeslána zpráva o úspěšné provedení těchto akcí. Pokud se tato zpráva nezobrazí během několika hodin, obraťte se na správce.

Error: (07/07/2015 09:14:45 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1055) (User: NT AUTHORITY)
Description: Zpracování zásad skupiny selhalo. Systém Windows nerozpoznal název počítače. Může to být způsobeno jedním nebo více z následujících důvodů:
a) Selhal překlad IP adres v aktuálním řadiči domény.
b) Čekací doba replikace služby Active Directory (účet vytvořený na jiném řadiči domény nebyl replikován na aktuální řadič domény).

Error: (07/07/2015 09:14:42 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Tento počítač nemohl nastavit zabezpečenou relaci s řadičem
domény v doméně CZECH z následujícího důvodu:
%%1311

To může vést k potížím při ověřování. Přesvědčte se, zda je tento
počítač připojen k síti. Pokud potíže trvají,
obraťte se na správce domény.

DALŠÍ INFORMACE

Pokud je tento počítač řadičem domény pro určenou doménu,
nastaví zabezpečenou relaci s emulátorem primárního řadiče domény v určené
doméně. V opačném případě tento počítač nastaví zabezpečenou relaci s libovolným řadičem domény
v určené doméně.

Error: (07/07/2015 09:14:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba WvPCR závisí na službě Služba TPM Base Services, která neuspěla při spuštění v důsledku následující chyby:
%%0

Error: (07/07/2015 09:14:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba SI TSS v1.2.1.41 TCS závisí na službě Služba TPM Base Services, která neuspěla při spuštění v důsledku následující chyby:
%%0

Error: (07/07/2015 09:13:00 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (07/07/2015 09:12:51 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056

Microsoft Office:
=========================
Error: (07/07/2015 09:15:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe15.8.0.051709701MurocApi.dll15.8.0.05170961cc00000050000000000026990d9801d0b8e9350daabcC:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dll8811f6d2-24dc-11e5-b6fc-c4d987a73f0e

Error: (07/07/2015 09:15:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 07:43:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe5.7.2015.115fc01d0b8da1451d5cf5C:\Users\djourova\Desktop\FRST64.exe

Error: (07/07/2015 09:32:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 00:33:33 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Windows Update0x80070005

Error: (07/07/2015 00:33:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 00:10:10 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Windows Update0x80070005

Error: (07/07/2015 00:10:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 00:06:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Uninstall.exe_unknown0.0.0.055968858Uninstall.exe0.0.0.055968858c000000500003d761a5801d0b83806c6f4afC:\Program Files (x86)\Shop and Save Up\Uninstall.exeC:\Program Files (x86)\Shop and Save Up\Uninstall.exe4791792a-242b-11e5-a3bd-c4d987a73f0e

Error: (07/07/2015 00:05:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Uninstall.exe_unknown0.0.0.055968858Uninstall.exe0.0.0.055968858c000000500003d76bc01d0b837e52ea022C:\Program Files (x86)\Shop and Save Up\Uninstall.exeC:\Program Files (x86)\Shop and Save Up\Uninstall.exe272596f9-242b-11e5-a3bd-c4d987a73f0e

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
Percentage of memory in use: 54%
Total physical RAM: 4001.59 MB
Available physical RAM: 1835.2 MB
Total Virtual: 8001.39 MB
Available Virtual: 4966.6 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:453.47 GB) (Free:361.8 GB) NTFS
Drive y: (RECOVERY) (Fixed) (Total:12.25 GB) (Free:3.83 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: BD945C4E)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=12.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453.5 GB) - (Type=07 NTFS)

==================== End of log ============================

#6 Příspěvek od **Rudy** » 07 črc 2015 20:46

Ještě potřebuji druhý log (FRST). Tohle je pouze Additions.

DaJo · #7 Příspěvek od **DaJo** » 07 črc 2015 20:59

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by djourova (administrator) on NBDJOUROVA on 07-07-2015 21:58:17
Running from C:\Users\djourova\Desktop
Loaded Profiles: djourova (Available Profiles: djourova & dagmar)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Authentec Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(DTools LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(XTab system) C:\Program Files (x86)\MiuiTab\ProtectService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(O2Micro International) C:\Windows\System32\o2flash.exe
() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
(Komprofi) C:\Program Files\PSDTray\PSDTrayMain.exe
(Komprofi) C:\Program Files\PSDTray\PSDTrayManager.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Komprofi) C:\Program Files\PSDTray\PSDTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
() C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\hnsu2905.tmp
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\jnsk1371.tmp
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(SearchProtect) C:\Program Files (x86)\MiuiTab\CmdShell.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [698712 2013-02-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-16] (IDT, Inc.)
HKLM\...\Run: [TdmNotify] => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [371176 2012-12-22] (Wave Systems Corp.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4791024 2013-04-19] (Intel(R) Corporation)
HKLM\...\Run: [PSDTray] => C:\Program Files\PSDTray\PSDTray.exe [415744 2014-04-01] (Komprofi)
HKLM\...\Run: [cpuminer] => C:\Windows\system32\cpuminer-gw64.exe
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-11-13] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [462974 2011-12-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Check Point Endpoint Security] => C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe [801968 2011-09-14] (Check Point Software Technologies)
HKLM-x32\...\Run: [WMUAgent.exe] => C:\Program Files (x86)\WakeMeUp\WMUAgent.exe
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [gmsd_re_004010007] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-04] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (Authentec Inc.)
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [SoftonicAssistant] => "C:\Users\djourova\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe"
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [**asova**<*>] => [X] <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [cz.seznam.software.autoupdate] => "C:\Users\djourova\AppData\Roaming\Seznam.cz\szninstall.exe" -c
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [cz.seznam.software.szndesktop] => "C:\Users\djourova\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [WMUTray.exe] => C:\Program Files (x86)\WakeMeUp\WMUTray.exe
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [GoogleChromeAutoLaunch_37FC9444FDBBCB8836F89C2EF15C0FFE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.)
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\MountPoints2: {31a8c31b-fbb8-11e3-8116-c4d987a73f0e} - D:\VW100_Modem_Installation.exe
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-12-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\djourova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenVPN GUI.lnk [2014-06-02]
ShortcutTarget: OpenVPN GUI.lnk -> C:\Program Files\OpenVPN\bin\openvpn-gui.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-04] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2012-12-22] (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2012-12-22] (Wave Systems Corp.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-04] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files (x86)\MiuiTab\SupTab.dll [2015-06-24] (Thinknice Co. Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-04] (Avast Software s.r.o.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
DPF: HKLM-x32 {F8C6BC40-4D18-4B7C-B7D4-B21D9D27FB32} https://psdz.lpp.com.pl:8443/lpp/authority/PSDZX.ocx
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{2599484F-137B-483F-B030-2385E5A137BC}: [DhcpNameServer] 10.20.34.1
Tcpip\..\Interfaces\{7C426A94-D66C-442B-B5F8-A0072BC17AD5}: [DhcpNameServer] 10.0.1.1
Tcpip\..\Interfaces\{C06E16EF-4C51-4A7A-AEE7-9E44166037F3}: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{F68814A5-7D49-4B97-8762-8939D9586E95}: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&t ... XXW3739JJA

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-11-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-11-13] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-04-30] (pdfforge GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-12-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-04]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-04]
CHR Extension: (Google Docs) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-04]
CHR Extension: (Google Drive) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-04]
CHR Extension: (YouTube) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-04]
CHR Extension: (Google Search) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-04]
CHR Extension: (Google Sheets) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-04]
CHR Extension: (Google Wallet) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-27]
CHR Extension: (Gmail) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-04]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&t ... XXW3739JJA

