VIRY.CZ

Dobrý den,

prosím o pomoc, po instalaci programu Bluestack, umožňující práci s programy pro Android na PC, se mi s největší pravděpodobností zaviroval počítač. Při každém otevření jakékoli stránky naběhnou reklamy, popř. další nechtěné stránky, stejný problém se děje i při jakémkoli pohybu na stránkách. Díky infekci nelze ani obnovit systém.

Předem moc děkuji za ochotu pomoci..

Dáša

Přikládám log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by djourova (administrator) on NBDJOUROVA on 07-07-2015 19:36:23
Running from C:\Users\djourova\Desktop
Loaded Profiles: djourova (Available Profiles: djourova & dagmar)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Authentec Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
() C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\knseFBE5.tmpfs
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(O2Micro International) C:\Windows\System32\o2flash.exe
() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
(Komprofi) C:\Program Files\PSDTray\PSDTrayMain.exe
(Komprofi) C:\Program Files\PSDTray\PSDTrayManager.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
() C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\hnsu2905.tmp
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
() C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\jnsk1371.tmp
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Komprofi) C:\Program Files\PSDTray\PSDTray.exe
(InstallMonetizer) C:\Program Files (x86)\Shop and Save Up\828ec04d-858f-435b-ad55-56616f7933ec-6.exe
(InstallMonetizer) C:\Program Files (x86)\Shop and Save Up\828ec04d-858f-435b-ad55-56616f7933ec-1-6.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
() C:\Windows\System32\cpuminer-gw64.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [698712 2013-02-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-16] (IDT, Inc.)
HKLM\...\Run: [TdmNotify] => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [371176 2012-12-22] (Wave Systems Corp.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4791024 2013-04-19] (Intel(R) Corporation)
HKLM\...\Run: [PSDTray] => C:\Program Files\PSDTray\PSDTray.exe [415744 2014-04-01] (Komprofi)
HKLM\...\Run: [cpuminer] => C:\Windows\system32\cpuminer-gw64.exe [4255416 2015-06-30] ()
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-11-13] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [462974 2011-12-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Check Point Endpoint Security] => C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe [801968 2011-09-14] (Check Point Software Technologies)
HKLM-x32\...\Run: [WMUAgent.exe] => C:\Program Files (x86)\WakeMeUp\WMUAgent.exe
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [gmsd_re_004010007] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-04] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (Authentec Inc.)
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [SoftonicAssistant] => C:\Users\djourova\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe [1835976 2015-03-25] ()
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [**asova**<*>] => [X] <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [cz.seznam.software.autoupdate] => "C:\Users\djourova\AppData\Roaming\Seznam.cz\szninstall.exe" -c
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [cz.seznam.software.szndesktop] => "C:\Users\djourova\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [WMUTray.exe] => C:\Program Files (x86)\WakeMeUp\WMUTray.exe
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [GoogleChromeAutoLaunch_37FC9444FDBBCB8836F89C2EF15C0FFE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.)
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\MountPoints2: {31a8c31b-fbb8-11e3-8116-c4d987a73f0e} - D:\VW100_Modem_Installation.exe
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-12-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\djourova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenVPN GUI.lnk [2014-06-02]
ShortcutTarget: OpenVPN GUI.lnk -> C:\Program Files\OpenVPN\bin\openvpn-gui.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-04] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2012-12-22] (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2012-12-22] (Wave Systems Corp.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.fastosearch.info/?l=1& ... Z&unqvl=55
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {09A42A57-18DF-4506-82D2-C1593809E1EC} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {116C6B29-6278-4CD9-8C8B-AF8DE3C09872} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {4E0ECA01-4641-4260-9352-3C9FBA1A80A8} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {59811090-18C8-4757-9F73-9ABA98A9E59C} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {65CA9C39-F969-42F5-8B1A-A071F10E703E} URL = http://search.creativetoolbars.com/resu ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {67DBC930-D14D-4B82-BCED-485F7B69F8E9} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {AAE443FD-D956-426C-89D1-7FE050A9F990} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {B32CBD43-F263-41E7-85B9-6862AE3FCDC4} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {DDEF7010-99F3-4E66-AA7E-36F2B1399A71} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {E524CB40-4E6B-469D-ABBB-795333A27B4D} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {E68F4E10-CC7D-4F7D-99A0-FFD9E3B8B753} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {FE868A59-944C-496B-BBE1-DB2FCF0AB1DF} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
BHO: Shopping App by Ask -> {4F524A2D-5354-2D53-5045-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Passport_x64.dll" No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-04] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Shopping App by Ask -> {4F524A2D-5354-2D53-5045-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Passport.dll" No File
BHO-x32: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files (x86)\MiuiTab\SupTab.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-04] (Avast Software s.r.o.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - Shopping App by Ask - {4F524A2D-5354-2D53-5045-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Passport_x64.dll" No File
Toolbar: HKLM-x32 - Shopping App by Ask - {4F524A2D-5354-2D53-5045-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Passport.dll" No File
DPF: HKLM-x32 {F8C6BC40-4D18-4B7C-B7D4-B21D9D27FB32} https://psdz.lpp.com.pl:8443/lpp/authority/PSDZX.ocx
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{2599484F-137B-483F-B030-2385E5A137BC}: [DhcpNameServer] 10.20.34.1
Tcpip\..\Interfaces\{7C426A94-D66C-442B-B5F8-A0072BC17AD5}: [DhcpNameServer] 10.0.1.1
Tcpip\..\Interfaces\{C06E16EF-4C51-4A7A-AEE7-9E44166037F3}: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{F68814A5-7D49-4B97-8762-8939D9586E95}: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... XXW3739JJA

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-11-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-11-13] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-04-30] (pdfforge GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-12-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-04]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-04]
CHR Extension: (Shop and Save Up) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\ablgnpngfaaficpckehadaljnjgjkhbi [2015-07-05]
CHR Extension: (Google Docs) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-04]
CHR Extension: (Google Drive) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-04]
CHR Extension: (YouTube) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-04]
CHR Extension: (Google Search) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-04]
CHR Extension: (Google Sheets) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-04]
CHR Extension: (Google Wallet) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-27]
CHR Extension: (Gmail) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-04]
CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2015-05-26]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2015-05-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-04]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-04] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-07-04] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-07-04] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [226824 2012-12-13] ()
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-05-11] (Foxit Software Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S3 InvProtectSvc; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2947856 2013-07-30] (Invincea, Inc.)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-11-13] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-04-19] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 O2FLASH; C:\Windows\system32\o2flash.exe [244328 2011-11-16] (O2Micro International)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
R2 PbaDrvSvc_x64; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [20480 2012-11-23] () [File not signed]
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PSDTrayMain; C:\Program Files\PSDTray\PSDTrayMain.exe [56320 2014-04-01] (Komprofi) [File not signed]
R2 PSDTrayManager; C:\Program Files\PSDTray\PSDTrayManager.exe [20480 2014-04-01] (Komprofi) [File not signed]
S3 SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [124616 2013-07-30] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2013-11-22] (SoftThinks SAS)
S2 tcsd_win32.exe; C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe [1643520 2012-05-11] () [File not signed]
R2 TracSrvWrapper; C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [4512952 2011-09-14] (Check Point Software Technologies)
R2 vicoqudu; C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\hnsu2905.tmp [165376 2015-07-04] () [File not signed]
R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1758720 2012-11-19] (Wave Systems Corp.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-04-27] (Microsoft Corporation)
S2 WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [254384 2012-11-08] (Wave Systems Corp.)
R2 zejytose; C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\jnsk1371.tmp [199168 2015-07-04] () [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3388144 2013-04-19] (Intel® Corporation)
R2 fuwypiwe; C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\knseFBE5.tmpfs [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-04] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-07-04] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-04] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-07-04] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-04] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-04] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-04] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-04] (Avast Software s.r.o.)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2015-07-04] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-04] ()
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [131968 2012-10-30] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1342848 2012-12-03] (Motorola Solutions, Inc.)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [39016 2012-09-23] (Dell Inc.)
S3 InvProtectDrv; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [34824 2013-07-30] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-11-13] (Intel Corporation)
S3 SboxDrv; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [202248 2013-07-30] ()
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [68208 2012-05-21] (STMicroelectronics)
S3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [48024 2013-01-29] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-04] (Avast Software)
R3 vna_ap; C:\Windows\System32\DRIVERS\vnaap.sys [161256 2011-09-14] (Check Point Software Technologies)
R1 vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [448168 2011-09-12] (Check Point Software Technologies Ltd.)
S3 XHCIPort; C:\Windows\System32\DRIVERS\XHCIPort.sys [194456 2013-01-29] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Pěkný večer, děkuji moc, že se mi věnujete Zatím se zdá, že reklamy už nevyskakují, zkoušela jsem chvíli brouzdat a vše v pořádku. Systém jsem obnovit ještě ale nezkusila.

Přikládám log z Cleaneru:


# AdwCleaner v4.207 - Log vytvořen 07/07/2015 v 21:12:02
# Aktualizováno 21/06/2015 by Xplode
# Databáze : 2015-07-05.2 [Server]
# Operační system : Windows 7 Professional Service Pack 1 (x64)
# Uživatelské jméno : djourova - NBDJOUROVA
# Spuštěno z : C:\Users\djourova\Desktop\adwcleaner_4.207.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\apn
Složka Smazáno : C:\ProgramData\AskPartnerNetwork
Složka Smazáno : C:\ProgramData\SNT
Složka Smazáno : C:\ProgramData\WindowsMangerProtect
Složka Smazáno : C:\ProgramData\IHProtectUpDate
Složka Smazáno : C:\ProgramData\BrilliantInstaller
Složka Smazáno : C:\ProgramData\save on
Složka Smazáno : C:\ProgramData\YoutubeAdblocker
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
Složka Smazáno : C:\Program Files (x86)\AskPartnerNetwork
Složka Smazáno : C:\Program Files (x86)\globalUpdate
Složka Smazáno : C:\Program Files (x86)\predm
Složka Smazáno : C:\Program Files (x86)\SNT
Složka Smazáno : C:\Program Files (x86)\GUPlayer
Složka Smazáno : C:\Program Files (x86)\Shop and Save Up
Složka Smazáno : C:\Program Files (x86)\save on
Složka Smazáno : C:\Program Files (x86)\YoutubeAdblocker
Složka Smazáno : C:\Program Files (x86)\MediaPlayerVid2.4
Složka Smazáno : C:\Program Files (x86)\gmsd_re_002020020
Složka Smazáno : C:\Users\djourova\AppData\Local\Temp\apn
Složka Smazáno : C:\Users\djourova\AppData\Local\Temp\mt_ffx
Složka Smazáno : C:\Users\Administrator\AppData\Local\Chromatic Browser
Složka Smazáno : C:\Users\Administrator\AppData\Local\torch
Složka Smazáno : C:\Users\Administrator\AppData\Local\Crossbrowse
Složka Smazáno : C:\Users\dagmar\AppData\Local\Chromatic Browser
Složka Smazáno : C:\Users\dagmar\AppData\Local\torch
Složka Smazáno : C:\Users\dagmar\AppData\Local\Crossbrowse
Složka Smazáno : C:\Users\djourova\AppData\Local\AskPartnerNetwork
Složka Smazáno : C:\Users\djourova\AppData\Local\globalUpdate
Složka Smazáno : C:\Users\djourova\AppData\Local\SoftonicAssistant
Složka Smazáno : C:\Users\djourova\AppData\Local\gmsd_re_002020020
Složka Smazáno : C:\Users\djourova\AppData\LocalLow\HPAppData
Složka Smazáno : C:\Users\djourova\AppData\Roaming\AnyProtectEx
Složka Smazáno : C:\Users\djourova\AppData\Roaming\ASP
Složka Smazáno : C:\Users\djourova\AppData\Roaming\OpenCandy
Složka Smazáno : C:\Users\djourova\AppData\Roaming\pdfforge
Složka Smazáno : C:\Users\djourova\AppData\Roaming\Systweak
Složka Smazáno : C:\Users\djourova\AppData\Roaming\cpuminer
Složka Smazáno : C:\Users\Guest\AppData\Local\Chromatic Browser
Složka Smazáno : C:\Users\Guest\AppData\Local\torch
Složka Smazáno : C:\Users\Guest\AppData\Local\Crossbrowse
Složka Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\ablgnpngfaaficpckehadaljnjgjkhbi
Složka Smazáno : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadhnfmfibhpillahcnbdafmjacokgac
Složka Smazáno : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadhnfmfibhpillahcnbdafmjacokgac
Složka Smazáno : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadhnfmfibhpillahcnbdafmjacokgac
Složka Smazáno : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp
Složka Smazáno : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp
Složka Smazáno : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp
Složka Smazáno : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaahmmecfijeglheffakiigfjhfaabbk
Složka Smazáno : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaahmmecfijeglheffakiigfjhfaabbk
Složka Smazáno : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaahmmecfijeglheffakiigfjhfaabbk
Složka Smazáno : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgibdgfcolobfihhimbcneekenebnknm
Složka Smazáno : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgibdgfcolobfihhimbcneekenebnknm
Složka Smazáno : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgibdgfcolobfihhimbcneekenebnknm
Složka Smazáno : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\memnfmjndahheikfmbcepadhbflhmelc
Složka Smazáno : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\memnfmjndahheikfmbcepadhbflhmelc
Složka Smazáno : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\memnfmjndahheikfmbcepadhbflhmelc
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadhnfmfibhpillahcnbdafmjacokgac
[/!\] Ne Smazáno ( Junction ) : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadhnfmfibhpillahcnbdafmjacokgac
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadhnfmfibhpillahcnbdafmjacokgac
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp
[/!\] Ne Smazáno ( Junction ) : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaahmmecfijeglheffakiigfjhfaabbk
[/!\] Ne Smazáno ( Junction ) : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaahmmecfijeglheffakiigfjhfaabbk
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaahmmecfijeglheffakiigfjhfaabbk
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgibdgfcolobfihhimbcneekenebnknm
[/!\] Ne Smazáno ( Junction ) : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgibdgfcolobfihhimbcneekenebnknm
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgibdgfcolobfihhimbcneekenebnknm
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\memnfmjndahheikfmbcepadhbflhmelc
[/!\] Ne Smazáno ( Junction ) : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\memnfmjndahheikfmbcepadhbflhmelc
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\memnfmjndahheikfmbcepadhbflhmelc
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadhnfmfibhpillahcnbdafmjacokgac
[/!\] Ne Smazáno ( Junction ) : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadhnfmfibhpillahcnbdafmjacokgac
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadhnfmfibhpillahcnbdafmjacokgac
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp
[/!\] Ne Smazáno ( Junction ) : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaahmmecfijeglheffakiigfjhfaabbk
[/!\] Ne Smazáno ( Junction ) : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaahmmecfijeglheffakiigfjhfaabbk
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaahmmecfijeglheffakiigfjhfaabbk
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgibdgfcolobfihhimbcneekenebnknm
[/!\] Ne Smazáno ( Junction ) : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgibdgfcolobfihhimbcneekenebnknm
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgibdgfcolobfihhimbcneekenebnknm
[/!\] Ne Smazáno ( Junction ) : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\memnfmjndahheikfmbcepadhbflhmelc
[/!\] Ne Smazáno ( Junction ) : C:\Users\dagmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\memnfmjndahheikfmbcepadhbflhmelc
[/!\] Ne Smazáno ( Junction ) : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\memnfmjndahheikfmbcepadhbflhmelc
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0.localstorage
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0.localstorage-journal
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jecgbfoconhopjngaaijjgffhokohlac
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ablgnpngfaaficpckehadaljnjgjkhbi_0.localstorage
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ablgnpngfaaficpckehadaljnjgjkhbi_0.localstorage-journal
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ablgnpngfaaficpckehadaljnjgjkhbi_0
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ablgnpngfaaficpckehadaljnjgjkhbi
Soubor Smazáno : C:\Windows\System32\roboot64.exe
Soubor Smazáno : C:\Windows\System32\cpuminer-conf.json
Soubor Smazáno : C:\Windows\System32\cpuminer-gw64.exe
Soubor Smazáno : C:\Users\djourova\AppData\Roaming\BYAIAMUF
Soubor Smazáno : C:\Users\djourova\Desktop\Live PC Help.lnk
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_internetspeedtracker.dl.tb.ask.com_0.localstorage
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_internetspeedtracker.dl.tb.ask.com_0.localstorage-journal
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.search.ask.com_0.localstorage
Soubor Smazáno : C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.search.ask.com_0.localstorage-journal

