Otevírání přílohy mailu pdf odkazuje na škodlivé stránky

Zpráva

jarda.otta · #1 Příspěvek od **jarda.otta** » 07 úno 2016 22:43

Dobrý den. Mám prosím dotaz za kameráda který zajímá i mě. Dnes mě kamarád volal že mu známá poslala dokument v pdf ohledně jejich činosti divadla. Na mě rady aby byl opatrný a při jakémkoliv divném chování či hlašce nic neotvíral a hned mě zavolal. Tak jsem zjistil že když v google chrome otevřel mailovou poštu na seznamu a chtěl soubor pdf otevřít, příloha se neotevřela ale snažilo se to otevřít nějaký web a zabezpečení prohlížeče to zastavilo s tím že tato stránka je nebezpečná atd. Tak jsem mu přes Teamviewer otestoval ten soubor na www.virustotal.com a soubor byl čistý. Bylo by možné že paní co mu poslala tuto přílohu ma mail nebo comp zavirovaný a s tímto souborem resp. mailem svezla i nějaká všivárna? Zkoušel jsem mu nainstalovat Mozillu a v té když jde také na poštu seznamu a do příslušného mailu a chce soubor pdf otevřít tak se situace opakuje. Klokem na pdf přílohu to přesměrovává na nebezpečné stránky. Děkuji vám za jakoukoliv radu.

#2 Příspěvek od **Rudy** » 08 úno 2016 17:32

Zdravím!
Ta příloha by v každém případě měla být smazána. Koukneme se, co v systému běží. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

jarda.otta · #3 Příspěvek od **jarda.otta** » 09 úno 2016 08:04

Děkuji vám za odpověď. Jen se pro upřesnění zeptám. Rsit z compu co obdržel přílohu nebo z toho co jí poslal?

#4 Příspěvek od **Rudy** » 09 úno 2016 18:17

Z toho vašeho. Je třeba zjistit, zda tam mail něco nezanesl. Pokud byste měl možnost řešit i ten odesilatelův, nebudu se bránit.

jarda.otta · #5 Příspěvek od **jarda.otta** » 09 úno 2016 21:56

Děkuji vám. Jak se spojím s kamarádem hned dám rsit. A děkuji.

#6 Příspěvek od **Rudy** » 09 úno 2016 22:24

jarda.otta · #7 Příspěvek od **jarda.otta** » 10 úno 2016 09:26

Zde je log z frst

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-02-2016
Ran by Pavel (administrator) on PAVEL-HP (10-02-2016 09:20:21)
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel (Available Profiles: Pavel)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\stacsv.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\AEstSrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(DivX, LLC) C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
() C:\Program Files\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\Zps.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\Zps.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [QLBController] => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-01-28] (Hewlett-Packard Company)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2010-01-08] (Intel Corporation)
HKLM\...\Run: [PDF Complete] => C:\Program Files\PDF Complete\pdfsty.exe [563736 2010-01-12] (PDF Complete Inc)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1684776 2010-01-22] (Synaptics Incorporated)
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [499768 2009-09-01] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-01-29] (IDT, Inc.)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1226608 2010-12-09] ()
HKLM\...\Run: [DivX Download Manager] => C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe [63360 2010-12-08] (DivX, LLC)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Microsoft Default Manager] => C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5110672 2013-09-12] (ESET)
HKLM\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start hxxp://www.avg.cz/cz.special-uninstallation-fe ... g5NjUtREQx (the data entry has 93 more characters).
HKLM\...\runonceex: [ContentMerger] => c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-11-23] (Sonic Solutions)
HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\...\Run: [HPAdvisorDock] => C:\Program Files\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1515576 2010-02-10] ()
HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\...\Run: [ISUSPM] => -scheduler
HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-01-22] (Hewlett-Packard Company)
HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6495144 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\...\Run: [Google Update] => C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-10] (Google Inc.)
HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [752736 2012-10-18] (ZONER software)
HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\System32\scrnsave.scr [10240 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-08-18]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011-02-22]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2010-12-01]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.80.66.7 10.0.0.2
Tcpip\..\Interfaces\{CFEF4310-B978-4F50-85C5-6395087C63B5}: [DhcpNameServer] 212.80.66.7 10.0.0.2