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-04] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-07-04] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-07-04] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [226824 2012-12-13] ()
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-05-11] (Foxit Software Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125112 2015-06-24] (XTab system)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S3 InvProtectSvc; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2947856 2013-07-30] (Invincea, Inc.)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-11-13] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-04-19] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 O2FLASH; C:\Windows\system32\o2flash.exe [244328 2011-11-16] (O2Micro International)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
R2 PbaDrvSvc_x64; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [20480 2012-11-23] () [File not signed]
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PSDTrayMain; C:\Program Files\PSDTray\PSDTrayMain.exe [56320 2014-04-01] (Komprofi) [File not signed]
R2 PSDTrayManager; C:\Program Files\PSDTray\PSDTrayManager.exe [20480 2014-04-01] (Komprofi) [File not signed]
S3 SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [124616 2013-07-30] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2013-11-22] (SoftThinks SAS)
S2 tcsd_win32.exe; C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe [1643520 2012-05-11] () [File not signed]
R2 TracSrvWrapper; C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [4512952 2011-09-14] (Check Point Software Technologies)
R2 vicoqudu; C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\hnsu2905.tmp [165376 2015-07-04] () [File not signed]
R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1758720 2012-11-19] (Wave Systems Corp.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-04-27] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [707240 2015-07-07] (DTools LIMITED) <==== ATTENTION
S2 WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [254384 2012-11-08] (Wave Systems Corp.)
R2 zejytose; C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\jnsk1371.tmp [199168 2015-07-04] () [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3388144 2013-04-19] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-04] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-07-04] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-04] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-07-04] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-04] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-04] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-04] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-04] (Avast Software s.r.o.)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2015-07-04] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-04] ()
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [131968 2012-10-30] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1342848 2012-12-03] (Motorola Solutions, Inc.)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [39016 2012-09-23] (Dell Inc.)
S3 InvProtectDrv; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [34824 2013-07-30] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-11-13] (Intel Corporation)
S3 SboxDrv; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [202248 2013-07-30] ()
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [68208 2012-05-21] (STMicroelectronics)
S3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [48024 2013-01-29] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-04] (Avast Software)
R3 vna_ap; C:\Windows\System32\DRIVERS\vnaap.sys [161256 2011-09-14] (Check Point Software Technologies)
R1 vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [448168 2011-09-12] (Check Point Software Technologies Ltd.)
S3 XHCIPort; C:\Windows\System32\DRIVERS\XHCIPort.sys [194456 2013-01-29] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-07 21:50 - 2015-07-07 21:50 - 00000000 ____D C:\ProgramData\IHProtectUpDate
2015-07-07 21:50 - 2015-07-07 21:50 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-07-07 21:49 - 2015-07-07 21:49 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-07-07 21:48 - 2015-07-07 21:48 - 00000000 ____D C:\Users\djourova\AppData\Roaming\mystartsearch
2015-07-07 21:30 - 2015-07-07 21:31 - 00040603 _____ C:\Users\djourova\Desktop\Addition.txt
2015-07-07 21:03 - 2015-07-07 21:12 - 00000000 ____D C:\AdwCleaner
2015-07-07 21:02 - 2015-07-07 21:03 - 02244096 _____ C:\Users\djourova\Desktop\adwcleaner_4.207.exe
2015-07-07 19:46 - 2015-07-07 19:46 - 00012710 _____ C:\Addition.zip
2015-07-07 19:31 - 2015-07-07 19:42 - 00045214 _____ C:\Addition.txt
2015-07-07 19:27 - 2015-07-07 21:58 - 00032754 _____ C:\Users\djourova\Desktop\FRST.txt
2015-07-07 19:26 - 2015-07-07 21:58 - 00000000 ____D C:\FRST
2015-07-07 19:25 - 2015-07-07 19:25 - 02112512 _____ (Farbar) C:\Users\djourova\Desktop\FRST64.exe
2015-07-04 22:30 - 2015-07-04 22:30 - 00003208 _____ C:\Windows\System32\Tasks\avastBCLRestart_chrome.exe
2015-07-04 10:59 - 2015-07-04 10:59 - 00003158 _____ C:\Windows\System32\Tasks\{CA08D9E3-249D-46D5-8894-786D74E4E8FA}
2015-07-04 10:40 - 2015-07-04 10:40 - 00613255 _____ (CMI Limited) C:\Users\djourova\AppData\Local\nsmCD84.tmp
2015-07-04 03:32 - 2015-07-04 03:32 - 00613255 _____ (CMI Limited) C:\Users\djourova\AppData\Local\nsmF658.tmp
2015-07-04 03:17 - 2015-07-04 03:18 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-07-04 03:17 - 2015-07-04 03:18 - 00000000 ____D C:\Windows\system32\vbox
2015-07-04 03:13 - 2015-07-04 03:13 - 00000000 ____D C:\Users\djourova\AppData\Roaming\AVAST Software
2015-07-04 03:12 - 2015-07-04 03:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-04 03:09 - 2015-07-07 09:33 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-04 03:09 - 2015-07-04 03:10 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-07-04 03:09 - 2015-07-04 03:08 - 00272248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-07-04 03:09 - 2015-07-04 03:08 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-07-04 03:09 - 2015-07-04 03:08 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-07-04 03:09 - 2015-07-04 03:08 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-04 03:09 - 2015-07-04 03:08 - 00065736 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-04 03:09 - 2015-07-04 03:08 - 00029168 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-07-04 03:09 - 2015-07-04 03:07 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-04 03:09 - 2015-07-04 03:07 - 00028144 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-07-04 03:08 - 2015-07-04 03:08 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-07-04 03:07 - 2015-07-04 03:07 - 00044640 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\aswTap.sys
2015-07-04 03:07 - 2015-07-04 03:07 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-07-04 03:06 - 2015-07-04 03:06 - 00449896 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-07-04 03:05 - 2015-07-04 03:05 - 00000000 ____D C:\Program Files\AVAST Software
2015-07-04 03:04 - 2015-07-04 03:04 - 05471128 _____ (Avast Software s.r.o.) C:\Users\djourova\Downloads\avast_premier_antivirus_setup_online.exe
2015-07-04 03:04 - 2015-07-04 03:04 - 00000000 ____D C:\ProgramData\AVAST Software
2015-07-04 02:56 - 2015-07-04 02:56 - 00000000 ____D C:\Program Files (x86)\af261fbb-9bac-4d47-a862-0aadc461cc06
2015-07-04 02:55 - 2015-07-04 03:12 - 00000000 ____D C:\Program Files (x86)\18d262ac-86d9-493d-b480-5227d0df5034
2015-07-04 02:48 - 2015-07-04 02:48 - 00260876 _____ (VuuPC Limited) C:\Users\djourova\AppData\Local\nslD11C.tmp
2015-07-04 02:47 - 2015-07-04 03:17 - 00000000 ____D C:\Users\djourova\AppData\Local\4C4C4544-1435978020-4710-8034-CAC04F333132
2015-07-04 02:44 - 2015-05-20 11:19 - 00000897 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-07-04 02:43 - 2015-07-07 21:54 - 00000000 ____D C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132
2015-07-03 22:18 - 2015-07-03 22:18 - 00003154 _____ C:\Windows\System32\Tasks\{6208229D-E29A-406F-A1DA-DC2792B86E4C}
2015-07-03 21:16 - 2015-07-03 21:16 - 00000000 _____ C:\Windows\prleth.sys
2015-07-03 21:16 - 2015-07-03 21:16 - 00000000 _____ C:\Windows\hgfs.sys
2015-07-03 21:15 - 2015-07-04 02:43 - 00000000 ____D C:\Program Files (x86)\gmsd_re_004010007
2015-07-03 21:15 - 2015-07-03 21:15 - 00000000 ____D C:\Program Files (x86)\039e3fe8-2d83-4d53-ad3f-947c2cea80ae
2015-07-03 21:02 - 2015-07-03 21:13 - 00871727 _____ C:\Users\djourova\Downloads\Setup.jse
2015-07-03 21:02 - 2015-07-03 21:11 - 1027080672 _____ C:\Users\djourova\Downloads\Photoshop_12_LS1.zip
2015-07-03 09:53 - 2015-07-04 09:59 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-07-03 00:31 - 2015-07-03 00:33 - 14246072 _____ (BlueStack Systems Inc.) C:\Users\djourova\Downloads\BlueStacks-ThinInstaller (4).exe
2015-07-03 00:30 - 2015-07-03 10:46 - 00000000 ____D C:\Users\djourova\AppData\Roaming\PhotoScape
2015-07-03 00:14 - 2015-07-03 00:14 - 21331096 _____ (Mooii) C:\Users\djourova\Downloads\PhotoScape_V3.6.5.exe
2015-07-02 23:53 - 2015-07-02 23:58 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-07-02 23:51 - 2015-07-02 23:51 - 14246072 _____ (BlueStack Systems Inc.) C:\Users\djourova\Downloads\BlueStacks-ThinInstaller (2).exe
2015-07-02 23:49 - 2015-07-02 23:50 - 06060024 _____ (BlueStack Systems Inc.) C:\Users\djourova\Downloads\BlueStacks-ThinInstaller (2).exe (1).opdownload
2015-07-02 23:49 - 2015-07-02 23:50 - 03069944 _____ (BlueStack Systems Inc.) C:\Users\djourova\Downloads\BlueStacks-ThinInstaller (3).exe.opdownload
2015-07-02 23:49 - 2015-07-02 23:50 - 02570624 _____ (BlueStack Systems Inc.) C:\Users\djourova\Downloads\BlueStacks-ThinInstaller (4).exe.opdownload
2015-07-02 23:49 - 2015-07-02 23:50 - 01847924 _____ (BlueStack Systems Inc.) C:\Users\djourova\Downloads\BlueStacks-ThinInstaller (5).exe.opdownload
2015-07-02 23:48 - 2015-07-04 03:15 - 00000000 ____D C:\Users\djourova\AppData\Local\22528
2015-07-02 23:48 - 2015-07-02 23:48 - 14246072 _____ (BlueStack Systems Inc.) C:\Users\djourova\Downloads\BlueStacks-ThinInstaller (1).exe
2015-07-02 23:48 - 2015-07-02 23:48 - 06794404 _____ (BlueStack Systems Inc.) C:\Users\djourova\Downloads\BlueStacks-ThinInstaller (2).exe.opdownload
2015-07-02 23:46 - 2015-07-02 23:47 - 00958859 _____ C:\Users\djourova\Downloads\Bluestacks (1).jse
2015-07-02 23:33 - 2015-07-02 23:34 - 14246072 _____ (BlueStack Systems Inc.) C:\Users\djourova\Downloads\BlueStacks-ThinInstaller.exe
2015-07-02 23:30 - 2015-07-02 23:30 - 00958859 _____ C:\Users\djourova\Downloads\Bluestacks.jse
2015-06-29 23:58 - 2015-06-29 23:58 - 00687064 _____ (Opera Software) C:\Users\djourova\Downloads\Opera_NI_stable.exe
2015-06-25 00:02 - 2015-06-25 00:02 - 28849904 _____ C:\Users\djourova\Downloads\vlc-2.2.1-win32.exe
2015-06-25 00:02 - 2015-06-25 00:02 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2015-06-22 18:40 - 2015-06-22 18:40 - 00007445 _____ C:\Users\djourova\Downloads\nova_zprava_od_nikyb.2007.eml
2015-06-21 12:19 - 2015-07-07 21:57 - 00005014 _____ C:\Windows\System32\Tasks\WSCEAA
2015-06-20 01:17 - 2015-06-20 01:17 - 00101805 _____ C:\Users\djourova\Downloads\image (2).jpeg
2015-06-15 11:08 - 2015-06-15 11:08 - 00434846 _____ C:\Users\djourova\Downloads\magnolia.zip
2015-06-15 11:08 - 2015-06-15 11:08 - 00000000 ____D C:\Users\djourova\Downloads\magnolia
2015-06-15 11:08 - 2015-06-15 11:08 - 00000000 ____D C:\Users\djourova\Downloads\close_to_you (1)
2015-06-15 11:07 - 2015-06-15 11:07 - 00266194 _____ C:\Users\djourova\Downloads\close_to_you.zip
2015-06-15 11:07 - 2015-06-15 11:07 - 00266194 _____ C:\Users\djourova\Downloads\close_to_you (1).zip
2015-06-14 16:49 - 2015-06-14 16:49 - 00000000 ____D C:\Users\djourova\Downloads\windsong
2015-06-14 16:48 - 2015-06-14 16:48 - 00000000 ____D C:\Users\djourova\Downloads\vtks_storm
2015-06-14 16:48 - 2015-06-14 16:48 - 00000000 ____D C:\Users\djourova\Downloads\tejaratchi_family (1)
2015-06-14 16:48 - 2015-06-14 16:48 - 00000000 ____D C:\Users\djourova\Downloads\sweetly_broken
2015-06-14 16:47 - 2015-06-14 16:47 - 00000000 ____D C:\Users\djourova\Downloads\signarita_zhai
2015-06-14 16:47 - 2015-06-14 16:47 - 00000000 ____D C:\Users\djourova\Downloads\should_ve_known_shaded
2015-06-14 16:47 - 2015-06-14 16:47 - 00000000 ____D C:\Users\djourova\Downloads\shocardcaps
2015-06-14 16:47 - 2015-06-14 16:47 - 00000000 ____D C:\Users\djourova\Downloads\regency_script
2015-06-14 16:47 - 2015-06-14 16:47 - 00000000 ____D C:\Users\djourova\Downloads\recorda_script
2015-06-14 16:46 - 2015-06-14 16:46 - 00000000 ____D C:\Users\djourova\Downloads\phoenix_rising
2015-06-14 16:46 - 2015-06-14 16:46 - 00000000 ____D C:\Users\djourova\Downloads\nella_sue
2015-06-14 16:45 - 2015-06-14 16:45 - 00000000 ____D C:\Users\djourova\Downloads\mrs_saint_delafield
2015-06-14 16:45 - 2015-06-14 16:45 - 00000000 ____D C:\Users\djourova\Downloads\montague
2015-06-14 16:45 - 2015-06-14 16:45 - 00000000 ____D C:\Users\djourova\Downloads\maratre
2015-06-14 16:44 - 2015-06-14 16:44 - 00000000 ____D C:\Users\djourova\Downloads\jellyka_cutty_cupcakes
2015-06-14 16:44 - 2015-06-14 16:44 - 00000000 ____D C:\Users\djourova\Downloads\jellyka_beesantique_handwriting
2015-06-14 16:44 - 2015-06-14 16:44 - 00000000 ____D C:\Users\djourova\Downloads\high_level
2015-06-14 16:43 - 2015-06-14 16:43 - 00000000 ____D C:\Users\djourova\Downloads\great_vibes
2015-06-14 16:43 - 2015-06-14 16:43 - 00000000 ____D C:\Users\djourova\Downloads\good_karma
2015-06-14 16:43 - 2015-06-14 16:43 - 00000000 ____D C:\Users\djourova\Downloads\gessele_regular