***** [ Naplánované úlohy ] *****

Úloha Smazáno : APSnotifierPP1
Úloha Smazáno : APSnotifierPP2
Úloha Smazáno : APSnotifierPP3
Úloha Smazáno : LaunchPreSignup
Úloha Smazáno : 828ec04d-858f-435b-ad55-56616f7933ec-1-6
Úloha Smazáno : 828ec04d-858f-435b-ad55-56616f7933ec-1-7
Úloha Smazáno : 828ec04d-858f-435b-ad55-56616f7933ec-3
Úloha Smazáno : 828ec04d-858f-435b-ad55-56616f7933ec-5
Úloha Smazáno : 828ec04d-858f-435b-ad55-56616f7933ec-5_user
Úloha Smazáno : 828ec04d-858f-435b-ad55-56616f7933ec-6
Úloha Smazáno : 828ec04d-858f-435b-ad55-56616f7933ec-7

***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Klíč Smazáno : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\speedupmypc
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
Klíč Smazáno : HKLM\SOFTWARE\5e2a0629-02a3-4f6c-9a33-2a93e4c18d0b
Klíč Smazáno : HKLM\SOFTWARE\db444fda-7ad7-4bc5-af1c-c5e18f0d3f33
Klíč Smazáno : HKLM\SOFTWARE\ed6082fd-b0ac-402d-b68b-44ef0e584153
Klíč Smazáno : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-5103664119
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{4F524A2D-5354-2D53-5045-7A786E7484D7}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5354-2D53-5045-7A786E7484D7}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0CFBE80D-5608-4309-A0F5-3B1414833432}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5354-2D53-5045-7A786E7484D7}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0CFBE80D-5608-4309-A0F5-3B1414833432}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F524A2D-5354-2D53-5045-7A786E7484D7}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4F524A2D-5354-2D53-5045-7A786E7484D7}]
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{4F524A2D-5354-2D53-5045-7A786E7484D7}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5354-2D53-5045-7A786E7484D7}
Hodnota Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4F524A2D-5354-2D53-5045-7A786E7484D7}]
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Data Obnoveno : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{09A42A57-18DF-4506-82D2-C1593809E1EC}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{116C6B29-6278-4CD9-8C8B-AF8DE3C09872}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4E0ECA01-4641-4260-9352-3C9FBA1A80A8}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{59811090-18C8-4757-9F73-9ABA98A9E59C}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{65CA9C39-F969-42F5-8B1A-A071F10E703E}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67DBC930-D14D-4B82-BCED-485F7B69F8E9}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AAE443FD-D956-426C-89D1-7FE050A9F990}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B32CBD43-F263-41E7-85B9-6862AE3FCDC4}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DDEF7010-99F3-4E66-AA7E-36F2B1399A71}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E524CB40-4E6B-469D-ABBB-795333A27B4D}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E68F4E10-CC7D-4F7D-99A0-FFD9E3B8B753}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FE868A59-944C-496B-BBE1-DB2FCF0AB1DF}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\AnyProtect
Klíč Smazáno : HKCU\Software\APN PIP
Klíč Smazáno : HKCU\Software\AskPartnerNetwork
Klíč Smazáno : HKCU\Software\GlobalUpdate
Klíč Smazáno : HKCU\Software\HomeTab
Klíč Smazáno : HKCU\Software\InstalledBrowserExtensions
Klíč Smazáno : HKCU\Software\RegisteredApplicationsEx
Klíč Smazáno : HKCU\Software\simplytech
Klíč Smazáno : HKCU\Software\Softonic
Klíč Smazáno : HKCU\Software\systweak
Klíč Smazáno : HKCU\Software\Tutorials
Klíč Smazáno : HKCU\Software\TutoTag
Klíč Smazáno : HKCU\Software\WajIEnhance
Klíč Smazáno : HKCU\Software\TNT2
Klíč Smazáno : HKCU\Software\WajIntEnhance
Klíč Smazáno : HKCU\Software\SearchProtectWS
Klíč Smazáno : HKCU\Software\Crossbrowse
Klíč Smazáno : HKCU\Software\Linkey
Klíč Smazáno : HKCU\Software\YorkNewCin
Klíč Smazáno : HKCU\Software\HighDefAction
Klíč Smazáno : HKCU\Software\ArenaHD
Klíč Smazáno : HKCU\Software\Shop and Save Up
Klíč Smazáno : HKCU\Software\Kromtech
Klíč Smazáno : HKCU\Software\MediaPlayerVid2.4
Klíč Smazáno : HKCU\Software\MediaPlayerVid2.4-nv
Klíč Smazáno : HKCU\Software\MediaPlayerVid2.4-nv-ie
Klíč Smazáno : HKCU\Software\Shop and Save Up-nv
Klíč Smazáno : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Crossrider
Klíč Smazáno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíč Smazáno : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Klíč Smazáno : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Klíč Smazáno : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Klíč Smazáno : HKLM\SOFTWARE\AskPartnerNetwork
Klíč Smazáno : HKLM\SOFTWARE\Conduit
Klíč Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíč Smazáno : HKLM\SOFTWARE\Iminent
Klíč Smazáno : HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Smazáno : HKLM\SOFTWARE\istartsurfSoftware
Klíč Smazáno : HKLM\SOFTWARE\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\SupDp
Klíč Smazáno : HKLM\SOFTWARE\SupTab
Klíč Smazáno : HKLM\SOFTWARE\supWindowsMangerProtect
Klíč Smazáno : HKLM\SOFTWARE\systweak
Klíč Smazáno : HKLM\SOFTWARE\Tutorials
Klíč Smazáno : HKLM\SOFTWARE\Uniblue
Klíč Smazáno : HKLM\SOFTWARE\mystartsearchSoftware
Klíč Smazáno : HKLM\SOFTWARE\GAMESDESKTOP
Klíč Smazáno : HKLM\SOFTWARE\IHProtect
Klíč Smazáno : HKLM\SOFTWARE\WajIntEnhance
Klíč Smazáno : HKLM\SOFTWARE\Crossbrowse
Klíč Smazáno : HKLM\SOFTWARE\SpeedBit
Klíč Smazáno : HKLM\SOFTWARE\AIM Toolbar
Klíč Smazáno : HKLM\SOFTWARE\YorkNewCin
Klíč Smazáno : HKLM\SOFTWARE\HighDefAction
Klíč Smazáno : HKLM\SOFTWARE\ArenaHD
Klíč Smazáno : HKLM\SOFTWARE\searchult
Klíč Smazáno : HKLM\SOFTWARE\Shop and Save Up
Klíč Smazáno : HKLM\SOFTWARE\MediaPlayerVid2.4
Klíč Smazáno : HKLM\SOFTWARE\MediaPlayerVid2.4-nv
Klíč Smazáno : HKLM\SOFTWARE\MediaPlayerVid2.4-nv-ie
Klíč Smazáno : HKLM\SOFTWARE\Shop and Save Up-nv
Klíč Smazáno : HKU\.DEFAULT\Software\AskPartnerNetwork
Klíč Smazáno : HKU\.DEFAULT\Software\MediaPlayerVid2.4-nv
Klíč Smazáno : HKU\.DEFAULT\Software\MediaPlayerVid2.4-nv-ie
Klíč Smazáno : HKU\.DEFAULT\Software\Shop and Save Up-nv
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftonicAssistant
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shop and Save Up
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5354-2D53-5045-A758B70C1C01}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MediaPlayerVid2.4
Klíč Smazáno : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Klíč Smazáno : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Smazáno : [x64] HKLM\SOFTWARE\YorkNewCin
Klíč Smazáno : [x64] HKLM\SOFTWARE\HighDefAction
Klíč Smazáno : [x64] HKLM\SOFTWARE\ArenaHD
Klíč Smazáno : [x64] HKLM\SOFTWARE\Shop and Save Up-nv
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Features\93BAD29AC2E44034A96BCB446EB8552E
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840

Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v43.0.2357.130

[C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://search.creativetoolbars.com/results?src=tb&id=smartbar&g=&q={searchTerms}
[C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://websearch.fastosearch.info/?l=1&q={searchTerms}&pid=685&r=2014/06/07&hid=17813821933316187004&lg=EN&cc=CZ&unqvl=55
[C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.search.smartshopping.com/websearch1 ... Z_KW_001_X
[C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Smazáno [Homepage] : management","nativeMessaging","searchProvider","startupPages","storage","tabs","webRequest","webRequestBlocking"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"manifest_permissions":[],"scriptable_host":["*://*.ask.com/

*************************

AdwCleaner[R0].txt - [36410 bytů] - [07/07/2015 21:06:43]
AdwCleaner[S0].txt - [30772 bytů] - [07/07/2015 21:12:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [30831 bytů] ##########

Dejte nový log FRST.

přikládám nový log z FRST :