Internet Explorer:
==================
HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.inbox.com/homepage.aspx?tbid=82120&iwk=258&lng=cs
HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com
URLSearchHook: HKU\S-1-5-21-2660338139-1730461858-1411507599-1001 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKLM -> DefaultScope {783FB0DE-DAD1-42CA-BEEF-3AA2038443F1} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {783FB0DE-DAD1-42CA-BEEF-3AA2038443F1} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-2660338139-1730461858-1411507599-1001 -> DefaultScope {47A40864-9302-4890-BD4F-269163B9F58F} URL = hxxp://www.webhledani.cz/results.aspx?i=42&tp= ... earchTerms}
SearchScopes: HKU\S-1-5-21-2660338139-1730461858-1411507599-1001 -> {47A40864-9302-4890-BD4F-269163B9F58F} URL = hxxp://www.webhledani.cz/results.aspx?i=42&tp= ... earchTerms}
SearchScopes: HKU\S-1-5-21-2660338139-1730461858-1411507599-1001 -> {783FB0DE-DAD1-42CA-BEEF-3AA2038443F1} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-2660338139-1730461858-1411507599-1001 -> {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = hxxp://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=82120&iwk=258&lng=cs
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)
BHO: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll [2009-03-26] (Zeon Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll [2009-03-26] (Zeon Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\0guhivzd.default
FF Homepage: www.seznam.cz
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)
FF Plugin: @divx.com/DivX OVS Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2010-11-20] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2660338139-1730461858-1411507599-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Pavel\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-2660338139-1730461858-1411507599-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Pavel\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010-12-22] [not signed]
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010-12-22] [not signed]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-02-22] [not signed]
FF HKLM\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-02-23] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013-11-20] [not signed]
FF HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=1
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Plugin: (Native Client) - C:\Users\Pavel\AppData\Local\Google\Chrome\Application\48.0.2564.103\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Pavel\AppData\Local\Google\Chrome\Application\48.0.2564.103\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\Pavel\AppData\Local\Google\Chrome\Application\48.0.2564.103\gcswf32.dll => No File
CHR Plugin: (AVG Internet Security) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll => No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\PFiles\Plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (DivX OVS Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Zeon Plus) - C:\Program Files\Nuance\PDF Reader\bin\nppdf.dll => No File
CHR Plugin: (Google Update) - C:\Users\Pavel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (AdBlock) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-05]
CHR Extension: (Vecteezy) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbikmcofgfloceknnakcdilanlebhagj [2016-01-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08]
StartMenuInternet: Google Chrome - C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AcronisOSSReinstallSvc; C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe [2217416 2007-02-22] ()
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1337752 2013-09-12] (ESET)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [120832 2009-10-15] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [265272 2010-01-28] (Hewlett-Packard Company)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [File not signed]
S2 Net Driver HPZ12; C:\windows\system32\HPZinw12.dll [44032 2010-01-18] (Hewlett-Packard) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2010-01-12] (PDF Complete Inc)
R2 PDFProFiltSrv; C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe [134944 2009-11-03] (Nuance Communications, Inc.)
S2 Pml Driver HPZ12; C:\windows\system32\HPZipm12.dll [53760 2010-01-18] (Hewlett-Packard) [File not signed]
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe [229458 2010-01-29] (IDT, Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [188808 2013-09-17] (ESET)
R1 ehdrv; C:\windows\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET)
R2 epfwwfpr; C:\windows\System32\DRIVERS\epfwwfpr.sys [122376 2013-09-17] (ESET)
R3 rtsuvc; C:\windows\System32\DRIVERS\rtsuvc.sys [73344 2010-01-30] (Realtek Semiconductor Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-10 09:20 - 2016-02-10 09:20 - 00019640 _____ C:\Users\Pavel\Desktop\FRST.txt
2016-02-10 09:20 - 2016-02-10 09:20 - 00000000 ____D C:\FRST
2016-02-10 09:18 - 2016-02-10 09:18 - 01721344 _____ (Farbar) C:\Users\Pavel\Desktop\FRST.exe
2016-02-10 09:12 - 2014-12-13 14:55 - 01107968 _____ C:\Users\Pavel\Desktop\RSIT.exe
2016-02-07 22:19 - 2016-02-07 22:25 - 00000000 ____D C:\Users\Pavel\AppData\Local\Mozilla
2016-02-07 22:19 - 2016-02-07 22:19 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\Mozilla
2016-02-07 22:18 - 2016-02-07 22:18 - 00001121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-07 22:18 - 2016-02-07 22:18 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-07 22:18 - 2016-02-07 22:18 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-07 22:18 - 2016-02-07 22:18 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-05 01:39 - 2016-02-05 01:39 - 00000000 ___RD C:\Program Files\Skype
2016-02-05 01:39 - 2016-02-05 01:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-02-05 01:39 - 2016-02-05 01:39 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-02-02 01:35 - 2016-02-10 08:40 - 00000962 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1d15d519b762ae3.job
2016-01-13 18:00 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-01-13 18:00 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-01-13 18:00 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-01-13 18:00 - 2015-12-12 18:49 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-01-13 18:00 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-01-13 18:00 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-01-13 18:00 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-01-13 18:00 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-01-13 18:00 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-01-13 18:00 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-01-13 18:00 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-01-13 18:00 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-01-13 18:00 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-01-13 18:00 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-01-13 18:00 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-01-13 18:00 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-01-13 18:00 - 2015-12-12 18:27 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-01-13 18:00 - 2015-12-12 18:22 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-01-13 18:00 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-01-13 18:00 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-01-13 18:00 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-01-13 18:00 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-01-13 18:00 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-01-13 18:00 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-01-13 18:00 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-01-13 18:00 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-01-13 18:00 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-01-13 18:00 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-01-13 18:00 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-01-13 18:00 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-01-13 18:00 - 2015-12-12 18:00 - 00684032 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-01-13 18:00 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-01-13 18:00 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-01-13 18:00 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-01-13 17:59 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-01-13 17:59 - 2015-11-17 01:45 - 00022464 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-01-13 17:59 - 2015-11-17 01:42 - 01230848 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-01-13 17:59 - 2015-11-17 01:42 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-01-13 17:59 - 2015-11-17 01:42 - 00591872 