2015-06-14 16:42 - 2015-06-14 16:42 - 00000000 ____D C:\Users\djourova\Downloads\germania_shadow
2015-06-14 16:42 - 2015-06-14 16:42 - 00000000 ____D C:\Users\djourova\Downloads\fifty_hours
2015-06-14 16:42 - 2015-06-14 16:42 - 00000000 ____D C:\Users\djourova\Downloads\erectlorite
2015-06-14 16:42 - 2015-06-14 16:42 - 00000000 ____D C:\Users\djourova\Downloads\endor
2015-06-14 16:41 - 2015-06-14 16:41 - 00000000 ____D C:\Users\djourova\Downloads\east_market_two
2015-06-14 16:41 - 2015-06-14 16:41 - 00000000 ____D C:\Users\djourova\Downloads\diane_de_france
2015-06-14 16:41 - 2015-06-14 16:41 - 00000000 ____D C:\Users\djourova\Downloads\coneria_script (1)
2015-06-14 16:41 - 2015-06-14 16:41 - 00000000 ____D C:\Users\djourova\Downloads\castro_script
2015-06-14 16:40 - 2015-06-14 16:40 - 00000000 ____D C:\Users\djourova\Downloads\bulwark
2015-06-14 16:40 - 2015-06-14 16:40 - 00000000 ____D C:\Users\djourova\Downloads\brotherhood_script
2015-06-14 16:40 - 2015-06-14 16:40 - 00000000 ____D C:\Users\djourova\Downloads\berty_script
2015-06-14 16:40 - 2015-06-14 16:40 - 00000000 ____D C:\Users\djourova\Downloads\before_the_rain
2015-06-14 16:39 - 2015-06-14 16:43 - 00000000 ____D C:\Users\djourova\Downloads\angelique_ma_douce_colombe
2015-06-14 16:39 - 2015-06-14 16:39 - 00000000 ____D C:\Users\djourova\Downloads\always_forever
2015-06-14 16:36 - 2015-06-14 16:36 - 01327764 _____ C:\Users\djourova\Downloads\UnZipMe.EXE
2015-06-14 16:36 - 2015-06-14 16:36 - 00001044 _____ C:\Users\dagmar\Desktop\UnZip Me.lnk
2015-06-14 16:36 - 2015-06-14 16:36 - 00000000 ____D C:\Users\djourova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Camtech
2015-06-14 16:36 - 2015-06-14 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtech
2015-06-14 16:36 - 2015-06-14 16:36 - 00000000 ____D C:\Program Files (x86)\Camtech
2015-06-14 16:36 - 2004-03-09 00:00 - 00152848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Comdlg32.ocx
2015-06-14 16:36 - 2004-02-23 00:00 - 01386496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.000
2015-06-14 16:36 - 2001-07-31 06:42 - 00150016 _____ (Info-ZIP) C:\Windows\SysWOW64\Unzip32.dll
2015-06-14 13:23 - 2015-06-14 13:23 - 00042154 _____ C:\Users\djourova\Downloads\should_ve_known_shaded.zip
2015-06-14 13:21 - 2015-06-14 13:21 - 00094098 _____ C:\Users\djourova\Downloads\phoenix_rising.zip
2015-06-14 13:21 - 2015-06-14 13:21 - 00041280 _____ C:\Users\djourova\Downloads\bulwark.zip
2015-06-14 13:20 - 2015-06-14 13:20 - 00258784 _____ C:\Users\djourova\Downloads\racing_flow.zip
2015-06-14 13:20 - 2015-06-14 13:20 - 00097531 _____ C:\Users\djourova\Downloads\high_level.zip
2015-06-14 13:20 - 2015-06-14 13:20 - 00045629 _____ C:\Users\djourova\Downloads\east_market_two.zip
2015-06-14 13:19 - 2015-06-14 13:19 - 00529905 _____ C:\Users\djourova\Downloads\erectlorite.zip
2015-06-14 13:19 - 2015-06-14 13:19 - 00195089 _____ C:\Users\djourova\Downloads\tejaratchi_family (1).zip
2015-06-14 13:19 - 2015-06-14 13:19 - 00114025 _____ C:\Users\djourova\Downloads\vtks_storm.zip
2015-06-14 13:18 - 2015-06-14 13:18 - 00055149 _____ C:\Users\djourova\Downloads\germania_shadow.zip
2015-06-14 13:18 - 2015-06-14 13:18 - 00032124 _____ C:\Users\djourova\Downloads\montague.zip
2015-06-14 13:18 - 2015-06-14 13:18 - 00025234 _____ C:\Users\djourova\Downloads\shocardcaps.zip
2015-06-14 13:16 - 2015-06-14 13:16 - 00675314 _____ C:\Users\djourova\Downloads\castro_script.zip
2015-06-14 13:16 - 2015-06-14 13:16 - 00028908 _____ C:\Users\djourova\Downloads\mrs_saint_delafield.zip
2015-06-14 13:15 - 2015-06-14 13:15 - 00997907 _____ C:\Users\djourova\Downloads\good_karma.zip
2015-06-14 13:15 - 2015-06-14 13:15 - 00069514 _____ C:\Users\djourova\Downloads\berty_script.zip
2015-06-14 13:12 - 2015-06-14 13:12 - 00248735 _____ C:\Users\djourova\Downloads\signerica.zip
2015-06-14 13:12 - 2015-06-14 13:12 - 00056701 _____ C:\Users\djourova\Downloads\jellyka_beesantique_handwriting.zip
2015-06-14 13:12 - 2015-06-14 13:12 - 00032236 _____ C:\Users\djourova\Downloads\brotherhood_script.zip
2015-06-14 13:12 - 2015-06-14 13:12 - 00024871 _____ C:\Users\djourova\Downloads\angelique_ma_douce_colombe.zip
2015-06-14 13:11 - 2015-06-14 13:11 - 01117352 _____ C:\Users\djourova\Downloads\signarita_zhai.zip
2015-06-14 13:11 - 2015-06-14 13:11 - 00043010 _____ C:\Users\djourova\Downloads\aligot_de_mirabelle.zip
2015-06-14 13:10 - 2015-06-14 13:11 - 00043799 _____ C:\Users\djourova\Downloads\windsong.zip
2015-06-14 13:10 - 2015-06-14 13:10 - 01640757 _____ C:\Users\djourova\Downloads\recorda_script.zip
2015-06-14 13:10 - 2015-06-14 13:10 - 00563552 _____ C:\Users\djourova\Downloads\diane_de_france.zip
2015-06-14 13:10 - 2015-06-14 13:10 - 00110843 _____ C:\Users\djourova\Downloads\jellyka_saint_andrews_queen.zip
2015-06-14 13:10 - 2015-06-14 13:10 - 00052242 _____ C:\Users\djourova\Downloads\great_vibes.zip
2015-06-14 13:10 - 2015-06-14 13:10 - 00019163 _____ C:\Users\djourova\Downloads\maratre.zip
2015-06-14 13:09 - 2015-06-14 13:09 - 00402210 _____ C:\Users\djourova\Downloads\before_the_rain.zip
2015-06-14 13:04 - 2015-06-14 13:04 - 00063930 _____ C:\Users\djourova\Downloads\endor.zip
2015-06-14 12:46 - 2015-06-14 12:46 - 02314954 _____ C:\Users\djourova\Downloads\2500x1660_597036_[www.ArtFile.ru].jpeg
2015-06-14 12:46 - 2015-06-14 12:46 - 02314954 _____ C:\Users\djourova\Downloads\2500x1660_597036_[www.ArtFile.ru] (2).jpeg
2015-06-14 12:46 - 2015-06-14 12:46 - 02314954 _____ C:\Users\djourova\Downloads\2500x1660_597036_[www.ArtFile.ru] (1).jpeg
2015-06-14 11:52 - 2015-06-14 11:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Collage Maker 3.80
2015-06-14 11:51 - 2015-06-14 11:54 - 00000000 ____D C:\Users\djourova\Downloads\coll
2015-06-14 11:47 - 2015-06-14 11:48 - 31164926 _____ C:\Users\djourova\Downloads\zasilka-FHFXTUFBAVEJ5LIJ.zip
2015-06-14 11:42 - 2015-06-14 11:43 - 00000670 _____ C:\Users\djourova\Downloads\Setup.website
2015-06-14 11:33 - 2015-06-14 11:33 - 00000000 ____D C:\Users\Public\Documents\PearlMountain
2015-06-14 11:33 - 2015-06-14 11:33 - 00000000 ____D C:\Users\djourova\AppData\Roaming\PearlMountain
2015-06-14 11:33 - 2015-06-14 11:33 - 00000000 ____D C:\ProgramData\PearlMountain
2015-06-14 11:33 - 2015-06-14 11:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picture Collage Maker Pro
2015-06-14 11:33 - 2015-06-14 11:33 - 00000000 ____D C:\Program Files (x86)\Picture Collage Maker Pro
2015-06-14 11:24 - 2015-06-14 11:24 - 00000000 ____D C:\Users\djourova\Downloads\Picture Collage Maker Pro 4.0.0 & Templates Pack
2015-06-14 11:12 - 2015-06-14 11:15 - 392690113 _____ C:\Users\djourova\Downloads\Picture Collage Maker Pro 4.0.0 & Templates Pack.zip
2015-06-14 11:00 - 2015-06-14 11:00 - 23490048 _____ C:\Users\djourova\Downloads\collage-maker-37-windows_softfinder_com.msi
2015-06-11 01:17 - 2015-06-11 01:17 - 01209936 _____ C:\Windows\Minidump\061115-21918-01.dmp
2015-06-10 03:41 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 03:41 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 03:41 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 03:41 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 03:41 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 03:41 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 03:41 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 03:41 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 03:41 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 03:41 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 03:40 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 03:40 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 03:40 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 03:40 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 03:40 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 03:40 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 03:40 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 03:40 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 03:40 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 03:40 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 03:40 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 03:40 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 03:40 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 03:40 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 03:40 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 03:40 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 03:40 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 03:40 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 03:40 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 03:40 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 03:40 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 03:40 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 03:40 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 03:40 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 03:40 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 03:40 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 03:40 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 03:40 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 03:40 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 03:40 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 03:40 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 03:40 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 03:40 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 03:40 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 03:40 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 03:40 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 03:40 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 03:40 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 03:40 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 03:40 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 03:40 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 03:40 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 03:40 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 03:40 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 03:40 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 03:40 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 03:40 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 03:40 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 03:40 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 03:40 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 03:40 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 03:40 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 03:40 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 03:40 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 03:40 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 03:40 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 03:40 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 03:40 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 03:40 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 03:40 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 03:40 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 03:40 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 03:40 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 03:40 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 03:40 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 03:40 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 03:40 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 03:40 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 03:40 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 03:40 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 03:40 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 03:40 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 03:40 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 03:40 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 03:40 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 03:40 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 03:40 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 03:40 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 03:40 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 03:40 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 03:40 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 03:40 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 03:40 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 03:40 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 03:40 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 03:40 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 03:40 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 03:40 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 03:40 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 03:40 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 03:40 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 03:40 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 03:40 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 03:40 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 03:40 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 03:40 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 03:40 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 03:40 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 03:40 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 03:40 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 03:40 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-08 01:20 - 2015-06-08 01:20 - 00000000 ____D C:\Users\djourova\Documents\VM
2015-06-07 23:37 - 2015-07-04 10:55 - 00000000 ___RD C:\Users\djourova\Desktop\VM REPORT

