VIRY.CZ

zde je vysledek mbamu.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 18.4.2016
Čas skenování: 13:41
Protokol: mbam.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.04.18.03
Databáze rootkitů: v2016.04.17.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Zdenka

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 603381
Uplynulý čas: 2 hod, 47 min, 9 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

coz je divné protože to nalezlo hodně potencionálně nebezpečných položek, nechala jsem je všechny odstranit (přesunout do karantény)

po dokončení tohoto jsme opět udělala frst přikládám v další zprávě

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016
Ran by Zdenka (administrator) on ZDENKA-HP (18-04-2016 21:21:56)
Running from C:\Users\Zdenka\Desktop
Loaded Profiles: Zdenka (Available Profiles: Zdenka)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Dropbox, Inc.) C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(PowerISO Computing, Inc.) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Opera Software) C:\Program Files (x86)\Opera\launcher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software) C:\Program Files (x86)\Opera\36.0.2130.65\opera_autoupdate.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-04] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-07] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-07] (Atheros Commnucations)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [299576 2011-01-29] (Hewlett-Packard Company)
HKLM-x32\...\Run: [File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12274688 2011-02-07] (Hewlett-Packard)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [HP HD Webcam [Fixed]_Monitor] => C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe [267128 2010-11-26] ()
HKLM-x32\...\Run: [DTRun] => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [517456 2010-11-24] (ArcSoft Inc.)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-04-05] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\windows\Samsung\PanelMgr\ssmmgr.exe /autorun
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [307200 2011-06-15] (PowerISO Computing, Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
Startup: C:\Users\Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-04-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2016-04-18]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 01 C:\windows\SysWOW64\NLAapi.dll [52224 2012-01-13] (Microsoft Corporation)ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 02 C:\windows\SysWOW64\napinsp.dll [52224 2009-07-14] (Microsoft Corporation)ATTENTION: LibraryPath should be "%SystemRoot%\system32\napinsp.dll"
Winsock: Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation)ATTENTION: LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 04 C:\windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation)ATTENTION: LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 08 C:\windows\SysWOW64\mswsock.dll [231424 2013-09-08] (Microsoft Corporation)ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 09 C:\windows\SysWOW64\winrnr.dll [20992 2009-07-14] (Microsoft Corporation)ATTENTION: LibraryPath should be "%SystemRoot%\System32\winrnr.dll"
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{588C40A4-7334-4CD0-9FB0-9BB2C92B894A}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{AE10215E-90B6-44C8-B73F-E1F301C9A8A1}: [DhcpNameServer] 58.17.39.219 218.87.6.206 210.35.207.8
ManualProxies:

Internet Explorer:
==================
HKU\S-1-5-21-1435834558-3399890420-224863321-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131051333067331080&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-1435834558-3399890420-224863321-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-1435834558-3399890420-224863321-1001 -> DefaultScope {80AE6209-510D-40E5-843F-33B01D421721} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1435834558-3399890420-224863321-1001 -> {80AE6209-510D-40E5-843F-33B01D421721} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1435834558-3399890420-224863321-1001 -> {CA881421-2F2D-439B-A02F-D4E4C0E15CCE} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1435834558-3399890420-224863321-1001 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-04-07] (RealPlayer)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07] (Hewlett-Packard)
BHO-x32: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL [2011-03-31] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-07] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.2.72 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2012-04-07] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.2.72 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-04-07] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-04-07] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-04-07] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=15.0.2.72 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll [2012-04-07] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1435834558-3399890420-224863321-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Zdenka\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1435834558-3399890420-224863321-1001: @talk.google.com/O1DPlugin -> C:\Users\Zdenka\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1435834558-3399890420-224863321-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Zdenka\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-1435834558-3399890420-224863321-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Zdenka\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Zdenka\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Zdenka\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2011-05-12] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn
FF Extension: Symantec IPS - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn [2011-09-28] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2 [2016-04-18] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2015-05-28] [not signed]

Chrome:
=======
CHR Profile: C:\Users\Zdenka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-14]
CHR Extension: (Dokumenty Google) - C:\Users\Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-14]
CHR Extension: (Disk Google) - C:\Users\Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-14]
CHR Extension: (YouTube) - C:\Users\Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-14]
CHR Extension: (Tabulky Google) - C:\Users\Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-15]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2016-04-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-14]
CHR Extension: (Gmail) - C:\Users\Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-14]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-04-07]
StartMenuInternet: Google Chrome - Chrome.exe

