Dobrý den,
poslední dobou mi při každém kliknutí (někdy i samovolně) na odkaz či webovou stránku na internetu vyskakují nechtěné internetové stránky (reklamy, výzvy k sázkám apod.). Prosím o kontrolu logu FRST. Děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-06-2016
Ran by Jaroslav (administrator) on JAROSLAV-HP (11-06-2016 14:44:14)
Running from C:\Users\Jaroslav\Desktop
Loaded Profiles: Jaroslav (Available Profiles: Jaroslav)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(RTS, a.s.) C:\BUILDpowerS\System\BPSHWAgentService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\BUILDpowerS\System\IPSQLAgentService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.BUILDPOWERS\MSSQL\Binn\sqlservr.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(D-Link Corporation) C:\Program Files (x86)\D-Link\SharePort\SharePort Network USB Utility.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [MfeEpePcMonitor] => "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1436736 2011-06-15] (Microsoft Corporation)
HKLM\...\Run: [HP LaserJet Professional CM1410 Series Fax] => C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe [3706424 2010-08-24] (Hewlett-Packard Company)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-06-17] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2816240 2014-08-11] (Synaptics Incorporated)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2160248 2015-10-27] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2013-10-14] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-10-28] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2014-08-11] (Intel Corporation)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12313720 2012-08-07] (Hewlett-Packard)
HKLM-x32\...\Run: [IFXSPMGT] => c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1128312 2012-04-23] (Infineon Technologies AG)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [D-Link Network USB Utility] => C:\Program Files (x86)\D-Link\SharePort\SharePort Network USB Utility.exe [2605312 2008-12-26] (D-Link Corporation)
HKLM-x32\...\Run: [ToolboxFX] => C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe [58936 2010-10-25] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1573584 2012-08-22] (Ask)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-07-18] (PDF Complete Inc)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-05-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-05-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [191200 2015-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [{761cd2c4-5249-4346-8318-a499d06d2681}] => C:\ProgramData\Package Cache\{761cd2c4-5249-4346-8318-a499d06d2681}\Avira.OE.Setup.Bundle.exe [969664 2016-06-11] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\...\MountPoints2: {6c9a97b6-6e91-11e2-9e84-083e8e9b4089} - D:\ICM_ML.exe
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\SYSTEM32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-07-05]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-03-29]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Jaroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2012-11-20]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{80994AFA-146B-458D-90FB-63E697601CE3}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10267&gct=hp&dc=EU&locale=en_CZ
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
URLSearchHook: HKU\S-1-5-21-1783791151-3406929246-3765845189-1001 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKU\S-1-5-21-1783791151-3406929246-3765845189-1001 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKU\S-1-5-21-1783791151-3406929246-3765845189-1001 -> {74545B54-0861-43EF-BFCA-A397B65BA046} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10267&src=kw&q={searchTerms}&locale=en_CZ&apn_ptnrs=^AGY&apn_dtid=^YYYYYY^YY^CZ&apn_uid=E1886E67-FD26-411F-AB78-8160410408F0&apn_sauid=8A06735A-9E05-45C2-8C89-332E9E4EA8DB
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-08-07] (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Avira SearchFree Toolbar plus Web Protection -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-08-22] (Ask)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-08-22] (Ask)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-28] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-28] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2012-07-20] (Digital Persona, Inc.)
FF Plugin HKU\S-1-5-21-1783791151-3406929246-3765845189-1001: @acestream.net/acestreamplugin,version=2.1.5 -> C:\Users\Jaroslav\AppData\Roaming\ACEStream\player\npace_plugin.dll [2013-07-23] (Innovative Digital Technologies)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-06-17] [not signed]
Chrome:
=======
CHR HomePage: Default -> hxxp://seznam.cz/
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Profile: C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (IPViewer) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigbojghnfpjkdhnokmneobgmacpkene [2016-06-02]
CHR Extension: (Popup Blocker Pro) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiodaajmphnkcajieajajinghpejdjai [2016-06-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05]
CHR Extension: (Gmail) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM-x32\...\Chrome\Extension: [aaaaabfjnbeinlpljodiajipidiompfl] - C:\Users\Jaroslav\AppData\Local\APN\GoogleCRXs\aaaaabfjnbeinlpljodiajipidiompfl_7.15.5.0.crx [2013-01-07]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\dpchrome.crx [2012-07-20]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-05-27] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [285176 2016-05-19] (Avira Operations GmbH & Co. KG)
R2 BPSHWAgent; C:\BUILDpowerS\system\BPSHWAgentService.exe [5660672 2012-11-26] (RTS, a.s.) [File not signed]
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [494456 2012-07-20] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477056 2012-04-27] (Hewlett-Packard Company)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
R2 IFXSpMgtSrv; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1128312 2012-04-23] (Infineon Technologies AG)
R2 IFXTCS; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [984440 2012-04-23] (Infineon Technologies AG)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-10-28] (Intel Corporation)
R2 IPSQLAgent; C:\BUILDpowerS\system\IPSQLAgentService.exe [781824 2010-02-23] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-10-28] (Intel Corporation)
S2 KMService; C:\windows\SysWOW64\srvany.exe [8192 2012-11-17] () [File not signed]
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2013-03-27] () [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [293128 2016-03-11] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2011-04-28] (Microsoft Corporation)
R2 MSSQL$BUILDPOWERS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.BUILDPOWERS\MSSQL\Binn\sqlservr.exe [43040096 2011-06-17] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [288272 2011-04-28] (Microsoft Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [3170424 2015-10-27] ()
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1143432 2013-07-18] (PDF Complete Inc)
R2 PersonalSecureDriveService; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [212344 2012-04-23] (Infineon Technologies AG)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RoxioBurnLauncher; C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [536848 2012-03-21] ()
S4 SQLAgent$BUILDPOWERS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.BUILDPOWERS\MSSQL\Binn\SQLAGENT.EXE [370016 2011-06-17] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\stacsv64.exe [327680 2013-06-17] (IDT, Inc.) [File not signed]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [498352 2012-04-06] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [296576 2012-06-15] (SafeNet Inc.)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [42816 2012-02-03] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141920 2016-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-27] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [165688 2013-10-21] (Broadcom Corporation.)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64312 2012-01-31] (Hewlett-Packard Company)
R3 DlinkUDSMBus; C:\Windows\SysWow64\Drivers\DlinkUDSMBus.sys [85528 2008-11-11] (Windows (R) Codename Longhorn DDK provider)
S3 DlinkUDSTcpBus; C:\Windows\SysWow64\Drivers\DlinkUDSTcpBus.sys [132632 2008-11-11] (Windows (R) Codename Longhorn DDK provider)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 Hardlock; C:\windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
R2 Hardlock; C:\windows\SysWOW64\drivers\hardlock.sys [685056 2005-04-06] (Aladdin Knowledge Systems Ltd.) [File not signed]
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2013-08-04] (JMicron Technology Corp.)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [91432 2013-03-27] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158760 2013-03-27] (McAfee, Inc.)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [189440 2011-04-18] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [84864 2011-04-28] (Microsoft Corporation)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2010-01-26] (Infineon Technologies AG)
S3 SmbDrvAMDASF; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [25912 2012-05-19] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-11] (Synaptics Incorporated)
S3 SmbDrvIntel; C:\Windows\system32\drivers\Smb_driver_Intel.sys [34544 2014-08-11] (Synaptics Incorporated)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-20] ()