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-07 21:56 - 2014-04-27 03:50 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-07-07 21:54 - 2015-03-01 22:01 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-07 21:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-07 21:54 - 2009-07-14 06:51 - 00063212 _____ C:\Windows\setupact.log
2015-07-07 21:53 - 2010-11-21 05:47 - 00277296 _____ C:\Windows\PFRO.log
2015-07-07 21:48 - 2015-03-01 22:01 - 00002483 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-07 21:48 - 2014-06-02 11:54 - 00001693 _____ C:\Users\djourova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-07 21:30 - 2014-04-26 20:14 - 01111347 _____ C:\Windows\WindowsUpdate.log
2015-07-07 21:23 - 2009-07-14 06:45 - 00035040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-07 21:23 - 2009-07-14 06:45 - 00035040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-07 21:16 - 2015-03-01 22:01 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-07 00:06 - 2014-07-03 22:24 - 00000000 ____D C:\Users\djourova\AppData\Local\CrashDumps
2015-07-06 22:26 - 2010-11-21 11:27 - 00684658 _____ C:\Windows\system32\perfh005.dat
2015-07-06 22:26 - 2010-11-21 11:27 - 00147100 _____ C:\Windows\system32\perfc005.dat
2015-07-06 22:26 - 2009-07-14 07:13 - 01618200 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-04 10:55 - 2014-07-04 21:08 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-04 10:55 - 2014-07-04 21:08 - 00000000 ____D C:\ProgramData\Skype
2015-07-04 10:38 - 2014-06-02 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-07-04 09:59 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-04 03:28 - 2015-01-28 17:47 - 00000000 ___RD C:\Users\djourova\Desktop\RVM
2015-07-04 03:28 - 2015-01-26 14:56 - 00000000 ____D C:\Users\djourova\Desktop\PROGRAMY
2015-07-04 03:22 - 2014-06-27 21:29 - 00000000 ____D C:\Users\djourova\AppData\Local\Google
2015-07-04 03:22 - 2014-06-27 21:29 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-04 03:03 - 2014-11-22 12:00 - 00000330 _____ C:\Users\djourova\rgut
2015-07-04 02:55 - 2014-11-29 23:44 - 00000000 ____D C:\Users\djourova\AppData\Roaming\Opera Software
2015-07-04 02:55 - 2014-11-29 23:44 - 00000000 ____D C:\Users\djourova\AppData\Local\Opera Software
2015-07-04 02:55 - 2014-11-29 23:44 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-04 02:54 - 2014-11-20 20:52 - 00000030 _____ C:\Users\djourova\AppData\Roaming\msofoeu.dat
2015-07-03 21:22 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-07-03 21:15 - 2014-04-27 03:50 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-03 15:27 - 2014-12-30 15:26 - 00000000 ____D C:\Users\djourova\Documents\Soubory aplikace Outlook
2015-07-03 10:32 - 2014-06-09 07:09 - 00000000 ____D C:\Users\djourova\Documents\cestovní doklady
2015-07-02 23:33 - 2015-01-15 12:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-29 09:12 - 2014-06-07 10:40 - 00000000 ____D C:\Users\djourova\Documents\work plány
2015-06-29 09:04 - 2014-06-22 21:17 - 00000427 _____ C:\Users\djourova\AppData\Roaming\Microsoft\Windows\Start Menu\Logging in.website
2015-06-28 23:56 - 2014-06-07 18:41 - 00000612 _____ C:\Users\djourova\AppData\Roaming\Microsoft\Windows\Start Menu\Domovská stránka - Centrála.website
2015-06-26 11:06 - 2015-05-29 22:07 - 00000000 ____D C:\Users\djourova\AppData\Roaming\msct
2015-06-25 12:03 - 2014-06-23 18:40 - 00000621 _____ C:\Users\djourova\AppData\Roaming\Microsoft\Windows\Start Menu\Domovská stránka - Filiálky.website
2015-06-25 00:15 - 2015-03-08 23:28 - 00000000 ____D C:\Users\djourova\AppData\Roaming\vlc
2015-06-24 19:20 - 2014-12-26 00:00 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-24 10:54 - 2009-07-14 06:45 - 00372352 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-24 01:06 - 2014-09-05 10:30 - 00000000 ____D C:\Users\djourova\Documents\tašky objednávka
2015-06-23 13:30 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-23 03:15 - 2015-03-10 14:16 - 00004974 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for CZECH-djourova nbdjourova.czech.lpp.com.pl
2015-06-22 21:49 - 2015-01-26 15:09 - 00000000 ___RD C:\Users\djourova\Desktop\BUDGET 2015
2015-06-15 11:10 - 2014-06-02 11:55 - 00091344 _____ C:\Users\djourova\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-14 11:54 - 2014-12-26 20:18 - 00000000 ____D C:\Program Files (x86)\Collage Maker 3.80
2015-06-14 11:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Resources
2015-06-14 11:28 - 2015-04-16 11:52 - 00000000 ____D C:\Program Files (x86)\Collage Maker 3.70
2015-06-14 11:21 - 2015-05-20 18:45 - 00000000 ____D C:\Users\djourova\AppData\Local\WinZip
2015-06-14 10:57 - 2014-07-06 23:21 - 00000000 ____D C:\Windows\system32\appmgmt
2015-06-11 10:51 - 2014-11-16 18:15 - 00000000 __SHD C:\Users\djourova\AppData\Local\EmieBrowserModeList
2015-06-11 10:51 - 2014-06-02 12:20 - 00000000 __SHD C:\Users\djourova\AppData\Local\EmieUserList
2015-06-11 10:51 - 2014-06-02 12:20 - 00000000 __SHD C:\Users\djourova\AppData\Local\EmieSiteList
2015-06-11 04:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-11 03:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-11 03:07 - 2014-06-02 11:18 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 03:02 - 2014-06-02 11:18 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-11 01:17 - 2014-07-03 18:42 - 00000000 ____D C:\Windows\Minidump
2015-06-11 01:17 - 2014-07-03 18:41 - 4196049181 _____ C:\Windows\MEMORY.DMP
2015-06-09 08:20 - 2014-06-02 13:27 - 00000000 ____D C:\Users\djourova\Documents\výprodej 1.6.2014
2015-06-07 20:48 - 2015-03-23 13:52 - 00000000 ____D C:\Users\djourova\AppData\Roaming\Seznam.cz
2015-06-07 11:14 - 2014-12-12 04:28 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-07 11:14 - 2014-06-02 11:43 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-07 10:59 - 2014-06-02 11:47 - 00000128 _____ C:\Windows\system32\config\netlogon.ftl

