VIRY.CZ

Dobrý den,

poslední dobou mi při každém kliknutí (někdy i samovolně) na odkaz či webovou stránku na internetu vyskakují nechtěné internetové stránky (reklamy, výzvy k sázkám apod.). Prosím o kontrolu logu FRST. Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-06-2016
Ran by Jaroslav (administrator) on JAROSLAV-HP (11-06-2016 14:44:14)
Running from C:\Users\Jaroslav\Desktop
Loaded Profiles: Jaroslav (Available Profiles: Jaroslav)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(RTS, a.s.) C:\BUILDpowerS\System\BPSHWAgentService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\BUILDpowerS\System\IPSQLAgentService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.BUILDPOWERS\MSSQL\Binn\sqlservr.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(D-Link Corporation) C:\Program Files (x86)\D-Link\SharePort\SharePort Network USB Utility.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [MfeEpePcMonitor] => "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1436736 2011-06-15] (Microsoft Corporation)
HKLM\...\Run: [HP LaserJet Professional CM1410 Series Fax] => C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe [3706424 2010-08-24] (Hewlett-Packard Company)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-06-17] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2816240 2014-08-11] (Synaptics Incorporated)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2160248 2015-10-27] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2013-10-14] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-10-28] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2014-08-11] (Intel Corporation)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12313720 2012-08-07] (Hewlett-Packard)
HKLM-x32\...\Run: [IFXSPMGT] => c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1128312 2012-04-23] (Infineon Technologies AG)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [D-Link Network USB Utility] => C:\Program Files (x86)\D-Link\SharePort\SharePort Network USB Utility.exe [2605312 2008-12-26] (D-Link Corporation)
HKLM-x32\...\Run: [ToolboxFX] => C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe [58936 2010-10-25] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1573584 2012-08-22] (Ask)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-07-18] (PDF Complete Inc)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-05-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-05-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [191200 2015-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [{761cd2c4-5249-4346-8318-a499d06d2681}] => C:\ProgramData\Package Cache\{761cd2c4-5249-4346-8318-a499d06d2681}\Avira.OE.Setup.Bundle.exe [969664 2016-06-11] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\...\MountPoints2: {6c9a97b6-6e91-11e2-9e84-083e8e9b4089} - D:\ICM_ML.exe
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\SYSTEM32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-07-05]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-03-29]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Jaroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2012-11-20]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{80994AFA-146B-458D-90FB-63E697601CE3}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10267&gct=hp&dc=EU&locale=en_CZ
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
URLSearchHook: HKU\S-1-5-21-1783791151-3406929246-3765845189-1001 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKU\S-1-5-21-1783791151-3406929246-3765845189-1001 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKU\S-1-5-21-1783791151-3406929246-3765845189-1001 -> {74545B54-0861-43EF-BFCA-A397B65BA046} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10267&src=kw&q={searchTerms}&locale=en_CZ&apn_ptnrs=^AGY&apn_dtid=^YYYYYY^YY^CZ&apn_uid=E1886E67-FD26-411F-AB78-8160410408F0&apn_sauid=8A06735A-9E05-45C2-8C89-332E9E4EA8DB
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-08-07] (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Avira SearchFree Toolbar plus Web Protection -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-08-22] (Ask)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-08-22] (Ask)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-28] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-28] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2012-07-20] (Digital Persona, Inc.)
FF Plugin HKU\S-1-5-21-1783791151-3406929246-3765845189-1001: @acestream.net/acestreamplugin,version=2.1.5 -> C:\Users\Jaroslav\AppData\Roaming\ACEStream\player\npace_plugin.dll [2013-07-23] (Innovative Digital Technologies)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-06-17] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://seznam.cz/
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Profile: C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (IPViewer) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigbojghnfpjkdhnokmneobgmacpkene [2016-06-02]
CHR Extension: (Popup Blocker Pro) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiodaajmphnkcajieajajinghpejdjai [2016-06-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05]
CHR Extension: (Gmail) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM-x32\...\Chrome\Extension: [aaaaabfjnbeinlpljodiajipidiompfl] - C:\Users\Jaroslav\AppData\Local\APN\GoogleCRXs\aaaaabfjnbeinlpljodiajipidiompfl_7.15.5.0.crx [2013-01-07]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\dpchrome.crx [2012-07-20]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-05-27] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [285176 2016-05-19] (Avira Operations GmbH & Co. KG)
R2 BPSHWAgent; C:\BUILDpowerS\system\BPSHWAgentService.exe [5660672 2012-11-26] (RTS, a.s.) [File not signed]
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [494456 2012-07-20] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477056 2012-04-27] (Hewlett-Packard Company)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
R2 IFXSpMgtSrv; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1128312 2012-04-23] (Infineon Technologies AG)
R2 IFXTCS; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [984440 2012-04-23] (Infineon Technologies AG)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-10-28] (Intel Corporation)
R2 IPSQLAgent; C:\BUILDpowerS\system\IPSQLAgentService.exe [781824 2010-02-23] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-10-28] (Intel Corporation)
S2 KMService; C:\windows\SysWOW64\srvany.exe [8192 2012-11-17] () [File not signed]
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2013-03-27] () [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [293128 2016-03-11] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2011-04-28] (Microsoft Corporation)
R2 MSSQL$BUILDPOWERS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.BUILDPOWERS\MSSQL\Binn\sqlservr.exe [43040096 2011-06-17] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [288272 2011-04-28] (Microsoft Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [3170424 2015-10-27] ()
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1143432 2013-07-18] (PDF Complete Inc)
R2 PersonalSecureDriveService; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [212344 2012-04-23] (Infineon Technologies AG)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RoxioBurnLauncher; C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [536848 2012-03-21] ()
S4 SQLAgent$BUILDPOWERS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.BUILDPOWERS\MSSQL\Binn\SQLAGENT.EXE [370016 2011-06-17] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\stacsv64.exe [327680 2013-06-17] (IDT, Inc.) [File not signed]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [498352 2012-04-06] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [296576 2012-06-15] (SafeNet Inc.)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [42816 2012-02-03] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141920 2016-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-27] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [165688 2013-10-21] (Broadcom Corporation.)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64312 2012-01-31] (Hewlett-Packard Company)
R3 DlinkUDSMBus; C:\Windows\SysWow64\Drivers\DlinkUDSMBus.sys [85528 2008-11-11] (Windows (R) Codename Longhorn DDK provider)
S3 DlinkUDSTcpBus; C:\Windows\SysWow64\Drivers\DlinkUDSTcpBus.sys [132632 2008-11-11] (Windows (R) Codename Longhorn DDK provider)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 Hardlock; C:\windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
R2 Hardlock; C:\windows\SysWOW64\drivers\hardlock.sys [685056 2005-04-06] (Aladdin Knowledge Systems Ltd.) [File not signed]
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2013-08-04] (JMicron Technology Corp.)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [91432 2013-03-27] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158760 2013-03-27] (McAfee, Inc.)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [189440 2011-04-18] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [84864 2011-04-28] (Microsoft Corporation)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2010-01-26] (Infineon Technologies AG)
S3 SmbDrvAMDASF; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [25912 2012-05-19] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-11] (Synaptics Incorporated)
S3 SmbDrvIntel; C:\Windows\system32\drivers\Smb_driver_Intel.sys [34544 2014-08-11] (Synaptics Incorporated)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-20] ()
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-11 14:44 - 2016-06-11 14:45 - 00030800 _____ C:\Users\Jaroslav\Desktop\FRST.txt
2016-06-11 14:43 - 2016-06-11 14:44 - 00000000 ____D C:\FRST
2016-06-11 14:42 - 2016-06-11 14:42 - 00001094 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-06-11 14:41 - 2016-06-11 14:43 - 02385408 _____ (Farbar) C:\Users\Jaroslav\Desktop\FRST64.exe
2016-06-11 14:19 - 2016-06-11 14:19 - 00001078 _____ C:\windows\system32dbgraw.bmp
2016-06-09 09:24 - 2016-06-09 09:24 - 00070646 _____ C:\Users\Jaroslav\Documents\SDO Boleradice - nabídka.pdf
2016-05-24 08:37 - 2016-05-24 08:37 - 00002829 _____ C:\windows\diagerr.xml
2016-05-24 08:37 - 2016-05-24 08:37 - 00001908 _____ C:\windows\diagwrn.xml
2016-05-22 17:29 - 2016-06-10 07:53 - 00003204 _____ C:\windows\System32\Tasks\HPCeeScheduleForJaroslav
2016-05-22 17:29 - 2016-06-10 07:53 - 00000344 _____ C:\windows\Tasks\HPCeeScheduleForJaroslav.job