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by djourova at 2015-07-07 21:30:29
Running from C:\Users\djourova\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3841182015-3767386443-1143244361-500 - Administrator - Disabled)
dagmar (S-1-5-21-3841182015-3767386443-1143244361-1000 - Administrator - Enabled) => C:\Users\dagmar
Guest (S-1-5-21-3841182015-3767386443-1143244361-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 15 Pepper (HKLM-x32\...\Adobe Flash Player Pepper) (Version: 15.0.0.215 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{deff5bea-aa8c-46fb-b17d-1cc69b242494}) (Version: 15.8.0 - Intel Corporation)
Avast Premier (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Collage Maker (HKLM-x32\...\{05F2884D-89AC-4DE4-A63D-7DB3FE3398DC}) (Version: 3.80 - Galleria Software)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Custom (Version: 01.00.00.002 - Wave Systems Corp.) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.0 - Dell Inc.)
Dell Client System Update (HKLM-x32\...\{04566294-A6B6-4462-9721-031073EB3694}) (Version: 1.3.0 - Dell Inc.)
Dell Custom Help (Version: 15.08.0000.0172 - Intel Corporation) Hidden
Dell Data Protection | Access (HKLM\...\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}) (Version: 2.3.00002.041 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{03A9F528-A754-460F-B2C1-AC125A147114}) (Version: 2.8.5000.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Protected Workspace (HKLM-x32\...\{E2CAA395-66B3-4772-85E3-6134DBAB244E}) (Version: 2.3.15835 - Invincea, Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.127 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.54 - Creative Technology Ltd)
DellAccess (Version: 01.03.00.058 - Wave Systems Corp.) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DJ_AIO_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
EMBASSY Client Core (Version: 01.03.00.105 - Wave Systems Corp.) Hidden
ERAS Connector (Version: 02.09.05.0335 - Wave Systems Corp) Hidden
F2100 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
F2100_Help (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.4.96.511 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.0.429 - Foxit Corporation)
Gemalto (Version: 01.64.01.0010 - Wave Systems Corp) Hidden
GemPcCCID (Version: 2.0.1 - Gemalto) Hidden
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.64.5211 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet All-In-One Driver Software 13.0 Rel. 1 (HKLM\...\{EB773820-0871-46A8-9B96-F2B04F8B34F0}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Check Point VPN (HKLM-x32\...\{db6ec6e6-fe11-4edf-ab81-ef8b6917d628}) (Version: 75.20.0000 - CheckPoint)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Network Connections 17.3.63.0 (HKLM\...\PROSetDX) (Version: 17.3.63.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3040 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{DA2600C1-6BDF-4FD1-1212-148929CC1385}) (Version: 2.6.1212.0302 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.2.0.1006 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{62E7C369-64FF-452C-8F46-6BE9B77FF097}) (Version: 4.0.18.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Lync Basic 2013 (HKLM-x32\...\Office15.LYNCENTRY) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MV2Player (remove only) (HKLM-x32\...\MV2Player) (Version: - )
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
OpenVPN 2.3.2-I003 (HKLM\...\OpenVPN) (Version: 2.3.2-I003 - )
PBA Driver (Version: 1.0.1.7 - Dell Inc.) Hidden
PC Chrono 1.1.0.6 (HKLM-x32\...\{C1C910A7-0B89-4260-8845-FE221D9285E8}_is1) (Version: - highspheres.com)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{46889070-D447-4936-A5D3-246DB972FA2E}) (Version: 2.0.6.16537 - pdfforge GmbH)
PDF Compress 2.02 (HKLM-x32\...\PDF Compress_is1) (Version: - Bureausoft Corporation)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PhotoFiltre 7 (HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\PhotoFiltre 7) (Version: - )
Picture Collage Maker Pro 4.0.0 (HKLM-x32\...\{6D308A90-6C14-4A02-9B04-CB0EF17894A9}_is1) (Version: 4.0.0 - PearlMountain Technology Co., Ltd)
Preboot Manager (Version: 03.05.00.032 - Wave Systems Corp.) Hidden
Private Information Manager (Version: 07.03.00.016 - Wave Systems Corp.) Hidden
Reduce PDF Size (HKLM-x32\...\{32BD8FD9-8990-46A0-B86B-857F11014DF6}_is1) (Version: - reducepdfsize.com)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C1D00}) (Version: 12.29.0.197 - APN, LLC) <==== ATTENTION
Seznam Software (HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\SeznamInstall) (Version: - Seznam.cz)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SI TSS (Version: 2.1.41 - Security Innovation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SPBA (WBF) 5.9 (Version: 5.9.7.7232 - Authentec Inc.) Hidden
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0036 - ST Microelectronics)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
toolkit32for64bit (x32 Version: 7.68.85.0013 - Wave Systems Corp) Hidden
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Trusted Drive Manager (Version: 5.0.1.12 - Wave Systems Corp.) Hidden
TurboFLOORPLAN Dum & Interiér & Zahrada Pro (HKLM-x32\...\InstallShield_{74F541C8-EB78-4606-8234-0955ED803787}) (Version: 12.1 - IMSIDesign)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
UnZip Me (HKLM-x32\...\UnZip Me) (Version: 1.0 - Camtech 2000)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Wave Crypto Runtime 2.0.9.0 x64 (Version: 02.00.09.0000 - Wave Systems Corp) Hidden
Wave Crypto Runtime 2.0.9.0 x86 (x32 Version: 02.00.09.0000 - Wave Systems Corp) Hidden
Wave Infrastructure Installer (Version: 07.68.85.0014 - Wave Systems Corp) Hidden
Wave Support Software Installer (Version: 05.15.00.021 - Wave Systems Corp) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinPdf Writer (HKLM\...\WinPdf Writer) (Version: - )
WinPDF Writer (HKLM-x32\...\{16E72583-459E-428C-B4E7-C2CC4538FFED}) (Version: 1.0.0 - TopByteLabs Ltd.)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
WinZip 19.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E4}) (Version: 19.0.11293 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1177238915-1935655697-839522115-3371_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\djourova\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177238915-1935655697-839522115-3371_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\djourova\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177238915-1935655697-839522115-3371_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\djourova\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177238915-1935655697-839522115-3371_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\djourova\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1177238915-1935655697-839522115-3371_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\djourova\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

23-06-2015 19:11:21 Windows Update
30-06-2015 14:17:39 Windows Update
03-07-2015 17:42:12 Windows Update
03-07-2015 21:14:21 Uniblue SpeedUpMyPC installation
03-07-2015 21:22:03 Removed BlueStacks Notification Center
04-07-2015 02:43:49 Windows Defender Checkpoint
04-07-2015 03:04:46 avast! antivirus system restore point
04-07-2015 03:10:28 Instalace balíčku ovladače zařízení: Avast Síťová služba
04-07-2015 03:20:33 Removed Google Drive
04-07-2015 03:24:32 Instalace balíčku ovladače zařízení: TAP-Windows Provider V9 Síťové adaptéry
04-07-2015 10:06:37 Operace obnovení
04-07-2015 10:55:19 Removed Skype™ 6.16
06-07-2015 22:10:23 Operace obnovení
07-07-2015 21:20:21 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-05-20 11:19 - 00000897 ____A C:\Windows\system32\Drivers\etc\hosts
10.0.1.24 instores
10.0.1.71 intranet.headquarter.company.lpp.com.pl


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03EFE6E3-8D8A-4916-8A75-BA43050FD64C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-01] (Google Inc.)
Task: {0B4EAE5A-7F02-4BD4-ABF3-7954CF5031F3} - System32\Tasks\Microsoft Office 15 Sync Maintenance for CZECH-djourova nbdjourova.czech.lpp.com.pl => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
Task: {1D072CDC-6808-4F62-AF0A-CE31ACBAD1F3} - System32\Tasks\{6208229D-E29A-406F-A1DA-DC2792B86E4C} => pcalua.exe -a C:\Users\djourova\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=tugs
Task: {2A2D2CD9-F27F-4DAA-AA01-BA2E8DBC26AC} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe
Task: {5B02C32A-040E-466F-93BD-7F60A00962B7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {5C23A40A-3821-44F1-9D65-1F7D2A929126} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-01] (Google Inc.)
Task: {7692FB4A-0FA3-40E1-9587-C1C6792B4030} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-04] (Avast Software s.r.o.)
Task: {7ADC7FE5-5259-456A-8502-7D531A499853} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {7EA64C29-9818-47EB-9C15-9A64026F1EDE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {9537BBB9-EF65-4EBA-95F5-EAF14F9075F6} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {D2310483-FCE5-4ACE-BA2B-2CCFE2302ED3} - System32\Tasks\WSCEAA => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\RemoteManagement\WSCEAA.exe [2012-11-28] (Wave Systems Corp.)
Task: {EB45A24F-4577-457B-8094-57EF2E7A795C} - System32\Tasks\{CA08D9E3-249D-46D5-8894-786D74E4E8FA} => pcalua.exe -a C:\Users\djourova\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=cmi
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-06-02 12:01 - 2006-11-30 16:41 - 00087040 _____ () C:\Windows\System32\custmon64.dll
2012-12-13 13:11 - 2012-12-13 13:11 - 00226824 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
2012-12-13 13:11 - 2012-12-13 13:11 - 00039432 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\DeviceStatus.dll
2015-07-04 02:01 - 2015-07-07 21:25 - 00141824 _____ () C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\knseFBE5.tmpfs
2012-11-23 23:34 - 2012-11-23 23:34 - 00020480 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
2014-04-27 03:51 - 2013-08-19 16:21 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2014-04-27 03:51 - 2013-08-19 16:21 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2015-07-04 02:44 - 2015-07-04 02:44 - 00165376 _____ () C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\hnsu2905.tmp
2015-07-04 02:43 - 2015-07-04 02:43 - 00199168 _____ () C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\jnsk1371.tmp
2014-04-27 04:45 - 2013-02-23 01:43 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-08-22 15:25 - 2013-08-22 15:25 - 00411960 _____ () C:\Program Files\OpenVPN\bin\openvpn-gui.exe
2014-04-27 03:51 - 2013-11-22 00:22 - 00484880 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2015-07-04 03:07 - 2015-07-04 03:07 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-04 03:07 - 2015-07-04 03:07 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-07 19:28 - 2015-07-07 19:28 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15070701\algo.dll
2011-09-14 23:11 - 2011-09-14 23:11 - 04993024 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Connect\QtGui4.dll
2011-09-14 23:11 - 2011-09-14 23:11 - 01302528 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Connect\QtCore4.dll
2011-09-14 23:11 - 2011-09-14 23:11 - 00028672 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Connect\imageformats\qgif4.dll
2015-07-04 03:08 - 2015-07-04 03:08 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-06-23 00:18 - 2015-06-20 07:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-23 00:18 - 2015-06-20 07:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll
2014-10-17 03:35 - 2014-10-17 03:35 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\2dace9622c68c6ce58d55a6950eeaa95\IsdiInterop.ni.dll
2014-04-27 03:31 - 2012-05-30 20:55 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-04-27 03:26 - 2013-11-13 23:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-06-23 00:18 - 2015-06-20 07:46 - 15003976 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll
2014-04-27 03:51 - 2013-11-21 22:00 - 01904928 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2014-04-27 03:51 - 2012-11-26 05:20 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2014-04-27 03:51 - 2012-11-26 05:20 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3229
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3280
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3381
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\djourova\Downloads\nova_zprava_od_nikyb.2007.eml:OECustomProperty

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\lpp.com.pl -> hxxps://psdz.lpp.com.pl
IE trusted site: HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\lpp.com.pl -> hxxps://psdz.lpp.com.pl
IE trusted site: HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\sharepoint -> hxxp://sharepoint


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Control Panel\Desktop\\Wallpaper -> C:\Users\djourova\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.255.255.10 - 10.255.255.20

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{777B89C4-D263-4CE8-B48D-23479C9B6472}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{C7252F88-1F9E-4E28-9AEF-1C08EEB63849}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{FFD6B7DF-04AE-4EAC-A24B-91C5860633FB}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{226011F1-99CE-4EBF-BDE5-DA8362783111}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{A1A0A973-B514-4374-A813-1A5F2FD0D698}] => (Allow) C:\Users\djourova\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{82F4BEAD-65C9-42B4-92EB-C8A21B835C99}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{F8FF8F8C-53DD-4328-B7B1-A18758C04D89}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{6F315E7C-1441-4462-8E33-C002DE8C67FD}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{9A05CD1B-1B8A-4D0F-BEC6-1909022E69F4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{7C225884-0CFB-4E21-891E-C7D2248F4EE2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{8B174557-193A-4C36-B1E7-CA3E892B33EB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{BB5AE393-5476-4EF7-9D78-B70A56D8C4FF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{D18291EF-BA14-48CC-863E-86D988E5FC34}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{EE6752E9-7D42-400E-934A-C139EBBB6DF8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{EDE96066-BE72-41E6-B956-77DA56D2C505}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{B637EF2A-1169-4E9E-AD81-C055FDFC7EF2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{747B6A63-0739-434F-9CE4-0F7EA7D389C4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{5D54A0BF-C981-41D7-854F-DA00E6E41F35}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{158D15CD-5857-4C4D-BC75-CF63AAEEDB60}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{7E5855AC-B20A-44B1-B0BB-BD6A061230DA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{7F0F2019-19FD-4F6C-986C-1443FA84A5E8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{0BDBEA6B-DC47-4B27-A64F-2F4A92DF2AB4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{79CD3BC0-107E-4C3E-ABCD-D233089839F4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{688F7127-8CD2-4549-9E88-16ACCD026A96}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{A60630CF-7A1A-47B6-A308-35AEBD6DDB59}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{D7EADD81-15F5-4BB5-8F7F-62198ACD06BB}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{5F4817BE-59F9-4F29-9ADC-F8DC6F356D04}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{542EEE35-7FFC-417A-8E4A-2B9ABC8E2250}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{5160174C-FA61-4B49-A3A3-67640052EAC2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C6451895-C9A4-4172-BF5B-C9B7043B8523}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{AE33D1E6-638C-41B5-863C-5280EDFF51EF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [TCP Query User{8A5B6582-417F-4AEB-93F5-89795B50B678}C:\program files (x86)\microsoft office\office15\lync.exe] => (Block) C:\program files (x86)\microsoft office\office15\lync.exe
FirewallRules: [UDP Query User{9EC95683-86BB-4E65-A416-EA56BFC98974}C:\program files (x86)\microsoft office\office15\lync.exe] => (Block) C:\program files (x86)\microsoft office\office15\lync.exe
FirewallRules: [{4F86E610-FC8D-4224-89B4-2E70CD5AE728}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
FirewallRules: [{3F1A1F3B-CEF6-4D7E-8375-4D3E387265EA}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe
FirewallRules: [{27BDF381-0D9F-4809-832D-372656667D77}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{801C103F-70BC-4176-B7A7-4A6ACF84172B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{E8F459C4-89FF-4108-B465-8279834167AA}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/07/2015 09:15:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ZeroConfigService.exe, verze: 15.8.0.0, časové razítko: 0x51709701
Název chybujícího modulu: MurocApi.dll, verze: 15.8.0.0, časové razítko: 0x5170961c
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000026990
ID chybujícího procesu: 0xd98
Čas spuštění chybující aplikace: 0xZeroConfigService.exe0
Cesta k chybující aplikaci: ZeroConfigService.exe1
Cesta k chybujícímu modulu: ZeroConfigService.exe2
ID zprávy: ZeroConfigService.exe3

Error: (07/07/2015 09:15:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 07:43:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 5.7.2015.1 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 15fc

Čas spuštění: 01d0b8da1451d5cf

Čas ukončení: 5

Cesta k aplikaci: C:\Users\djourova\Desktop\FRST64.exe

ID hlášení:

Error: (07/07/2015 09:32:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 00:33:33 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Během obnovení systému došlo k nespecifikované chybě: (Windows Update). Další informace: 0x80070005.

Error: (07/07/2015 00:33:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 00:10:10 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Během obnovení systému došlo k nespecifikované chybě: (Windows Update). Další informace: 0x80070005.