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-11 14:44 - 2016-06-11 14:45 - 00030800 _____ C:\Users\Jaroslav\Desktop\FRST.txt
2016-06-11 14:43 - 2016-06-11 14:44 - 00000000 ____D C:\FRST
2016-06-11 14:42 - 2016-06-11 14:42 - 00001094 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-06-11 14:41 - 2016-06-11 14:43 - 02385408 _____ (Farbar) C:\Users\Jaroslav\Desktop\FRST64.exe
2016-06-11 14:19 - 2016-06-11 14:19 - 00001078 _____ C:\windows\system32dbgraw.bmp
2016-06-09 09:24 - 2016-06-09 09:24 - 00070646 _____ C:\Users\Jaroslav\Documents\SDO Boleradice - nabídka.pdf
2016-05-24 08:37 - 2016-05-24 08:37 - 00002829 _____ C:\windows\diagerr.xml
2016-05-24 08:37 - 2016-05-24 08:37 - 00001908 _____ C:\windows\diagwrn.xml
2016-05-22 17:29 - 2016-06-10 07:53 - 00003204 _____ C:\windows\System32\Tasks\HPCeeScheduleForJaroslav
2016-05-22 17:29 - 2016-06-10 07:53 - 00000344 _____ C:\windows\Tasks\HPCeeScheduleForJaroslav.job
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-11 14:42 - 2015-07-28 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-11 14:40 - 2014-01-26 14:17 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-11 14:35 - 2009-07-14 06:45 - 00031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-11 14:35 - 2009-07-14 06:45 - 00031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-11 14:22 - 2012-06-19 21:18 - 00000000 ____D C:\ProgramData\PDFC
2016-06-11 14:20 - 2012-11-16 17:14 - 00000948 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-11 14:18 - 2012-06-19 21:19 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-06-11 14:18 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-06-10 13:55 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\podklady pro dozor
2016-06-10 13:55 - 2013-01-04 14:28 - 00000000 ____D C:\Users\Jaroslav\Documents\Soubory aplikace Outlook
2016-06-10 13:49 - 2013-01-07 09:21 - 00000000 ____D C:\Users\Jaroslav\Documents\Pošta
2016-06-10 13:47 - 2012-11-16 17:14 - 00000952 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-10 13:36 - 2012-11-16 17:09 - 00000000 ____D C:\Users\Jaroslav\AppData\Local\PDFC
2016-06-10 13:11 - 2012-06-19 21:19 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-06-10 09:08 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\podklad pro projednání
2016-06-10 07:59 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\Evidence zakázek
2016-06-09 07:34 - 2012-06-19 20:13 - 00737388 _____ C:\windows\system32\perfh005.dat
2016-06-09 07:34 - 2012-06-19 20:13 - 00168086 _____ C:\windows\system32\perfc005.dat
2016-06-09 07:34 - 2009-07-14 07:13 - 01777972 _____ C:\windows\system32\PerfStringBackup.INI
2016-06-09 07:34 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-06-08 11:20 - 2013-01-07 09:21 - 00000000 ____D C:\Users\Jaroslav\Documents\podklady pro projektování
2016-06-08 08:01 - 2012-11-16 17:16 - 00002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-07 08:29 - 2013-01-06 12:31 - 00000000 ____D C:\Users\Jaroslav\Documents\Zakázky
2016-06-03 13:31 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\Tabulky
2016-05-27 13:38 - 2013-05-07 13:31 - 00079696 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2016-05-27 13:38 - 2013-03-28 08:32 - 00141920 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2016-05-26 16:09 - 2015-04-07 15:41 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-05-26 16:09 - 2015-04-07 15:41 - 00000000 ___SD C:\windows\system32\GWX
2016-05-24 09:44 - 2012-06-19 20:08 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-05-24 09:20 - 2013-01-08 11:33 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-05-24 09:08 - 2016-02-13 16:07 - 00000000 ___HD C:\$WINDOWS.~BT
2016-05-24 08:43 - 2009-07-14 05:20 - 00000000 ____D C:\windows\Registration
2016-05-24 08:34 - 2011-02-11 07:14 - 00000000 ____D C:\windows\Panther
2016-05-24 07:46 - 2015-01-04 15:57 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-23 12:09 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2016-05-20 18:59 - 2014-12-10 19:39 - 00000000 ____D C:\windows\system32\appraiser
2016-05-20 16:58 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\Moje
2016-05-20 10:22 - 2009-07-14 06:45 - 00549112 _____ C:\windows\system32\FNTCACHE.DAT
2016-05-20 10:20 - 2012-06-19 20:09 - 00000000 ____D C:\Program Files\Windows Journal
==================== Files in the root of some directories =======
2015-08-11 08:25 - 2015-08-31 09:51 - 0089284 _____ () C:\ProgramData\hpcsmmsilogs.log
Some files in TEMP:
====================
C:\Users\Jaroslav\AppData\Local\Temp\5n6jj0s4.dll
C:\Users\Jaroslav\AppData\Local\Temp\AcDeltree.exe
C:\Users\Jaroslav\AppData\Local\Temp\avgnt.exe
C:\Users\Jaroslav\AppData\Local\Temp\Extract.exe
C:\Users\Jaroslav\AppData\Local\Temp\HPSFUpdater.exe
C:\Users\Jaroslav\AppData\Local\Temp\SHSetup.exe
C:\Users\Jaroslav\AppData\Local\Temp\SP72937.exe
C:\Users\Jaroslav\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Jaroslav\AppData\Local\Temp\_is1516.exe
C:\Users\Jaroslav\AppData\Local\Temp\_is5B3A.exe
C:\Users\Jaroslav\AppData\Local\Temp\_is6C97.exe
C:\Users\Jaroslav\AppData\Local\Temp\_isC207.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-09 11:56
==================== End of FRST.txt ===========================================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vyskakování nechtěných oken při prohlížení
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
michalenka215
- Návštěvník
- Příspěvky: 39
- Registrován: 17 kvě 2006 19:31
-
Rudy
- Site Admin
- Příspěvky: 119600
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakování nechtěných oken při prohlížení
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
michalenka215
- Návštěvník
- Příspěvky: 39
- Registrován: 17 kvě 2006 19:31
Re: Vyskakování nechtěných oken při prohlížení
Dobrý den,
zasílám Vám log z AdwCleaneru. Díky.
# AdwCleaner v5.200 - Log vytvořen 17/06/2016 v 17:19:51
# Aktualizováno 14/06/2016 by ToolsLib
# Databáze : 2016-06-17.1 [Server]
# Operační system : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : Jaroslav - JAROSLAV-HP
# Spuštěno z : C:\Users\Jaroslav\Desktop\adwcleaner_5.200.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka Smazáno : C:\_acestream_cache_
[-] Složka Smazáno : C:\Program Files (x86)\Ask.com
[-] Složka Smazáno : C:\windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
[-] Složka Smazáno : C:\Users\Jaroslav\AppData\Local\apn
[-] Složka Smazáno : C:\Users\Jaroslav\AppData\Local\AskToolbar
[-] Složka Smazáno : C:\Users\Jaroslav\AppData\LocalLow\AskToolbar
[-] Složka Smazáno : C:\Users\Jaroslav\AppData\Roaming\.acestream
[-] Složka Smazáno : C:\Users\Jaroslav\AppData\Roaming\acestream
[-] Složka Smazáno : C:\Users\Jaroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
***** [ Soubory ] *****
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
[-] Úloha Smazáno : Scheduled Update for Ask Toolbar
***** [ Registry ] *****
[-] Klíč Smazáno : HKCU\Software\Classes\Applications\ace_player.exe
[-] Klíč Smazáno : HKCU\Software\Classes\MIME\Database\Content Type\application/x-acestream-plugin
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[-] Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
[-] Klíč Smazáno : HKCU\Software\Classes\.acelive
[-] Klíč Smazáno : HKCU\Software\Classes\.acemedia
[-] Klíč Smazáno : HKCU\Software\Classes\.acestream
[-] Klíč Smazáno : HKCU\Software\Classes\.tslive
[-] Klíč Smazáno : HKCU\Software\Classes\acestream
[-] Klíč Smazáno : HKCU\Software\Classes\AceStream.file
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHost.Tool
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
[-] Klíč Smazáno : HKCU\Software\Classes\CLSID\{A0359AE6-F410-4425-A975-684AAB785ABD}
[-] Klíč Smazáno : HKCU\Software\Classes\CLSID\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
[-] Klíč Smazáno : HKCU\Software\Classes\TypeLib\{006AD7B2-968A-11DE-88C9-5BDE55D89593}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
[-] Klíč Smazáno : HKCU\Software\AceStream
[-] Klíč Smazáno : HKCU\Software\APN
[-] Klíč Smazáno : HKCU\Software\Ask.com
[-] Klíč Smazáno : HKCU\Software\AskToolbar
[-] Klíč Smazáno : HKCU\Software\Conduit
[-] Klíč Smazáno : HKCU\Software\AppDataLow\Software\AskToolbar
[-] Klíč Smazáno : HKLM\SOFTWARE\APN
[-] Klíč Smazáno : HKLM\SOFTWARE\AskToolbar
[-] Klíč Smazáno : HKLM\SOFTWARE\Conduit
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
[-] Klíč Smazáno : HKU\.DEFAULT\Software\AskToolbar
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Obnoveno : HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [TCP Query User{E1096337-407F-4108-9F9F-DC7733F4EB12}C:\users\jaroslav\appdata\roaming\acestream\engine\ace_engine.exe]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [UDP Query User{30B9F6DC-498E-4CCD-ACB0-4A346B826BDB}C:\users\jaroslav\appdata\roaming\acestream\engine\ace_engine.exe]
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{74545B54-0861-43EF-BFCA-A397B65BA046}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
***** [ Prohlížeče ] *****
[-] [C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Smazáno : aaaaabfjnbeinlpljodiajipidiompfl
[-] [C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Smazáno : bopakagnckmlgajfccecajhnimjiiedh
*************************
:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [12443 bytů] - [17/06/2016 17:19:51]
C:\AdwCleaner\AdwCleaner[S1].txt - [14871 bytů] - [17/06/2016 17:16:43]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [12591 bytů] ##########
zasílám Vám log z AdwCleaneru. Díky.