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-11 14:42 - 2015-07-28 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-11 14:40 - 2014-01-26 14:17 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-11 14:35 - 2009-07-14 06:45 - 00031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-11 14:35 - 2009-07-14 06:45 - 00031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-11 14:22 - 2012-06-19 21:18 - 00000000 ____D C:\ProgramData\PDFC
2016-06-11 14:20 - 2012-11-16 17:14 - 00000948 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-11 14:18 - 2012-06-19 21:19 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-06-11 14:18 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-06-10 13:55 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\podklady pro dozor
2016-06-10 13:55 - 2013-01-04 14:28 - 00000000 ____D C:\Users\Jaroslav\Documents\Soubory aplikace Outlook
2016-06-10 13:49 - 2013-01-07 09:21 - 00000000 ____D C:\Users\Jaroslav\Documents\Pošta
2016-06-10 13:47 - 2012-11-16 17:14 - 00000952 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-10 13:36 - 2012-11-16 17:09 - 00000000 ____D C:\Users\Jaroslav\AppData\Local\PDFC
2016-06-10 13:11 - 2012-06-19 21:19 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-06-10 09:08 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\podklad pro projednání
2016-06-10 07:59 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\Evidence zakázek
2016-06-09 07:34 - 2012-06-19 20:13 - 00737388 _____ C:\windows\system32\perfh005.dat
2016-06-09 07:34 - 2012-06-19 20:13 - 00168086 _____ C:\windows\system32\perfc005.dat
2016-06-09 07:34 - 2009-07-14 07:13 - 01777972 _____ C:\windows\system32\PerfStringBackup.INI
2016-06-09 07:34 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-06-08 11:20 - 2013-01-07 09:21 - 00000000 ____D C:\Users\Jaroslav\Documents\podklady pro projektování
2016-06-08 08:01 - 2012-11-16 17:16 - 00002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-07 08:29 - 2013-01-06 12:31 - 00000000 ____D C:\Users\Jaroslav\Documents\Zakázky
2016-06-03 13:31 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\Tabulky
2016-05-27 13:38 - 2013-05-07 13:31 - 00079696 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2016-05-27 13:38 - 2013-03-28 08:32 - 00141920 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2016-05-26 16:09 - 2015-04-07 15:41 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-05-26 16:09 - 2015-04-07 15:41 - 00000000 ___SD C:\windows\system32\GWX
2016-05-24 09:44 - 2012-06-19 20:08 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-05-24 09:20 - 2013-01-08 11:33 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-05-24 09:08 - 2016-02-13 16:07 - 00000000 ___HD C:\$WINDOWS.~BT
2016-05-24 08:43 - 2009-07-14 05:20 - 00000000 ____D C:\windows\Registration
2016-05-24 08:34 - 2011-02-11 07:14 - 00000000 ____D C:\windows\Panther
2016-05-24 07:46 - 2015-01-04 15:57 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-23 12:09 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2016-05-20 18:59 - 2014-12-10 19:39 - 00000000 ____D C:\windows\system32\appraiser
2016-05-20 16:58 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\Moje
2016-05-20 10:22 - 2009-07-14 06:45 - 00549112 _____ C:\windows\system32\FNTCACHE.DAT
2016-05-20 10:20 - 2012-06-19 20:09 - 00000000 ____D C:\Program Files\Windows Journal