Error: (07/07/2015 00:10:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 00:06:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Uninstall.exe_unknown, verze: 0.0.0.0, časové razítko: 0x55968858
Název chybujícího modulu: Uninstall.exe, verze: 0.0.0.0, časové razítko: 0x55968858
Kód výjimky: 0xc0000005
Posun chyby: 0x00003d76
ID chybujícího procesu: 0x1a58
Čas spuštění chybující aplikace: 0xUninstall.exe_unknown0
Cesta k chybující aplikaci: Uninstall.exe_unknown1
Cesta k chybujícímu modulu: Uninstall.exe_unknown2
ID zprávy: Uninstall.exe_unknown3

Error: (07/07/2015 00:05:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Uninstall.exe_unknown, verze: 0.0.0.0, časové razítko: 0x55968858
Název chybujícího modulu: Uninstall.exe, verze: 0.0.0.0, časové razítko: 0x55968858
Kód výjimky: 0xc0000005
Posun chyby: 0x00003d76
ID chybujícího procesu: 0xbc
Čas spuštění chybující aplikace: 0xUninstall.exe_unknown0
Cesta k chybující aplikaci: Uninstall.exe_unknown1
Cesta k chybujícímu modulu: Uninstall.exe_unknown2
ID zprávy: Uninstall.exe_unknown3


System errors:
=============
Error: (07/07/2015 09:17:41 PM) (Source: TermService) (EventID: 1067) (User: )
Description: Terminálový server nemohl pro používání k ověření serveru zaregistrovat hlavní název služby TERMSRV. Došlo k následující chybě: Zadaná doména neexistuje nebo není k dispozici.
.

Error: (07/07/2015 09:15:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Zero Configuration Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/07/2015 09:14:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (07/07/2015 09:14:52 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: CZECH)
Description: Zpracování zásad skupiny selhalo v důsledku toho, že se nebylo v síti možné připojit k řadiči domény. Může se jednat o přechodný stav. Po připojení počítače k řadiči domény a úspěšném zpracování zásad skupiny bude odeslána zpráva o úspěšné provedení těchto akcí. Pokud se tato zpráva nezobrazí během několika hodin, obraťte se na správce.

Error: (07/07/2015 09:14:45 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1055) (User: NT AUTHORITY)
Description: Zpracování zásad skupiny selhalo. Systém Windows nerozpoznal název počítače. Může to být způsobeno jedním nebo více z následujících důvodů:
a) Selhal překlad IP adres v aktuálním řadiči domény.
b) Čekací doba replikace služby Active Directory (účet vytvořený na jiném řadiči domény nebyl replikován na aktuální řadič domény).

Error: (07/07/2015 09:14:42 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Tento počítač nemohl nastavit zabezpečenou relaci s řadičem
domény v doméně CZECH z následujícího důvodu:
%%1311

To může vést k potížím při ověřování. Přesvědčte se, zda je tento
počítač připojen k síti. Pokud potíže trvají,
obraťte se na správce domény.



DALŠÍ INFORMACE

Pokud je tento počítač řadičem domény pro určenou doménu,
nastaví zabezpečenou relaci s emulátorem primárního řadiče domény v určené
doméně. V opačném případě tento počítač nastaví zabezpečenou relaci s libovolným řadičem domény
v určené doméně.

Error: (07/07/2015 09:14:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba WvPCR závisí na službě Služba TPM Base Services, která neuspěla při spuštění v důsledku následující chyby:
%%0

Error: (07/07/2015 09:14:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba SI TSS v1.2.1.41 TCS závisí na službě Služba TPM Base Services, která neuspěla při spuštění v důsledku následující chyby:
%%0

Error: (07/07/2015 09:13:00 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (07/07/2015 09:12:51 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056


Microsoft Office:
=========================
Error: (07/07/2015 09:15:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe15.8.0.051709701MurocApi.dll15.8.0.05170961cc00000050000000000026990d9801d0b8e9350daabcC:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dll8811f6d2-24dc-11e5-b6fc-c4d987a73f0e

Error: (07/07/2015 09:15:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 07:43:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe5.7.2015.115fc01d0b8da1451d5cf5C:\Users\djourova\Desktop\FRST64.exe

Error: (07/07/2015 09:32:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 00:33:33 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Windows Update0x80070005

Error: (07/07/2015 00:33:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 00:10:10 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Windows Update0x80070005

Error: (07/07/2015 00:10:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 00:06:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Uninstall.exe_unknown0.0.0.055968858Uninstall.exe0.0.0.055968858c000000500003d761a5801d0b83806c6f4afC:\Program Files (x86)\Shop and Save Up\Uninstall.exeC:\Program Files (x86)\Shop and Save Up\Uninstall.exe4791792a-242b-11e5-a3bd-c4d987a73f0e

Error: (07/07/2015 00:05:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Uninstall.exe_unknown0.0.0.055968858Uninstall.exe0.0.0.055968858c000000500003d76bc01d0b837e52ea022C:\Program Files (x86)\Shop and Save Up\Uninstall.exeC:\Program Files (x86)\Shop and Save Up\Uninstall.exe272596f9-242b-11e5-a3bd-c4d987a73f0e


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
Percentage of memory in use: 54%
Total physical RAM: 4001.59 MB
Available physical RAM: 1835.2 MB
Total Virtual: 8001.39 MB
Available Virtual: 4966.6 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:453.47 GB) (Free:361.8 GB) NTFS
Drive y: (RECOVERY) (Fixed) (Total:12.25 GB) (Free:3.83 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: BD945C4E)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=12.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453.5 GB) - (Type=07 NTFS)

==================== End of log ============================

Ještě potřebuji druhý log (FRST). Tohle je pouze Additions.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by djourova (administrator) on NBDJOUROVA on 07-07-2015 21:58:17
Running from C:\Users\djourova\Desktop
Loaded Profiles: djourova (Available Profiles: djourova & dagmar)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Authentec Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(DTools LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(XTab system) C:\Program Files (x86)\MiuiTab\ProtectService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(O2Micro International) C:\Windows\System32\o2flash.exe
() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
(Komprofi) C:\Program Files\PSDTray\PSDTrayMain.exe
(Komprofi) C:\Program Files\PSDTray\PSDTrayManager.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Komprofi) C:\Program Files\PSDTray\PSDTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
() C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\hnsu2905.tmp
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\jnsk1371.tmp
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(SearchProtect) C:\Program Files (x86)\MiuiTab\CmdShell.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [698712 2013-02-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-16] (IDT, Inc.)
HKLM\...\Run: [TdmNotify] => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [371176 2012-12-22] (Wave Systems Corp.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4791024 2013-04-19] (Intel(R) Corporation)
HKLM\...\Run: [PSDTray] => C:\Program Files\PSDTray\PSDTray.exe [415744 2014-04-01] (Komprofi)
HKLM\...\Run: [cpuminer] => C:\Windows\system32\cpuminer-gw64.exe
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-11-13] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [462974 2011-12-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Check Point Endpoint Security] => C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe [801968 2011-09-14] (Check Point Software Technologies)
HKLM-x32\...\Run: [WMUAgent.exe] => C:\Program Files (x86)\WakeMeUp\WMUAgent.exe
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [gmsd_re_004010007] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-04] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (Authentec Inc.)
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [SoftonicAssistant] => "C:\Users\djourova\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe"
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [**asova**<*>] => [X] <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [cz.seznam.software.autoupdate] => "C:\Users\djourova\AppData\Roaming\Seznam.cz\szninstall.exe" -c
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [cz.seznam.software.szndesktop] => "C:\Users\djourova\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [WMUTray.exe] => C:\Program Files (x86)\WakeMeUp\WMUTray.exe
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [GoogleChromeAutoLaunch_37FC9444FDBBCB8836F89C2EF15C0FFE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.)
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\MountPoints2: {31a8c31b-fbb8-11e3-8116-c4d987a73f0e} - D:\VW100_Modem_Installation.exe
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-12-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\djourova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenVPN GUI.lnk [2014-06-02]
ShortcutTarget: OpenVPN GUI.lnk -> C:\Program Files\OpenVPN\bin\openvpn-gui.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-04] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2012-12-22] (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2012-12-22] (Wave Systems Corp.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-04] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files (x86)\MiuiTab\SupTab.dll [2015-06-24] (Thinknice Co. Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-04] (Avast Software s.r.o.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
DPF: HKLM-x32 {F8C6BC40-4D18-4B7C-B7D4-B21D9D27FB32} https://psdz.lpp.com.pl:8443/lpp/authority/PSDZX.ocx
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{2599484F-137B-483F-B030-2385E5A137BC}: [DhcpNameServer] 10.20.34.1
Tcpip\..\Interfaces\{7C426A94-D66C-442B-B5F8-A0072BC17AD5}: [DhcpNameServer] 10.0.1.1
Tcpip\..\Interfaces\{C06E16EF-4C51-4A7A-AEE7-9E44166037F3}: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{F68814A5-7D49-4B97-8762-8939D9586E95}: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&t ... XXW3739JJA

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-11-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-11-13] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-04-30] (pdfforge GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-12-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-04]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-04]
CHR Extension: (Google Docs) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-04]
CHR Extension: (Google Drive) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-04]
CHR Extension: (YouTube) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-04]
CHR Extension: (Google Search) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-04]
CHR Extension: (Google Sheets) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-04]
CHR Extension: (Google Wallet) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-27]
CHR Extension: (Gmail) - C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-04]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&t ... XXW3739JJA