==================== Files in the root of some directories =======

2014-11-20 20:52 - 2014-11-20 20:52 - 0009040 _____ () C:\Users\djourova\AppData\Roaming\msmefb.dat
2014-11-20 20:52 - 2015-07-04 02:54 - 0000030 _____ () C:\Users\djourova\AppData\Roaming\msofoeu.dat
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\djourova\AppData\Roaming\N3LutoUvULAxN52QinoB4hpmxN
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\djourova\AppData\Roaming\vnBZwdBR6lu98DSD13yb
2015-07-04 02:48 - 2015-07-04 02:48 - 0260876 _____ (VuuPC Limited) C:\Users\djourova\AppData\Local\nslD11C.tmp
2015-07-04 10:40 - 2015-07-04 10:40 - 0613255 _____ (CMI Limited) C:\Users\djourova\AppData\Local\nsmCD84.tmp
2015-07-04 03:32 - 2015-07-04 03:32 - 0613255 _____ (CMI Limited) C:\Users\djourova\AppData\Local\nsmF658.tmp
2014-12-26 21:43 - 2015-01-12 14:54 - 0000880 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\djourova\AppData\Local\Temp\3307.exe
C:\Users\djourova\AppData\Local\Temp\4488.exe
C:\Users\djourova\AppData\Local\Temp\9467.exe
C:\Users\djourova\AppData\Local\Temp\APNSetup.exe
C:\Users\djourova\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\djourova\AppData\Local\Temp\fsd5485.exe
C:\Users\djourova\AppData\Local\Temp\GoogleSetup.exe
C:\Users\djourova\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\djourova\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\djourova\AppData\Local\Temp\optprosetup.exe
C:\Users\djourova\AppData\Local\Temp\pcspeedup.exe
C:\Users\djourova\AppData\Local\Temp\Quarantine.exe
C:\Users\djourova\AppData\Local\Temp\SkypeSetup.exe
C:\Users\djourova\AppData\Local\Temp\SoftonicAssistant_v0-1-6.exe
C:\Users\djourova\AppData\Local\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease.exe
C:\Users\djourova\AppData\Local\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease[1].exe
C:\Users\djourova\AppData\Local\Temp\sqlite3.dll
C:\Users\djourova\AppData\Local\Temp\Uninstall.exe
C:\Users\djourova\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-07-03 21:53