==================== Files in the root of some directories =======

2015-08-11 08:25 - 2015-08-31 09:51 - 0089284 _____ () C:\ProgramData\hpcsmmsilogs.log

Some files in TEMP:
====================
C:\Users\Jaroslav\AppData\Local\Temp\5n6jj0s4.dll
C:\Users\Jaroslav\AppData\Local\Temp\AcDeltree.exe
C:\Users\Jaroslav\AppData\Local\Temp\avgnt.exe
C:\Users\Jaroslav\AppData\Local\Temp\Extract.exe
C:\Users\Jaroslav\AppData\Local\Temp\HPSFUpdater.exe
C:\Users\Jaroslav\AppData\Local\Temp\SHSetup.exe
C:\Users\Jaroslav\AppData\Local\Temp\SP72937.exe
C:\Users\Jaroslav\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Jaroslav\AppData\Local\Temp\_is1516.exe
C:\Users\Jaroslav\AppData\Local\Temp\_is5B3A.exe
C:\Users\Jaroslav\AppData\Local\Temp\_is6C97.exe
C:\Users\Jaroslav\AppData\Local\Temp\_isC207.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-06-09 11:56

==================== End of FRST.txt ===========================================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Dobrý den,

zasílám Vám log z AdwCleaneru. Díky.

# AdwCleaner v5.200 - Log vytvořen 17/06/2016 v 17:19:51
# Aktualizováno 14/06/2016 by ToolsLib
# Databáze : 2016-06-17.1 [Server]
# Operační system : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : Jaroslav - JAROSLAV-HP
# Spuštěno z : C:\Users\Jaroslav\Desktop\adwcleaner_5.200.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****

***** [ Složky ] *****

[-] Složka Smazáno : C:\_acestream_cache_
[-] Složka Smazáno : C:\Program Files (x86)\Ask.com
[-] Složka Smazáno : C:\windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
[-] Složka Smazáno : C:\Users\Jaroslav\AppData\Local\apn
[-] Složka Smazáno : C:\Users\Jaroslav\AppData\Local\AskToolbar
[-] Složka Smazáno : C:\Users\Jaroslav\AppData\LocalLow\AskToolbar
[-] Složka Smazáno : C:\Users\Jaroslav\AppData\Roaming\.acestream
[-] Složka Smazáno : C:\Users\Jaroslav\AppData\Roaming\acestream
[-] Složka Smazáno : C:\Users\Jaroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media

***** [ Soubory ] *****

[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] Soubor Smazáno : C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

[-] Úloha Smazáno : Scheduled Update for Ask Toolbar

***** [ Registry ] *****

[-] Klíč Smazáno : HKCU\Software\Classes\Applications\ace_player.exe
[-] Klíč Smazáno : HKCU\Software\Classes\MIME\Database\Content Type\application/x-acestream-plugin
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[-] Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
[-] Klíč Smazáno : HKCU\Software\Classes\.acelive
[-] Klíč Smazáno : HKCU\Software\Classes\.acemedia
[-] Klíč Smazáno : HKCU\Software\Classes\.acestream
[-] Klíč Smazáno : HKCU\Software\Classes\.tslive
[-] Klíč Smazáno : HKCU\Software\Classes\acestream
[-] Klíč Smazáno : HKCU\Software\Classes\AceStream.file
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHost.Tool
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
[-] Klíč Smazáno : HKCU\Software\Classes\CLSID\{A0359AE6-F410-4425-A975-684AAB785ABD}
[-] Klíč Smazáno : HKCU\Software\Classes\CLSID\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
[-] Klíč Smazáno : HKCU\Software\Classes\TypeLib\{006AD7B2-968A-11DE-88C9-5BDE55D89593}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
[-] Klíč Smazáno : HKCU\Software\AceStream
[-] Klíč Smazáno : HKCU\Software\APN
[-] Klíč Smazáno : HKCU\Software\Ask.com
[-] Klíč Smazáno : HKCU\Software\AskToolbar
[-] Klíč Smazáno : HKCU\Software\Conduit
[-] Klíč Smazáno : HKCU\Software\AppDataLow\Software\AskToolbar
[-] Klíč Smazáno : HKLM\SOFTWARE\APN
[-] Klíč Smazáno : HKLM\SOFTWARE\AskToolbar
[-] Klíč Smazáno : HKLM\SOFTWARE\Conduit
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
[-] Klíč Smazáno : HKU\.DEFAULT\Software\AskToolbar
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Obnoveno : HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [TCP Query User{E1096337-407F-4108-9F9F-DC7733F4EB12}C:\users\jaroslav\appdata\roaming\acestream\engine\ace_engine.exe]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [UDP Query User{30B9F6DC-498E-4CCD-ACB0-4A346B826BDB}C:\users\jaroslav\appdata\roaming\acestream\engine\ace_engine.exe]
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{74545B54-0861-43EF-BFCA-A397B65BA046}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [ Prohlížeče ] *****