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-01-13 17:59 - 2015-11-17 01:42 - 00425984 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-01-13 17:59 - 2015-11-17 01:42 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-01-13 17:58 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2016-01-13 17:58 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-01-13 17:58 - 2015-12-30 19:47 - 00138176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-01-13 17:58 - 2015-12-30 19:47 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-01-13 17:58 - 2015-12-30 19:44 - 01308160 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-01-13 17:58 - 2015-12-30 19:41 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-01-13 17:58 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-01-13 17:58 - 2015-12-30 19:41 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-01-13 17:58 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-01-13 17:58 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-01-13 17:58 - 2015-12-30 19:40 - 00654336 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-01-13 17:58 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-01-13 17:58 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-01-13 17:58 - 2015-12-30 19:39 - 01060864 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-01-13 17:58 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-01-13 17:58 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-01-13 17:58 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-01-13 17:58 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-01-13 17:58 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-01-13 17:58 - 2015-12-30 19:38 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-01-13 17:58 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-01-13 17:58 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-01-13 17:58 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-01-13 17:58 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-01-13 17:58 - 2015-12-30 18:38 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-01-13 17:58 - 2015-12-30 18:32 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-01-13 17:58 - 2015-12-30 18:32 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-01-13 17:58 - 2015-12-30 18:32 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-01-13 17:58 - 2015-12-30 18:30 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-01-13 17:58 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-01-13 17:58 - 2015-12-30 18:30 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-01-13 17:58 - 2015-12-30 18:30 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-01-13 17:58 - 2015-12-11 19:35 - 00951808 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-01-13 17:58 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2016-01-13 17:58 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2016-01-13 17:58 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\windows\system32\WMVENCOD.DLL
2016-01-13 17:58 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOE.DLL
2016-01-13 17:58 - 2015-12-08 22:54 - 01202688 _____ (Microsoft Corporation) C:\windows\system32\WMALFXGFXDSP.dll
2016-01-13 17:58 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
2016-01-13 17:58 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\windows\system32\WMADMOE.DLL
2016-01-13 17:58 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2016-01-13 17:58 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
2016-01-13 17:58 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\windows\system32\WMVXENCD.DLL
2016-01-13 17:58 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
2016-01-13 17:58 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\windows\system32\WMVSENCD.DLL
2016-01-13 17:58 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\windows\system32\VIDRESZR.DLL
2016-01-13 17:58 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2adec.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\windows\system32\MSMPEG2ENC.DLL
2016-01-13 17:58 - 2015-12-08 22:53 - 00728576 _____ (Microsoft Corporation) C:\windows\system32\mcmde.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\MFWMAAEC.DLL
2016-01-13 17:58 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\windows\system32\MP4SDECD.DLL
2016-01-13 17:58 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00338944 _____ (Microsoft Corporation) C:\windows\system32\SysFxUI.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00305664 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\MPG4DECD.DLL
2016-01-13 17:58 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\MP43DECD.DLL
2016-01-13 17:58 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\RESAMPLEDMO.DLL
2016-01-13 17:58 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\qasf.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
2016-01-13 17:58 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\windows\system32\COLORCNV.DLL
2016-01-13 17:58 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\MP3DMOD.DLL
2016-01-13 17:58 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\devenum.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\mfvdsp.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2016-01-13 17:58 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2016-01-13 17:58 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\windows\system32\ksuser.dll
2016-01-13 17:58 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2016-01-13 17:58 - 2015-12-08 22:43 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2016-01-13 17:58 - 2015-12-08 22:11 - 00177152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2016-01-13 17:58 - 2015-12-08 22:11 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmkaud.sys
2016-01-13 17:58 - 2015-12-08 22:00 - 02386944 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-01-13 17:58 - 2015-11-16 21:12 - 00176128 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-01-13 17:58 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\mapistub.dll
2016-01-13 17:58 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\mapi32.dll
2016-01-13 17:58 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\fixmapi.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-10 09:21 - 2015-05-18 21:18 - 00000962 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1d091a7d1afff26.job
2016-02-10 09:15 - 2014-03-28 07:07 - 00000962 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1cf4a4c1036904b.job
2016-02-10 08:44 - 2009-07-14 05:34 - 00022688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-10 08:44 - 2009-07-14 05:34 - 00022688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-10 08:40 - 2015-07-22 17:16 - 00000962 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1d0c499cb5f4b8f.job
2016-02-10 08:38 - 2015-02-04 20:10 - 00000962 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1d040ae4bd6dbde.job
2016-02-10 01:40 - 2014-03-28 07:07 - 00000910 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001Core1cf4a4c10095626.job
2016-02-10 01:17 - 2015-10-03 09:14 - 00000000 ____D C:\FOTO
2016-02-08 18:13 - 2015-10-23 15:50 - 00000320 _____ C:\windows\Tasks\HPCeeScheduleForPavel.job
2016-02-08 16:41 - 2010-03-27 03:50 - 00756524 _____ C:\windows\system32\PerfStringBackup.INI
2016-02-08 16:37 - 2010-12-22 18:28 - 00000000 ____D C:\Users\Pavel\AppData\LocalLow\boost_interprocess
2016-02-08 16:37 - 2010-03-27 04:36 - 00000177 _____ C:\ProgramData\HPWALog.txt
2016-02-08 16:37 - 2009-07-14 05:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-02-08 10:36 - 2010-12-10 19:41 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\Skype
2016-02-08 01:12 - 2010-12-01 15:45 - 00000000 ____D C:\Users\Pavel
2016-02-07 22:10 - 2015-10-06 08:20 - 00000000 ____D C:\Program Files\TeamViewer
2016-02-05 01:39 - 2014-03-12 09:35 - 00000000 ____D C:\Users\Pavel\AppData\Local\Skype
2016-02-05 01:39 - 2010-08-18 05:27 - 00000000 ____D C:\ProgramData\Skype
2016-02-05 01:31 - 2011-03-08 13:16 - 00000000 ____D C:\Users\Pavel\Divis hudba atd
2016-02-03 23:16 - 2013-12-01 12:12 - 00000000 ____D C:\Users\Pavel\AppData\Local\CrashDumps
2016-02-03 22:37 - 2010-12-14 19:47 - 00002393 _____ C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-29 02:31 - 2010-12-14 19:47 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-14 10:35 - 2009-07-14 05:33 - 00457680 _____ C:\windows\system32\FNTCACHE.DAT
2016-01-14 10:34 - 2014-12-11 09:28 - 00000000 ____D C:\windows\system32\appraiser
2016-01-14 10:34 - 2014-05-06 06:45 - 00000000 ___SD C:\windows\system32\CompatTel
2016-01-14 10:33 - 2011-02-22 16:31 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 01:46 - 2011-02-23 10:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