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-04] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-07-04] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-07-04] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [226824 2012-12-13] ()
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-05-11] (Foxit Software Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125112 2015-06-24] (XTab system)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S3 InvProtectSvc; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2947856 2013-07-30] (Invincea, Inc.)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-11-13] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-04-19] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 O2FLASH; C:\Windows\system32\o2flash.exe [244328 2011-11-16] (O2Micro International)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
R2 PbaDrvSvc_x64; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [20480 2012-11-23] () [File not signed]
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PSDTrayMain; C:\Program Files\PSDTray\PSDTrayMain.exe [56320 2014-04-01] (Komprofi) [File not signed]
R2 PSDTrayManager; C:\Program Files\PSDTray\PSDTrayManager.exe [20480 2014-04-01] (Komprofi) [File not signed]
S3 SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [124616 2013-07-30] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2013-11-22] (SoftThinks SAS)
S2 tcsd_win32.exe; C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe [1643520 2012-05-11] () [File not signed]
R2 TracSrvWrapper; C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [4512952 2011-09-14] (Check Point Software Technologies)
R2 vicoqudu; C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\hnsu2905.tmp [165376 2015-07-04] () [File not signed]
R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1758720 2012-11-19] (Wave Systems Corp.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-04-27] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [707240 2015-07-07] (DTools LIMITED) <==== ATTENTION
S2 WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [254384 2012-11-08] (Wave Systems Corp.)
R2 zejytose; C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\jnsk1371.tmp [199168 2015-07-04] () [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3388144 2013-04-19] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-04] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-07-04] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-04] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-07-04] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-04] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-04] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-04] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-04] (Avast Software s.r.o.)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2015-07-04] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-04] ()
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [131968 2012-10-30] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1342848 2012-12-03] (Motorola Solutions, Inc.)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [39016 2012-09-23] (Dell Inc.)
S3 InvProtectDrv; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [34824 2013-07-30] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-11-13] (Intel Corporation)
S3 SboxDrv; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [202248 2013-07-30] ()
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [68208 2012-05-21] (STMicroelectronics)
S3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [48024 2013-01-29] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-04] (Avast Software)
R3 vna_ap; C:\Windows\System32\DRIVERS\vnaap.sys [161256 2011-09-14] (Check Point Software Technologies)
R1 vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [448168 2011-09-12] (Check Point Software Technologies Ltd.)
S3 XHCIPort; C:\Windows\System32\DRIVERS\XHCIPort.sys [194456 2013-01-29] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-07 21:50 - 2015-07-07 21:50 - 00000000 ____D C:\ProgramData\IHProtectUpDate
2015-07-07 21:50 - 2015-07-07 21:50 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-07-07 21:49 - 2015-07-07 21:49 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-07-07 21:48 - 2015-07-07 21:48 - 00000000 ____D C:\Users\djourova\AppData\Roaming\mystartsearch
2015-07-07 21:30 - 2015-07-07 21:31 - 00040603 _____ C:\Users\djourova\Desktop\Addition.txt
2015-07-07 21:03 - 2015-07-07 21:12 - 00000000 ____D C:\AdwCleaner
2015-07-07 21:02 - 2015-07-07 21:03 - 02244096 _____ C:\Users\djourova\Desktop\adwcleaner_4.207.exe
2015-07-07 19:46 - 2015-07-07 19:46 - 00012710 _____ C:\Addition.zip
2015-07-07 19:31 - 2015-07-07 19:42 - 00045214 _____ C:\Addition.txt
2015-07-07 19:27 - 2015-07-07 21:58 - 00032754 _____ C:\Users\djourova\Desktop\FRST.txt
2015-07-07 19:26 - 2015-07-07 21:58 - 00000000 ____D C:\FRST
2015-07-07 19:25 - 2015-07-07 19:25 - 02112512 _____ (Farbar) C:\Users\djourova\Desktop\FRST64.exe
2015-07-04 22:30 - 2015-07-04 22:30 - 00003208 _____ C:\Windows\System32\Tasks\avastBCLRestart_chrome.exe
2015-07-04 10:59 - 2015-07-04 10:59 - 00003158 _____ C:\Windows\System32\Tasks\{CA08D9E3-249D-46D5-8894-786D74E4E8FA}
2015-07-04 10:40 - 2015-07-04 10:40 - 00613255 _____ (CMI Limited) C:\Users\djourova\AppData\Local\nsmCD84.tmp
2015-07-04 03:32 - 2015-07-04 03:32 - 00613255 _____ (CMI Limited) C:\Users\djourova\AppData\Local\nsmF658.tmp
2015-07-04 03:17 - 2015-07-04 03:18 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-07-04 03:17 - 2015-07-04 03:18 - 00000000 ____D C:\Windows\system32\vbox
2015-07-04 03:13 - 2015-07-04 03:13 - 00000000 ____D C:\Users\djourova\AppData\Roaming\AVAST Software
2015-07-04 03:12 - 2015-07-04 03:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-04 03:09 - 2015-07-07 09:33 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-04 03:09 - 2015-07-04 03:10 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-07-04 03:09 - 2015-07-04 03:08 - 00272248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-07-04 03:09 - 2015-07-04 03:08 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-07-04 03:09 - 2015-07-04 03:08 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-07-04 03:09 - 2015-07-04 03:08 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-04 03:09 - 2015-07-04 03:08 - 00065736 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-04 03:09 - 2015-07-04 03:08 - 00029168 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-07-04 03:09 - 2015-07-04 03:07 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-04 03:09 - 2015-07-04 03:07 - 00028144 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-07-04 03:08 - 2015-07-04 03:08 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-07-04 03:07 - 2015-07-04 03:07 - 00044640 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\aswTap.sys
2015-07-04 03:07 - 2015-07-04 03:07 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-07-04 03:06 - 2015-07-04 03:06 - 00449896 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-07-04 03:05 - 2015-07-04 03:05 - 00000000 ____D C:\Program Files\AVAST Software
2015-07-04 03:04 - 2015-07-04 03:04 - 05471128 _____ (Avast Software s.r.o.) C:\Users\djourova\Downloads\avast_premier_antivirus_setup_online.exe
2015-07-04 03:04 - 2015-07-04 03:04 - 00000000 ____D C:\ProgramData\AVAST Software
2015-07-04 02:56 - 2015-07-04 02:56 - 00000000 ____D C:\Program Files (x86)\af261fbb-9bac-4d47-a862-0aadc461cc06
2015-07-04 02:55 - 2015-07-04 03:12 - 00000000 ____D C:\Program Files (x86)\18d262ac-86d9-493d-b480-5227d0df5034
2015-07-04 02:48 - 2015-07-04 02:48 - 00260876 _____ (VuuPC Limited) C:\Users\djourova\AppData\Local\nslD11C.tmp
2015-07-04 02:47 - 2015-07-04 03:17 - 00000000 ____D C:\Users\djourova\AppData\Local\4C4C4544-1435978020-4710-8034-CAC04F333132
2015-07-04 02:44 - 2015-05-20 11:19 - 00000897 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-07-04 02:43 - 2015-07-07 21:54 - 00000000 ____D C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132
2015-07-03 22:18 - 2015-07-03 22:18 - 00003154 _____ C:\Windows\System32\Tasks\{6208229D-E29A-406F-A1DA-DC2792B86E4C}
2015-07-03 21:16 - 2015-07-03 21:16 - 00000000 _____ C:\Windows\prleth.sys
2015-07-03 21:16 - 2015-07-03 21:16 - 00000000 _____ C:\Windows\hgfs.sys
2015-07-03 21:15 - 2015-07-04 02:43 - 00000000 ____D C:\Program Files (x86)\gmsd_re_004010007
2015-07-03 21:15 - 2015-07-03 21:15 - 00000000 ____D C:\Program Files (x86)\039e3fe8-2d83-4d53-ad3f-947c2cea80ae
2015-07-03 21:02 - 2015-07-03 21:13 - 00871727 _____ C:\Users\djourova\Downloads\Setup.jse
2015-07-03 21:02 - 2015-07-03 21:11 - 1027080672 _____ C:\Users\djourova\Downloads\Photoshop_12_LS1.zip
2015-07-03 09:53 - 2015-07-04 09:59 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-07-03 00:31 - 2015-07-03 00:33 - 14246072 _____ (BlueStack Systems Inc.) C:\Users\djourova\Downloads\BlueStacks-ThinInstaller (4).exe
2015-07-03 00:30 - 2015-07-03 10:46 - 00000000 ____D C:\Users\djourova\AppData\Roaming\PhotoScape
2015-07-03 00:14 - 2015-07-03 00:14 - 21331096 _____ (Mooii) C:\Users\djourova\Downloads\PhotoScape_V3.6.5.exe
2015-07-02 23:53 - 2015-07-02 23:58 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-07-02 23:51 - 2015-07-02 23:51 - 14246072 _____ (BlueStack Systems Inc.) C:\Users\djourova\Downloads\BlueStacks-ThinInstaller (2).exe
2015-07-02 23:49 - 2015-07-02 23:50 - 06060024 _____ (BlueStack Systems Inc.) C:\Users\djourova\Downloads\BlueStacks-ThinInstaller (2).exe (1).opdownload
2015-07-02 23:49 - 2015-07-02 23:50 - 03069944 _____ (BlueStack Systems Inc.) C:\Users\djourova\Downloads\BlueStacks-ThinInstaller (3).exe.opdownload
2015-07-02 23:49 - 2015-07-02 23:50 - 02570624 _____ (BlueStack Systems Inc.) C:\Users\djourova\Downloads\BlueStacks-ThinInstaller (4).exe.opdownload
2015-07-02 23:49 - 2015-07-02 23:50 - 01847924 _____ (BlueStack Systems Inc.) C:\Users\djourova\Downloads\BlueStacks-ThinInstaller (5).exe.opdownload
2015-07-02 23:48 - 2015-07-04 03:15 - 00000000 ____D C:\Users\djourova\AppData\Local\22528
2015-07-02 23:48 - 2015-07-02 23:48 - 14246072 _____ (BlueStack Systems Inc.) C:\Users\djourova\Downloads\BlueStacks-ThinInstaller (1).exe
2015-07-02 23:48 - 2015-07-02 23:48 - 06794404 _____ (BlueStack Systems Inc.) C:\Users\djourova\Downloads\BlueStacks-ThinInstaller (2).exe.opdownload
2015-07-02 23:46 - 2015-07-02 23:47 - 00958859 _____ C:\Users\djourova\Downloads\Bluestacks (1).jse
2015-07-02 23:33 - 2015-07-02 23:34 - 14246072 _____ (BlueStack Systems Inc.) C:\Users\djourova\Downloads\BlueStacks-ThinInstaller.exe
2015-07-02 23:30 - 2015-07-02 23:30 - 00958859 _____ C:\Users\djourova\Downloads\Bluestacks.jse
2015-06-29 23:58 - 2015-06-29 23:58 - 00687064 _____ (Opera Software) C:\Users\djourova\Downloads\Opera_NI_stable.exe
2015-06-25 00:02 - 2015-06-25 00:02 - 28849904 _____ C:\Users\djourova\Downloads\vlc-2.2.1-win32.exe
2015-06-25 00:02 - 2015-06-25 00:02 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2015-06-22 18:40 - 2015-06-22 18:40 - 00007445 _____ C:\Users\djourova\Downloads\nova_zprava_od_nikyb.2007.eml
2015-06-21 12:19 - 2015-07-07 21:57 - 00005014 _____ C:\Windows\System32\Tasks\WSCEAA
2015-06-20 01:17 - 2015-06-20 01:17 - 00101805 _____ C:\Users\djourova\Downloads\image (2).jpeg
2015-06-15 11:08 - 2015-06-15 11:08 - 00434846 _____ C:\Users\djourova\Downloads\magnolia.zip
2015-06-15 11:08 - 2015-06-15 11:08 - 00000000 ____D C:\Users\djourova\Downloads\magnolia
2015-06-15 11:08 - 2015-06-15 11:08 - 00000000 ____D C:\Users\djourova\Downloads\close_to_you (1)
2015-06-15 11:07 - 2015-06-15 11:07 - 00266194 _____ C:\Users\djourova\Downloads\close_to_you.zip
2015-06-15 11:07 - 2015-06-15 11:07 - 00266194 _____ C:\Users\djourova\Downloads\close_to_you (1).zip
2015-06-14 16:49 - 2015-06-14 16:49 - 00000000 ____D C:\Users\djourova\Downloads\windsong
2015-06-14 16:48 - 2015-06-14 16:48 - 00000000 ____D C:\Users\djourova\Downloads\vtks_storm
2015-06-14 16:48 - 2015-06-14 16:48 - 00000000 ____D C:\Users\djourova\Downloads\tejaratchi_family (1)
2015-06-14 16:48 - 2015-06-14 16:48 - 00000000 ____D C:\Users\djourova\Downloads\sweetly_broken
2015-06-14 16:47 - 2015-06-14 16:47 - 00000000 ____D C:\Users\djourova\Downloads\signarita_zhai
2015-06-14 16:47 - 2015-06-14 16:47 - 00000000 ____D C:\Users\djourova\Downloads\should_ve_known_shaded
2015-06-14 16:47 - 2015-06-14 16:47 - 00000000 ____D C:\Users\djourova\Downloads\shocardcaps
2015-06-14 16:47 - 2015-06-14 16:47 - 00000000 ____D C:\Users\djourova\Downloads\regency_script
2015-06-14 16:47 - 2015-06-14 16:47 - 00000000 ____D C:\Users\djourova\Downloads\recorda_script
2015-06-14 16:46 - 2015-06-14 16:46 - 00000000 ____D C:\Users\djourova\Downloads\phoenix_rising
2015-06-14 16:46 - 2015-06-14 16:46 - 00000000 ____D C:\Users\djourova\Downloads\nella_sue
2015-06-14 16:45 - 2015-06-14 16:45 - 00000000 ____D C:\Users\djourova\Downloads\mrs_saint_delafield
2015-06-14 16:45 - 2015-06-14 16:45 - 00000000 ____D C:\Users\djourova\Downloads\montague
2015-06-14 16:45 - 2015-06-14 16:45 - 00000000 ____D C:\Users\djourova\Downloads\maratre
2015-06-14 16:44 - 2015-06-14 16:44 - 00000000 ____D C:\Users\djourova\Downloads\jellyka_cutty_cupcakes
2015-06-14 16:44 - 2015-06-14 16:44 - 00000000 ____D C:\Users\djourova\Downloads\jellyka_beesantique_handwriting
2015-06-14 16:44 - 2015-06-14 16:44 - 00000000 ____D C:\Users\djourova\Downloads\high_level
2015-06-14 16:43 - 2015-06-14 16:43 - 00000000 ____D C:\Users\djourova\Downloads\great_vibes
2015-06-14 16:43 - 2015-06-14 16:43 - 00000000 ____D C:\Users\djourova\Downloads\good_karma
2015-06-14 16:43 - 2015-06-14 16:43 - 00000000 ____D C:\Users\djourova\Downloads\gessele_regular
2015-06-14 16:42 - 2015-06-14 16:42 - 00000000 ____D C:\Users\djourova\Downloads\germania_shadow
2015-06-14 16:42 - 2015-06-14 16:42 - 00000000 ____D C:\Users\djourova\Downloads\fifty_hours
2015-06-14 16:42 - 2015-06-14 16:42 - 00000000 ____D C:\Users\djourova\Downloads\erectlorite
2015-06-14 16:42 - 2015-06-14 16:42 - 00000000 ____D C:\Users\djourova\Downloads\endor
2015-06-14 16:41 - 2015-06-14 16:41 - 00000000 ____D C:\Users\djourova\Downloads\east_market_two
2015-06-14 16:41 - 2015-06-14 16:41 - 00000000 ____D C:\Users\djourova\Downloads\diane_de_france
2015-06-14 16:41 - 2015-06-14 16:41 - 00000000 ____D C:\Users\djourova\Downloads\coneria_script (1)
2015-06-14 16:41 - 2015-06-14 16:41 - 00000000 ____D C:\Users\djourova\Downloads\castro_script
2015-06-14 16:40 - 2015-06-14 16:40 - 00000000 ____D C:\Users\djourova\Downloads\bulwark
2015-06-14 16:40 - 2015-06-14 16:40 - 00000000 ____D C:\Users\djourova\Downloads\brotherhood_script
2015-06-14 16:40 - 2015-06-14 16:40 - 00000000 ____D C:\Users\djourova\Downloads\berty_script
2015-06-14 16:40 - 2015-06-14 16:40 - 00000000 ____D C:\Users\djourova\Downloads\before_the_rain
2015-06-14 16:39 - 2015-06-14 16:43 - 00000000 ____D C:\Users\djourova\Downloads\angelique_ma_douce_colombe
2015-06-14 16:39 - 2015-06-14 16:39 - 00000000 ____D C:\Users\djourova\Downloads\always_forever
2015-06-14 16:36 - 2015-06-14 16:36 - 01327764 _____ C:\Users\djourova\Downloads\UnZipMe.EXE
2015-06-14 16:36 - 2015-06-14 16:36 - 00001044 _____ C:\Users\dagmar\Desktop\UnZip Me.lnk
2015-06-14 16:36 - 2015-06-14 16:36 - 00000000 ____D C:\Users\djourova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Camtech
2015-06-14 16:36 - 2015-06-14 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtech
2015-06-14 16:36 - 2015-06-14 16:36 - 00000000 ____D C:\Program Files (x86)\Camtech
2015-06-14 16:36 - 2004-03-09 00:00 - 00152848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Comdlg32.ocx
2015-06-14 16:36 - 2004-02-23 00:00 - 01386496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.000
2015-06-14 16:36 - 2001-07-31 06:42 - 00150016 _____ (Info-ZIP) C:\Windows\SysWOW64\Unzip32.dll
2015-06-14 13:23 - 2015-06-14 13:23 - 00042154 _____ C:\Users\djourova\Downloads\should_ve_known_shaded.zip
2015-06-14 13:21 - 2015-06-14 13:21 - 00094098 _____ C:\Users\djourova\Downloads\phoenix_rising.zip
2015-06-14 13:21 - 2015-06-14 13:21 - 00041280 _____ C:\Users\djourova\Downloads\bulwark.zip
2015-06-14 13:20 - 2015-06-14 13:20 - 00258784 _____ C:\Users\djourova\Downloads\racing_flow.zip
2015-06-14 13:20 - 2015-06-14 13:20 - 00097531 _____ C:\Users\djourova\Downloads\high_level.zip
2015-06-14 13:20 - 2015-06-14 13:20 - 00045629 _____ C:\Users\djourova\Downloads\east_market_two.zip
2015-06-14 13:19 - 2015-06-14 13:19 - 00529905 _____ C:\Users\djourova\Downloads\erectlorite.zip
2015-06-14 13:19 - 2015-06-14 13:19 - 00195089 _____ C:\Users\djourova\Downloads\tejaratchi_family (1).zip
2015-06-14 13:19 - 2015-06-14 13:19 - 00114025 _____ C:\Users\djourova\Downloads\vtks_storm.zip
2015-06-14 13:18 - 2015-06-14 13:18 - 00055149 _____ C:\Users\djourova\Downloads\germania_shadow.zip
2015-06-14 13:18 - 2015-06-14 13:18 - 00032124 _____ C:\Users\djourova\Downloads\montague.zip
2015-06-14 13:18 - 2015-06-14 13:18 - 00025234 _____ C:\Users\djourova\Downloads\shocardcaps.zip
2015-06-14 13:16 - 2015-06-14 13:16 - 00675314 _____ C:\Users\djourova\Downloads\castro_script.zip
2015-06-14 13:16 - 2015-06-14 13:16 - 00028908 _____ C:\Users\djourova\Downloads\mrs_saint_delafield.zip
2015-06-14 13:15 - 2015-06-14 13:15 - 00997907 _____ C:\Users\djourova\Downloads\good_karma.zip
2015-06-14 13:15 - 2015-06-14 13:15 - 00069514 _____ C:\Users\djourova\Downloads\berty_script.zip
2015-06-14 13:12 - 2015-06-14 13:12 - 00248735 _____ C:\Users\djourova\Downloads\signerica.zip
2015-06-14 13:12 - 2015-06-14 13:12 - 00056701 _____ C:\Users\djourova\Downloads\jellyka_beesantique_handwriting.zip
2015-06-14 13:12 - 2015-06-14 13:12 - 00032236 _____ C:\Users\djourova\Downloads\brotherhood_script.zip
2015-06-14 13:12 - 2015-06-14 13:12 - 00024871 _____ C:\Users\djourova\Downloads\angelique_ma_douce_colombe.zip
2015-06-14 13:11 - 2015-06-14 13:11 - 01117352 _____ C:\Users\djourova\Downloads\signarita_zhai.zip
2015-06-14 13:11 - 2015-06-14 13:11 - 00043010 _____ C:\Users\djourova\Downloads\aligot_de_mirabelle.zip
2015-06-14 13:10 - 2015-06-14 13:11 - 00043799 _____ C:\Users\djourova\Downloads\windsong.zip
2015-06-14 13:10 - 2015-06-14 13:10 - 01640757 _____ C:\Users\djourova\Downloads\recorda_script.zip
2015-06-14 13:10 - 2015-06-14 13:10 - 00563552 _____ C:\Users\djourova\Downloads\diane_de_france.zip
2015-06-14 13:10 - 2015-06-14 13:10 - 00110843 _____ C:\Users\djourova\Downloads\jellyka_saint_andrews_queen.zip
2015-06-14 13:10 - 2015-06-14 13:10 - 00052242 _____ C:\Users\djourova\Downloads\great_vibes.zip
2015-06-14 13:10 - 2015-06-14 13:10 - 00019163 _____ C:\Users\djourova\Downloads\maratre.zip
2015-06-14 13:09 - 2015-06-14 13:09 - 00402210 _____ C:\Users\djourova\Downloads\before_the_rain.zip
2015-06-14 13:04 - 2015-06-14 13:04 - 00063930 _____ C:\Users\djourova\Downloads\endor.zip
2015-06-14 12:46 - 2015-06-14 12:46 - 02314954 _____ C:\Users\djourova\Downloads\2500x1660_597036_[www.ArtFile.ru].jpeg
2015-06-14 12:46 - 2015-06-14 12:46 - 02314954 _____ C:\Users\djourova\Downloads\2500x1660_597036_[www.ArtFile.ru] (2).jpeg
2015-06-14 12:46 - 2015-06-14 12:46 - 02314954 _____ C:\Users\djourova\Downloads\2500x1660_597036_[www.ArtFile.ru] (1).jpeg
2015-06-14 11:52 - 2015-06-14 11:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Collage Maker 3.80
2015-06-14 11:51 - 2015-06-14 11:54 - 00000000 ____D C:\Users\djourova\Downloads\coll
2015-06-14 11:47 - 2015-06-14 11:48 - 31164926 _____ C:\Users\djourova\Downloads\zasilka-FHFXTUFBAVEJ5LIJ.zip
2015-06-14 11:42 - 2015-06-14 11:43 - 00000670 _____ C:\Users\djourova\Downloads\Setup.website
2015-06-14 11:33 - 2015-06-14 11:33 - 00000000 ____D C:\Users\Public\Documents\PearlMountain
2015-06-14 11:33 - 2015-06-14 11:33 - 00000000 ____D C:\Users\djourova\AppData\Roaming\PearlMountain
2015-06-14 11:33 - 2015-06-14 11:33 - 00000000 ____D C:\ProgramData\PearlMountain
2015-06-14 11:33 - 2015-06-14 11:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picture Collage Maker Pro
2015-06-14 11:33 - 2015-06-14 11:33 - 00000000 ____D C:\Program Files (x86)\Picture Collage Maker Pro
2015-06-14 11:24 - 2015-06-14 11:24 - 00000000 ____D C:\Users\djourova\Downloads\Picture Collage Maker Pro 4.0.0 & Templates Pack
2015-06-14 11:12 - 2015-06-14 11:15 - 392690113 _____ C:\Users\djourova\Downloads\Picture Collage Maker Pro 4.0.0 & Templates Pack.zip
2015-06-14 11:00 - 2015-06-14 11:00 - 23490048 _____ C:\Users\djourova\Downloads\collage-maker-37-windows_softfinder_com.msi
2015-06-11 01:17 - 2015-06-11 01:17 - 01209936 _____ C:\Windows\Minidump\061115-21918-01.dmp
2015-06-10 03:41 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 03:41 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 03:41 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 03:41 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 03:41 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 03:41 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 03:41 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 03:41 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 03:41 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 03:41 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 03:40 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 03:40 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 03:40 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 03:40 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 03:40 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 03:40 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 03:40 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 03:40 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 03:40 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 03:40 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 03:40 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 03:40 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 03:40 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 03:40 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 03:40 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 03:40 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 03:40 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 03:40 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 03:40 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 03:40 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 03:40 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 03:40 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 03:40 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 03:40 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 03:40 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 03:40 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 03:40 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 03:40 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 03:40 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 03:40 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 03:40 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 03:40 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 03:40 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 03:40 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 03:40 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 03:40 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 03:40 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 03:40 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 03:40 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 03:40 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 03:40 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 03:40 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 03:40 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 03:40 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 03:40 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 03:40 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 03:40 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 03:40 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 03:40 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 03:40 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 03:40 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 03:40 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 03:40 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 03:40 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 03:40 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 03:40 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 03:40 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 03:40 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 03:40 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 03:40 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 03:40 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 03:40 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 03:40 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 03:40 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 03:40 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 03:40 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 03:40 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 03:40 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 03:40 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 03:40 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 03:40 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 03:40 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 03:40 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 03:40 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 03:40 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 03:40 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 03:40 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 03:40 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 03:40 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 03:40 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 03:40 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 03:40 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 03:40 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 03:40 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 03:40 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 03:40 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 03:40 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 03:40 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 03:40 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 03:40 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 03:40 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 03:40 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 03:40 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 03:40 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 03:40 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 03:40 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 03:40 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 03:40 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 03:40 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 03:40 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 03:40 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 03:40 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 03:40 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 03:40 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-08 01:20 - 2015-06-08 01:20 - 00000000 ____D C:\Users\djourova\Documents\VM
2015-06-07 23:37 - 2015-07-04 10:55 - 00000000 ___RD C:\Users\djourova\Desktop\VM REPORT