Opera:
=======
StartMenuInternet: (HKLM) OperaStable - Opera.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-07] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-07] (Atheros Commnucations) [File not signed]
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [481104 2011-02-12] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464480 2011-02-04] (Hewlett-Packard Company)
R3 HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2011-01-12] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320000 2011-02-07] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-29] (Hewlett-Packard Company)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1318912 2011-02-09] () [File not signed]
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-17] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
S3 asvpndrv; C:\Windows\System32\DRIVERS\asvpndrv.sys [31744 2012-02-29] (Astrill)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20111027.001\BHDrvx64.sys [1155704 2011-10-15] (Symantec Corporation)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2011-11-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138360 2011-11-09] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20111111.030\IDSvia64.sys [488568 2011-09-12] (Symantec Corporation)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [168008 2011-02-09] (McAfee, Inc.)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111111.036\ENG64.SYS [117880 2011-09-13] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20111111.036\EX64.SYS [2048632 2011-09-13] (Symantec Corporation)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2611704 2011-01-12] (Sunplus Technology)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-31] (Symantec Corporation)
S2 SSPORT; C:\windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-07-29] (Samsung Electronics)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-15] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-09-13] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-21] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-18 21:21 - 2016-04-18 21:23 - 00027015 _____ C:\Users\Zdenka\Desktop\FRST.txt
2016-04-18 20:50 - 2016-04-18 20:51 - 00000000 ____D C:\Users\Zdenka\Desktop\New Practical Chinese Reader Series
2016-04-18 20:34 - 2016-04-18 20:34 - 00000001 _____ C:\windows\SysWOW64\en.html
2016-04-18 19:00 - 2016-04-18 19:00 - 00001157 _____ C:\Users\Zdenka\Desktop\mbam.txt
2016-04-18 13:37 - 2016-04-18 21:13 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-18 13:37 - 2016-04-18 13:41 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-18 13:37 - 2016-04-18 13:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-18 13:37 - 2016-04-18 13:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-18 13:37 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-04-18 13:37 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-04-18 13:37 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-04-18 13:34 - 2016-04-18 13:34 - 22851472 _____ (Malwarebytes ) C:\Users\Zdenka\Downloads\mbam-setup-2.2.1.1043.exe
2016-04-17 22:19 - 2016-04-17 22:19 - 03455924 _____ C:\Users\Zdenka\Downloads\FR_Barrot_LGV_3.část textu.pdf
2016-04-17 22:19 - 2016-04-17 22:19 - 01997297 _____ C:\Users\Zdenka\Downloads\FR_Barrot_LGV_1.část.pdf
2016-04-17 22:19 - 2016-04-17 22:19 - 01976828 _____ C:\Users\Zdenka\Downloads\FR_Barrot_LGV_2.část textu-1.pdf
2016-04-16 18:28 - 2016-04-16 18:28 - 00000000 ____D C:\Users\Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-15 20:17 - 2016-04-15 20:17 - 06571071 _____ C:\Users\Zdenka\Downloads\NPCR 3 Workbook.pdf
2016-04-15 18:30 - 2016-04-18 19:01 - 01088923 _____ C:\Users\Zdenka\Desktop\Fixlog.txt
2016-04-15 18:05 - 2016-04-15 18:07 - 00000000 ____D C:\windows\system32\MRT
2016-04-15 18:05 - 2014-07-31 23:41 - 99218768 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-04-15 17:00 - 2016-04-15 18:19 - 00000000 ____D C:\Program Files (x86)\WinZipper
2016-04-15 17:00 - 2016-04-15 17:00 - 00000000 ____D C:\Users\Zdenka\AppData\Roaming\eCyber
2016-04-15 16:59 - 2016-04-15 16:59 - 00015128 _____ C:\windows\System32\Tasks\Browser Updater Task(Core)
2016-04-15 16:59 - 2016-04-15 16:59 - 00000000 ____D C:\Program Files (x86)\QQBrowser
2016-04-15 16:48 - 2016-04-15 16:48 - 00046620 _____ C:\Users\Zdenka\Downloads\Addition.txt
2016-04-15 16:45 - 2016-04-18 21:21 - 00000000 ____D C:\FRST
2016-04-15 16:44 - 2016-04-15 16:44 - 02375168 _____ (Farbar) C:\Users\Zdenka\Desktop\FRST64.exe
2016-04-14 21:23 - 2016-04-14 21:23 - 00112107 _____ (forum.viry.cz) C:\Users\Zdenka\Downloads\Nepotvrzeno 465056.crdownload
2016-04-14 20:33 - 2016-04-06 10:18 - 00453280 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2016-04-14 16:51 - 2016-04-18 21:13 - 00002267 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-14 16:51 - 2016-04-18 21:13 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-14 16:50 - 2016-04-14 16:50 - 00987728 _____ (Google Inc.) C:\Users\Zdenka\Downloads\ChromeSetup.exe
2016-04-14 16:50 - 2016-04-14 16:50 - 00003948 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-04-14 16:50 - 2016-04-14 16:50 - 00003696 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-04-14 09:25 - 2016-04-14 09:26 - 00000000 ____D C:\Users\Zdenka\Desktop\čína 2016
2016-04-14 09:00 - 2016-04-14 09:05 - 00000000 ____D C:\Users\Zdenka\AppData\Local\Chromium
2016-04-14 08:59 - 2016-04-14 16:51 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-14 08:58 - 2016-04-14 08:58 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-04-07 22:26 - 2016-04-07 22:26 - 06609843 _____ C:\Users\Zdenka\Desktop\NewPracticalChineseReader-vol3_Workbook.pdf
2016-04-04 22:40 - 2016-04-17 17:27 - 00000958 _____ C:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-04-04 22:40 - 2016-04-08 19:18 - 00003956 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-04-03 23:37 - 2016-04-03 23:37 - 02436568 _____ C:\Users\Zdenka\Downloads\FormApps_Signing_Extension.exe
2016-04-03 23:24 - 2016-04-03 23:24 - 00001282 _____ C:\Users\Zdenka\Downloads\xdp-osvc-2013.xdp
2016-03-30 22:00 - 2016-03-30 22:01 - 55412736 _____ C:\Users\Zdenka\Downloads\FontPack1500720033_XtdAlf_Lang_DC.msi
2016-03-28 18:09 - 2016-03-28 18:10 - 07928604 _____ C:\Users\Zdenka\Downloads\docslide.us_npcr-3pdf.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-18 21:21 - 2013-04-09 16:06 - 00000000 ___RD C:\Users\Zdenka\Dropbox
2016-04-18 21:18 - 2013-02-28 15:21 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-04-18 21:18 - 2011-05-12 02:05 - 00000000 ____D C:\ProgramData\PDFC
2016-04-18 21:18 - 2011-05-12 02:01 - 00000000 ____D C:\ProgramData\HPQLOG
2016-04-18 21:17 - 2011-08-23 16:15 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2016-04-18 21:17 - 2009-07-14 06:45 - 00417312 _____ C:\windows\system32\FNTCACHE.DAT