==================== Files in the root of some directories =======

2011-01-21 20:58 - 2011-01-21 20:58 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-03-27 04:36 - 2016-02-08 16:37 - 0000177 _____ () C:\ProgramData\HPWALog.txt
2011-02-22 16:24 - 2015-04-12 08:45 - 0007619 _____ () C:\ProgramData\hpzinstall.log
2011-03-06 19:35 - 2011-03-06 19:35 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys

Some files in TEMP:
====================
C:\Users\Pavel\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-01-30 18:32

==================== End of FRST.txt ============================

#8 Příspěvek od **Rudy** » 10 úno 2016 16:47

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

jarda.otta · #9 Příspěvek od **jarda.otta** » 10 úno 2016 18:05

LOG Z ADWC

# AdwCleaner v5.009 - Logfile created 30/09/2015 at 17:02:08
# Updated 27/09/2015 by Xplode
# Database : 2015-09-30.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Pavel - PAVEL-HP
# Running from : C:\Users\Pavel\Desktop\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\Inbox Toolbar
[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
[-] Folder Deleted : C:\Users\Pavel\AppData\LocalLow\AVG Security Toolbar
[-] Folder Deleted : C:\Users\Pavel\AppData\LocalLow\HPAppData
[-] Folder Deleted : C:\Users\Pavel\AppData\LocalLow\Inbox Toolbar
[-] Folder Deleted : C:\Users\Pavel\AppData\Roaming\AD ON Multimedia
[-] Folder Deleted : C:\Users\Pavel\AppData\Roaming\OpenCandy

***** [ Files ] *****

[-] File Deleted : C:\Users\Pavel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
[-] File Deleted : C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk

***** [ Shortcuts ] *****

# AdwCleaner v5.033 - Logfile created 10/02/2016 at 17:53:21
# Updated 07/02/2016 by Xplode
# Database : 2016-02-07.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Pavel - PAVEL-HP
# Running from : C:\Users\Pavel\Desktop\adwcleaner_5.033.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Users\Pavel\AppData\LocalLow\HPAppData

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}

***** [ Web browsers ] *****

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2128 bytes] ##########
------------------------------------------------------------------------------

Prosím dotaz jestli bych mohl dát i log z fsrt od odesílatelky mailu do tohoto compu nebo mám založit nové vlákno?

#10 Příspěvek od **Rudy** » 10 úno 2016 18:23

Dejte nový log FRST.

jarda.otta · #11 Příspěvek od **jarda.otta** » 12 úno 2016 11:18

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-02-2016
Ran by Pavel (administrator) on PAVEL-HP (12-02-2016 09:31:32)
Running from C:\Users\Pavel\Desktop\nemazat
Loaded Profiles: Pavel (Available Profiles: Pavel)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\stacsv.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\AEstSrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(DivX, LLC) C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
() C:\Program Files\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Google Inc.) C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [QLBController] => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-01-28] (Hewlett-Packard Company)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2010-01-08] (Intel Corporation)
HKLM\...\Run: [PDF Complete] => C:\Program Files\PDF Complete\pdfsty.exe [563736 2010-01-12] (PDF Complete Inc)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1684776 2010-01-22] (Synaptics Incorporated)
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [499768 2009-09-01] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-01-29] (IDT, Inc.)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1226608 2010-12-09] ()
HKLM\...\Run: [DivX Download Manager] => C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe [63360 2010-12-08] (DivX, LLC)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Microsoft Default Manager] => C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5110672 2013-09-12] (ESET)
HKLM\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start hxxp://www.avg.cz/cz.special-uninstallation-fe ... g5NjUtREQx (the data entry has 93 more characters).
HKLM\...\runonceex: [ContentMerger] => c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-11-23] (Sonic Solutions)
HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\...\Run: [HPAdvisorDock] => C:\Program Files\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1515576 2010-02-10] ()
HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\...\Run: [ISUSPM] => -scheduler
HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-01-22] (Hewlett-Packard Company)
HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6495144 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [752736 2012-10-18] (ZONER software)
HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\System32\scrnsave.scr [10240 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-08-18]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011-02-22]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2010-12-01]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.80.66.7 10.0.0.2
Tcpip\..\Interfaces\{CFEF4310-B978-4F50-85C5-6395087C63B5}: [DhcpNameServer] 212.80.66.7 10.0.0.2