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-07 21:56 - 2014-04-27 03:50 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-07-07 21:54 - 2015-03-01 22:01 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-07 21:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-07 21:54 - 2009-07-14 06:51 - 00063212 _____ C:\Windows\setupact.log
2015-07-07 21:53 - 2010-11-21 05:47 - 00277296 _____ C:\Windows\PFRO.log
2015-07-07 21:48 - 2015-03-01 22:01 - 00002483 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-07 21:48 - 2014-06-02 11:54 - 00001693 _____ C:\Users\djourova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-07 21:30 - 2014-04-26 20:14 - 01111347 _____ C:\Windows\WindowsUpdate.log
2015-07-07 21:23 - 2009-07-14 06:45 - 00035040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-07 21:23 - 2009-07-14 06:45 - 00035040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-07 21:16 - 2015-03-01 22:01 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-07 00:06 - 2014-07-03 22:24 - 00000000 ____D C:\Users\djourova\AppData\Local\CrashDumps
2015-07-06 22:26 - 2010-11-21 11:27 - 00684658 _____ C:\Windows\system32\perfh005.dat
2015-07-06 22:26 - 2010-11-21 11:27 - 00147100 _____ C:\Windows\system32\perfc005.dat
2015-07-06 22:26 - 2009-07-14 07:13 - 01618200 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-04 10:55 - 2014-07-04 21:08 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-04 10:55 - 2014-07-04 21:08 - 00000000 ____D C:\ProgramData\Skype
2015-07-04 10:38 - 2014-06-02 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-07-04 09:59 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-04 03:28 - 2015-01-28 17:47 - 00000000 ___RD C:\Users\djourova\Desktop\RVM
2015-07-04 03:28 - 2015-01-26 14:56 - 00000000 ____D C:\Users\djourova\Desktop\PROGRAMY
2015-07-04 03:22 - 2014-06-27 21:29 - 00000000 ____D C:\Users\djourova\AppData\Local\Google
2015-07-04 03:22 - 2014-06-27 21:29 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-04 03:03 - 2014-11-22 12:00 - 00000330 _____ C:\Users\djourova\rgut
2015-07-04 02:55 - 2014-11-29 23:44 - 00000000 ____D C:\Users\djourova\AppData\Roaming\Opera Software
2015-07-04 02:55 - 2014-11-29 23:44 - 00000000 ____D C:\Users\djourova\AppData\Local\Opera Software
2015-07-04 02:55 - 2014-11-29 23:44 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-04 02:54 - 2014-11-20 20:52 - 00000030 _____ C:\Users\djourova\AppData\Roaming\msofoeu.dat
2015-07-03 21:22 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-07-03 21:15 - 2014-04-27 03:50 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-03 15:27 - 2014-12-30 15:26 - 00000000 ____D C:\Users\djourova\Documents\Soubory aplikace Outlook
2015-07-03 10:32 - 2014-06-09 07:09 - 00000000 ____D C:\Users\djourova\Documents\cestovní doklady
2015-07-02 23:33 - 2015-01-15 12:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-29 09:12 - 2014-06-07 10:40 - 00000000 ____D C:\Users\djourova\Documents\work plány
2015-06-29 09:04 - 2014-06-22 21:17 - 00000427 _____ C:\Users\djourova\AppData\Roaming\Microsoft\Windows\Start Menu\Logging in.website
2015-06-28 23:56 - 2014-06-07 18:41 - 00000612 _____ C:\Users\djourova\AppData\Roaming\Microsoft\Windows\Start Menu\Domovská stránka - Centrála.website
2015-06-26 11:06 - 2015-05-29 22:07 - 00000000 ____D C:\Users\djourova\AppData\Roaming\msct
2015-06-25 12:03 - 2014-06-23 18:40 - 00000621 _____ C:\Users\djourova\AppData\Roaming\Microsoft\Windows\Start Menu\Domovská stránka - Filiálky.website
2015-06-25 00:15 - 2015-03-08 23:28 - 00000000 ____D C:\Users\djourova\AppData\Roaming\vlc
2015-06-24 19:20 - 2014-12-26 00:00 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-24 10:54 - 2009-07-14 06:45 - 00372352 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-24 01:06 - 2014-09-05 10:30 - 00000000 ____D C:\Users\djourova\Documents\tašky objednávka
2015-06-23 13:30 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-23 03:15 - 2015-03-10 14:16 - 00004974 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for CZECH-djourova nbdjourova.czech.lpp.com.pl
2015-06-22 21:49 - 2015-01-26 15:09 - 00000000 ___RD C:\Users\djourova\Desktop\BUDGET 2015
2015-06-15 11:10 - 2014-06-02 11:55 - 00091344 _____ C:\Users\djourova\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-14 11:54 - 2014-12-26 20:18 - 00000000 ____D C:\Program Files (x86)\Collage Maker 3.80
2015-06-14 11:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Resources
2015-06-14 11:28 - 2015-04-16 11:52 - 00000000 ____D C:\Program Files (x86)\Collage Maker 3.70
2015-06-14 11:21 - 2015-05-20 18:45 - 00000000 ____D C:\Users\djourova\AppData\Local\WinZip
2015-06-14 10:57 - 2014-07-06 23:21 - 00000000 ____D C:\Windows\system32\appmgmt
2015-06-11 10:51 - 2014-11-16 18:15 - 00000000 __SHD C:\Users\djourova\AppData\Local\EmieBrowserModeList
2015-06-11 10:51 - 2014-06-02 12:20 - 00000000 __SHD C:\Users\djourova\AppData\Local\EmieUserList
2015-06-11 10:51 - 2014-06-02 12:20 - 00000000 __SHD C:\Users\djourova\AppData\Local\EmieSiteList
2015-06-11 04:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-11 03:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-11 03:07 - 2014-06-02 11:18 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 03:02 - 2014-06-02 11:18 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-11 01:17 - 2014-07-03 18:42 - 00000000 ____D C:\Windows\Minidump
2015-06-11 01:17 - 2014-07-03 18:41 - 4196049181 _____ C:\Windows\MEMORY.DMP
2015-06-09 08:20 - 2014-06-02 13:27 - 00000000 ____D C:\Users\djourova\Documents\výprodej 1.6.2014
2015-06-07 20:48 - 2015-03-23 13:52 - 00000000 ____D C:\Users\djourova\AppData\Roaming\Seznam.cz
2015-06-07 11:14 - 2014-12-12 04:28 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-07 11:14 - 2014-06-02 11:43 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-07 10:59 - 2014-06-02 11:47 - 00000128 _____ C:\Windows\system32\config\netlogon.ftl