2016-04-18 21:16 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-04-18 21:13 - 2015-08-18 10:45 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-04-18 21:13 - 2015-08-18 10:45 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-04-18 21:13 - 2015-05-27 16:34 - 00000994 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-04-18 21:13 - 2015-05-27 16:34 - 00000982 _____ C:\Users\Public\Desktop\Opera.lnk
2016-04-18 21:13 - 2015-03-04 17:58 - 00000989 _____ C:\Users\Zdenka\Desktop\XMind 6.lnk
2016-04-18 21:13 - 2014-03-11 10:18 - 00002697 _____ C:\Users\Public\Desktop\Skype.lnk
2016-04-18 21:13 - 2013-11-07 15:45 - 00002186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 2.0.lnk
2016-04-18 21:13 - 2013-11-07 15:45 - 00002174 _____ C:\Users\Public\Desktop\Adobe Digital Editions 2.0.lnk
2016-04-18 21:13 - 2013-04-09 16:06 - 00001021 _____ C:\Users\Zdenka\Desktop\Dropbox.lnk
2016-04-18 21:13 - 2012-05-13 08:52 - 00000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-18 21:13 - 2012-04-07 14:13 - 00001264 _____ C:\Users\Public\Desktop\RealPlayer.lnk
2016-04-18 21:13 - 2012-02-06 11:11 - 00000967 _____ C:\Users\Zdenka\Desktop\WinRAR.lnk
2016-04-18 21:13 - 2011-09-25 10:28 - 00001729 _____ C:\Users\Zdenka\Desktop\FILMY.lnk
2016-04-18 21:13 - 2011-09-25 10:28 - 00000972 _____ C:\Users\Zdenka\Desktop\SERIÁLY.lnk
2016-04-18 21:13 - 2011-09-16 20:24 - 00003093 _____ C:\Users\Zdenka\Desktop\Microsoft Word 2010.lnk
2016-04-18 21:13 - 2011-09-16 20:24 - 00002941 _____ C:\Users\Zdenka\Desktop\Microsoft Excel 2010.lnk
2016-04-18 21:13 - 2011-09-16 20:24 - 00002939 _____ C:\Users\Zdenka\Desktop\Microsoft OneNote 2010.lnk
2016-04-18 21:13 - 2011-09-16 20:24 - 00002917 _____ C:\Users\Zdenka\Desktop\Microsoft PowerPoint 2010.lnk
2016-04-18 21:13 - 2011-09-16 20:22 - 00000882 _____ C:\Users\Zdenka\Desktop\Total Commander.lnk
2016-04-18 21:13 - 2011-09-15 21:36 - 00001683 _____ C:\Users\Zdenka\Desktop\múzika.lnk
2016-04-18 21:13 - 2011-09-15 14:34 - 00001704 _____ C:\Users\Zdenka\Desktop\foto.lnk
2016-04-18 21:13 - 2011-09-13 17:38 - 00002480 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2016-04-18 21:13 - 2011-09-13 15:48 - 00001035 _____ C:\Users\Zdenka\Desktop\KMPlayer.lnk
2016-04-18 21:13 - 2011-09-13 15:46 - 00001146 _____ C:\Users\Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2016-04-18 21:13 - 2011-09-13 15:46 - 00001122 _____ C:\Users\Zdenka\Desktop\BS.Player FREE.lnk
2016-04-18 21:13 - 2011-09-12 19:30 - 00001015 _____ C:\Users\Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-18 21:13 - 2011-09-12 19:21 - 00000514 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Try HP Virtual Rooms.lnk
2016-04-18 21:13 - 2011-08-23 16:24 - 00001646 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Premium Sound.lnk
2016-04-18 21:13 - 2011-08-23 16:18 - 00002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Launch TotalMedia Suite.lnk
2016-04-18 21:13 - 2011-05-12 02:23 - 00002273 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Theft Recovery.lnk
2016-04-18 21:13 - 2011-05-12 02:16 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-04-18 21:13 - 2011-05-12 02:16 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-04-18 21:13 - 2011-05-12 02:06 - 00001743 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Software Setup.lnk
2016-04-18 21:13 - 2011-05-12 01:25 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-04-18 21:13 - 2011-05-12 01:25 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-04-18 21:13 - 2009-07-14 07:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-04-18 21:13 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-18 21:13 - 2009-07-14 06:57 - 00001352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-04-18 21:13 - 2009-07-14 06:57 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-04-18 21:13 - 2009-07-14 06:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-04-18 21:13 - 2009-07-14 06:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-04-18 21:13 - 2009-07-14 06:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-04-18 21:07 - 2011-05-12 02:16 - 00000000 ____D C:\windows\cs
2016-04-18 20:52 - 2011-05-12 02:04 - 00670908 _____ C:\windows\system32\perfh005.dat
2016-04-18 20:52 - 2011-05-12 02:04 - 00142488 _____ C:\windows\system32\perfc005.dat
2016-04-18 20:52 - 2009-07-14 07:13 - 01584554 _____ C:\windows\system32\PerfStringBackup.INI
2016-04-18 20:52 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-04-18 20:16 - 2015-06-16 19:05 - 00000922 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1435834558-3399890420-224863321-1001UA.job
2016-04-18 08:33 - 2015-06-16 19:04 - 00000870 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1435834558-3399890420-224863321-1001Core.job
2016-04-17 20:26 - 2012-03-07 14:39 - 00003192 _____ C:\windows\System32\Tasks\HPCeeScheduleForZdenka
2016-04-17 20:26 - 2012-03-07 14:39 - 00000336 _____ C:\windows\Tasks\HPCeeScheduleForZdenka.job
2016-04-17 18:43 - 2009-07-14 06:45 - 00025648 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-17 18:43 - 2009-07-14 06:45 - 00025648 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-17 18:38 - 2015-08-19 21:48 - 00000000 ____D C:\windows\System32\Tasks\Remediation
2016-04-16 18:28 - 2013-04-09 15:54 - 00000000 ____D C:\Users\Zdenka\AppData\Roaming\Dropbox
2016-04-16 18:26 - 2015-06-16 19:04 - 00000000 ____D C:\Users\Zdenka\AppData\Local\Dropbox
2016-04-15 18:30 - 2009-07-14 05:20 - 00000000 ___HD C:\windows\system32\GroupPolicy
2016-04-15 18:30 - 2009-07-14 05:20 - 00000000 ____D C:\windows\SysWOW64\GroupPolicy
2016-04-15 18:17 - 2011-09-24 23:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-14 20:28 - 2012-05-13 09:01 - 00000000 ____D C:\Users\Zdenka\Desktop\zálohy registrů
2016-04-14 16:49 - 2015-05-27 16:34 - 00003848 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1432737268
2016-04-14 16:49 - 2015-05-27 16:33 - 00000000 ____D C:\Program Files (x86)\Opera
2016-04-14 09:25 - 2015-10-07 10:58 - 00000000 ____D C:\Users\Zdenka\Desktop\literární seminář čínská povídka andrš
2016-04-14 09:25 - 2014-10-13 11:48 - 00000000 ___RD C:\Users\Zdenka\Desktop\SINO
2016-04-14 09:25 - 2011-09-25 10:38 - 00000000 ____D C:\Users\Zdenka\Desktop\work
2016-04-14 09:12 - 2012-02-27 13:34 - 00000000 ____D C:\Users\Zdenka\AppData\Local\CrashDumps
2016-04-11 20:06 - 2011-09-24 11:53 - 00003220 _____ C:\windows\System32\Tasks\HPCeeScheduleForZDENKA-HP$
2016-04-08 19:18 - 2013-02-28 15:21 - 00797376 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-04-08 19:18 - 2013-02-28 15:21 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-08 19:18 - 2013-02-28 15:21 - 00003852 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-04-07 23:23 - 2011-08-23 16:24 - 00000000 ____D C:\ProgramData\Norton
2016-04-04 22:48 - 2012-03-27 09:52 - 00000000 ____D C:\Users\Zdenka\AppData\Local\Adobe
2016-03-30 20:29 - 2015-10-07 10:55 - 00000000 ____D C:\Users\Zdenka\Desktop\klasická čínština
2016-03-28 18:46 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\NDF