# AdwCleaner v5.200 - Log vytvořen 17/06/2016 v 17:19:51
# Aktualizováno 14/06/2016 by ToolsLib
# Databáze : 2016-06-17.1 [Server]
# Operační system : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : Jaroslav - JAROSLAV-HP
# Spuštěno z : C:\Users\Jaroslav\Desktop\adwcleaner_5.200.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka Smazáno : C:\_acestream_cache_
[-] Složka Smazáno : C:\Program Files (x86)\Ask.com
[-] Složka Smazáno : C:\windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
[-] Složka Smazáno : C:\Users\Jaroslav\AppData\Local\apn
[-] Složka Smazáno : C:\Users\Jaroslav\AppData\Local\AskToolbar
[-] Složka Smazáno : C:\Users\Jaroslav\AppData\LocalLow\AskToolbar
[-] Složka Smazáno : C:\Users\Jaroslav\AppData\Roaming\.acestream
[-] Složka Smazáno : C:\Users\Jaroslav\AppData\Roaming\acestream
[-] Složka Smazáno : C:\Users\Jaroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
***** [ Soubory ] *****
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
[-] Úloha Smazáno : Scheduled Update for Ask Toolbar
***** [ Registry ] *****
[-] Klíč Smazáno : HKCU\Software\Classes\Applications\ace_player.exe
[-] Klíč Smazáno : HKCU\Software\Classes\MIME\Database\Content Type\application/x-acestream-plugin
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[-] Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
[-] Klíč Smazáno : HKCU\Software\Classes\.acelive
[-] Klíč Smazáno : HKCU\Software\Classes\.acemedia
[-] Klíč Smazáno : HKCU\Software\Classes\.acestream
[-] Klíč Smazáno : HKCU\Software\Classes\.tslive
[-] Klíč Smazáno : HKCU\Software\Classes\acestream
[-] Klíč Smazáno : HKCU\Software\Classes\AceStream.file
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHost.Tool
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
[-] Klíč Smazáno : HKCU\Software\Classes\CLSID\{A0359AE6-F410-4425-A975-684AAB785ABD}
[-] Klíč Smazáno : HKCU\Software\Classes\CLSID\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
[-] Klíč Smazáno : HKCU\Software\Classes\TypeLib\{006AD7B2-968A-11DE-88C9-5BDE55D89593}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
[-] Klíč Smazáno : HKCU\Software\AceStream
[-] Klíč Smazáno : HKCU\Software\APN
[-] Klíč Smazáno : HKCU\Software\Ask.com
[-] Klíč Smazáno : HKCU\Software\AskToolbar
[-] Klíč Smazáno : HKCU\Software\Conduit
[-] Klíč Smazáno : HKCU\Software\AppDataLow\Software\AskToolbar
[-] Klíč Smazáno : HKLM\SOFTWARE\APN
[-] Klíč Smazáno : HKLM\SOFTWARE\AskToolbar
[-] Klíč Smazáno : HKLM\SOFTWARE\Conduit
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
[-] Klíč Smazáno : HKU\.DEFAULT\Software\AskToolbar
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Obnoveno : HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [TCP Query User{E1096337-407F-4108-9F9F-DC7733F4EB12}C:\users\jaroslav\appdata\roaming\acestream\engine\ace_engine.exe]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [UDP Query User{30B9F6DC-498E-4CCD-ACB0-4A346B826BDB}C:\users\jaroslav\appdata\roaming\acestream\engine\ace_engine.exe]
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{74545B54-0861-43EF-BFCA-A397B65BA046}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
***** [ Prohlížeče ] *****
[-] [C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Smazáno : aaaaabfjnbeinlpljodiajipidiompfl
[-] [C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Smazáno : bopakagnckmlgajfccecajhnimjiiedh
*************************
:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [12443 bytů] - [17/06/2016 17:19:51]
C:\AdwCleaner\AdwCleaner[S1].txt - [14871 bytů] - [17/06/2016 17:16:43]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [12591 bytů] ##########
-
Rudy
- Site Admin
- Příspěvky: 119600
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakování nechtěných oken při prohlížení
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
michalenka215
- Návštěvník
- Příspěvky: 39
- Registrován: 17 kvě 2006 19:31
Re: Vyskakování nechtěných oken při prohlížení
Zasílám log.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:16-06-2016 01
Ran by Jaroslav (administrator) on JAROSLAV-HP (18-06-2016 13:34:00)
Running from C:\Users\Jaroslav\Desktop
Loaded Profiles: Jaroslav (Available Profiles: Jaroslav)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(RTS, a.s.) C:\BUILDpowerS\System\BPSHWAgentService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(D-Link Corporation) C:\Program Files (x86)\D-Link\SharePort\SharePort Network USB Utility.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\BUILDpowerS\System\IPSQLAgentService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.BUILDPOWERS\MSSQL\Binn\sqlservr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [MfeEpePcMonitor] => "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1436736 2011-06-15] (Microsoft Corporation)
HKLM\...\Run: [HP LaserJet Professional CM1410 Series Fax] => C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe [3706424 2010-08-24] (Hewlett-Packard Company)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-06-17] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2816240 2014-08-11] (Synaptics Incorporated)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2160248 2015-10-27] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2013-10-14] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-10-28] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2014-08-11] (Intel Corporation)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12313720 2012-08-07] (Hewlett-Packard)
HKLM-x32\...\Run: [IFXSPMGT] => c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1128312 2012-04-23] (Infineon Technologies AG)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [D-Link Network USB Utility] => C:\Program Files (x86)\D-Link\SharePort\SharePort Network USB Utility.exe [2605312 2008-12-26] (D-Link Corporation)
HKLM-x32\...\Run: [ToolboxFX] => C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe [58936 2010-10-25] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-07-18] (PDF Complete Inc)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-05-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-05-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [191200 2015-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\...\MountPoints2: {6c9a97b6-6e91-11e2-9e84-083e8e9b4089} - D:\ICM_ML.exe
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\SYSTEM32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-07-05]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-03-29]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Jaroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2012-11-20]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{80994AFA-146B-458D-90FB-63E697601CE3}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-08-07] (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-28] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-28] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2012-07-20] (Digital Persona, Inc.)
FF Plugin HKU\S-1-5-21-1783791151-3406929246-3765845189-1001: @acestream.net/acestreamplugin,version=2.1.5 -> C:\Users\Jaroslav\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-06-17] [not signed]
Chrome:
=======
CHR HomePage: Default -> hxxp://seznam.cz/
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Profile: C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (IPViewer) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigbojghnfpjkdhnokmneobgmacpkene [2016-06-02]
CHR Extension: (AdBlock) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-11]
CHR Extension: (Popup Blocker Pro) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiodaajmphnkcajieajajinghpejdjai [2016-06-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05]
CHR Extension: (Gmail) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\dpchrome.crx [2012-07-20]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-05-27] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-05-27] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [285176 2016-05-19] (Avira Operations GmbH & Co. KG)
R2 BPSHWAgent; C:\BUILDpowerS\system\BPSHWAgentService.exe [5660672 2012-11-26] (RTS, a.s.) [File not signed]
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [494456 2012-07-20] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477056 2012-04-27] (Hewlett-Packard Company)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
R2 IFXSpMgtSrv; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1128312 2012-04-23] (Infineon Technologies AG)
R2 IFXTCS; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [984440 2012-04-23] (Infineon Technologies AG)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-10-28] (Intel Corporation)
R2 IPSQLAgent; C:\BUILDpowerS\system\IPSQLAgentService.exe [781824 2010-02-23] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-10-28] (Intel Corporation)
S2 KMService; C:\windows\SysWOW64\srvany.exe [8192 2012-11-17] () [File not signed]
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2013-03-27] () [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [293128 2016-03-11] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2011-04-28] (Microsoft Corporation)
R2 MSSQL$BUILDPOWERS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.BUILDPOWERS\MSSQL\Binn\sqlservr.exe [43040096 2011-06-17] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [288272 2011-04-28] (Microsoft Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [3170424 2015-10-27] ()
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1143432 2013-07-18] (PDF Complete Inc)
R2 PersonalSecureDriveService; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [212344 2012-04-23] (Infineon Technologies AG)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RoxioBurnLauncher; C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [536848 2012-03-21] ()
S4 SQLAgent$BUILDPOWERS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.BUILDPOWERS\MSSQL\Binn\SQLAGENT.EXE [370016 2011-06-17] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\stacsv64.exe [327680 2013-06-17] (IDT, Inc.) [File not signed]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [498352 2012-04-06] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [296576 2012-06-15] (SafeNet Inc.)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [42816 2012-02-03] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141920 2016-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-27] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [165688 2013-10-21] (Broadcom Corporation.)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64312 2012-01-31] (Hewlett-Packard Company)
R3 DlinkUDSMBus; C:\Windows\SysWow64\Drivers\DlinkUDSMBus.sys [85528 2008-11-11] (Windows (R) Codename Longhorn DDK provider)
S3 DlinkUDSTcpBus; C:\Windows\SysWow64\Drivers\DlinkUDSTcpBus.sys [132632 2008-11-11] (Windows (R) Codename Longhorn DDK provider)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 Hardlock; C:\windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
R2 Hardlock; C:\windows\SysWOW64\drivers\hardlock.sys [685056 2005-04-06] (Aladdin Knowledge Systems Ltd.) [File not signed]