[-] [C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Smazáno : aaaaabfjnbeinlpljodiajipidiompfl
[-] [C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Smazáno : bopakagnckmlgajfccecajhnimjiiedh

*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [12443 bytů] - [17/06/2016 17:19:51]
C:\AdwCleaner\AdwCleaner[S1].txt - [14871 bytů] - [17/06/2016 17:16:43]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [12591 bytů] ##########

Dejte nový log FRST.

Zasílám log.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:16-06-2016 01
Ran by Jaroslav (administrator) on JAROSLAV-HP (18-06-2016 13:34:00)
Running from C:\Users\Jaroslav\Desktop
Loaded Profiles: Jaroslav (Available Profiles: Jaroslav)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(RTS, a.s.) C:\BUILDpowerS\System\BPSHWAgentService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(D-Link Corporation) C:\Program Files (x86)\D-Link\SharePort\SharePort Network USB Utility.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\BUILDpowerS\System\IPSQLAgentService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.BUILDPOWERS\MSSQL\Binn\sqlservr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [MfeEpePcMonitor] => "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1436736 2011-06-15] (Microsoft Corporation)
HKLM\...\Run: [HP LaserJet Professional CM1410 Series Fax] => C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe [3706424 2010-08-24] (Hewlett-Packard Company)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-06-17] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2816240 2014-08-11] (Synaptics Incorporated)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2160248 2015-10-27] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2013-10-14] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-10-28] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2014-08-11] (Intel Corporation)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12313720 2012-08-07] (Hewlett-Packard)
HKLM-x32\...\Run: [IFXSPMGT] => c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1128312 2012-04-23] (Infineon Technologies AG)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [D-Link Network USB Utility] => C:\Program Files (x86)\D-Link\SharePort\SharePort Network USB Utility.exe [2605312 2008-12-26] (D-Link Corporation)
HKLM-x32\...\Run: [ToolboxFX] => C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe [58936 2010-10-25] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-07-18] (PDF Complete Inc)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-05-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-05-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [191200 2015-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\...\MountPoints2: {6c9a97b6-6e91-11e2-9e84-083e8e9b4089} - D:\ICM_ML.exe
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\SYSTEM32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-07-05]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-03-29]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Jaroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2012-11-20]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{80994AFA-146B-458D-90FB-63E697601CE3}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-08-07] (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-28] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-28] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2012-07-20] (Digital Persona, Inc.)
FF Plugin HKU\S-1-5-21-1783791151-3406929246-3765845189-1001: @acestream.net/acestreamplugin,version=2.1.5 -> C:\Users\Jaroslav\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-06-17] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://seznam.cz/
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Profile: C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (IPViewer) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigbojghnfpjkdhnokmneobgmacpkene [2016-06-02]
CHR Extension: (AdBlock) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-11]
CHR Extension: (Popup Blocker Pro) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiodaajmphnkcajieajajinghpejdjai [2016-06-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05]
CHR Extension: (Gmail) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\dpchrome.crx [2012-07-20]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-05-27] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-05-27] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [285176 2016-05-19] (Avira Operations GmbH & Co. KG)
R2 BPSHWAgent; C:\BUILDpowerS\system\BPSHWAgentService.exe [5660672 2012-11-26] (RTS, a.s.) [File not signed]
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [494456 2012-07-20] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477056 2012-04-27] (Hewlett-Packard Company)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
R2 IFXSpMgtSrv; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1128312 2012-04-23] (Infineon Technologies AG)
R2 IFXTCS; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [984440 2012-04-23] (Infineon Technologies AG)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-10-28] (Intel Corporation)
R2 IPSQLAgent; C:\BUILDpowerS\system\IPSQLAgentService.exe [781824 2010-02-23] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-10-28] (Intel Corporation)
S2 KMService; C:\windows\SysWOW64\srvany.exe [8192 2012-11-17] () [File not signed]
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2013-03-27] () [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [293128 2016-03-11] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2011-04-28] (Microsoft Corporation)
R2 MSSQL$BUILDPOWERS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.BUILDPOWERS\MSSQL\Binn\sqlservr.exe [43040096 2011-06-17] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [288272 2011-04-28] (Microsoft Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [3170424 2015-10-27] ()
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1143432 2013-07-18] (PDF Complete Inc)
R2 PersonalSecureDriveService; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [212344 2012-04-23] (Infineon Technologies AG)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RoxioBurnLauncher; C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [536848 2012-03-21] ()
S4 SQLAgent$BUILDPOWERS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.BUILDPOWERS\MSSQL\Binn\SQLAGENT.EXE [370016 2011-06-17] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\stacsv64.exe [327680 2013-06-17] (IDT, Inc.) [File not signed]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [498352 2012-04-06] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [296576 2012-06-15] (SafeNet Inc.)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [42816 2012-02-03] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141920 2016-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-27] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [165688 2013-10-21] (Broadcom Corporation.)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64312 2012-01-31] (Hewlett-Packard Company)
R3 DlinkUDSMBus; C:\Windows\SysWow64\Drivers\DlinkUDSMBus.sys [85528 2008-11-11] (Windows (R) Codename Longhorn DDK provider)
S3 DlinkUDSTcpBus; C:\Windows\SysWow64\Drivers\DlinkUDSTcpBus.sys [132632 2008-11-11] (Windows (R) Codename Longhorn DDK provider)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 Hardlock; C:\windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
R2 Hardlock; C:\windows\SysWOW64\drivers\hardlock.sys [685056 2005-04-06] (Aladdin Knowledge Systems Ltd.) [File not signed]