==================== End of log ============================

#8 Příspěvek od **Rudy** » 07 črc 2015 21:42

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [gmsd_re_004010007] => [X]
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [**asova**<*>] => [X] <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\MountPoints2: {31a8c31b-fbb8-11e3-8116-c4d987a73f0e} - D:\VW100_Modem_Installation.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
KU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
DPF: HKLM-x32 {F8C6BC40-4D18-4B7C-B7D4-B21D9D27FB32} https://psdz.lpp.com.pl:8443/lpp/authority/PSDZX.ocx
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&t ... XXW3739JJA
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&t ... XXW3739JJA
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 zejytose; C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\jnsk1371.tmp [199168 2015-07-04] () [File not signed]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [707240 2015-07-07] (DTools LIMITED) <==== ATTENTION
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\djourova\AppData\Roaming\N3LutoUvULAxN52QinoB4hpmxN
C:\Users\djourova\AppData\Roaming\vnBZwdBR6lu98DSD13yb
C:\Users\djourova\AppData\Local\nslD11C.tmp
C:\Users\djourova\AppData\Local\nsmCD84.tmp
C:\Users\djourova\AppData\Local\nsmF658.tmp
C:\Users\djourova\AppData\Local\Temp
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3229
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3280
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3381
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\djourova\Downloads\nova_zprava_od_nikyb.2007.eml:OECustomProperty
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

DaJo · #9 Příspěvek od **DaJo** » 07 črc 2015 22:00

zasílám:

Fix result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by djourova at 2015-07-07 22:51:12 Run:1
Running from C:\Users\djourova\Desktop
Loaded Profiles: djourova (Available Profiles: djourova & dagmar)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [gmsd_re_004010007] => [X]
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [**asova**<*>] => [X] <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\MountPoints2: {31a8c31b-fbb8-11e3-8116-c4d987a73f0e} - D:\VW100_Modem_Installation.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
KU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
DPF: HKLM-x32 {F8C6BC40-4D18-4B7C-B7D4-B21D9D27FB32} https://psdz.lpp.com.pl:8443/lpp/authority/PSDZX.ocx
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&t ... XXW3739JJA
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&t ... XXW3739JJA
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 zejytose; C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\jnsk1371.tmp [199168 2015-07-04] () [File not signed]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [707240 2015-07-07] (DTools LIMITED) <==== ATTENTION
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\djourova\AppData\Roaming\N3LutoUvULAxN52QinoB4hpmxN
C:\Users\djourova\AppData\Roaming\vnBZwdBR6lu98DSD13yb
C:\Users\djourova\AppData\Local\nslD11C.tmp
C:\Users\djourova\AppData\Local\nsmCD84.tmp
C:\Users\djourova\AppData\Local\nsmF658.tmp
C:\Users\djourova\AppData\Local\Temp
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3229
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3280
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3381
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\djourova\Downloads\nova_zprava_od_nikyb.2007.eml:OECustomProperty
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_re_004010007 => value removed successfully
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Windows\CurrentVersion\Run\\**asova**<*> => value removed successfully
"HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{31a8c31b-fbb8-11e3-8116-c4d987a73f0e}" => key removed successfully
HKCR\CLSID\{31a8c31b-fbb8-11e3-8116-c4d987a73f0e} => key not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => key removed successfully
HKCR\Wow6432Node\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}" => key removed successfully
HKCR\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => key not found.
"HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}" => key removed successfully
HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => key not found.
"HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => key removed successfully
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{F8C6BC40-4D18-4B7C-B7D4-B21D9D27FB32}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{F8C6BC40-4D18-4B7C-B7D4-B21D9D27FB32}" => key removed successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => value restored successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => value removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully
"C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx" => File/Folder not found.
HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command\\Default => value restored successfully
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => Service removed successfully
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => Service removed successfully
zejytose => Service stopped successfully.
zejytose => Service removed successfully
WindowsMangerProtect => Service stopped successfully.
WindowsMangerProtect => Service removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\Users\djourova\AppData\Roaming\N3LutoUvULAxN52QinoB4hpmxN => moved successfully.
C:\Users\djourova\AppData\Roaming\vnBZwdBR6lu98DSD13yb => moved successfully.
C:\Users\djourova\AppData\Local\nslD11C.tmp => moved successfully.
C:\Users\djourova\AppData\Local\nsmCD84.tmp => moved successfully.
C:\Users\djourova\AppData\Local\nsmF658.tmp => moved successfully.

"C:\Users\djourova\AppData\Local\Temp" folder move:

Could not move "C:\Users\djourova\AppData\Local\Temp" folder => Scheduled to move on reboot.

C:\Windows\SysWOW64\MSIHANDLE => ":3229" ADS removed successfully.
C:\Windows\SysWOW64\MSIHANDLE => ":3280" ADS removed successfully.
C:\Windows\SysWOW64\MSIHANDLE => ":3381" ADS removed successfully.
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
C:\Users\djourova\Downloads\nova_zprava_od_nikyb.2007.eml => ":OECustomProperty" ADS removed successfully.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-07-07 22:54:13)<=

C:\Users\djourova\AppData\Local\Temp => moved successfully

==== End of Fixlog 22:54:13 ====

#10 Příspěvek od **Rudy** » 08 črc 2015 17:03

Smazáno. Nastala nějaká změna?

DaJo · #11 Příspěvek od **DaJo** » 08 črc 2015 22:50

Pěkný večer,
reklamy nevyskakují, žádné nové samovolné instalace také nejsou

Mnohokrát děkuji

ale obnovit systém nejde stále.

#12 Příspěvek od **Rudy** » 09 črc 2015 17:42

Zkuste ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte. Tento problém nemusí být způsoben malware, ale také systémem samotným.

DaJo · #13 Příspěvek od **DaJo** » 09 črc 2015 19:44

Pěknž večer,

přikládám výsledek skenu MBAM:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 9.7.2015
Čas skenování: 20:21
Protokol: mbam.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.09.04
Databáze rootkitů: v2015.07.09.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: djourova

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 461816
Uplynulý čas: 18 min, 30 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 4
PUP.Optional.XTab.A, C:\Program Files (x86)\MiuiTab\ProtectService.exe, 2172, , [9226924d4347db5bec0b1c3e867b56aa]
PUP.Optional.MultiPlug.Gen, C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\hnsu2905.tmp, 3172, , [43755f80becc2b0b97e8533141c314ec]
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\CmdShell.exe, 4408, , [6a4e944bf298063079ca20ddc93948b8]
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\HPNotify.exe, 7772, , [6a4e944bf298063079ca20ddc93948b8]

Moduly: 7
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\IeWatchDog.dll, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcp110.dll, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcp110.dll, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcp110.dll, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcr110.dll, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcr110.dll, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcr110.dll, , [6a4e944bf298063079ca20ddc93948b8],