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2013-08-04] (JMicron Technology Corp.)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [91432 2013-03-27] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158760 2013-03-27] (McAfee, Inc.)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [189440 2011-04-18] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [84864 2011-04-28] (Microsoft Corporation)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2010-01-26] (Infineon Technologies AG)
S3 SmbDrvAMDASF; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [25912 2012-05-19] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-11] (Synaptics Incorporated)
S3 SmbDrvIntel; C:\Windows\system32\drivers\Smb_driver_Intel.sys [34544 2014-08-11] (Synaptics Incorporated)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-20] ()
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-18 13:33 - 2016-06-18 13:33 - 00000000 ____D C:\Users\Jaroslav\Desktop\FRST-OlderVersion
2016-06-18 13:27 - 2016-06-18 13:28 - 00001078 _____ C:\windows\system32dbgraw.bmp
2016-06-17 17:16 - 2016-06-17 17:19 - 00000000 ____D C:\AdwCleaner
2016-06-17 17:15 - 2016-06-17 17:16 - 03703360 _____ C:\Users\Jaroslav\Desktop\adwcleaner_5.200.exe
2016-06-15 08:48 - 2016-05-18 18:10 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-06-15 08:48 - 2016-05-18 18:09 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-06-15 08:48 - 2016-05-12 19:15 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-06-15 08:48 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-06-15 08:48 - 2016-05-12 16:58 - 00464896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2016-06-15 08:48 - 2016-05-12 16:58 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2016-06-15 08:48 - 2016-05-12 16:58 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2016-06-15 08:48 - 2016-05-12 15:05 - 00459640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-06-15 08:48 - 2016-05-12 15:05 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2016-06-15 08:48 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2016-06-15 08:47 - 2016-06-06 18:58 - 00041704 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-06-15 08:47 - 2016-06-06 18:50 - 01204224 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-06-15 08:47 - 2016-06-03 15:05 - 01413120 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-06-15 08:47 - 2016-05-27 15:06 - 00569856 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-06-15 08:47 - 2016-05-27 15:06 - 00544256 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-06-15 08:47 - 2016-05-27 15:06 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-06-15 08:47 - 2016-05-27 15:06 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2016-06-15 08:47 - 2016-05-22 15:06 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-06-15 08:47 - 2016-05-14 00:15 - 00382184 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-06-15 08:47 - 2016-05-14 00:09 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2016-06-15 08:47 - 2016-05-14 00:09 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-06-15 08:47 - 2016-05-14 00:09 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2016-06-15 08:47 - 2016-05-14 00:09 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2016-06-15 08:47 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-06-15 08:47 - 2016-05-13 23:50 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2016-06-15 08:47 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2016-06-15 08:47 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2016-06-15 08:47 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-06-15 08:47 - 2016-05-12 19:20 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-06-15 08:47 - 2016-05-12 19:20 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-06-15 08:47 - 2016-05-12 19:15 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-06-15 08:47 - 2016-05-12 19:15 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-06-15 08:47 - 2016-05-12 19:15 - 00105472 _____ (Microsoft Corporation) C:\windows\system32\winipsec.dll
2016-06-15 08:47 - 2016-05-12 19:15 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-06-15 08:47 - 2016-05-12 19:15 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00794624 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00793088 _____ (Microsoft Corporation) C:\windows\system32\gpprefcl.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00502272 _____ (Microsoft Corporation) C:\windows\system32\IPSECSVC.DLL
2016-06-15 08:47 - 2016-05-12 19:14 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\polstore.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\gpapi.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\FwRemoteSvr.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\gpscript.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00591872 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpprefcl.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\polstore.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpapi.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\winipsec.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\FwRemoteSvr.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-06-15 08:47 - 2016-05-12 17:06 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\gpscript.exe
2016-06-15 08:47 - 2016-05-12 17:05 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-06-15 08:47 - 2016-05-12 17:03 - 03217408 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-06-15 08:47 - 2016-05-12 16:58 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-06-15 08:47 - 2016-05-12 16:58 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-06-15 08:47 - 2016-05-12 16:58 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-06-15 08:47 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpscript.dll
2016-06-15 08:47 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-06-15 08:47 - 2016-05-12 16:57 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpscript.exe
2016-06-15 08:47 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-06-15 08:47 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-06-15 08:47 - 2016-05-11 19:02 - 00483840 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2016-06-15 08:47 - 2016-05-11 19:02 - 00444928 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
2016-06-15 08:47 - 2016-05-11 19:02 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2016-06-15 08:47 - 2016-05-11 19:02 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\ws2_32.dll
2016-06-15 08:47 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2016-06-15 08:47 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\windows\SysWOW64\winhttp.dll
2016-06-15 08:47 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2016-06-15 08:47 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ws2_32.dll
2016-06-15 08:47 - 2016-05-11 17:11 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\netbtugc.exe
2016-06-15 08:47 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\windows\SysWOW64\netbtugc.exe
2016-06-15 08:47 - 2016-05-11 16:58 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2016-06-15 08:47 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2016-06-15 08:47 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2016-06-15 08:47 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-06-15 08:47 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2016-06-15 08:47 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2016-06-15 08:47 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2016-06-15 08:47 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2016-06-15 08:47 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-06-15 08:47 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2016-06-15 08:47 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2016-06-15 08:47 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2016-06-15 08:47 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2016-06-15 08:47 - 2016-04-09 08:58 - 14186496 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-06-15 08:47 - 2016-04-09 08:57 - 01867776 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-06-15 08:47 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2016-06-15 08:47 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2016-06-15 08:47 - 2016-04-09 07:53 - 03231232 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-06-15 08:47 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2016-06-15 08:47 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\webio.dll
2016-06-15 08:47 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\windows\SysWOW64\webio.dll
2016-06-15 08:46 - 2016-05-24 01:37 - 00394960 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-06-15 08:46 - 2016-05-24 00:54 - 00346312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-06-15 08:46 - 2016-05-21 19:28 - 25802752 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-06-15 08:46 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-06-15 08:46 - 2016-05-21 00:27 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-06-15 08:46 - 2016-05-21 00:27 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-06-15 08:46 - 2016-05-21 00:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-06-15 08:46 - 2016-05-21 00:10 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-06-15 08:46 - 2016-05-21 00:09 - 00572416 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-06-15 08:46 - 2016-05-21 00:09 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-06-15 08:46 - 2016-05-21 00:09 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-06-15 08:46 - 2016-05-21 00:08 - 02895360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-06-15 08:46 - 2016-05-21 00:08 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-06-15 08:46 - 2016-05-21 00:02 - 06051328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-06-15 08:46 - 2016-05-21 00:00 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-06-15 08:46 - 2016-05-20 23:59 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-06-15 08:46 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-06-15 08:46 - 2016-05-20 23:57 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-06-15 08:46 - 2016-05-20 23:57 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-06-15 08:46 - 2016-05-20 23:56 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-06-15 08:46 - 2016-05-20 23:56 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-06-15 08:46 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-06-15 08:46 - 2016-05-20 23:54 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-06-15 08:46 - 2016-05-20 23:54 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-06-15 08:46 - 2016-05-20 23:54 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-06-15 08:46 - 2016-05-20 23:54 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-06-15 08:46 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-06-15 08:46 - 2016-05-20 23:49 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-06-15 08:46 - 2016-05-20 23:48 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-06-15 08:46 - 2016-05-20 23:45 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-06-15 08:46 - 2016-05-20 23:45 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-06-15 