==================== Files in the root of some directories =======

2014-11-20 20:52 - 2014-11-20 20:52 - 0009040 _____ () C:\Users\djourova\AppData\Roaming\msmefb.dat
2014-11-20 20:52 - 2015-07-04 02:54 - 0000030 _____ () C:\Users\djourova\AppData\Roaming\msofoeu.dat
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\djourova\AppData\Roaming\N3LutoUvULAxN52QinoB4hpmxN
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\djourova\AppData\Roaming\vnBZwdBR6lu98DSD13yb
2015-07-04 02:48 - 2015-07-04 02:48 - 0260876 _____ (VuuPC Limited) C:\Users\djourova\AppData\Local\nslD11C.tmp
2015-07-04 10:40 - 2015-07-04 10:40 - 0613255 _____ (CMI Limited) C:\Users\djourova\AppData\Local\nsmCD84.tmp
2015-07-04 03:32 - 2015-07-04 03:32 - 0613255 _____ (CMI Limited) C:\Users\djourova\AppData\Local\nsmF658.tmp
2014-12-26 21:43 - 2015-01-12 14:54 - 0000880 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\djourova\AppData\Local\Temp\3307.exe
C:\Users\djourova\AppData\Local\Temp\4488.exe
C:\Users\djourova\AppData\Local\Temp\9467.exe
C:\Users\djourova\AppData\Local\Temp\APNSetup.exe
C:\Users\djourova\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\djourova\AppData\Local\Temp\fsd5485.exe
C:\Users\djourova\AppData\Local\Temp\GoogleSetup.exe
C:\Users\djourova\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\djourova\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\djourova\AppData\Local\Temp\optprosetup.exe
C:\Users\djourova\AppData\Local\Temp\pcspeedup.exe
C:\Users\djourova\AppData\Local\Temp\Quarantine.exe
C:\Users\djourova\AppData\Local\Temp\SkypeSetup.exe
C:\Users\djourova\AppData\Local\Temp\SoftonicAssistant_v0-1-6.exe
C:\Users\djourova\AppData\Local\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease.exe
C:\Users\djourova\AppData\Local\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease[1].exe
C:\Users\djourova\AppData\Local\Temp\sqlite3.dll
C:\Users\djourova\AppData\Local\Temp\Uninstall.exe
C:\Users\djourova\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-03 21:53

==================== End of log ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [gmsd_re_004010007] => [X]
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [**asova**<*>] => [X] <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\MountPoints2: {31a8c31b-fbb8-11e3-8116-c4d987a73f0e} - D:\VW100_Modem_Installation.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
KU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
DPF: HKLM-x32 {F8C6BC40-4D18-4B7C-B7D4-B21D9D27FB32} https://psdz.lpp.com.pl:8443/lpp/authority/PSDZX.ocx
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&t ... XXW3739JJA
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&t ... XXW3739JJA
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 zejytose; C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\jnsk1371.tmp [199168 2015-07-04] () [File not signed]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [707240 2015-07-07] (DTools LIMITED) <==== ATTENTION
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\djourova\AppData\Roaming\N3LutoUvULAxN52QinoB4hpmxN
C:\Users\djourova\AppData\Roaming\vnBZwdBR6lu98DSD13yb
C:\Users\djourova\AppData\Local\nslD11C.tmp
C:\Users\djourova\AppData\Local\nsmCD84.tmp
C:\Users\djourova\AppData\Local\nsmF658.tmp
C:\Users\djourova\AppData\Local\Temp
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3229
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3280
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3381
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\djourova\Downloads\nova_zprava_od_nikyb.2007.eml:OECustomProperty
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

zasílám:

Fix result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by djourova at 2015-07-07 22:51:12 Run:1
Running from C:\Users\djourova\Desktop
Loaded Profiles: djourova (Available Profiles: djourova & dagmar)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [gmsd_re_004010007] => [X]
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\Run: [**asova**<*>] => [X] <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\...\MountPoints2: {31a8c31b-fbb8-11e3-8116-c4d987a73f0e} - D:\VW100_Modem_Installation.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
KU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... 3739JJA&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-1935655697-839522115-3371 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
DPF: HKLM-x32 {F8C6BC40-4D18-4B7C-B7D4-B21D9D27FB32} https://psdz.lpp.com.pl:8443/lpp/authority/PSDZX.ocx
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&t ... XXW3739JJA
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&t ... XXW3739JJA
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 zejytose; C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\jnsk1371.tmp [199168 2015-07-04] () [File not signed]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [707240 2015-07-07] (DTools LIMITED) <==== ATTENTION
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\djourova\AppData\Roaming\N3LutoUvULAxN52QinoB4hpmxN
C:\Users\djourova\AppData\Roaming\vnBZwdBR6lu98DSD13yb
C:\Users\djourova\AppData\Local\nslD11C.tmp
C:\Users\djourova\AppData\Local\nsmCD84.tmp
C:\Users\djourova\AppData\Local\nsmF658.tmp
C:\Users\djourova\AppData\Local\Temp
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3229
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3280
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3381
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\djourova\Downloads\nova_zprava_od_nikyb.2007.eml:OECustomProperty
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_re_004010007 => value removed successfully
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Windows\CurrentVersion\Run\\**asova**<*> => value removed successfully
"HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{31a8c31b-fbb8-11e3-8116-c4d987a73f0e}" => key removed successfully
HKCR\CLSID\{31a8c31b-fbb8-11e3-8116-c4d987a73f0e} => key not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => key removed successfully
HKCR\Wow6432Node\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}" => key removed successfully
HKCR\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => key not found.
"HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}" => key removed successfully
HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => key not found.
"HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => key removed successfully
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{F8C6BC40-4D18-4B7C-B7D4-B21D9D27FB32}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{F8C6BC40-4D18-4B7C-B7D4-B21D9D27FB32}" => key removed successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => value restored successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => value removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully
"C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx" => File/Folder not found.
HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command\\Default => value restored successfully
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => Service removed successfully
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => Service removed successfully
zejytose => Service stopped successfully.
zejytose => Service removed successfully
WindowsMangerProtect => Service stopped successfully.
WindowsMangerProtect => Service removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\Users\djourova\AppData\Roaming\N3LutoUvULAxN52QinoB4hpmxN => moved successfully.
C:\Users\djourova\AppData\Roaming\vnBZwdBR6lu98DSD13yb => moved successfully.
C:\Users\djourova\AppData\Local\nslD11C.tmp => moved successfully.
C:\Users\djourova\AppData\Local\nsmCD84.tmp => moved successfully.
C:\Users\djourova\AppData\Local\nsmF658.tmp => moved successfully.

"C:\Users\djourova\AppData\Local\Temp" folder move:

Could not move "C:\Users\djourova\AppData\Local\Temp" folder => Scheduled to move on reboot.

C:\Windows\SysWOW64\MSIHANDLE => ":3229" ADS removed successfully.
C:\Windows\SysWOW64\MSIHANDLE => ":3280" ADS removed successfully.
C:\Windows\SysWOW64\MSIHANDLE => ":3381" ADS removed successfully.
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
C:\Users\djourova\Downloads\nova_zprava_od_nikyb.2007.eml => ":OECustomProperty" ADS removed successfully.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-07-07 22:54:13)<=

C:\Users\djourova\AppData\Local\Temp => moved successfully

==== End of Fixlog 22:54:13 ====

Smazáno. Nastala nějaká změna?

Pěkný večer,
reklamy nevyskakují, žádné nové samovolné instalace také nejsou Mnohokrát děkuji ale obnovit systém nejde stále.

Zkuste ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte. Tento problém nemusí být způsoben malware, ale také systémem samotným.

Pěknž večer,

přikládám výsledek skenu MBAM:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 9.7.2015
Čas skenování: 20:21
Protokol: mbam.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.09.04
Databáze rootkitů: v2015.07.09.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: djourova

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 461816
Uplynulý čas: 18 min, 30 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 4
PUP.Optional.XTab.A, C:\Program Files (x86)\MiuiTab\ProtectService.exe, 2172, , [9226924d4347db5bec0b1c3e867b56aa]
PUP.Optional.MultiPlug.Gen, C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\hnsu2905.tmp, 3172, , [43755f80becc2b0b97e8533141c314ec]
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\CmdShell.exe, 4408, , [6a4e944bf298063079ca20ddc93948b8]
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\HPNotify.exe, 7772, , [6a4e944bf298063079ca20ddc93948b8]

Moduly: 7
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\IeWatchDog.dll, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcp110.dll, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcp110.dll, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcp110.dll, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcr110.dll, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcr110.dll, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcr110.dll, , [6a4e944bf298063079ca20ddc93948b8],

Klíče registru: 63
PUP.Optional.XTab.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service, , [9226924d4347db5bec0b1c3e867b56aa],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, , [ebcd0fd0beccdb5b894ca5d6c73b11ef],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, , [ebcd0fd0beccdb5b894ca5d6c73b11ef],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}, , [ebcd0fd0beccdb5b894ca5d6c73b11ef],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, , [ebcd0fd0beccdb5b894ca5d6c73b11ef],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, , [ebcd0fd0beccdb5b894ca5d6c73b11ef],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, , [ebcd0fd0beccdb5b894ca5d6c73b11ef],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}, , [ebcd0fd0beccdb5b894ca5d6c73b11ef],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}, , [ebcd0fd0beccdb5b894ca5d6c73b11ef],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, , [ebcd0fd0beccdb5b894ca5d6c73b11ef],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, , [5b5d24bbd3b7fe3887105b6246bced13],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, , [5b5d24bbd3b7fe3887105b6246bced13],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, , [5b5d24bbd3b7fe3887105b6246bced13],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, , [5b5d24bbd3b7fe3887105b6246bced13],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, , [5b5d24bbd3b7fe3887105b6246bced13],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, , [5b5d24bbd3b7fe3887105b6246bced13],
PUP.Optional.Smartbar.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FD36FEBE-DBA1-4597-9DD1-B13794B92F68}, , [ffb936a98901152196c9edcb54aee917],
PUP.Optional.Smartbar.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FD36FEBE-DBA1-4597-9DD1-B13794B92F68}, , [ffb936a98901152196c9edcb54aee917],
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\mystartsearch uninstall, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MultiPlug.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\vicoqudu, , [43755f80becc2b0b97e8533141c314ec],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\AskPartnerNetwork, , [7b3d617e6c1e42f47b47b84720e209f7],
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, , [6a4e5c83c7c353e3ed7891808b7805fb],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [09af9d422169d85e5a923512bc47e41c],
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\mystartsearchSoftware, , [6f49aa35791151e5214150c8a55ed52b],
PUP.Optional.ShopAndSave.A, HKLM\SOFTWARE\WOW6432NODE\Shop and Save Up-nv-ie, , [2692a738771356e021f94b3632d25ba5],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, , [932514cbbfcba98d64de5521f60e03fd],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\WajIntEnhance, , [595f3ca30b7f8aaccb5624eabb48a45c],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, , [3385459ad2b8d85edc9b4cb535cedb25],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, , [25937e611c6e2f07d17744c753b019e7],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, , [328635aa058569cd281f9f6c5ca77987],
PUP.Optional.VoPackage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPackage, , [ab0d3ca3e6a455e1a9da5c2700040bf5],
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, , [65536976e5a559dddcf126f24fb443bd],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, , [75433da2533768ce103612f9d42f6c94],
PUP.Optional.AskAPN.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F524A2D-5350-4500-76A7-A758B70C1D00}, , [7741657af496bf777808738b5da5c33d],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, , [a71186597713eb4b3a05889c62a1d52b],
PUP.Optional.PCSpeedUp.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, , [487011ce5b2f9e98af81048acc380af6],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, , [e8d04f903b4f2b0b3dd76ab1768dd62a],
PUP.Optional.Cinema.A, HKU\S-1-5-18\SOFTWARE\CinemaP-1.9cV16.03-nv, , [2f890fd01f6b1f171e77eb387c87a15f],
PUP.Optional.Cinema.A, HKU\S-1-5-18\SOFTWARE\CinemaP-1.9cV16.03-nv-ie, , [a315736c1a7050e68e070122739030d0],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-18\SOFTWARE\CinemaPlus-3.2cV03.07-nv, , [3f79756a8dfd7fb75a30978056ad837d],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-18\SOFTWARE\CinemaPlus-3.2cV03.07-nv-ie, , [25935887c7c3c86e593182955ba842be],
PUP.Optional.GoHD.A, HKU\S-1-5-18\SOFTWARE\GoHD-nv, , [694f578815757eb836d1602127ddec14],
PUP.Optional.GoHD.A, HKU\S-1-5-18\SOFTWARE\GoHD-nv-ie, , [dddb09d6deac67cf7c8bb9c8669ec33d],
PUP.Optional.ShopAndSave.A, HKU\S-1-5-18\SOFTWARE\Shop and Save Up-nv-ie, , [9721a8373c4ef64031ea750ce321b050],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [a3158b5499f194a27b35b1d620e46a96],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\AskPartnerNetwork, , [7d3b09d6850551e5bd046a9561a120e0],
PUP.Optional.Cinema.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\CinemaP-1.9cV16.03-nv-ie, , [229631aeb0daa4928e07a083649f8779],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\CinemaPlus-3.2cV03.07-nv-ie, , [f6c223bcf892290dafdba572dc27c739],
PUP.Optional.GoHD.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\GoHD-nv-ie, , [09afeef115756bcbb651631e669eca36],
PUP.Optional.HomeTab.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\HomeTab, , [566219c6bcce0f279b9ae152be45e31d],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\SearchProtectWS, , [9c1ca03fb2d81026fa500506bc479070],
PUP.Optional.ShopAndSave.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\Shop and Save Up-nv-ie, , [4177fbe49cee44f2fb209ce53ec655ab],
PUP.Optional.TNT.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\TNT2, , [67512bb4fa9070c6896b51bb8a7940c0],
PUP.Optional.Wajam.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\WajIEnhance, , [b9ffb728800af145896ec34f05fec739],
PUP.Optional.Wajam.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\WajIntEnhance, , [675131ae197171c5b86ad836e023649c],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, , [4c6c6976593173c36886d136c14242be],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, , [a315479812783105d31cd92e58abe31d],
PUP.Optional.Linkey.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, , [befa2eb1c6c468ce6987d334d3302fd1],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect, , [9820469986040d29b1919aedc63e7888],
PUP.Optional.Vosteran.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, , [febac11e8dfd2a0c747d986f729140c0],
PUP.Optional.Wajam.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, , [2296bf207a10033303efca3da95a3fc1],
PUP.Optional.HomeTab.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\SIMPLYTECH\HomeTab, , [635547984446d6604cfadf65ed1648b8],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3841182015-3767386443-1143244361-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21636, , [dbdd5b8498f2bf77e640e1403bc824dc],