Internet Explorer:
==================
HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com
URLSearchHook: HKU\S-1-5-21-2660338139-1730461858-1411507599-1001 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKLM -> DefaultScope {783FB0DE-DAD1-42CA-BEEF-3AA2038443F1} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {783FB0DE-DAD1-42CA-BEEF-3AA2038443F1} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-2660338139-1730461858-1411507599-1001 -> DefaultScope {47A40864-9302-4890-BD4F-269163B9F58F} URL = hxxp://www.webhledani.cz/results.aspx?i=42&tp= ... earchTerms}
SearchScopes: HKU\S-1-5-21-2660338139-1730461858-1411507599-1001 -> {47A40864-9302-4890-BD4F-269163B9F58F} URL = hxxp://www.webhledani.cz/results.aspx?i=42&tp= ... earchTerms}
SearchScopes: HKU\S-1-5-21-2660338139-1730461858-1411507599-1001 -> {783FB0DE-DAD1-42CA-BEEF-3AA2038443F1} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)
BHO: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll [2009-03-26] (Zeon Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll [2009-03-26] (Zeon Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\0guhivzd.default
FF Homepage: www.seznam.cz
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)
FF Plugin: @divx.com/DivX OVS Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2010-11-20] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2660338139-1730461858-1411507599-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Pavel\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-2660338139-1730461858-1411507599-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Pavel\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010-12-22] [not signed]
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010-12-22] [not signed]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-02-22] [not signed]
FF HKLM\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-02-23] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013-11-20] [not signed]
FF HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=1
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Plugin: (Native Client) - C:\Users\Pavel\AppData\Local\Google\Chrome\Application\48.0.2564.103\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Pavel\AppData\Local\Google\Chrome\Application\48.0.2564.103\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\Pavel\AppData\Local\Google\Chrome\Application\48.0.2564.103\gcswf32.dll => No File
CHR Plugin: (AVG Internet Security) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll => No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\PFiles\Plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (DivX OVS Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Zeon Plus) - C:\Program Files\Nuance\PDF Reader\bin\nppdf.dll => No File
CHR Plugin: (Google Update) - C:\Users\Pavel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (AdBlock) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-05]
CHR Extension: (Vecteezy) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbikmcofgfloceknnakcdilanlebhagj [2016-01-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08]
StartMenuInternet: Google Chrome - C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AcronisOSSReinstallSvc; C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe [2217416 2007-02-22] ()
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1337752 2013-09-12] (ESET)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [120832 2009-10-15] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [265272 2010-01-28] (Hewlett-Packard Company)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [File not signed]
S2 Net Driver HPZ12; C:\windows\system32\HPZinw12.dll [44032 2010-01-18] (Hewlett-Packard) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2010-01-12] (PDF Complete Inc)
R2 PDFProFiltSrv; C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe [134944 2009-11-03] (Nuance Communications, Inc.)
S2 Pml Driver HPZ12; C:\windows\system32\HPZipm12.dll [53760 2010-01-18] (Hewlett-Packard) [File not signed]
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe [229458 2010-01-29] (IDT, Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [188808 2013-09-17] (ESET)
R1 ehdrv; C:\windows\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET)
R2 epfwwfpr; C:\windows\System32\DRIVERS\epfwwfpr.sys [122376 2013-09-17] (ESET)
R3 rtsuvc; C:\windows\System32\DRIVERS\rtsuvc.sys [73344 2010-01-30] (Realtek Semiconductor Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-10 17:52 - 2016-01-16 19:42 - 00022464 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-02-10 17:52 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-02-10 17:52 - 2016-01-16 19:34 - 00949760 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-02-10 17:52 - 2016-01-11 15:07 - 01198080 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-02-10 17:52 - 2016-01-11 15:07 - 00591360 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-02-10 17:52 - 2016-01-11 15:07 - 00544768 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-02-10 17:52 - 2016-01-11 15:07 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-02-10 17:52 - 2016-01-11 15:07 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-02-10 17:51 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-02-10 17:51 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-02-10 17:51 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-02-10 17:51 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-02-10 17:50 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2016-02-10 17:50 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-02-10 17:50 - 2016-01-22 07:13 - 00138176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-02-10 17:50 - 2016-01-22 07:13 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-02-10 17:50 - 2016-01-22 07:09 - 01310232 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-02-10 17:50 - 2016-01-22 07:06 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-02-10 17:50 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-02-10 17:50 - 2016-01-22 07:06 - 00169984 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-02-10 17:50 - 2016-01-22 07:06 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-02-10 17:50 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-02-10 17:50 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-02-10 17:50 - 2016-01-22 07:05 - 00654336 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-02-10 17:50 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-02-10 17:50 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-02-10 17:50 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2016-02-10 17:50 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\windows\system32\EncDec.dll
2016-02-10 17:50 - 2016-01-22 07:02 - 01060864 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-02-10 17:50 - 2016-01-22 07:02 - 00872448 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-02-10 17:50 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-02-10 17:50 - 2016-01-22 07:02 - 00293888 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-02-10 17:50 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-02-10 17:50 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-02-10 17:50 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\windows\system32\msorcl32.dll
2016-02-10 17:50 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-02-10 17:50 - 2016-01-22 06:01 - 00271360 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-02-10 17:50 - 2016-01-22 06:00 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-02-10 17:50 - 2016-01-22 05:53 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-02-10 17:50 - 2016-01-22 05:53 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-02-10 17:50 - 2016-01-22 05:53 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-02-10 17:50 - 2016-01-22 05:51 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-02-10 17:50 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-02-10 17:50 - 2016-01-22 05:51 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-02-10 17:50 - 2016-01-22 05:51 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-02-10 17:50 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 17:50 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 17:50 - 2016-01-07 18:47 - 02386944 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-02-10 17:50 - 2016-01-07 18:35 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2016-02-10 17:50 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2016-02-10 17:50 - 2016-01-06 18:56 - 00019968 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2016-02-10 17:49 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-02-10 17:49 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-02-10 17:49 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-02-10 17:49 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-02-10 17:49 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-02-10 17:49 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-02-10 17:49 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-02-10 17:49 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-02-10 17:49 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-02-10 17:49 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 17:49 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 17:48 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-02-10 17:48 - 2016-01-22 07:14 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-02-10 17:48 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-02-10 17:48 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-02-10 17:48 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-02-10 17:48 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-02-10 17:48 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-02-10 17:48 