==================== Files in the root of some directories =======

2013-06-09 07:38 - 2013-06-09 07:39 - 0213328 _____ () C:\ProgramData\TestPreferences

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-04-18 10:48

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-04-2016
Ran by Zdenka (2016-04-18 21:24:20)
Running from C:\Users\Zdenka\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-09-12 17:18:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1435834558-3399890420-224863321-500 - Administrator - Disabled)
Guest (S-1-5-21-1435834558-3399890420-224863321-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1435834558-3399890420-224863321-1003 - Limited - Enabled)
Zdenka (S-1-5-21-1435834558-3399890420-224863321-1001 - Administrator - Enabled) => C:\Users\Zdenka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Disabled - Out of date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.12 - ArcSoft)
ArcSoft TotalMedia (x32 Version: 1.0.48.25 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.02.000.55 - Atheros Communications)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.57.1051 - Webteh, d.o.o.)
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.18 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 6.0.0.9 - Hewlett-Packard Company)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Drive Encryption For HP ProtectTools (HKLM\...\{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}) (Version: 6.0.33.24411 - Hewlett-Packard Company)
Dropbox (HKU\S-1-5-21-1435834558-3399890420-224863321-1001\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Face Recognition for HP ProtectTools (HKLM\...\{D3A775F2-2674-4452-8D80-1FC1446052EE}) (Version: 6.00.4303 - Hewlett-Packard Company)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 6.0.0.8 - Hewlett-Packard Company)
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.75 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM\...\{83DA38AB-1014-41C2-A3CD-E2B93832A71A}) (Version: 4.1.4.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{4B21E4B2-89B8-499D-803A-34ABF929401E}) (Version: 4.1.10.1 - Hewlett-Packard Company)
HP DayStarter (HKLM\...\{483D5A49-A26B-4CB8-AA2D-0D1811322061}) (Version: 2.0.0.12 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{CFC1988A-F492-4BC5-B6F7-683A95718AE9}) (Version: 1.1.11.1 - Hewlett-Packard Company)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP HD Webcam [Fixed] (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.3.4.07 - SunplusIT)
HP HotKey Support (HKLM\...\{7D1C63D1-6520-49DA-B738-958133526E80}) (Version: 4.0.10.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}) (Version: 2.0.2.0 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 6.00.888 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{20976B1F-E910-404D-9261-C16EE7E12DC8}) (Version: 3.0.0.9057 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{344A1AA2-AC8E-4741-BDB0-65B68FDA883C}) (Version: 3.2.0.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{B7F60A16-7A7B-41FB-9AE3-DE9E324FBA06}) (Version: 4.0.112.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E02FBF01-0DE3-4BCB-89E8-D300FEFC3289}) (Version: 5.2.3.4 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{54C65FE7-83BD-4A5B-A9B4-41F793C5F241}) (Version: 2.1.2 - Hewlett-Packard Company)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
ICBCChromeExtension (HKLM-x32\...\{3561742A-2478-4FAB-A44B-38A26E1FE14F}) (Version: 1.0.1.4 - ICBC) <==== ATTENTION
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.57.2 - JMicron Technology Corp.)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
MKV Player 2.0 (HKLM-x32\...\MKV Player_is1) (Version: - vsevensoft.com)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 18.7.2.3 - Symantec Corporation)
Opera Stable 36.0.2130.65 (HKLM-x32\...\Opera 36.0.2130.65) (Version: 36.0.2130.65 - Opera Software)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.33 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.8 - PowerISO Computing, Inc.)
Privacy Manager for HP ProtectTools (HKLM\...\{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}) (Version: 6.00.831 - Hewlett-Packard Company)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: - RealNetworks)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0016 - Realtek)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
SDK (x32 Version: 2.24.025 - Portrait Displays, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}) (Version: 6.0.0.30 - Hewlett-Packard Company)
Theft Recovery for HP ProtectTools (x32 Version: 6.0.0.30 - Hewlett-Packard Company) Hidden
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
Údržba Samsung ML-1660 Series (HKLM-x32\...\Samsung ML-1660 Series) (Version: - Samsung Electronics Co., Ltd.)
Validity Fingerprint Sensor Driver (HKLM\...\{FFC3E41D-2C2B-45B7-9AD9-5EA19572DD26}) (Version: 4.3.117.0 - Validity Sensors, Inc.)
VIP Access SDK x64(1.0.0.50) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World Cup Cricket 20-20 (x32 Version: 2.2.0.95 - WildTangent) Hidden
XMind 6 (v3.5.1) (HKLM-x32\...\XMind_is1) (Version: 3.5.1.201411201906 - XMind Ltd.)
Xobni (HKLM-x32\...\XobniMain) (Version: 1.9.5.13282 - Xobni Corp.)
Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1435834558-3399890420-224863321-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435834558-3399890420-224863321-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Zdenka\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1435834558-3399890420-224863321-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Zdenka\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1435834558-3399890420-224863321-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435834558-3399890420-224863321-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435834558-3399890420-224863321-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435834558-3399890420-224863321-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435834558-3399890420-224863321-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435834558-3399890420-224863321-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435834558-3399890420-224863321-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435834558-3399890420-224863321-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435834558-3399890420-224863321-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435834558-3399890420-224863321-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F80A18F-9572-42E3-B272-837ABDEFB3E7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2016-04-12] (Microsoft)