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2013-08-04] (JMicron Technology Corp.)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [91432 2013-03-27] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158760 2013-03-27] (McAfee, Inc.)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [189440 2011-04-18] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [84864 2011-04-28] (Microsoft Corporation)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2010-01-26] (Infineon Technologies AG)
S3 SmbDrvAMDASF; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [25912 2012-05-19] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-11] (Synaptics Incorporated)
S3 SmbDrvIntel; C:\Windows\system32\drivers\Smb_driver_Intel.sys [34544 2014-08-11] (Synaptics Incorporated)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-20] ()
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-18 13:33 - 2016-06-18 13:33 - 00000000 ____D C:\Users\Jaroslav\Desktop\FRST-OlderVersion
2016-06-18 13:27 - 2016-06-18 13:28 - 00001078 _____ C:\windows\system32dbgraw.bmp
2016-06-17 17:16 - 2016-06-17 17:19 - 00000000 ____D C:\AdwCleaner
2016-06-17 17:15 - 2016-06-17 17:16 - 03703360 _____ C:\Users\Jaroslav\Desktop\adwcleaner_5.200.exe
2016-06-15 08:48 - 2016-05-18 18:10 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-06-15 08:48 - 2016-05-18 18:09 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-06-15 08:48 - 2016-05-12 19:15 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-06-15 08:48 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-06-15 08:48 - 2016-05-12 16:58 - 00464896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2016-06-15 08:48 - 2016-05-12 16:58 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2016-06-15 08:48 - 2016-05-12 16:58 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2016-06-15 08:48 - 2016-05-12 15:05 - 00459640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-06-15 08:48 - 2016-05-12 15:05 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2016-06-15 08:48 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2016-06-15 08:47 - 2016-06-06 18:58 - 00041704 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-06-15 08:47 - 2016-06-06 18:50 - 01204224 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-06-15 08:47 - 2016-06-03 15:05 - 01413120 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-06-15 08:47 - 2016-05-27 15:06 - 00569856 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-06-15 08:47 - 2016-05-27 15:06 - 00544256 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-06-15 08:47 - 2016-05-27 15:06 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-06-15 08:47 - 2016-05-27 15:06 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2016-06-15 08:47 - 2016-05-22 15:06 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-06-15 08:47 - 2016-05-14 00:15 - 00382184 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-06-15 08:47 - 2016-05-14 00:09 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2016-06-15 08:47 - 2016-05-14 00:09 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-06-15 08:47 - 2016-05-14 00:09 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2016-06-15 08:47 - 2016-05-14 00:09 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2016-06-15 08:47 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-06-15 08:47 - 2016-05-13 23:50 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2016-06-15 08:47 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2016-06-15 08:47 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2016-06-15 08:47 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-06-15 08:47 - 2016-05-12 19:20 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-06-15 08:47 - 2016-05-12 19:20 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-06-15 08:47 - 2016-05-12 19:15 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-06-15 08:47 - 2016-05-12 19:15 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-06-15 08:47 - 2016-05-12 19:15 - 00105472 _____ (Microsoft Corporation) C:\windows\system32\winipsec.dll
2016-06-15 08:47 - 2016-05-12 19:15 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-06-15 08:47 - 2016-05-12 19:15 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00794624 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00793088 _____ (Microsoft Corporation) C:\windows\system32\gpprefcl.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00502272 _____ (Microsoft Corporation) C:\windows\system32\IPSECSVC.DLL
2016-06-15 08:47 - 2016-05-12 19:14 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\polstore.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\gpapi.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\FwRemoteSvr.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\gpscript.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-06-15 08:47 - 2016-05-12 19:14 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00591872 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpprefcl.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\polstore.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpapi.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\winipsec.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\FwRemoteSvr.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-06-15 08:47 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-06-15 08:47 - 2016-05-12 17:06 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\gpscript.exe
2016-06-15 08:47 - 2016-05-12 17:05 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-06-15 08:47 - 2016-05-12 17:03 - 03217408 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-06-15 08:47 - 2016-05-12 16:58 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-06-15 08:47 - 2016-05-12 16:58 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-06-15 08:47 - 2016-05-12 16:58 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-06-15 08:47 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpscript.dll
2016-06-15 08:47 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-06-15 08:47 - 2016-05-12 16:57 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpscript.exe
2016-06-15 08:47 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-06-15 08:47 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-06-15 08:47 - 2016-05-11 19:02 - 00483840 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2016-06-15 08:47 - 2016-05-11 19:02 - 00444928 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
2016-06-15 08:47 - 2016-05-11 19:02 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2016-06-15 08:47 - 2016-05-11 19:02 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\ws2_32.dll
2016-06-15 08:47 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2016-06-15 08:47 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\windows\SysWOW64\winhttp.dll
2016-06-15 08:47 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2016-06-15 08:47 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ws2_32.dll
2016-06-15 08:47 - 2016-05-11 17:11 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\netbtugc.exe
2016-06-15 08:47 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\windows\SysWOW64\netbtugc.exe