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-02-10 17:48 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-02-10 17:48 - 2016-01-22 06:52 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-02-10 17:48 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-02-10 17:48 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-02-10 17:48 - 2016-01-22 06:51 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-02-10 17:48 - 2016-01-22 06:46 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-02-10 17:48 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-02-10 17:48 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 17:48 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-02-10 17:48 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-02-10 17:48 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-02-10 17:48 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-02-10 17:48 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-02-10 17:48 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-02-10 17:48 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-02-10 17:48 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-02-10 17:48 - 2016-01-22 06:25 - 00684032 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-02-10 17:48 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-02-10 17:48 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-02-10 17:48 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-02-10 17:48 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-02-10 17:47 - 2016-01-11 19:47 - 02956288 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2016-02-10 17:47 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2016-02-10 17:47 - 2016-01-11 19:35 - 00073728 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2016-02-10 17:47 - 2016-01-11 19:17 - 02062848 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-02-10 17:47 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2016-02-10 17:47 - 2016-01-11 19:14 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2016-02-10 17:47 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2016-02-10 17:47 - 2016-01-11 19:14 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2016-02-10 17:47 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2016-02-10 17:47 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2016-02-10 17:47 - 2016-01-11 19:14 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2016-02-10 17:44 - 2016-02-10 18:25 - 00000000 ____D C:\Users\Pavel\FOTKY
2016-02-10 17:44 - 2016-02-10 17:44 - 00014336 ___SH C:\Users\Pavel\Thumbs.db
2016-02-10 09:28 - 2016-02-10 18:49 - 00000000 ____D C:\Users\Pavel\Desktop\nemazat
2016-02-10 09:20 - 2016-02-12 09:31 - 00000000 ____D C:\FRST
2016-02-07 22:19 - 2016-02-07 22:25 - 00000000 ____D C:\Users\Pavel\AppData\Local\Mozilla
2016-02-07 22:19 - 2016-02-07 22:19 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\Mozilla
2016-02-07 22:18 - 2016-02-07 22:18 - 00001121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-07 22:18 - 2016-02-07 22:18 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-07 22:18 - 2016-02-07 22:18 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-07 22:18 - 2016-02-07 22:18 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-05 01:39 - 2016-02-05 01:39 - 00000000 ___RD C:\Program Files\Skype
2016-02-05 01:39 - 2016-02-05 01:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-02-05 01:39 - 2016-02-05 01:39 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-02-02 01:35 - 2016-02-12 09:28 - 00000962 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1d15d519b762ae3.job
2016-01-13 17:58 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2016-01-13 17:58 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2016-01-13 17:58 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\windows\system32\WMVENCOD.DLL
2016-01-13 17:58 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOE.DLL
2016-01-13 17:58 - 2015-12-08 22:54 - 01202688 _____ (Microsoft Corporation) C:\windows\system32\WMALFXGFXDSP.dll
2016-01-13 17:58 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
2016-01-13 17:58 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\windows\system32\WMADMOE.DLL
2016-01-13 17:58 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2016-01-13 17:58 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
2016-01-13 17:58 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\windows\system32\WMVXENCD.DLL
2016-01-13 17:58 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
2016-01-13 17:58 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\windows\system32\WMVSENCD.DLL
2016-01-13 17:58 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\windows\system32\VIDRESZR.DLL
2016-01-13 17:58 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2adec.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\windows\system32\MSMPEG2ENC.DLL
2016-01-13 17:58 - 2015-12-08 22:53 - 00728576 _____ (Microsoft Corporation) C:\windows\system32\mcmde.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\MFWMAAEC.DLL
2016-01-13 17:58 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\windows\system32\MP4SDECD.DLL
2016-01-13 17:58 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00338944 _____ (Microsoft Corporation) C:\windows\system32\SysFxUI.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00305664 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\MPG4DECD.DLL
2016-01-13 17:58 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\MP43DECD.DLL
2016-01-13 17:58 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\RESAMPLEDMO.DLL
2016-01-13 17:58 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\qasf.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
2016-01-13 17:58 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\windows\system32\COLORCNV.DLL
2016-01-13 17:58 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\MP3DMOD.DLL
2016-01-13 17:58 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\devenum.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\mfvdsp.dll
2016-01-13 17:58 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2016-01-13 17:58 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2016-01-13 17:58 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\windows\system32\ksuser.dll
2016-01-13 17:58 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2016-01-13 17:58 - 2015-12-08 22:43 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2016-01-13 17:58 - 2015-12-08 22:11 - 00177152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2016-01-13 17:58 - 2015-12-08 22:11 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmkaud.sys
2016-01-13 17:58 - 2015-11-16 21:12 - 00176128 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-01-13 17:58 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\mapistub.dll
2016-01-13 17:58 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\mapi32.dll
2016-01-13 17:58 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\fixmapi.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-12 09:28 - 2015-07-22 17:16 - 00000962 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1d0c499cb5f4b8f.job
2016-02-12 09:28 - 2015-05-18 21:18 - 00000962 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1d091a7d1afff26.job
2016-02-12 09:28 - 2015-02-04 20:10 - 00000962 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1d040ae4bd6dbde.job
2016-02-12 09:28 - 2014-03-28 07:07 - 00000962 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1cf4a4c1036904b.job
2016-02-12 05:49 - 2014-03-28 07:07 - 00000910 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001Core1cf4a4c10095626.job
2016-02-11 23:21 - 2009-07-14 05:34 - 00022688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-11 23:21 - 2009-07-14 05:34 - 00022688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-11 16:39 - 2010-12-22 18:28 - 00000000 ____D C:\Users\Pavel\AppData\LocalLow\boost_interprocess
2016-02-11 16:38 - 2010-03-27 04:36 - 00000178 _____ C:\ProgramData\HPWALog.txt
2016-02-11 16:38 - 2009-07-14 05:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-02-11 00:45 - 2010-12-14 19:47 - 00002393 _____ C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-11 00:32 - 2010-03-27 03:50 - 00756524 _____ C:\windows\system32\PerfStringBackup.INI
2016-02-11 00:24 - 2009-07-14 05:33 - 00457680 _____ C:\windows\system32\FNTCACHE.DAT
2016-02-11 00:22 - 2014-12-11 09:28 - 00000000 ____D C:\windows\system32\appraiser
2016-02-11 00:22 - 2014-05-06 06:45 - 00000000 ___SD C:\windows\system32\CompatTel
2016-02-11 00:22 - 2009-07-27 12:09 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 18:30 - 2015-10-06 08:20 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\TeamViewer
2016-02-10 17:55 - 2015-10-23 15:50 - 00000320 _____ C:\windows\Tasks\HPCeeScheduleForPavel.job
2016-02-10 17:47 - 2015-09-30 16:00 - 00000000 ____D C:\AdwCleaner
2016-02-10 17:46 - 2010-12-01 15:45 - 00000000 ____D C:\Users\Pavel
2016-02-10 17:43 - 2011-01-22 11:31 - 00000000 ____D C:\Users\Pavel\film
2016-02-10 16:45 - 2015-10-03 09:14 - 00000000 ____D C:\FOTO
2016-02-08 10:36 - 2010-12-10 19:41 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\Skype
2016-02-07 22:10 - 2015-10-06 08:20 - 00000000 ____D C:\Program Files\TeamViewer
2016-02-05 01:39 - 2014-03-12 09:35 - 00000000 ____D C:\Users\Pavel\AppData\Local\Skype
2016-02-05 01:39 - 2010-08-18 05:27 - 00000000 ____D C:\ProgramData\Skype
2016-02-05 01:31 - 2011-03-08 13:16 - 00000000 ____D C:\Users\Pavel\Divis hudba atd
2016-02-03 23:16 - 2013-12-01 12:12 - 00000000 ____D C:\Users\Pavel\AppData\Local\CrashDumps
2016-01-29 02:31 - 2010-12-14 19:47 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-14 10:33 - 2011-02-22 16:31 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 01:46 - 2011-02-23 10:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