Klíče registru: 63
PUP.Optional.XTab.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service, , [9226924d4347db5bec0b1c3e867b56aa],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, , [ebcd0fd0beccdb5b894ca5d6c73b11ef],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, , [ebcd0fd0beccdb5b894ca5d6c73b11ef],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}, , [ebcd0fd0beccdb5b894ca5d6c73b11ef],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, , [ebcd0fd0beccdb5b894ca5d6c73b11ef],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, , [ebcd0fd0beccdb5b894ca5d6c73b11ef],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, , [ebcd0fd0beccdb5b894ca5d6c73b11ef],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}, , [ebcd0fd0beccdb5b894ca5d6c73b11ef],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}, , [ebcd0fd0beccdb5b894ca5d6c73b11ef],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, , [ebcd0fd0beccdb5b894ca5d6c73b11ef],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, , [5b5d24bbd3b7fe3887105b6246bced13],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, , [5b5d24bbd3b7fe3887105b6246bced13],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, , [5b5d24bbd3b7fe3887105b6246bced13],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, , [5b5d24bbd3b7fe3887105b6246bced13],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, , [5b5d24bbd3b7fe3887105b6246bced13],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, , [5b5d24bbd3b7fe3887105b6246bced13],
PUP.Optional.Smartbar.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FD36FEBE-DBA1-4597-9DD1-B13794B92F68}, , [ffb936a98901152196c9edcb54aee917],
PUP.Optional.Smartbar.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FD36FEBE-DBA1-4597-9DD1-B13794B92F68}, , [ffb936a98901152196c9edcb54aee917],
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\mystartsearch uninstall, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MultiPlug.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\vicoqudu, , [43755f80becc2b0b97e8533141c314ec],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\AskPartnerNetwork, , [7b3d617e6c1e42f47b47b84720e209f7],
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, , [6a4e5c83c7c353e3ed7891808b7805fb],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [09af9d422169d85e5a923512bc47e41c],
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\mystartsearchSoftware, , [6f49aa35791151e5214150c8a55ed52b],
PUP.Optional.ShopAndSave.A, HKLM\SOFTWARE\WOW6432NODE\Shop and Save Up-nv-ie, , [2692a738771356e021f94b3632d25ba5],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, , [932514cbbfcba98d64de5521f60e03fd],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\WajIntEnhance, , [595f3ca30b7f8aaccb5624eabb48a45c],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, , [3385459ad2b8d85edc9b4cb535cedb25],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, , [25937e611c6e2f07d17744c753b019e7],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, , [328635aa058569cd281f9f6c5ca77987],
PUP.Optional.VoPackage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPackage, , [ab0d3ca3e6a455e1a9da5c2700040bf5],
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, , [65536976e5a559dddcf126f24fb443bd],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, , [75433da2533768ce103612f9d42f6c94],
PUP.Optional.AskAPN.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F524A2D-5350-4500-76A7-A758B70C1D00}, , [7741657af496bf777808738b5da5c33d],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, , [a71186597713eb4b3a05889c62a1d52b],
PUP.Optional.PCSpeedUp.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, , [487011ce5b2f9e98af81048acc380af6],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, , [e8d04f903b4f2b0b3dd76ab1768dd62a],
PUP.Optional.Cinema.A, HKU\S-1-5-18\SOFTWARE\CinemaP-1.9cV16.03-nv, , [2f890fd01f6b1f171e77eb387c87a15f],
PUP.Optional.Cinema.A, HKU\S-1-5-18\SOFTWARE\CinemaP-1.9cV16.03-nv-ie, , [a315736c1a7050e68e070122739030d0],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-18\SOFTWARE\CinemaPlus-3.2cV03.07-nv, , [3f79756a8dfd7fb75a30978056ad837d],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-18\SOFTWARE\CinemaPlus-3.2cV03.07-nv-ie, , [25935887c7c3c86e593182955ba842be],
PUP.Optional.GoHD.A, HKU\S-1-5-18\SOFTWARE\GoHD-nv, , [694f578815757eb836d1602127ddec14],
PUP.Optional.GoHD.A, HKU\S-1-5-18\SOFTWARE\GoHD-nv-ie, , [dddb09d6deac67cf7c8bb9c8669ec33d],
PUP.Optional.ShopAndSave.A, HKU\S-1-5-18\SOFTWARE\Shop and Save Up-nv-ie, , [9721a8373c4ef64031ea750ce321b050],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [a3158b5499f194a27b35b1d620e46a96],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\AskPartnerNetwork, , [7d3b09d6850551e5bd046a9561a120e0],
PUP.Optional.Cinema.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\CinemaP-1.9cV16.03-nv-ie, , [229631aeb0daa4928e07a083649f8779],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\CinemaPlus-3.2cV03.07-nv-ie, , [f6c223bcf892290dafdba572dc27c739],
PUP.Optional.GoHD.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\GoHD-nv-ie, , [09afeef115756bcbb651631e669eca36],
PUP.Optional.HomeTab.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\HomeTab, , [566219c6bcce0f279b9ae152be45e31d],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\SearchProtectWS, , [9c1ca03fb2d81026fa500506bc479070],
PUP.Optional.ShopAndSave.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\Shop and Save Up-nv-ie, , [4177fbe49cee44f2fb209ce53ec655ab],
PUP.Optional.TNT.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\TNT2, , [67512bb4fa9070c6896b51bb8a7940c0],
PUP.Optional.Wajam.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\WajIEnhance, , [b9ffb728800af145896ec34f05fec739],
PUP.Optional.Wajam.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\WajIntEnhance, , [675131ae197171c5b86ad836e023649c],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, , [4c6c6976593173c36886d136c14242be],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, , [a315479812783105d31cd92e58abe31d],
PUP.Optional.Linkey.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, , [befa2eb1c6c468ce6987d334d3302fd1],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect, , [9820469986040d29b1919aedc63e7888],
PUP.Optional.Vosteran.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, , [febac11e8dfd2a0c747d986f729140c0],
PUP.Optional.Wajam.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, , [2296bf207a10033303efca3da95a3fc1],
PUP.Optional.HomeTab.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\SIMPLYTECH\HomeTab, , [635547984446d6604cfadf65ed1648b8],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3841182015-3767386443-1143244361-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21636, , [dbdd5b8498f2bf77e640e1403bc824dc],

Hodnoty registru: 4
PUP.Optional.CPUMiner.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|cpuminer, C:\Windows\system32\cpuminer-gw64.exe, , [d5e3e5fa17735cda18512a676f95e11f]
PUP.Optional.AskAPN.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F524A2D-5350-4500-76A7-A758B70C1D00}|InstallSource, C:\ProgramData\APN\APN-Stub\ORJ-SPE\, , [7741657af496bf777808738b5da5c33d]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, cmi, , [a71186597713eb4b3a05889c62a1d52b]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\vicoqudu|ImagePath, C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\hnsu2905.tmp, , [b701499625651026ca405d26976d42be]

Data registru: 1
PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA),,[8a2e3aa513773600d67250cf65a0629e]

Složky: 37
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\code, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MultiPlug.A, C:\Users\djourova\AppData\Local\4C4C4544-1435978020-4710-8034-CAC04F333132, , [8a2e27b8d5b50b2b44355c28aa5ae51b],
PUP.Optional.MultiPlug.Gen, C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132, , [43755f80becc2b0b97e8533141c314ec],
PUP.Optional.OptimizerPro.A, C:\Users\djourova\Documents\Optimizer Pro, , [34844d92f793999d1385f399e61edc24],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, , [e0d8eaf5177337ff60d6548ba1618779],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, , [e0d8eaf5177337ff60d6548ba1618779],
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_re_004010007, , [dedab02fc6c41d199d6fe10e6b97e41c],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, , [45738a55afdbea4c310b6a89847eac54],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, , [45738a55afdbea4c310b6a89847eac54],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\image, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\en-US, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-419, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-ES, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-BE, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CA, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CH, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-FR, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-LU, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-CH, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-IT, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pl, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt-BR, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru-MO, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\tr-TR, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\vi-VI, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-CN, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-TW, , [6a4e944bf298063079ca20ddc93948b8],