08:46 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-06-15 08:46 - 2016-05-20 23:44 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-06-15 08:46 - 2016-05-20 23:43 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-06-15 08:46 - 2016-05-20 23:41 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-06-15 08:46 - 2016-05-20 23:33 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-06-15 08:46 - 2016-05-20 23:33 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-06-15 08:46 - 2016-05-20 23:32 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-06-15 08:46 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-06-15 08:46 - 2016-05-20 23:28 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-06-15 08:46 - 2016-05-20 23:27 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-06-15 08:46 - 2016-05-20 23:27 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-15 08:46 - 2016-05-20 23:26 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-06-15 08:46 - 2016-05-20 23:25 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-06-15 08:46 - 2016-05-20 23:23 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-06-15 08:46 - 2016-05-20 23:23 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-06-15 08:46 - 2016-05-20 23:22 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-06-15 08:46 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-06-15 08:46 - 2016-05-20 23:19 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-06-15 08:46 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-06-15 08:46 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-06-15 08:46 - 2016-05-20 23:11 - 15420928 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-06-15 08:46 - 2016-05-20 23:11 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-06-15 08:46 - 2016-05-20 23:09 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-06-15 08:46 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-06-15 08:46 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-06-15 08:46 - 2016-05-20 23:08 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-06-15 08:46 - 2016-05-20 23:07 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-06-15 08:46 - 2016-05-20 23:07 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-06-15 08:46 - 2016-05-20 23:06 - 02131968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-06-15 08:46 - 2016-05-20 22:46 - 02597888 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-06-15 08:46 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-06-15 08:46 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-06-15 08:46 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-06-15 08:46 - 2016-05-20 22:34 - 01544192 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-06-15 08:46 - 2016-05-20 22:23 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-06-11 14:46 - 2016-06-11 14:52 - 00040642 _____ C:\Users\Jaroslav\Desktop\Addition.txt
2016-06-11 14:44 - 2016-06-18 13:36 - 00028695 _____ C:\Users\Jaroslav\Desktop\FRST.txt
2016-06-11 14:43 - 2016-06-18 13:34 - 00000000 ____D C:\FRST
2016-06-11 14:42 - 2016-06-11 14:42 - 00001094 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-06-11 14:41 - 2016-06-18 13:33 - 02386944 _____ (Farbar) C:\Users\Jaroslav\Desktop\FRST64.exe
2016-06-09 09:24 - 2016-06-09 09:24 - 00070646 _____ C:\Users\Jaroslav\Documents\SDO Boleradice - nabídka.pdf
2016-05-24 08:37 - 2016-05-24 08:37 - 00002829 _____ C:\windows\diagerr.xml
2016-05-24 08:37 - 2016-05-24 08:37 - 00001908 _____ C:\windows\diagwrn.xml
2016-05-22 17:29 - 2016-06-17 12:59 - 00003204 _____ C:\windows\System32\Tasks\HPCeeScheduleForJaroslav
2016-05-22 17:29 - 2016-06-17 12:59 - 00000344 _____ C:\windows\Tasks\HPCeeScheduleForJaroslav.job
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-18 13:29 - 2012-06-19 21:18 - 00000000 ____D C:\ProgramData\PDFC
2016-06-18 13:27 - 2012-11-16 17:14 - 00000948 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-18 13:27 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-06-17 20:17 - 2009-07-14 06:45 - 00031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-17 20:17 - 2009-07-14 06:45 - 00031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-17 20:16 - 2012-11-16 17:14 - 00000952 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-17 20:16 - 2012-06-19 21:19 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-06-17 17:15 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\podklady pro dozor
2016-06-17 17:15 - 2013-01-04 14:28 - 00000000 ____D C:\Users\Jaroslav\Documents\Soubory aplikace Outlook
2016-06-17 17:11 - 2012-06-19 21:19 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-06-17 16:48 - 2013-01-07 09:21 - 00000000 ____D C:\Users\Jaroslav\Documents\Pošta
2016-06-17 16:46 - 2013-01-06 12:31 - 00000000 ____D C:\Users\Jaroslav\Documents\Zakázky
2016-06-17 16:41 - 2012-11-16 17:09 - 00000000 ____D C:\Users\Jaroslav\AppData\Local\PDFC
2016-06-17 16:06 - 2012-06-19 20:13 - 00737388 _____ C:\windows\system32\perfh005.dat
2016-06-17 16:06 - 2012-06-19 20:13 - 00168086 _____ C:\windows\system32\perfc005.dat
2016-06-17 16:06 - 2009-07-14 07:13 - 01777972 _____ C:\windows\system32\PerfStringBackup.INI
2016-06-17 16:06 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-06-16 12:22 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\podklad pro projednání
2016-06-16 11:03 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2016-06-16 07:33 - 2009-07-14 06:45 - 00549112 _____ C:\windows\system32\FNTCACHE.DAT
2016-06-16 07:30 - 2014-12-10 19:39 - 00000000 ____D C:\windows\system32\appraiser
2016-06-15 22:40 - 2010-11-21 05:27 - 00484008 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2016-06-14 07:29 - 2014-01-26 14:17 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-13 10:54 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\Evidence zakázek
2016-06-13 10:10 - 2013-01-07 09:21 - 00000000 ____D C:\Users\Jaroslav\Documents\podklady pro projektování
2016-06-11 14:42 - 2015-07-28 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-08 08:01 - 2012-11-16 17:16 - 00002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-03 13:31 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\Tabulky
2016-05-27 13:38 - 2013-05-07 13:31 - 00079696 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2016-05-27 13:38 - 2013-03-28 08:32 - 00141920 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2016-05-26 16:09 - 2015-04-07 15:41 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-05-26 16:09 - 2015-04-07 15:41 - 00000000 ___SD C:\windows\system32\GWX
2016-05-24 09:44 - 2012-06-19 20:08 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-05-24 09:20 - 2013-01-08 11:33 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-05-24 09:08 - 2016-02-13 16:07 - 00000000 ___HD C:\$WINDOWS.~BT
2016-05-24 08:43 - 2009-07-14 05:20 - 00000000 ____D C:\windows\Registration
2016-05-24 08:34 - 2011-02-11 07:14 - 00000000 ____D C:\windows\Panther
2016-05-24 07:46 - 2015-01-04 15:57 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-20 16:58 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\Moje
2016-05-20 10:20 - 2012-06-19 20:09 - 00000000 ____D C:\Program Files\Windows Journal
==================== Files in the root of some directories =======
2015-08-11 08:25 - 2015-08-31 09:51 - 0089284 _____ () C:\ProgramData\hpcsmmsilogs.log
Some files in TEMP:
====================
C:\Users\Jaroslav\AppData\Local\Temp\5n6jj0s4.dll
C:\Users\Jaroslav\AppData\Local\Temp\AcDeltree.exe
C:\Users\Jaroslav\AppData\Local\Temp\avgnt.exe
C:\Users\Jaroslav\AppData\Local\Temp\Extract.exe
C:\Users\Jaroslav\AppData\Local\Temp\HPSFUpdater.exe
C:\Users\Jaroslav\AppData\Local\Temp\libeay32.dll
C:\Users\Jaroslav\AppData\Local\Temp\msvcr120.dll
C:\Users\Jaroslav\AppData\Local\Temp\SHSetup.exe
C:\Users\Jaroslav\AppData\Local\Temp\SP72937.exe
C:\Users\Jaroslav\AppData\Local\Temp\sqlite3.dll
C:\Users\Jaroslav\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Jaroslav\AppData\Local\Temp\_is1516.exe
C:\Users\Jaroslav\AppData\Local\Temp\_is5B3A.exe
C:\Users\Jaroslav\AppData\Local\Temp\_is6C97.exe
C:\Users\Jaroslav\AppData\Local\Temp\_isC207.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-17 11:34
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:16-06-2016 01
Ran by Jaroslav (administrator) on JAROSLAV-HP (18-06-2016 13:34:00)
Running from C:\Users\Jaroslav\Desktop
Loaded Profiles: Jaroslav (Available Profiles: Jaroslav)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(RTS, a.s.) C:\BUILDpowerS\System\BPSHWAgentService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(D-Link Corporation) C:\Program Files (x86)\D-Link\SharePort\SharePort Network USB Utility.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\BUILDpowerS\System\IPSQLAgentService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.BUILDPOWERS\MSSQL\Binn\sqlservr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [MfeEpePcMonitor] => "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1436736 2011-06-15] (Microsoft Corporation)
HKLM\...\Run: [HP LaserJet Professional CM1410 Series Fax] => C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe [3706424 2010-08-24] (Hewlett-Packard Company)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-06-17] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2816240 2014-08-11] (Synaptics Incorporated)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2160248 2015-10-27] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2013-10-14] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-10-28] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2014-08-11] (Intel Corporation)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12313720 2012-08-07] (Hewlett-Packard)
HKLM-x32\...\Run: [IFXSPMGT] => c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1128312 2012-04-23] (Infineon Technologies AG)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [D-Link Network USB Utility] => C:\Program Files (x86)\D-Link\SharePort\SharePort Network USB Utility.exe [2605312 2008-12-26] (D-Link Corporation)
HKLM-x32\...\Run: [ToolboxFX] => C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe [58936 2010-10-25] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-07-18] (PDF Complete Inc)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-05-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-05-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [191200 2015-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\...\MountPoints2: {6c9a97b6-6e91-11e2-9e84-083e8e9b4089} - D:\ICM_ML.exe
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\SYSTEM32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-07-05]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-03-29]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Jaroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2012-11-20]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{80994AFA-146B-458D-90FB-63E697601CE3}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-08-07] (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-28] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-28] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2012-07-20] (Digital Persona, Inc.)