==================== Files in the root of some directories =======

2011-01-21 20:58 - 2011-01-21 20:58 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-03-27 04:36 - 2016-02-11 16:38 - 0000178 _____ () C:\ProgramData\HPWALog.txt
2011-02-22 16:24 - 2015-04-12 08:45 - 0007619 _____ () C:\ProgramData\hpzinstall.log
2011-03-06 19:35 - 2011-03-06 19:35 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys

Some files in TEMP:
====================
C:\Users\Pavel\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-01-30 18:32

==================== End of FRST.txt ============================

#12 Příspěvek od **Rudy** » 12 úno 2016 18:23

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com
URLSearchHook: HKU\S-1-5-21-2660338139-1730461858-1411507599-1001 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKLM -> DefaultScope {783FB0DE-DAD1-42CA-BEEF-3AA2038443F1} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {783FB0DE-DAD1-42CA-BEEF-3AA2038443F1} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-2660338139-1730461858-1411507599-1001 -> DefaultScope {47A40864-9302-4890-BD4F-269163B9F58F} URL =
SearchScopes: HKU\S-1-5-21-2660338139-1730461858-1411507599-1001 -> {783FB0DE-DAD1-42CA-BEEF-3AA2038443F1} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
CHR Plugin: (Shockwave Flash) - C:\Users\Pavel\AppData\Local\Google\Chrome\Application\48.0.2564.103\gcswf32.dll => No File
CHR Plugin: (AVG Internet Security) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Zeon Plus) - C:\Program Files\Nuance\PDF Reader\bin\nppdf.dll => No File
CHR Plugin: (Google Update) - C:\Users\Pavel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1d15d519b762ae3.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1d0c499cb5f4b8f.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1d091a7d1afff26.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1d040ae4bd6dbde.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1cf4a4c1036904b.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001Core1cf4a4c10095626.job
C:\ProgramData\KGyGaAvL.sys
C:\Users\Pavel\AppData\Local\Temp
End