2016-06-15 08:47 - 2016-05-11 16:58 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2016-06-15 08:47 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2016-06-15 08:47 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2016-06-15 08:47 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-06-15 08:47 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2016-06-15 08:47 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2016-06-15 08:47 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2016-06-15 08:47 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2016-06-15 08:47 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-06-15 08:47 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2016-06-15 08:47 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2016-06-15 08:47 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2016-06-15 08:47 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2016-06-15 08:47 - 2016-04-09 08:58 - 14186496 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-06-15 08:47 - 2016-04-09 08:57 - 01867776 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-06-15 08:47 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2016-06-15 08:47 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2016-06-15 08:47 - 2016-04-09 07:53 - 03231232 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-06-15 08:47 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2016-06-15 08:47 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\webio.dll
2016-06-15 08:47 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\windows\SysWOW64\webio.dll
2016-06-15 08:46 - 2016-05-24 01:37 - 00394960 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-06-15 08:46 - 2016-05-24 00:54 - 00346312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-06-15 08:46 - 2016-05-21 19:28 - 25802752 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-06-15 08:46 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-06-15 08:46 - 2016-05-21 00:27 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-06-15 08:46 - 2016-05-21 00:27 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-06-15 08:46 - 2016-05-21 00:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-06-15 08:46 - 2016-05-21 00:10 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-06-15 08:46 - 2016-05-21 00:09 - 00572416 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-06-15 08:46 - 2016-05-21 00:09 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-06-15 08:46 - 2016-05-21 00:09 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-06-15 08:46 - 2016-05-21 00:08 - 02895360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-06-15 08:46 - 2016-05-21 00:08 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-06-15 08:46 - 2016-05-21 00:02 - 06051328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-06-15 08:46 - 2016-05-21 00:00 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-06-15 08:46 - 2016-05-20 23:59 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-06-15 08:46 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-06-15 08:46 - 2016-05-20 23:57 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-06-15 08:46 - 2016-05-20 23:57 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-06-15 08:46 - 2016-05-20 23:56 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-06-15 08:46 - 2016-05-20 23:56 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-06-15 08:46 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-06-15 08:46 - 2016-05-20 23:54 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-06-15 08:46 - 2016-05-20 23:54 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-06-15 08:46 - 2016-05-20 23:54 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-06-15 08:46 - 2016-05-20 23:54 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-06-15 08:46 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-06-15 08:46 - 2016-05-20 23:49 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-06-15 08:46 - 2016-05-20 23:48 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-06-15 08:46 - 2016-05-20 23:45 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-06-15 08:46 - 2016-05-20 23:45 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-06-15 08:46 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-06-15 08:46 - 2016-05-20 23:44 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-06-15 08:46 - 2016-05-20 23:43 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-06-15 08:46 - 2016-05-20 23:41 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-06-15 08:46 - 2016-05-20 23:33 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-06-15 08:46 - 2016-05-20 23:33 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-06-15 08:46 - 2016-05-20 23:32 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-06-15 08:46 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-06-15 08:46 - 2016-05-20 23:28 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-06-15 08:46 - 2016-05-20 23:27 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-06-15 08:46 - 2016-05-20 23:27 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-15 08:46 - 2016-05-20 23:26 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-06-15 08:46 - 2016-05-20 23:25 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-06-15 08:46 - 2016-05-20 23:23 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-06-15 08:46 - 2016-05-20 23:23 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-06-15 08:46 - 2016-05-20 23:22 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-06-15 08:46 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-06-15 08:46 - 2016-05-20 23:19 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-06-15 08:46 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-06-15 08:46 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-06-15 08:46 - 2016-05-20 23:11 - 15420928 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-06-15 08:46 - 2016-05-20 23:11 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-06-15 08:46 - 2016-05-20 23:09 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-06-15 08:46 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-06-15 08:46 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-06-15 08:46 - 2016-05-20 23:08 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-06-15 08:46 - 2016-05-20 23:07 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-06-15 08:46 - 2016-05-20 23:07 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-06-15 08:46 - 2016-05-20 23:06 - 02131968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-06-15 08:46 - 2016-05-20 22:46 - 02597888 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-06-15 08:46 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-06-15 08:46 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-06-15 08:46 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-06-15 08:46 - 2016-05-20 22:34 - 01544192 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-06-15 08:46 - 2016-05-20 22:23 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-06-11 14:46 - 2016-06-11 14:52 - 00040642 _____ C:\Users\Jaroslav\Desktop\Addition.txt
2016-06-11 14:44 - 2016-06-18 13:36 - 00028695 _____ C:\Users\Jaroslav\Desktop\FRST.txt
2016-06-11 14:43 - 2016-06-18 13:34 - 00000000 ____D C:\FRST
2016-06-11 14:42 - 2016-06-11 14:42 - 00001094 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-06-11 14:41 - 2016-06-18 13:33 - 02386944 _____ (Farbar) C:\Users\Jaroslav\Desktop\FRST64.exe
2016-06-09 09:24 - 2016-06-09 09:24 - 00070646 _____ C:\Users\Jaroslav\Documents\SDO Boleradice - nabídka.pdf
2016-05-24 08:37 - 2016-05-24 08:37 - 00002829 _____ C:\windows\diagerr.xml
2016-05-24 08:37 - 2016-05-24 08:37 - 00001908 _____ C:\windows\diagwrn.xml
2016-05-22 17:29 - 2016-06-17 12:59 - 00003204 _____ C:\windows\System32\Tasks\HPCeeScheduleForJaroslav
2016-05-22 17:29 - 2016-06-17 12:59 - 00000344 _____ C:\windows\Tasks\HPCeeScheduleForJaroslav.job