Task: {136899AE-2706-405B-A16D-B8BBFD92EC3D} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1435834558-3399890420-224863321-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-01-30] (RealNetworks, Inc.)
Task: {1502997B-CCD1-4321-973C-D0EBCD4B71D1} - System32\Tasks\Symantec\Norton Error Processor 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation)
Task: {2102BEAA-6675-4C9F-8CC4-C74D4AF54BB4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-12-10] (Hewlett-Packard Company)
Task: {329979D7-6900-407F-8E91-14B90C296DED} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {412E9D77-B202-4B9D-A67B-B883A48D184E} - System32\Tasks\HPCeeScheduleForZdenka => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {5C6D2C7B-F668-4068-92FE-67AB0719EFBE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-12-10] (Hewlett-Packard Company)
Task: {5FFBED6A-BA96-4124-96E9-5D30AE6F8E56} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1435834558-3399890420-224863321-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-01-30] (RealNetworks, Inc.)
Task: {62ADE325-BACA-410A-92DB-B9C359884369} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\QQBrowser\Update\F279080C6EA158F5E52E6868A8CC77FC\Update\BrowserUpdate.exe [2016-04-08] (Tencent) <==== ATTENTION
Task: {7305D3CA-00BA-49CC-B3E5-978E9D11CC83} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-14] (Google Inc.)
Task: {78ED005D-BCF1-4008-B50F-B80B1A9E4443} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2015-08-06] (Symantec Corporation)
Task: {7EB63894-5248-4947-8A3A-09331AC31FB3} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe [2016-04-08] (Adobe Systems Incorporated)
Task: {7F0D6699-1833-47E1-8C2A-1752D4D30043} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-14] (Google Inc.)
Task: {7F2B03F9-1C01-4CE8-9500-0B276AAD3C07} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1435834558-3399890420-224863321-1001Core => C:\Users\Zdenka\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {9DCCBD29-B188-40D6-941A-AF9E353D604C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated)
Task: {BC4AE030-7BA3-45FA-A88C-2BB9DD58D336} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1435834558-3399890420-224863321-1001UA => C:\Users\Zdenka\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {BE8EB6B9-A6E3-46B0-BBED-7B4C61757B7D} - System32\Tasks\HPCeeScheduleForZDENKA-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {C3B03923-E7FB-465B-9846-71EC2A4F1F24} - System32\Tasks\Symantec\Norton Error Analyzer 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation)
Task: {C620CAF9-C4F9-4959-A6FA-7A9FDF7BD877} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1435834558-3399890420-224863321-1001UA => C:\Users\Zdenka\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {C764B549-E565-4627-AAD6-EBE7AC928999} - System32\Tasks\Opera scheduled Autoupdate 1432737268 => C:\Program Files (x86)\Opera\launcher.exe [2016-04-11] (Opera Software)
Task: {E4219423-A76B-4AFC-BA1A-80C0677A5B97} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2016-04-12] (Microsoft)
Task: {EBC4B0AE-79C9-4A01-B3DA-E52AEEF14B9E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1435834558-3399890420-224863321-1001Core => C:\Users\Zdenka\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {FAF1A6B7-1162-457C-9F90-66AE3D065814} - System32\Tasks\{CA38A947-594B-434F-BBC1-0E624362ADAA} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2015-10-14] (Skype Technologies S.A.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1435834558-3399890420-224863321-1001Core.job => C:\Users\Zdenka\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1435834558-3399890420-224863321-1001UA.job => C:\Users\Zdenka\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForZdenka.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2011-09-13 16:43 - 2009-08-10 09:08 - 00027648 _____ () C:\windows\System32\ssp7ml6.dll
2011-09-13 16:43 - 2009-12-15 10:26 - 00749568 _____ () C:\windows\system32\spool\DRIVERS\x64\3\ssp7mdu.dll
2011-01-31 20:54 - 2011-01-31 20:54 - 00107008 _____ () c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2011-02-09 21:04 - 2011-02-09 21:04 - 02905600 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll
2010-09-06 22:18 - 2010-09-06 22:18 - 01412608 _____ () C:\windows\system32\LIBEAY32.dll
2011-02-09 20:27 - 2011-02-09 20:27 - 00141824 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-02-06 11:11 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2011-03-26 05:28 - 2011-03-26 05:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-02-09 20:28 - 2011-02-09 20:28 - 01318912 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
2011-01-27 03:14 - 2011-01-27 03:14 - 00036408 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Remote.dll
2010-11-26 13:31 - 2010-11-26 13:31 - 00267128 _____ () C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe
2011-09-13 16:42 - 2010-06-07 12:35 - 00618496 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2010-06-24 12:21 - 2010-06-24 12:21 - 01102336 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.dll
2011-09-13 16:42 - 2009-07-29 12:13 - 00306688 _____ () C:\Windows\Samsung\PanelMgr\caller64.exe
2011-01-27 03:13 - 2011-01-27 03:13 - 00080440 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HardwareAccess.dll
2011-01-27 03:13 - 2011-01-27 03:13 - 00047160 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\Graphs.dll
2011-05-12 02:07 - 2011-01-27 02:34 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2016-04-16 18:28 - 2016-03-21 23:50 - 00034768 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-04-16 18:27 - 2016-03-21 23:51 - 00019408 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-04-16 18:27 - 2016-03-21 23:50 - 00116688 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-04-16 18:28 - 2016-03-21 23:50 - 00093640 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-04-16 18:28 - 2016-03-21 23:50 - 00018376 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\select.pyd