FF Plugin HKU\S-1-5-21-1783791151-3406929246-3765845189-1001: @acestream.net/acestreamplugin,version=2.1.5 -> C:\Users\Jaroslav\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-06-17] [not signed]
Chrome:
=======
CHR HomePage: Default -> hxxp://seznam.cz/
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Profile: C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (IPViewer) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigbojghnfpjkdhnokmneobgmacpkene [2016-06-02]
CHR Extension: (AdBlock) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-11]
CHR Extension: (Popup Blocker Pro) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiodaajmphnkcajieajajinghpejdjai [2016-06-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05]
CHR Extension: (Gmail) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\dpchrome.crx [2012-07-20]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-05-27] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-05-27] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [285176 2016-05-19] (Avira Operations GmbH & Co. KG)
R2 BPSHWAgent; C:\BUILDpowerS\system\BPSHWAgentService.exe [5660672 2012-11-26] (RTS, a.s.) [File not signed]
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [494456 2012-07-20] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477056 2012-04-27] (Hewlett-Packard Company)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
R2 IFXSpMgtSrv; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1128312 2012-04-23] (Infineon Technologies AG)
R2 IFXTCS; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [984440 2012-04-23] (Infineon Technologies AG)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-10-28] (Intel Corporation)
R2 IPSQLAgent; C:\BUILDpowerS\system\IPSQLAgentService.exe [781824 2010-02-23] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-10-28] (Intel Corporation)
S2 KMService; C:\windows\SysWOW64\srvany.exe [8192 2012-11-17] () [File not signed]
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2013-03-27] () [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [293128 2016-03-11] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2011-04-28] (Microsoft Corporation)
R2 MSSQL$BUILDPOWERS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.BUILDPOWERS\MSSQL\Binn\sqlservr.exe [43040096 2011-06-17] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [288272 2011-04-28] (Microsoft Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [3170424 2015-10-27] ()
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1143432 2013-07-18] (PDF Complete Inc)
R2 PersonalSecureDriveService; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [212344 2012-04-23] (Infineon Technologies AG)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RoxioBurnLauncher; C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [536848 2012-03-21] ()
S4 SQLAgent$BUILDPOWERS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.BUILDPOWERS\MSSQL\Binn\SQLAGENT.EXE [370016 2011-06-17] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\stacsv64.exe [327680 2013-06-17] (IDT, Inc.) [File not signed]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [498352 2012-04-06] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [296576 2012-06-15] (SafeNet Inc.)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [42816 2012-02-03] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141920 2016-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-27] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [165688 2013-10-21] (Broadcom Corporation.)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64312 2012-01-31] (Hewlett-Packard Company)
R3 DlinkUDSMBus; C:\Windows\SysWow64\Drivers\DlinkUDSMBus.sys [85528 2008-11-11] (Windows (R) Codename Longhorn DDK provider)
S3 DlinkUDSTcpBus; C:\Windows\SysWow64\Drivers\DlinkUDSTcpBus.sys [132632 2008-11-11] (Windows (R) Codename Longhorn DDK provider)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 Hardlock; C:\windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
R2 Hardlock; C:\windows\SysWOW64\drivers\hardlock.sys [685056 2005-04-06] (Aladdin Knowledge Systems Ltd.) [File not signed]
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2013-08-04] (JMicron Technology Corp.)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [91432 2013-03-27] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158760 2013-03-27] (McAfee, Inc.)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [189440 2011-04-18] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [84864 2011-04-28] (Microsoft Corporation)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2010-01-26] (Infineon Technologies AG)
S3 SmbDrvAMDASF; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [25912 2012-05-19] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-11] (Synaptics Incorporated)
S3 SmbDrvIntel; C:\Windows\system32\drivers\Smb_driver_Intel.sys [34544 2014-08-11] (Synaptics Incorporated)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-20] ()
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-18 13:33 - 2016-06-18 13:33 - 00000000 ____D C:\Users\Jaroslav\Desktop\FRST-OlderVersion
2016-06-18 13:27 - 2016-06-18 13:28 - 00001078 _____ C:\windows\system32dbgraw.bmp
2016-06-17 17:16 - 2016-06-17 17:19 - 00000000 ____D C:\AdwCleaner
2016-06-17 17:15 - 2016-06-17 17:16 - 03703360 _____ C:\Users\Jaroslav\Desktop\adwcleaner_5.200.exe
2016-06-15 08:48 - 2016-05-18 18:10 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-06-15 08:48 - 2016-05-18 18:09 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-06-15 08:48 - 2016-05-12 19:15 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-06-15 08:48 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-06-15 08:48 - 2016-05-12 16:58 - 00464896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2016-06-15 08:48 - 2016-05-12 16:58 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2016-06-15 08:48 - 2016-05-12 16:58 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2016-06-15 08:48 - 2016-05-12 15:05 - 00459640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-06-15 08:48 - 2016-05-12 15:05 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2016-06-15 08:48 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2016-06-15 08:47 - 2016-06-06 18:58 - 00041704 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-06-15 08:47 - 2016-06-06 18:50 - 01204224 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-06-15 08:47 - 2016-06-03 15:05 - 01413120 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-06-15 08:47 - 2016-05-27 15:06 - 00569856 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-06-15 08:47 - 2016-05-27 15:06 - 00544256 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-06-15 08:47 - 2016-05-27 15:06 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-06-15 08:47 - 2016-05-27 15:06 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2016-06-15 08:47 - 2016-05-22 15:06 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-06-15 08:47 - 2016-05-14 00:15 - 00382184 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-06-15 08:47 - 2016-05-14 00:09 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2016-06-15 08:47 - 2016-05-14 00:09 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-06-15 08:47 - 2016-05-14 00:09 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2016-06-15 08:47 - 2016-05-14 00:09 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2016-06-15 08:47 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-06-15 08:47 - 2016-05-13 23:50 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2016-06-15 08:47 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2016-06-15 08:47 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2016-06-15 08:47 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-06-15 08:47 - 2016-05-12 19:20 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-06-15 08:47 - 2016-05-12 19:20 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-06-15 08:47 - 2016-05-12 19:15 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-06-15 08:47 - 2016-05-12 19:15 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-06-15 08:47 - 2016-05-12 19:15 - 00105472 _____ (Microsoft Corporation) C:\windows\system32\winipsec.dll
2016-06-15 08:47 - 2016-05-12 19:15 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-06-15 08:47 - 2016-05-12 19:15 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00794624 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00793088 _____ (Microsoft Corporation) C:\windows\system32\gpprefcl.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00502272 _____ (Microsoft Corporation) C:\windows\system32\IPSECSVC.DLL
2016-06-15 08:47 - 2016-05-12 19:14 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\polstore.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\gpapi.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\FwRemoteSvr.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\gpscript.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00591872 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpprefcl.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\polstore.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpapi.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\winipsec.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\FwRemoteSvr.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-06-15 08:47 - 2016-05-12 17:06 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\gpscript.exe
2016-06-15 08:47 - 2016-05-12 17:05 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-06-15 08:47 - 2016-05-12 17:03 - 03217408 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-06-15 08:47 - 2016-05-12 16:58 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-06-15 08:47 - 2016-05-12 16:58 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-06-15 08:47 - 2016-05-12 16:58 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-06-15 08:47 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpscript.dll
2016-06-15 08:47 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-06-15 08:47 - 2016-05-12 16:57 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpscript.exe
2016-06-15 08:47 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-06-15 08:47 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-06-15 08:47 - 2016-05-11 19:02 - 00483840 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2016-06-15 08:47 - 2016-05-11 19:02 - 00444928 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
2016-06-15 08:47 - 2016-05-11 19:02 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2016-06-15 08:47 - 2016-05-11 19:02 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\ws2_32.dll
2016-06-15 08:47 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2016-06-15 08:47 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\windows\SysWOW64\winhttp.dll
2016-06-15 08:47 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2016-06-15 08:47 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ws2_32.dll
2016-06-15 08:47 - 2016-05-11 17:11 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\netbtugc.exe
2016-06-15 08:47 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\windows\SysWOW64\netbtugc.exe
2016-06-15 08:47 - 2016-05-11 16:58 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2016-06-15 08:47 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2016-06-15 08:47 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2016-06-15 08:47 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-06-15 08:47 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2016-06-15 08:47 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2016-06-15 08:47 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2016-06-15 08:47 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2016-06-15 08:47 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-06-15 08:47 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2016-06-15 08:47 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2016-06-15 08:47 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2016-06-15 08:47 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2016-06-15 08:47 - 2016-04-09 08:58 - 14186496 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-06-15 08:47 - 2016-04-09 08:57 - 01867776 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-06-15 08:47 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2016-06-15 08:47 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2016-06-15 08:47 - 2016-04-09 07:53 - 03231232 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-06-15 08:47 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2016-06-15 08:47 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\webio.dll