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-18 13:29 - 2012-06-19 21:18 - 00000000 ____D C:\ProgramData\PDFC
2016-06-18 13:27 - 2012-11-16 17:14 - 00000948 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-18 13:27 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-06-17 20:17 - 2009-07-14 06:45 - 00031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-17 20:17 - 2009-07-14 06:45 - 00031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-17 20:16 - 2012-11-16 17:14 - 00000952 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-17 20:16 - 2012-06-19 21:19 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-06-17 17:15 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\podklady pro dozor
2016-06-17 17:15 - 2013-01-04 14:28 - 00000000 ____D C:\Users\Jaroslav\Documents\Soubory aplikace Outlook
2016-06-17 17:11 - 2012-06-19 21:19 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-06-17 16:48 - 2013-01-07 09:21 - 00000000 ____D C:\Users\Jaroslav\Documents\Pošta
2016-06-17 16:46 - 2013-01-06 12:31 - 00000000 ____D C:\Users\Jaroslav\Documents\Zakázky
2016-06-17 16:41 - 2012-11-16 17:09 - 00000000 ____D C:\Users\Jaroslav\AppData\Local\PDFC
2016-06-17 16:06 - 2012-06-19 20:13 - 00737388 _____ C:\windows\system32\perfh005.dat
2016-06-17 16:06 - 2012-06-19 20:13 - 00168086 _____ C:\windows\system32\perfc005.dat
2016-06-17 16:06 - 2009-07-14 07:13 - 01777972 _____ C:\windows\system32\PerfStringBackup.INI
2016-06-17 16:06 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-06-16 12:22 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\podklad pro projednání
2016-06-16 11:03 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2016-06-16 07:33 - 2009-07-14 06:45 - 00549112 _____ C:\windows\system32\FNTCACHE.DAT
2016-06-16 07:30 - 2014-12-10 19:39 - 00000000 ____D C:\windows\system32\appraiser
2016-06-15 22:40 - 2010-11-21 05:27 - 00484008 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2016-06-14 07:29 - 2014-01-26 14:17 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-13 10:54 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\Evidence zakázek
2016-06-13 10:10 - 2013-01-07 09:21 - 00000000 ____D C:\Users\Jaroslav\Documents\podklady pro projektování
2016-06-11 14:42 - 2015-07-28 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-08 08:01 - 2012-11-16 17:16 - 00002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-03 13:31 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\Tabulky
2016-05-27 13:38 - 2013-05-07 13:31 - 00079696 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2016-05-27 13:38 - 2013-03-28 08:32 - 00141920 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2016-05-26 16:09 - 2015-04-07 15:41 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-05-26 16:09 - 2015-04-07 15:41 - 00000000 ___SD C:\windows\system32\GWX
2016-05-24 09:44 - 2012-06-19 20:08 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-05-24 09:20 - 2013-01-08 11:33 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-05-24 09:08 - 2016-02-13 16:07 - 00000000 ___HD C:\$WINDOWS.~BT
2016-05-24 08:43 - 2009-07-14 05:20 - 00000000 ____D C:\windows\Registration
2016-05-24 08:34 - 2011-02-11 07:14 - 00000000 ____D C:\windows\Panther
2016-05-24 07:46 - 2015-01-04 15:57 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-20 16:58 - 2013-01-07 09:22 - 00000000 ____D C:\Users\Jaroslav\Documents\Moje
2016-05-20 10:20 - 2012-06-19 20:09 - 00000000 ____D C:\Program Files\Windows Journal