Hodnoty registru: 4
PUP.Optional.CPUMiner.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|cpuminer, C:\Windows\system32\cpuminer-gw64.exe, , [d5e3e5fa17735cda18512a676f95e11f]
PUP.Optional.AskAPN.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F524A2D-5350-4500-76A7-A758B70C1D00}|InstallSource, C:\ProgramData\APN\APN-Stub\ORJ-SPE\, , [7741657af496bf777808738b5da5c33d]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, cmi, , [a71186597713eb4b3a05889c62a1d52b]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\vicoqudu|ImagePath, C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\hnsu2905.tmp, , [b701499625651026ca405d26976d42be]

Data registru: 1
PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-1177238915-1935655697-839522115-3371\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA, Dobré: (www.google.com), Špatné: (http://www.mystartsearch.com/?type=hp&t ... XXW3739JJA),,[8a2e3aa513773600d67250cf65a0629e]

Složky: 37
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\code, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MultiPlug.A, C:\Users\djourova\AppData\Local\4C4C4544-1435978020-4710-8034-CAC04F333132, , [8a2e27b8d5b50b2b44355c28aa5ae51b],
PUP.Optional.MultiPlug.Gen, C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132, , [43755f80becc2b0b97e8533141c314ec],
PUP.Optional.OptimizerPro.A, C:\Users\djourova\Documents\Optimizer Pro, , [34844d92f793999d1385f399e61edc24],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, , [e0d8eaf5177337ff60d6548ba1618779],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, , [e0d8eaf5177337ff60d6548ba1618779],
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_re_004010007, , [dedab02fc6c41d199d6fe10e6b97e41c],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, , [45738a55afdbea4c310b6a89847eac54],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, , [45738a55afdbea4c310b6a89847eac54],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\image, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\en-US, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-419, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-ES, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-BE, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CA, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CH, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-FR, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-LU, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-CH, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-IT, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pl, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt-BR, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru-MO, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\tr-TR, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\vi-VI, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-CN, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-TW, , [6a4e944bf298063079ca20ddc93948b8],

Soubory: 126
PUP.Optional.XTab.A, C:\Program Files (x86)\MiuiTab\ProtectService.exe, , [9226924d4347db5bec0b1c3e867b56aa],
PUP.Optional.LuckyTab.A, C:\Program Files (x86)\MiuiTab\SupTab.dll, , [ebcd0fd0beccdb5b894ca5d6c73b11ef],
PUP.Optional.BrilliantInstaller.A, C:\ProgramData\InstallMate\{CB4DA319-4D6D-493D-ABD6-054F10AE81EF}\Custom.dll, , [7246de01d1b95adc947a50eaed13a858],
PUP.Optional.WProtectManager.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, , [4672c41bcac0b086bc3e0955d13403fd],
PUP.HistoryTool, C:\Users\djourova\AppData\Roaming\wld\iehv.exe, , [06b219c6abdf68ced51686e9926e6f91],
PUP.Optional.Nova.A, C:\Program Files (x86)\039e3fe8-2d83-4d53-ad3f-947c2cea80ae\77408631-4038-46cd-aac0-7085217fb56d.dll, , [10a8d50ac4c61026a932b99f15ec49b7],
PUP.Optional.Nova.A, C:\Program Files (x86)\18d262ac-86d9-493d-b480-5227d0df5034\0574780c-8583-40a4-b22d-40181b7f8f9f.dll, , [8236a33c0e7c1a1cba213226ab56a45c],
PUP.Optional.Crossrider, C:\Program Files (x86)\18d262ac-86d9-493d-b480-5227d0df5034\af261fbb-9bac-4d47-a862-0aadc461cc06.dll, , [ceeae5fac5c561d5c99166468e7359a7],
PUP.Optional.Nova.A, C:\Program Files (x86)\Adobe\cbb2a54b-2b96-470e-a92f-d02d8f9dc255.dll, , [2d8b1ec18cfe4de977644c0c5da47789],
PUP.Optional.Crossrider, C:\Program Files (x86)\af261fbb-9bac-4d47-a862-0aadc461cc06\90972a7b-81c0-4a6e-b54c-eab20b287abe.dll, , [fbbd1cc38901280e005ac7e5ee1345bb],
PUP.Optional.Nova.A, C:\Program Files (x86)\af261fbb-9bac-4d47-a862-0aadc461cc06\db3497c2-6dd9-4a05-bfc3-82fc2c58a96d.dll, , [6355b22d2f5b6ec897448eca31d043bd],
PUP.Optional.Browserwatch, C:\Program Files (x86)\MiuiTab\BrowerWatchCH.dll, , [8236be21c7c360d651df0e07bc491ee2],
PUP.Optional.Browserwatch, C:\Program Files (x86)\MiuiTab\BrowerWatchFF.dll, , [c8f0cb1434560e28bc74fe17040116ea],
PUP.Optional.Bitcoin, C:\Windows\SysWOW64\acumnchpjs.exe, , [1b9d07d88ffb46f0bc39c50a14ed07f9],
Trojan.BitMiner, C:\Windows\SysWOW64\dcgmnchpjs.exe, , [bafe746b0882211551bf30a571906d93],
PUP.BitCoinMiner, C:\Windows\SysWOW64\lcpmnchpjs.exe, , [8e2a756abad0be784fee20ca17e909f7],
PUP.Optional.OpenCandy, C:\Windows\Temp\avast_ash\GOM Media Player\GOMPLAYERENSETUP.EXE, , [a01856897a1061d57f67bf9104017b85],
PUP.Optional.Softonic, C:\Users\djourova\Downloads\SoftonicDownloader_for_collage-maker.exe, , [b9ffaf30107a3df9255fe5596d931ee2],
PUP.Optional.Softonic, C:\Users\djourova\Downloads\SoftonicDownloader_for_photofiltre.exe, , [dade637cd4b6171f1a6a1f1fcd3352ae],
PUP.Optional.OpenCandy, C:\Users\djourova\Downloads\GOMPLAYERENSETUP.EXE, , [a810d20dcdbd78bee402c090ab5a758b],
PUP.Optional.InstalleRex, C:\Users\djourova\Downloads\Meloriac.exe, , [a4147f60fa90e650676eaa7f5ea3ed13],
PUP.Optional.OpenCandy, C:\Users\djourova\Downloads\PhotoScape_V3.6.5.exe, , [2f89a13ea5e59f9712d4d7798c79e41c],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage, , [e1d7e0ffbdcdd2646c820e0259aae818],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage-journal, , [3a7e647bfe8cbb7b737bec24ec176e92],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\MessageBox.xml, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\402.json, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\uninstallDlg2.xml, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\UninstallManager.exe, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\bg.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\bg1.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\bk_shadow.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\button.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\button1.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\checkbox.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\checkbox_select.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\checked.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\close.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\loading_bg.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\loading_light.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\min.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\scrollbar.bmp, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\Thumbs.db, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\unchecked.png, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\code\code1.jpg, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\code\code2.jpg, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\code\code3.jpg, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\code\code4.jpg, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\code\code5.jpg, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\code\code6.jpg, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Roaming\mystartsearch\images\code\Thumbs.db, , [4c6c647b850595a1838247cf9e65f808],
PUP.Optional.MultiPlug.A, C:\Users\djourova\AppData\Local\4C4C4544-1435978020-4710-8034-CAC04F333132\onsaEFEE.tmp, , [8a2e27b8d5b50b2b44355c28aa5ae51b],
PUP.Optional.MultiPlug.A, C:\Users\djourova\AppData\Local\4C4C4544-1435978020-4710-8034-CAC04F333132\7879.tmp, , [8a2e27b8d5b50b2b44355c28aa5ae51b],
PUP.Optional.MultiPlug.A, C:\Users\djourova\AppData\Local\4C4C4544-1435978020-4710-8034-CAC04F333132\CCA1.tmp, , [8a2e27b8d5b50b2b44355c28aa5ae51b],
PUP.Optional.MultiPlug.A, C:\Users\djourova\AppData\Local\4C4C4544-1435978020-4710-8034-CAC04F333132\pnsaEFEF.exe, , [8a2e27b8d5b50b2b44355c28aa5ae51b],
PUP.Optional.MultiPlug.A, C:\Users\djourova\AppData\Local\4C4C4544-1435978020-4710-8034-CAC04F333132\rnsaEFED.exe, , [8a2e27b8d5b50b2b44355c28aa5ae51b],
PUP.Optional.MultiPlug.A, C:\Users\djourova\AppData\Local\4C4C4544-1435978020-4710-8034-CAC04F333132\Uninstall.exe, , [8a2e27b8d5b50b2b44355c28aa5ae51b],
PUP.Optional.MultiPlug.Gen, C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\hnsu2905.tmp, , [43755f80becc2b0b97e8533141c314ec],
PUP.Optional.MultiPlug.Gen, C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\jnsk1371.tmp, , [43755f80becc2b0b97e8533141c314ec],
PUP.Optional.MultiPlug.Gen, C:\Users\djourova\AppData\Roaming\4C4C4544-1435970623-4710-8034-CAC04F333132\Uninstall.exe, , [43755f80becc2b0b97e8533141c314ec],
PUP.Optional.OptimizerPro.A, C:\Users\djourova\Documents\Optimizer Pro\CookiesException.txt, , [34844d92f793999d1385f399e61edc24],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, , [e0d8eaf5177337ff60d6548ba1618779],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update\conf, , [45738a55afdbea4c310b6a89847eac54],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\CmdShell.exe, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\conf, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\ffsearch_toolbar!1.0.0.1031.xpi, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\HPNotify.exe, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\IeWatchDog.dll, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\install.data, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcp110.dll, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcr110.dll, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\searchProvider.xml, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\uninstall.exe, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\about.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\about_bk.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\btn.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\btn_apply.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\close.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\conf.xml, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\conf_back.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\input_bk.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\logo.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\main.xml, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\radio_1.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\radio_2.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\rigth_arrow.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\settings.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\data.html, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\indexIE.html, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\indexIE8.html, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\main.css, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\ver.txt, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\google_trends.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\icon128.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\icon16.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\icon48.png, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\loading.gif, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\logo32.ico, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\common.js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\ga.js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\jquery-1.11.0.min.js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\jquery.autocomplete.js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\jquery.xdomainrequest.min.js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\js.js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\library.js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\xagainit-ie8.js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\xagainit2.0.js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\xdomain.min.js, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\en-US\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-419\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-ES\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-BE\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CA\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CH\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-FR\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-LU\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-CH\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-IT\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pl\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt-BR\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru-MO\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\tr-TR\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\vi-VI\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-CN\messages.json, , [6a4e944bf298063079ca20ddc93948b8],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-TW\messages.json, , [6a4e944bf298063079ca20ddc93948b8],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Všechny nálezy smažte.

Pěkný den Rudy,

smazala jsem všechny nálezy, jak jste mi poradil, spustila jsem poté další scan, objevil se další jeden soubor, smazala jsem jej a objevily se další tři, které se stále drží. Systém bohužel také stále obnovit nejde ( počítač je firemní, díky nákaze jsem přišla o Office pro podnikatele,který se smazal a obnovením systému jsem doufala v jeho návrat, proto to stále zkouším )

posílám log z posledního scanu MBAM :

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 10.7.2015
Čas skenování: 11:42
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.10.02
Databáze rootkitů: v2015.07.09.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: djourova

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 461146
Uplynulý čas: 15 min, 16 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 3
PUP.Optional.OpenCandy, C:\Windows\Temp\avast_ash\GOM Media Player\GOMPLAYERENSETUP.EXE, , [9387a13f6921c274a2cd0a47c3423bc5],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage, , [df3b538d4b3fd660ac9d8889897a23dd],
PUP.Optional.MyStartSearch.A, C:\Users\djourova\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage-journal, , [2eec08d80d7d82b4d8715eb363a0b64a],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)