2016-06-15 08:47 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\windows\SysWOW64\webio.dll
2016-06-15 08:46 - 2016-05-24 01:37 - 00394960 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-06-15 08:46 - 2016-05-24 00:54 - 00346312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-06-15 08:46 - 2016-05-21 19:28 - 25802752 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-06-15 08:46 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-06-15 08:46 - 2016-05-21 00:27 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-06-15 08:46 - 2016-05-21 00:27 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-06-15 08:46 - 2016-05-21 00:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-06-15 08:46 - 2016-05-21 00:10 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-06-15 08:46 - 2016-05-21 00:09 - 00572416 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-06-15 08:46 - 2016-05-21 00:09 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-06-15 08:46 - 2016-05-21 00:09 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-06-15 08:46 - 2016-05-21 00:08 - 02895360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-06-15 08:46 - 2016-05-21 00:08 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-06-15 08:46 - 2016-05-21 00:02 - 06051328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-06-15 08:46 - 2016-05-21 00:00 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-06-15 08:46 - 2016-05-20 23:59 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-06-15 08:46 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-06-15 08:46 - 2016-05-20 23:57 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-06-15 08:46 - 2016-05-20 23:57 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-06-15 08:46 - 2016-05-20 23:56 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-06-15 08:46 - 2016-05-20 23:56 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-06-15 08:46 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-06-15 08:46 - 2016-05-20 23:54 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-06-15 08:46 - 2016-05-20 23:54 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-06-15 08:46 - 2016-05-20 23:54 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-06-15 08:46 - 2016-05-20 23:54 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-06-15 08:46 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-06-15 08:46 - 2016-05-20 23:49 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-06-15 08:46 - 2016-05-20 23:48 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-06-15 08:46 - 2016-05-20 23:45 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-06-15 08:46 - 2016-05-20 23:45 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-06-15 08:46 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-06-15 08:46 - 2016-05-20 23:44 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-06-15 08:46 - 2016-05-20 23:43 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-06-15 08:46 - 2016-05-20 23:41 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-06-15 08:46 - 2016-05-20 23:33 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-06-15 08:46 - 2016-05-20 23:33 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-06-15 08:46 - 2016-05-20 23:32 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-06-15 08:46 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-06-15 08:46 - 2016-05-20 23:28 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-06-15 08:46 - 2016-05-20 23:27 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-06-15 08:46 - 2016-05-20 23:27 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-15 08:46 - 2016-05-20 23:26 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-06-15 08:46 - 2016-05-20 23:25 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-06-15 08:46 - 2016-05-20 23:23 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-06-15 08:46 - 2016-05-20 23:23 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-06-15 08:46 - 2016-05-20 23:22 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-06-15 08:46 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-06-15 08:46 - 2016-05-20 23:19 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-06-15 08:46 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-06-15 08:46 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-06-15 08:46 - 2016-05-20 23:11 - 15420928 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-06-15 08:46 - 2016-05-20 23:11 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-06-15 08:46 - 2016-05-20 23:09 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-06-15 08:46 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-06-15 08:46 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-06-15 08:46 - 2016-05-20 23:08 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-06-15 08:46 - 2016-05-20 23:07 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-06-15 08:46 - 2016-05-20 23:07 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-06-15 08:46 - 2016-05-20 23:06 - 02131968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-06-15 08:46 - 2016-05-20 22:46 - 02597888 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-06-15 08:46 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-06-15 08:46 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-06-15 08:46 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-06-15 08:46 - 2016-05-20 22:34 - 01544192 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-06-15 08:46 - 2016-05-20 22:23 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-06-11 14:46 - 2016-06-11 14:52 - 00040642 _____ C:\Users\Jaroslav\Desktop\Addition.txt
2016-06-11 14:44 - 2016-06-18 13:36 - 00028695 _____ C:\Users\Jaroslav\Desktop\FRST.txt
2016-06-11 14:43 - 2016-06-18 13:34 - 00000000 ____D C:\FRST
2016-06-11 14:42 - 2016-06-11 14:42 - 00001094 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-06-11 14:41 - 2016-06-18 13:33 - 02386944 _____ (Farbar) C:\Users\Jaroslav\Desktop\FRST64.exe
2016-06-09 09:24 - 2016-06-09 09:24 - 00070646 _____ C:\Users\Jaroslav\Documents\SDO Boleradice - nabídka.pdf
2016-05-24 08:37 - 2016-05-24 08:37 - 00002829 _____ C:\windows\diagerr.xml
2016-05-24 08:37 - 2016-05-24 08:37 - 00001908 _____ C:\windows\diagwrn.xml
2016-05-22 17:29 - 2016-06-17 12:59 - 00003204 _____ C:\windows\System32\Tasks\HPCeeScheduleForJaroslav
2016-05-22 17:29 - 2016-06-17 12:59 - 00000344 _____ C:\windows\Tasks\HPCeeScheduleForJaroslav.job
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-18 13:29 - 2012-06-19 21:18 - 00000000 ____D C:\ProgramData\PDFC
2016-06-18 13:27 - 2012-11-16 17:14 - 00000948 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-18 13:27 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-06-17 20:17 - 2009-07-14 06:45 - 00031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-17 20:17 - 2009-07-14 06:45 - 00031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-17 20:16 - 2012-11-16 17:14 - 00000952 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-17 20:16 - 2012-06-19 21:19 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-06-17 17:15 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\podklady pro dozor
2016-06-17 17:15 - 2013-01-04 14:28 - 00000000 ____D C:\Users\Jaroslav\Documents\Soubory aplikace Outlook
2016-06-17 17:11 - 2012-06-19 21:19 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-06-17 16:48 - 2013-01-07 09:21 - 00000000 ____D C:\Users\Jaroslav\Documents\Pošta
2016-06-17 16:46 - 2013-01-06 12:31 - 00000000 ____D C:\Users\Jaroslav\Documents\Zakázky
2016-06-17 16:41 - 2012-11-16 17:09 - 00000000 ____D C:\Users\Jaroslav\AppData\Local\PDFC
2016-06-17 16:06 - 2012-06-19 20:13 - 00737388 _____ C:\windows\system32\perfh005.dat
2016-06-17 16:06 - 2012-06-19 20:13 - 00168086 _____ C:\windows\system32\perfc005.dat
2016-06-17 16:06 - 2009-07-14 07:13 - 01777972 _____ C:\windows\system32\PerfStringBackup.INI
2016-06-17 16:06 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-06-16 12:22 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\podklad pro projednání
2016-06-16 11:03 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2016-06-16 07:33 - 2009-07-14 06:45 - 00549112 _____ C:\windows\system32\FNTCACHE.DAT
2016-06-16 07:30 - 2014-12-10 19:39 - 00000000 ____D C:\windows\system32\appraiser
2016-06-15 22:40 - 2010-11-21 05:27 - 00484008 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2016-06-14 07:29 - 2014-01-26 14:17 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-13 10:54 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\Evidence zakázek
2016-06-13 10:10 - 2013-01-07 09:21 - 00000000 ____D C:\Users\Jaroslav\Documents\podklady pro projektování
2016-06-11 14:42 - 2015-07-28 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-08 08:01 - 2012-11-16 17:16 - 00002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-03 13:31 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\Tabulky
2016-05-27 13:38 - 2013-05-07 13:31 - 00079696 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2016-05-27 13:38 - 2013-03-28 08:32 - 00141920 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2016-05-26 16:09 - 2015-04-07 15:41 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-05-26 16:09 - 2015-04-07 15:41 - 00000000 ___SD C:\windows\system32\GWX
2016-05-24 09:44 - 2012-06-19 20:08 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-05-24 09:20 - 2013-01-08 11:33 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-05-24 09:08 - 2016-02-13 16:07 - 00000000 ___HD C:\$WINDOWS.~BT
2016-05-24 08:43 - 2009-07-14 05:20 - 00000000 ____D C:\windows\Registration
2016-05-24 08:34 - 2011-02-11 07:14 - 00000000 ____D C:\windows\Panther
2016-05-24 07:46 - 2015-01-04 15:57 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-20 16:58 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\Moje
2016-05-20 10:20 - 2012-06-19 20:09 - 00000000 ____D C:\Program Files\Windows Journal
==================== Files in the root of some directories =======
2015-08-11 08:25 - 2015-08-31 09:51 - 0089284 _____ () C:\ProgramData\hpcsmmsilogs.log
Some files in TEMP:
====================
C:\Users\Jaroslav\AppData\Local\Temp\5n6jj0s4.dll
C:\Users\Jaroslav\AppData\Local\Temp\AcDeltree.exe
C:\Users\Jaroslav\AppData\Local\Temp\avgnt.exe
C:\Users\Jaroslav\AppData\Local\Temp\Extract.exe
C:\Users\Jaroslav\AppData\Local\Temp\HPSFUpdater.exe
C:\Users\Jaroslav\AppData\Local\Temp\libeay32.dll
C:\Users\Jaroslav\AppData\Local\Temp\msvcr120.dll
C:\Users\Jaroslav\AppData\Local\Temp\SHSetup.exe
C:\Users\Jaroslav\AppData\Local\Temp\SP72937.exe
C:\Users\Jaroslav\AppData\Local\Temp\sqlite3.dll
C:\Users\Jaroslav\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Jaroslav\AppData\Local\Temp\_is1516.exe
C:\Users\Jaroslav\AppData\Local\Temp\_is5B3A.exe
C:\Users\Jaroslav\AppData\Local\Temp\_is6C97.exe
C:\Users\Jaroslav\AppData\Local\Temp\_isC207.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-17 11:34
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119600
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakování nechtěných oken při prohlížení
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\...\MountPoints2: {6c9a97b6-6e91-11e2-9e84-083e8e9b4089} - D:\ICM_ML.exe
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
C:\Program Files (x86)\Microsoft\BingBar
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Jaroslav\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
michalenka215
- Návštěvník
- Příspěvky: 39
- Registrován: 17 kvě 2006 19:31
Re: Vyskakování nechtěných oken při prohlížení
Fix result of Farbar Recovery Scan Tool (x64) Version:16-06-2016 01
Ran by Jaroslav (2016-06-18 14:36:09) Run:1
Running from C:\Users\Jaroslav\Desktop
Loaded Profiles: Jaroslav (Available Profiles: Jaroslav)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\...\MountPoints2: {6c9a97b6-6e91-11e2-9e84-083e8e9b4089} - D:\ICM_ML.exe
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
C:\Program Files (x86)\Microsoft\BingBar
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Jaroslav\AppData\Local\Temp
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6c9a97b6-6e91-11e2-9e84-083e8e9b4089}" => key removed successfully
HKCR\CLSID\{6c9a97b6-6e91-11e2-9e84-083e8e9b4089} => key not found.