Soubory: 126
PUP.Optional.XTab.A, C:\Program Files (x86)\MiuiTab\ProtectService.exe, , [9226924d4347db5bec0b1c3e867b56aa],
PUP.Optional.LuckyTab.A, C:\Program Files (x86)\MiuiTab\SupTab.dll, , [ebcd0fd0beccdb5b894ca5d6c73b11ef],
PUP.Optional.BrilliantInstaller.A, C:\ProgramData\InstallMate\{CB4DA319-4D6D-493D-ABD6-054F10AE81EF}\Custom.dll, , [7246de01d1b95adc947a50eaed13a858],
PUP.Optional.WProtectManager.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, , [4672c41bcac0b086bc3e0955d13403fd],
PUP.HistoryTool, C:\Users\djourova\AppData\Roaming\wld\iehv.exe, , [06b219c6abdf68ced51686e9926e6f91],
PUP.Optional.Nova.A, C:\Program Files (x86)\039e3fe8-2d83-4d53-ad3f-947c2cea80ae\77408631-4038-46cd-aac0-7085217fb56d.dll, , [10a8d50ac4c61026a932b99f15ec49b7],
PUP.Optional.Nova.A, C:\Program Files (x86)\18d262ac-86d9-493d-b480-5227d0df5034\0574780c-8583-40a4-b22d-40181b7f8f9f.dll, , [8236a33c0e7c1a1cba213226ab56a45c],
PUP.Optional.Crossrider, C:\Program Files (x86)\18d262ac-86d9-493d-b480-5227d0df5034\af261fbb-9bac-4d47-a862-0aadc461cc06.dll, , [ceeae5fac5c561d5c99166468e7359a7],
PUP.Optional.Nova.A, C:\Program Files (x86)\Adobe\cbb2a54b-2b96-470e-a92f-d02d8f9dc255.dll, , [2d8b1ec18cfe4de977644c0c5da47789],
PUP.Optional.Crossrider, C:\Program Files (x86)\af261fbb-9bac-4d47-a862-0aadc461cc06\90972a7b-81c0-4a6e-b54c-eab20b287abe.dll, , [fbbd1cc38901280e005ac7e5ee1345bb],
PUP.Optional.Nova.A, C:\Program Files (x86)\af261fbb-9bac-4d47-a862-0aadc461cc06\db3497c2-6dd9-4a05-bfc3-82fc2c58a96d.dll, , [6355b22d2f5b6ec897448eca31d043bd],
PUP.Optional.Browserwatch, C:\Program Files (x86)\MiuiTab\BrowerWatchCH.dll, , [8236be21c7c360d651df0e07bc491ee2],
PUP.Optional.Browserwatch, C:\Program Files (x86)\MiuiTab\BrowerWatchFF.dll, , [c8f0cb1434560e28bc74fe17040116ea],
PUP.Optional.Bitcoin, C:\Windows\SysWOW64\acumnchpjs.exe, , [1b9d07d88ffb46f0bc39c50a14ed07f9],
Trojan.BitMiner, C:\Windows\SysWOW64\dcgmnchpjs.exe, , [bafe746b0882211551bf30a571906d93],
PUP.BitCoinMiner, C:\Windows\SysWOW64\lcpmnchpjs.exe, , [8e2a756abad0be784fee20ca17e909f7],
PUP.Optional.OpenCandy, C:\Windows\Temp\avast_ash\GOM Media Player\GOMPLAYERENSETUP.EXE, , [a01856897a1061d57f67bf9104017b85],
PUP.Optional.Softonic, C:\Users\djourova\Downloads\SoftonicDownloader_for_collage-maker.exe, , [b9ffaf30107a3df9255fe5596d931ee2],
PUP.Optional.Softonic, C:\Users\djourova\Downloads\SoftonicDownloader_for_photofiltre.exe, , [dade637cd4b6171f1a6a1f1fcd3352ae],
PUP.Optional.OpenCandy, C:\Users\djourova\Downloads\GOMPLAYERENSETUP.EXE, , [a810d20dcdbd78bee402c090ab5a758b],
PUP.Optional.InstalleRex, C:\Users\djourova\Downloads\Meloriac.exe, , [a4147f60fa90e650676eaa7f5ea3ed13],
PUP.Optional.OpenCandy, C:\Users\djourova\Downloads\PhotoScape_V3.6.5.exe, , [2f89a13ea5e59f9712d4d7798c79e41c],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage, , [e1d7e0ffbdcdd2646c820e0259aae818],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage-journal, , [3a7e647bfe8cbb7b737bec24ec176e92],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\MessageBox.xml, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\402.json, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\uninstallDlg2.xml, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\UninstallManager.exe, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\bg.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\bg1.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\bk_shadow.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\button.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\button1.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\checkbox.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\checkbox_select.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\checked.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\close.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\loading_bg.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\loading_light.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\min.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\scrollbar.bmp, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\Thumbs.db, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\unchecked.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\code\code1.jpg, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\code\code2.jpg, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\code\code3.jpg, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\code\code4.jpg, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\code\code5.jpg, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\code\code6.jpg, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\code\Thumbs.db, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MultiPlug.A, C:\Users\djourova\AppData\Local\4C4C4544-1435978020-4710-8034-CAC04F333132\onsaEFEE.tmp, , [8a2e27b8d5b50b2b44355c28aa5ae51b],
PUP.Optional.MultiPlug.A, C:\Users\djourova\AppData\Local\4C4C4544-1435978020-4710-8034-CAC04F333132\7879.tmp, , [8a2e27b8d5b50b2b44355c28aa5ae51b],
PUP.Optional.MultiPlug.A, C:\Users\djourova\AppData\Local\4C4C4544-1435978020-4710-8034-CAC04F333132\CCA1.tmp, , [8a2e27b8d5b50b2b44355c28aa5ae51b],
PUP.Optional.MultiPlug.A, C:\Users\djourova\AppData\Local\4C4C4544-1435978020-4710-8034-CAC04F333132\pnsaEFEF.exe, , [8a2e27b8d5b50b2b44355c28aa5ae51b],
PUP.Optional.MultiPlug.A, C:\Users\djourova\AppData\Local\4C4C4544-1435978020-4710-8034-CAC04F333132\rnsaEFED.exe, , [8a2e27b8d5b50b2b44355c28aa5ae51b],
PUP.Optional.MultiPlug.A, C:\Users\djourova\AppData\Local\4C4C4544-1435978020-4710-8034-CAC04F333132\Uninstall.exe, , [8a2e27b8d5b50b2b44355c28aa5ae51b],
PUP.Optional.MultiPlug.Gen, C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\hnsu2905.tmp, , [43755f80becc2b0b97e8533141c314ec],
PUP.Optional.MultiPlug.Gen, C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\jnsk1371.tmp, , [43755f80becc2b0b97e8533141c314ec],
PUP.Optional.MultiPlug.Gen, C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\Uninstall.exe, , [43755f80becc2b0b97e8533141c314ec],
PUP.Optional.OptimizerPro.A, C:\Users\djourova\Documents\Optimizer Pro\CookiesException.txt, , [34844d92f793999d1385f399e61edc24],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, , [e0d8eaf5177337ff60d6548ba1618779],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update\conf, , [45738a55afdbea4c310b6a89847eac54],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\CmdShell.exe, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\conf, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\ffsearch_toolbar!1.0.0.1031.xpi, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\HPNotify.exe, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\IeWatchDog.dll, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\install.data, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcp110.dll, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcr110.dll, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\searchProvider.xml, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\uninstall.exe, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\about.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\about_bk.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\btn.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\btn_apply.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\close.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\conf.xml, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\conf_back.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\input_bk.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\logo.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\main.xml, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\radio_1.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\radio_2.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\rigth_arrow.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\settings.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\data.html, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\indexIE.html, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\indexIE8.html, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\main.css, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\ver.txt, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\google_trends.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\icon128.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\icon16.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\icon48.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\loading.gif, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\logo32.ico, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\common.js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\ga.js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\jquery-1.11.0.min.js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\jquery.autocomplete.js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\jquery.xdomainrequest.min.js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\js.js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\library.js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\xagainit-ie8.js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\xagainit2.0.js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\xdomain.min.js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\en-US\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-419\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-ES\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-BE\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CA\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CH\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-FR\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-LU\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-CH\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-IT\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pl\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt-BR\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru-MO\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\tr-TR\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\vi-VI\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-CN\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-TW\messages.json, , [6a4e944bf298063079ca20ddc93948b8],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#14 Příspěvek od **Rudy** » 09 črc 2015 19:50

Všechny nálezy smažte.

DaJo · #15 Příspěvek od **DaJo** » 10 črc 2015 11:02

Pěkný den Rudy,

smazala jsem všechny nálezy, jak jste mi poradil, spustila jsem poté další scan, objevil se další jeden soubor, smazala jsem jej a objevily se další tři, které se stále drží. Systém bohužel také stále obnovit nejde ( počítač je firemní, díky nákaze jsem přišla o Office pro podnikatele,který se smazal a obnovením systému jsem doufala v jeho návrat, proto to stále zkouším

)

posílám log z posledního scanu MBAM :

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 10.7.2015
Čas skenování: 11:42
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.10.02
Databáze rootkitů: v2015.07.09.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: djourova

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 461146
Uplynulý čas: 15 min, 16 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 3
PUP.Optional.OpenCandy, C:\Windows\Temp\avast_ash\GOM Media Player\GOMPLAYERENSETUP.EXE, , [9387a13f6921c274a2cd0a47c3423bc5],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage, , [df3b538d4b3fd660ac9d8889897a23dd],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage-journal, , [2eec08d80d7d82b4d8715eb363a0b64a],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

VIRY.CZ

samovolně vyskakující reklamy, stránky, nelze obnovit systém

samovolně vyskakující reklamy, stránky, nelze obnovit systém

Re: samovolně vyskakující reklamy, stránky, nelze obnovit sy

Re: samovolně vyskakující reklamy, stránky, nelze obnovit sy

Re: samovolně vyskakující reklamy, stránky, nelze obnovit sy

Re: samovolně vyskakující reklamy, stránky, nelze obnovit sy

Re: samovolně vyskakující reklamy, stránky, nelze obnovit sy

Re: samovolně vyskakující reklamy, stránky, nelze obnovit sy

Re: samovolně vyskakující reklamy, stránky, nelze obnovit sy

Re: samovolně vyskakující reklamy, stránky, nelze obnovit sy

Re: samovolně vyskakující reklamy, stránky, nelze obnovit sy

Re: samovolně vyskakující reklamy, stránky, nelze obnovit sy

Re: samovolně vyskakující reklamy, stránky, nelze obnovit sy

Re: samovolně vyskakující reklamy, stránky, nelze obnovit sy

Re: samovolně vyskakující reklamy, stránky, nelze obnovit sy

Re: samovolně vyskakující reklamy, stránky, nelze obnovit sy