2016-04-16 18:28 - 2016-04-08 20:20 - 00019760 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-04-16 18:28 - 2016-03-21 23:52 - 00105928 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-04-16 18:27 - 2016-03-21 23:50 - 00392144 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-04-16 18:28 - 2016-04-08 20:20 - 00381752 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-04-16 18:28 - 2016-03-21 23:50 - 00692688 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-04-16 18:27 - 2016-04-08 20:19 - 00020816 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-04-16 18:28 - 2016-03-21 23:51 - 00112592 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-04-16 18:27 - 2016-04-08 20:19 - 01682760 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-04-16 18:27 - 2016-04-08 20:19 - 00020808 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-04-16 18:28 - 2016-04-08 20:20 - 00021840 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-04-16 18:27 - 2016-04-08 20:19 - 00038696 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-04-16 18:27 - 2016-03-21 23:52 - 00020936 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-04-16 18:28 - 2016-03-21 23:52 - 00024528 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-04-16 18:28 - 2016-03-21 23:52 - 00114640 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-04-16 18:28 - 2016-03-21 23:52 - 00124880 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-04-16 18:28 - 2016-04-08 20:20 - 00021832 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-04-16 18:28 - 2016-03-21 23:52 - 00024016 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-04-16 18:28 - 2016-03-21 23:52 - 00175560 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-04-16 18:28 - 2016-03-21 23:52 - 00030160 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-04-16 18:28 - 2016-03-21 23:52 - 00043472 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-04-16 18:28 - 2016-03-21 23:52 - 00028616 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-04-16 18:28 - 2016-03-21 23:52 - 00048592 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-04-16 18:27 - 2016-04-08 20:19 - 00026456 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-04-16 18:28 - 2016-03-21 23:52 - 00057808 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-04-16 18:28 - 2016-03-21 23:52 - 00024016 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-04-16 18:27 - 2016-04-08 20:19 - 00117056 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-04-16 18:28 - 2016-04-08 20:20 - 00023376 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-04-16 18:28 - 2016-03-21 23:50 - 00134608 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-04-16 18:27 - 2016-03-21 23:50 - 00134088 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-04-16 18:27 - 2016-03-21 23:51 - 00240584 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-04-16 18:27 - 2016-04-08 20:19 - 00024392 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-04-16 18:27 - 2016-03-21 23:52 - 00036296 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\librsync.dll
2016-04-16 18:27 - 2016-04-08 20:19 - 00052024 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-04-16 18:28 - 2016-04-08 20:20 - 00020800 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-04-16 18:28 - 2016-04-08 20:20 - 00021824 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-04-16 18:28 - 2016-04-08 20:20 - 00019776 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-04-16 18:28 - 2016-04-08 20:20 - 00020800 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-04-16 18:27 - 2016-04-08 20:19 - 00020280 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-04-16 18:28 - 2016-03-21 23:52 - 00350152 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-04-16 18:28 - 2016-04-08 20:20 - 00022352 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-04-16 18:27 - 2016-04-08 20:19 - 00084280 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-04-16 18:27 - 2016-04-08 20:20 - 01826096 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-04-16 18:28 - 2016-03-21 23:51 - 00083912 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\sip.pyd
2016-04-16 18:27 - 2016-04-08 20:20 - 03928880 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-04-16 18:27 - 2016-04-08 20:20 - 01971504 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-04-16 18:27 - 2016-04-08 20:20 - 00531248 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-04-16 18:27 - 2016-04-08 20:20 - 00132912 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-04-16 18:27 - 2016-04-08 20:20 - 00223544 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-04-16 18:27 - 2016-04-08 20:20 - 00207672 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-04-16 18:27 - 2016-04-08 20:20 - 00158008 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-04-16 18:27 - 2016-04-08 20:20 - 00042808 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-04-16 18:27 - 2016-03-21 23:54 - 00017864 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-04-16 18:27 - 2016-03-21 23:54 - 01631184 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-04-16 18:28 - 2016-04-08 20:20 - 00024904 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-04-16 18:27 - 2016-04-08 20:20 - 00546096 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-04-16 18:27 - 2016-04-08 20:20 - 00357680 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-10-20 22:34 - 2016-03-21 23:56 - 00697304 _____ () C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2011-02-09 20:48 - 2011-02-09 20:48 - 02637824 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll
2011-02-09 20:27 - 2011-02-09 20:27 - 00126976 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll
2011-02-09 20:51 - 2011-02-09 20:51 - 02650112 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll
2011-02-09 20:29 - 2011-02-09 20:29 - 02035712 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll
2011-02-09 20:30 - 2011-02-09 20:30 - 01929216 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll
2010-06-24 12:19 - 2010-06-24 12:19 - 00514570 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2014-08-14 21:33 - 2014-08-14 21:33 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1e70f9aada009e40c4f131cfdbe52126\IsdiInterop.ni.dll
2011-08-23 16:06 - 2011-01-13 03:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-04-14 16:51 - 2016-04-13 10:37 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.75\libglesv2.dll
2016-04-14 16:51 - 2016-04-13 10:36 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.75\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1435834558-3399890420-224863321-1001\...\mojebanka.cz -> hxxps://www.mojebanka.cz