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully
C:\Program Files (x86)\Microsoft\BingBar => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value removed successfully
"HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value removed successfully
"HKCR\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => key removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\ppGoogleNaClPluginChrome.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\pdf.dll => not found.
C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => not found.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
"C:\Users\Jaroslav\AppData\Local\Temp" folder move:
Could not move "C:\Users\Jaroslav\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-06-18 14:41:52)
C:\Users\Jaroslav\AppData\Local\Temp => moved successfully
==== End of Fixlog 14:41:53 ====
Ran by Jaroslav (2016-06-18 14:36:09) Run:1
Running from C:\Users\Jaroslav\Desktop
Loaded Profiles: Jaroslav (Available Profiles: Jaroslav)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\...\MountPoints2: {6c9a97b6-6e91-11e2-9e84-083e8e9b4089} - D:\ICM_ML.exe
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
C:\Program Files (x86)\Microsoft\BingBar
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Jaroslav\AppData\Local\Temp
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6c9a97b6-6e91-11e2-9e84-083e8e9b4089}" => key removed successfully
HKCR\CLSID\{6c9a97b6-6e91-11e2-9e84-083e8e9b4089} => key not found.
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully
C:\Program Files (x86)\Microsoft\BingBar => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value removed successfully
"HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value removed successfully
"HKCR\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => key removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\ppGoogleNaClPluginChrome.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\pdf.dll => not found.
C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => not found.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
"C:\Users\Jaroslav\AppData\Local\Temp" folder move:
Could not move "C:\Users\Jaroslav\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-06-18 14:41:52)
C:\Users\Jaroslav\AppData\Local\Temp => moved successfully
==== End of Fixlog 14:41:53 ====
-
Rudy
- Site Admin
- Příspěvky: 119600
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakování nechtěných oken při prohlížení
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
michalenka215
- Návštěvník
- Příspěvky: 39
- Registrován: 17 kvě 2006 19:31
Re: Vyskakování nechtěných oken při prohlížení
Bohužel reklamy stále vyskakují. :/
-
Rudy
- Site Admin
- Příspěvky: 119600
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakování nechtěných oken při prohlížení
Udělejte tyto skeny:
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
michalenka215
- Návštěvník
- Příspěvky: 39
- Registrován: 17 kvě 2006 19:31
Re: Vyskakování nechtěných oken při prohlížení
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Jaroslav on so 18.06.2016 at 18:22:48,46.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jaroslav\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
18.6.2016 18:26:50 Zoek.exe System Restore Point Created Successfully.
==== Empty Folders Check ======================
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~3\Validity deleted successfully
C:\Users\Default\AppData\Roaming\Hewlett-Packard deleted successfully
C:\Users\Jaroslav\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Jaroslav\AppData\Local\EmieSiteList deleted successfully
C:\Users\Jaroslav\AppData\Local\EmieUserList deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_USERS\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_USERS\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\AGEIA Technologies not found
C:\windows\syswow64\appdata deleted
C:\PROGRA~3\{18165758-115C-4DC0-9EC2-FF89F725767F} deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"otis@digitalpersona.com"="C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt" [17.06.2013 10:22]
==== Chromium Look ======================
Google Chrome Version: 46.0.2490.86
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ncffjdbbodifgldkcbhmiiljfcnbgjab - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\dpchrome.crx[20.07.2012 17:00]
AdBlock - Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
==== Chromium Fix ======================
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.adverticum.net_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.adverticum.net_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.bsplayer.com_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.bsplayer.com_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advert.uloz.to_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advert.uloz.to_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.williamhill.com_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.williamhill.com_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
==== Reset Google Chrome ======================
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jaroslav\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jaroslav\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=67 folders=32 175024851 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Jaroslav\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Reset Hosts File ======================
Hosts File Reset Successfully
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Jaroslav\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on so 18.06.2016 at 18:48:50,06 ======================
Tool run by Jaroslav on so 18.06.2016 at 18:22:48,46.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jaroslav\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
18.6.2016 18:26:50 Zoek.exe System Restore Point Created Successfully.
==== Empty Folders Check ======================
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~3\Validity deleted successfully
C:\Users\Default\AppData\Roaming\Hewlett-Packard deleted successfully
C:\Users\Jaroslav\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Jaroslav\AppData\Local\EmieSiteList deleted successfully
C:\Users\Jaroslav\AppData\Local\EmieUserList deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_USERS\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_USERS\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\AGEIA Technologies not found
C:\windows\syswow64\appdata deleted
C:\PROGRA~3\{18165758-115C-4DC0-9EC2-FF89F725767F} deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"otis@digitalpersona.com"="C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt" [17.06.2013 10:22]
==== Chromium Look ======================
Google Chrome Version: 46.0.2490.86
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ncffjdbbodifgldkcbhmiiljfcnbgjab - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\dpchrome.crx[20.07.2012 17:00]
AdBlock - Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
==== Chromium Fix ======================
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.adverticum.net_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.adverticum.net_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.bsplayer.com_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.bsplayer.com_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advert.uloz.to_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advert.uloz.to_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.williamhill.com_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.williamhill.com_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
==== Reset Google Chrome ======================
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jaroslav\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jaroslav\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=67 folders=32 175024851 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Jaroslav\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Reset Hosts File ======================
Hosts File Reset Successfully
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Jaroslav\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on so 18.06.2016 at 18:48:50,06 ======================
-
Rudy
- Site Admin
- Příspěvky: 119600
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakování nechtěných oken při prohlížení
Zoek něco smazal. A Junkware?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
michalenka215
- Návštěvník
- Příspěvky: 39
- Registrován: 17 kvě 2006 19:31
Re: Vyskakování nechtěných oken při prohlížení
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Professional x64
Ran by Jaroslav (Administrator) on so 18.06.2016 at 18:55:55,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 8
Successfully deleted: C:\Users\Jaroslav\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VPHI7FL (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jaroslav\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ4BTV8X (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jaroslav\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q5G07CF2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jaroslav\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RN2724VS (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VPHI7FL (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ4BTV8X (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q5G07CF2 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RN2724VS (Temporary Internet Files Folder)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 18.06.2016 at 18:58:32,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Professional x64
Ran by Jaroslav (Administrator) on so 18.06.2016 at 18:55:55,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 8
Successfully deleted: C:\Users\Jaroslav\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VPHI7FL (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jaroslav\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ4BTV8X (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jaroslav\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q5G07CF2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jaroslav\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RN2724VS (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VPHI7FL (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ4BTV8X (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q5G07CF2 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RN2724VS (Temporary Internet Files Folder)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 18.06.2016 at 18:58:32,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
michalenka215
- Návštěvník
- Příspěvky: 39
- Registrován: 17 kvě 2006 19:31
Re: Vyskakování nechtěných oken při prohlížení
Vypadá to, že problém je vyřešen. Moc děkuji za pomoc. 
Hezký den.
Hezký den.
-
Rudy
- Site Admin
- Příspěvky: 119600
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakování nechtěných oken při prohlížení
Rádo se stalo!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?