Uložte do C:\Users\Pavel\Desktop\nemazat jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

jarda.otta · #13 Příspěvek od **jarda.otta** » 14 úno 2016 10:30

Fix result of Farbar Recovery Scan Tool (x86) Version:07-02-2016
Ran by Pavel (2016-02-14 10:23:00) Run:1
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel (Available Profiles: Pavel)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com
URLSearchHook: HKU\S-1-5-21-2660338139-1730461858-1411507599-1001 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKLM -> DefaultScope {783FB0DE-DAD1-42CA-BEEF-3AA2038443F1} URL = hxxp://www.bing.com/search?q={searchTerms}

&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {783FB0DE-DAD1-42CA-BEEF-3AA2038443F1} URL = hxxp://www.bing.com/search?q={searchTerms}

&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2660338139-1730461858-1411507599-1001 -> DefaultScope {47A40864-9302-4890-BD4F-269163B9F58F} URL =
SearchScopes: HKU\S-1-5-21-2660338139-1730461858-1411507599-1001 -> {783FB0DE-DAD1-42CA-BEEF-3AA2038443F1} URL =

hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
CHR Plugin: (Shockwave Flash) - C:\Users\Pavel\AppData\Local\Google\Chrome\Application\48.0.2564.103\gcswf32.dll => No File
CHR Plugin: (AVG Internet Security) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0

\plugins/avgnpss.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Zeon Plus) - C:\Program Files\Nuance\PDF Reader\bin\nppdf.dll => No File
CHR Plugin: (Google Update) - C:\Users\Pavel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1d15d519b762ae3.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1d0c499cb5f4b8f.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1d091a7d1afff26.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1d040ae4bd6dbde.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1cf4a4c1036904b.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001Core1cf4a4c10095626.job
C:\ProgramData\KGyGaAvL.sys
C:\Users\Pavel\AppData\Local\Temp
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.
HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C}

=> value removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{783FB0DE-DAD1-42CA-BEEF-3AA2038443F1}" => key removed successfully.
HKCR\CLSID\{783FB0DE-DAD1-42CA-BEEF-3AA2038443F1} => key not found.
HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKU\S-1-5-21-2660338139-1730461858-1411507599-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{783FB0DE-DAD1-42CA-BEEF-

3AA2038443F1}" => key removed successfully.
HKCR\CLSID\{783FB0DE-DAD1-42CA-BEEF-3AA2038443F1} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully.
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\48.0.2564.103\gcswf32.dll => not found.
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll => not found.
C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => not found.
C:\Program Files\Nuance\PDF Reader\bin\nppdf.dll => not found.
C:\Users\Pavel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => not found.
c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => not found.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1d15d519b762ae3.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1d0c499cb5f4b8f.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1d091a7d1afff26.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1d040ae4bd6dbde.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001UA1cf4a4c1036904b.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2660338139-1730461858-1411507599-1001Core1cf4a4c10095626.job => moved successfully
C:\ProgramData\KGyGaAvL.sys => moved successfully

"C:\Users\Pavel\AppData\Local\Temp" folder move:

Could not move "C:\Users\Pavel\AppData\Local\Temp" => Scheduled to move on reboot.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-02-14 10:25:27)

C:\Users\Pavel\AppData\Local\Temp => moved successfully

==== End of Fixlog 10:25:27 ====

#14 Příspěvek od **Rudy** » 14 úno 2016 11:11

Smazáno. Nastala nějaká změna?

jarda.otta · #15 Příspěvek od **jarda.otta** » 14 úno 2016 12:05

Comp se zdá dobrý a velice vám děkuji za perfekt službu. Kamarád pošle příspěvek. Někdy v týdnu vás poprosím o to samé z kompu jeho přítelkyně která mu tu špatnou přílohu poslala. Jsou to starší lidé a paní dokonce má komp bez antivirové ochrany takže se není čemu divit. Prozatím jsem ji nainstaloval Avast. Takže ještě jednou děkuji a jsem s pozdravem.

VIRY.CZ

Otevírání přílohy mailu pdf odkazuje na škodlivé stránky

Otevírání přílohy mailu pdf odkazuje na škodlivé stránky

Re: Otevírání přílohy mailu pdf odkazuje na škodlivé stránky

Re: Otevírání přílohy mailu pdf odkazuje na škodlivé stránky

Re: Otevírání přílohy mailu pdf odkazuje na škodlivé stránky

Re: Otevírání přílohy mailu pdf odkazuje na škodlivé stránky

Re: Otevírání přílohy mailu pdf odkazuje na škodlivé stránky

Re: Otevírání přílohy mailu pdf odkazuje na škodlivé stránky

Re: Otevírání přílohy mailu pdf odkazuje na škodlivé stránky

Re: Otevírání přílohy mailu pdf odkazuje na škodlivé stránky

Re: Otevírání přílohy mailu pdf odkazuje na škodlivé stránky

Re: Otevírání přílohy mailu pdf odkazuje na škodlivé stránky

Re: Otevírání přílohy mailu pdf odkazuje na škodlivé stránky

Re: Otevírání přílohy mailu pdf odkazuje na škodlivé stránky

Re: Otevírání přílohy mailu pdf odkazuje na škodlivé stránky

Re: Otevírání přílohy mailu pdf odkazuje na škodlivé stránky