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-04-15 18:30 - 00000035 ____A C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1435834558-3399890420-224863321-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Zdenka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Dropbox Update => "C:\Users\Zdenka\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: HPQuickWebProxy => "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: MfeEpePcMonitor => "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{26BF4BD7-019E-4B1F-8E41-CAB70586A44A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E8D16D2C-1296-483B-AAFD-4CD58A6DCB27}] => (Allow) LPort=2869
FirewallRules: [{915EDE72-61AA-4668-B29E-D43DBEEF312E}] => (Allow) LPort=1900
FirewallRules: [{F09D0B13-139F-4163-9662-DD458D7C44D9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A7A37516-8B3E-425E-9F93-3544B5A49EE7}] => (Allow) C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7AB5FA31-AFF9-46A5-9874-4CE8AB6B4B13}] => (Allow) C:\Users\Zdenka\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{AE346BCA-BC09-4BCE-BC8A-8DB22DA5C2B8}C:\users\zdenka\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\zdenka\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{FC2FEFDC-1D84-4077-9DB6-5FB3F1CDF1A6}C:\users\zdenka\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\zdenka\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{09EA4EA5-5AC2-4912-8DB9-B3247A904ED8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

28-03-2016 14:52:39 Naplánovaný kontrolní bod
03-04-2016 23:37:58 Nainstalováno FormApps Signing Extension.
13-04-2016 12:17:17 Naplánovaný kontrolní bod
14-04-2016 20:32:57 Windows Update
14-04-2016 20:39:24 Chrome Cleanup Tool
14-04-2016 20:48:06 Windows Defender Checkpoint
15-04-2016 17:58:26 Removed Java 8 Update 40
15-04-2016 18:04:50 Windows Update
15-04-2016 18:16:41 Removed Skype Click to Call
15-04-2016 18:30:31 Restore Point Created by FRST
17-04-2016 18:27:24 Restore Point Created by FRST

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/17/2016 09:37:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: desktop154.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Název chybujícího modulu: desktop154.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Kód výjimky: 0x40000015
Posun chyby: 0x00013cf7
ID chybujícího procesu: 0xa5c
Čas spuštění chybující aplikace: 0xdesktop154.exe0
Cesta k chybující aplikaci: desktop154.exe1
Cesta k chybujícímu modulu: desktop154.exe2
ID zprávy: desktop154.exe3

Error: (04/17/2016 06:27:24 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {42659bc2-1f5f-4176-ade8-67358d54af73}

Error: (04/15/2016 09:38:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: desktop154.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Název chybujícího modulu: desktop154.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Kód výjimky: 0x40000015
Posun chyby: 0x00013cf7
ID chybujícího procesu: 0x808
Čas spuštění chybující aplikace: 0xdesktop154.exe0
Cesta k chybující aplikaci: desktop154.exe1
Cesta k chybujícímu modulu: desktop154.exe2
ID zprávy: desktop154.exe3

Error: (04/15/2016 05:23:06 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: Selhalo generování kontextu aktivace pro: 1. Chyba v souboru manifestu nebo zásad 2 na řádku 3.
V manifestu není povoleno více prvků requestedPrivileges.

Error: (04/14/2016 10:54:38 PM) (Source: XobniService) (EventID: 0) (User: )
Description: Službu nelze spustit. Neplatný popisovač

Error: (04/14/2016 10:47:50 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/14/2016 10:47:49 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/14/2016 10:47:49 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/14/2016 10:47:49 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)

Error: (04/14/2016 10:47:49 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (04/18/2016 09:18:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SSPORT neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (04/18/2016 09:18:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Norton Internet Security neuspěla při spuštění v důsledku následující chyby:
%%109

Error: (04/18/2016 09:11:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SSPORT neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (04/18/2016 07:02:16 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x800f081f): Windows Update Core.

Error: (04/18/2016 06:51:24 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby Atheros Bt&Wlan Coex Agent bylo dosaženo časového limitu (30000 ms).

Error: (04/18/2016 01:34:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x800f081f): Windows Update Core.

Error: (04/18/2016 12:54:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby hpqwmiex bylo dosaženo časového limitu (30000 ms).

Error: (04/18/2016 08:33:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x800f081f): Windows Update Core.

Error: (04/18/2016 08:22:39 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby hpqwmiex bylo dosaženo časového limitu (30000 ms).

Error: (04/17/2016 09:37:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba DeskTop DispalyName byla neočekávaně ukončena. Tento stav nastal již 1krát.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 68%
Total physical RAM: 4030.37 MB
Available physical RAM: 1272.19 MB
Total Virtual: 8058.91 MB
Available Virtual: 5110.55 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:573.96 GB) (Free:340.83 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_RECOVERY) (Fixed) (Total:16.92 GB) (Free:2.56 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.13 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: C2E30232)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=574 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)

==================== End of Addition.txt ============================

Pribyla nova infekce, pouzijte prosim znovu AdwCleaner.


Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Cleaning
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah zkopirujte do pristi odpovedi

# AdwCleaner v5.112 - Log soubor vytvořen 19/04/2016 o 21:27:41
# Aktualizováno 17/04/2016 by Xplode
# Databáze : 2016-04-19.5 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (X64)
# Jméno uživatele : Zdenka - ZDENKA-HP
# Spuštěno z : C:\Users\Zdenka\Downloads\adwcleaner_5.112.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****

[-] Složka smazáno : C:\Program Files (x86)\WinZipper
[-] Složka smazáno : C:\Program Files (x86)\QQBrowser
[-] Složka smazáno : C:\Users\Zdenka\AppData\Roaming\eCyber

***** [ Soubory ] *****


***** [ DLLs ] *****


***** [ Zástupci ] *****


***** [ Naplánované úkoly ] *****

[-] Úkol smazáno : Browser Updater Task(Core)

***** [ Registr ] *****

[-] Klávesa smazáno : HKLM\SOFTWARE\hdcode

***** [ Webové prohlížeče ] *****


*************************

:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1043 bytes] - [19/04/2016 21:27:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [1066 bytes] - [19/04/2016 21:24:40]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1189 bytes] ##########

Problemy pretrvavaji? Reklamy vyskakuji jen v jednom konkretnim prohlizeci? Jakem?



Ulozte na plochu RogueKiller - http://www.bleepingcomputer.com/download/roguekiller/

• spustte jako spravce
• prijmete EULA podminky kliknutim na Accept
• vpravo kliknete na Scan (potrva az nekolik desitek minut)
• vpravo vyberte Report
• vpravo dole Export TXT
• report ulozte na plochu a jeho obsah vlozte do pristi odpovedi

Ano problémy pořád bohužel přetrvávají. Menší četnost než na začátku, nicméně pořád se při kliknutí na nějaký odkaz často objeví jiná stránka než na jakou odkaz vedl. (Děje se to na všech možných stránkách, klikání na odkazy či fotky na fb, odkazy v mailech, zprávy na novinových stránkách, rezervační systém školní knihovny, databáze odborných článku atd.) Jako prohlížeč používám jenom chrome.

zde je výsledek roguekiller:

RogueKiller V12.1.3.0 [Apr 18 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Zdenka [Práva správce]
Started from : C:\Users\Zdenka\Downloads\RogueKiller.exe
Mód : Prohledat -- Datum : 04/20/2016 19:32:26

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 16 ¤¤¤
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : -> Nalezeno
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : -> Nalezeno
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1435834558-3399890420-224863321-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.bing.com?pc=CMNTDF -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1435834558-3399890420-224863321-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.bing.com?pc=CMNTDF -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{588C40A4-7334-4CD0-9FB0-9BB2C92B894A} | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{AE10215E-90B6-44C8-B73F-E1F301C9A8A1} | DhcpNameServer : 58.17.39.219 218.87.6.206 210.35.207.8 ([China][China][China]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{588C40A4-7334-4CD0-9FB0-9BB2C92B894A} | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{AE10215E-90B6-44C8-B73F-E1F301C9A8A1} | DhcpNameServer : 58.17.39.219 218.87.6.206 210.35.207.8 ([China][China][China]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{588C40A4-7334-4CD0-9FB0-9BB2C92B894A} | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{AE10215E-90B6-44C8-B73F-E1F301C9A8A1} | DhcpNameServer : 58.17.39.219 218.87.6.206 210.35.207.8 ([China][China][China]) -> Nalezeno
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1435834558-3399890420-224863321-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nalezeno
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1435834558-3399890420-224863321-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 1 ¤¤¤
[PUP][Složka] C:\ProgramData\{DDB686B4-4F6B-46EB-B3F0-E73DAF04B8F0} -> Nalezeno

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nenahrán [0xc000036b]) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HM641JI +++++
--- User ---
[MBR] 490a7bba5da3d75c81433924b0cf7629
[BSP] e64a5fdcf46b239e9d1acd161d79c7c2 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 300 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 616448 | Size: 587735 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1204297728 | Size: 17321 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 1239771136 | Size: 5115 MB
User = LL1 ... OK
User = LL2 ... OK

Svazek v jednotce C nem  § dnou jmenovku.
S‚riov‚ źˇslo svazku je 5071-A0A6.

Věpis adres ýe C:\ProgramData

Fix result of Farbar Recovery Scan Tool (x64) Version:13-04-2016
Ran by Zdenka (2016-04-21 20:49:11) Run:3
Running from C:\Users\Zdenka\Desktop
Loaded Profiles: Zdenka (Available Profiles: Zdenka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
Folder: C:\ProgramData\{DDB686B4-4F6B-46EB-B3F0-E73DAF04B8F0}
End
*****************


========================= Folder: C:\ProgramData\{DDB686B4-4F6B-46EB-B3F0-E73DAF04B8F0} ========================

not found.

====== End of Folder: ======


==== End of Fixlog 20:49:11 ====

Nejrychlejsim resenim by ted mohlo byt preinstalovani Chromu. Zazalohujte zalozky a hesla napr. pomoci http://www.stahuj.centrum.cz/internet_a ... me-backup/ pak Chrome odinstalujte vcetne profilu a provedte cistou instalaci.

Tak přeinstalování Chromu snad už bylo opravdu tou poslední nutnou věcí. Dala jsem tomu týden a vypadá to, že je můj počítač opět zdravý jako rybička. Velmi Vám děkuji za rady, trpělivost a čas, který jste mi věnovali! Moc si toho cením!

Ještě jednou díky,

Zdenka

To jsem rad. Jeste provedte uklid pouzitych nastroju.

• Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run

Nemate zac, rad jsem pomohl


Mejte se krasne a treba zase nekdy