==================== Files in the root of some directories =======

2015-08-11 08:25 - 2015-08-31 09:51 - 0089284 _____ () C:\ProgramData\hpcsmmsilogs.log

Some files in TEMP:
====================
C:\Users\Jaroslav\AppData\Local\Temp\5n6jj0s4.dll
C:\Users\Jaroslav\AppData\Local\Temp\AcDeltree.exe
C:\Users\Jaroslav\AppData\Local\Temp\avgnt.exe
C:\Users\Jaroslav\AppData\Local\Temp\Extract.exe
C:\Users\Jaroslav\AppData\Local\Temp\HPSFUpdater.exe
C:\Users\Jaroslav\AppData\Local\Temp\libeay32.dll
C:\Users\Jaroslav\AppData\Local\Temp\msvcr120.dll
C:\Users\Jaroslav\AppData\Local\Temp\SHSetup.exe
C:\Users\Jaroslav\AppData\Local\Temp\SP72937.exe
C:\Users\Jaroslav\AppData\Local\Temp\sqlite3.dll
C:\Users\Jaroslav\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Jaroslav\AppData\Local\Temp\_is1516.exe
C:\Users\Jaroslav\AppData\Local\Temp\_is5B3A.exe
C:\Users\Jaroslav\AppData\Local\Temp\_is6C97.exe
C:\Users\Jaroslav\AppData\Local\Temp\_isC207.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-06-17 11:34

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\...\MountPoints2: {6c9a97b6-6e91-11e2-9e84-083e8e9b4089} - D:\ICM_ML.exe
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
C:\Program Files (x86)\Microsoft\BingBar
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Jaroslav\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version:16-06-2016 01
Ran by Jaroslav (2016-06-18 14:36:09) Run:1
Running from C:\Users\Jaroslav\Desktop
Loaded Profiles: Jaroslav (Available Profiles: Jaroslav)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\...\MountPoints2: {6c9a97b6-6e91-11e2-9e84-083e8e9b4089} - D:\ICM_ML.exe
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
C:\Program Files (x86)\Microsoft\BingBar
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Jaroslav\AppData\Local\Temp
End

*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6c9a97b6-6e91-11e2-9e84-083e8e9b4089}" => key removed successfully
HKCR\CLSID\{6c9a97b6-6e91-11e2-9e84-083e8e9b4089} => key not found.
HKU\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully
C:\Program Files (x86)\Microsoft\BingBar => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value removed successfully
"HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value removed successfully
"HKCR\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => key removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\ppGoogleNaClPluginChrome.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\pdf.dll => not found.
C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => not found.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully

"C:\Users\Jaroslav\AppData\Local\Temp" folder move:

Could not move "C:\Users\Jaroslav\AppData\Local\Temp" => Scheduled to move on reboot.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-06-18 14:41:52)

C:\Users\Jaroslav\AppData\Local\Temp => moved successfully

==== End of Fixlog 14:41:53 ====

Smazáno. Nastala nějaká změna?

Bohužel reklamy stále vyskakují. :/

Udělejte tyto skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Jaroslav on so 18.06.2016 at 18:22:48,46.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jaroslav\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

18.6.2016 18:26:50 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~3\Validity deleted successfully
C:\Users\Default\AppData\Roaming\Hewlett-Packard deleted successfully
C:\Users\Jaroslav\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Jaroslav\AppData\Local\EmieSiteList deleted successfully
C:\Users\Jaroslav\AppData\Local\EmieUserList deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_USERS\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_USERS\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-1783791151-3406929246-3765845189-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\windows\syswow64\appdata deleted
C:\PROGRA~3\{18165758-115C-4DC0-9EC2-FF89F725767F} deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\windows\SysNative\config\systemprofile\Searches deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"otis@digitalpersona.com"="C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt" [17.06.2013 10:22]

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ncffjdbbodifgldkcbhmiiljfcnbgjab - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\dpchrome.crx[20.07.2012 17:00]

AdBlock - Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

==== Chromium Fix ======================

C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.adverticum.net_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.adverticum.net_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.bsplayer.com_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.bsplayer.com_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advert.uloz.to_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advert.uloz.to_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.williamhill.com_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.williamhill.com_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02

==== Reset Google Chrome ======================

C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jaroslav\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jaroslav\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=67 folders=32 175024851 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Jaroslav\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Reset Hosts File ======================

Hosts File Reset Successfully

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Jaroslav\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on so 18.06.2016 at 18:48:50,06 ======================

Zoek něco smazal. A Junkware?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Professional x64
Ran by Jaroslav (Administrator) on so 18.06.2016 at 18:55:55,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 8

Successfully deleted: C:\Users\Jaroslav\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VPHI7FL (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jaroslav\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ4BTV8X (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jaroslav\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q5G07CF2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jaroslav\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RN2724VS (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VPHI7FL (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQ4BTV8X (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q5G07CF2 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RN2724VS (Temporary Internet Files Folder)

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 18.06.2016 at 18:58:32,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Vypadá to, že problém je vyřešen. Moc děkuji za pomoc.

Hezký den.

Rádo se stalo!

VIRY.CZ

Vyskakování nechtěných oken při prohlížení

Vyskakování nechtěných oken při prohlížení

Re: Vyskakování nechtěných oken při prohlížení

Re: Vyskakování nechtěných oken při prohlížení

Re: Vyskakování nechtěných oken při prohlížení

Re: Vyskakování nechtěných oken při prohlížení

Re: Vyskakování nechtěných oken při prohlížení

Re: Vyskakování nechtěných oken při prohlížení

Re: Vyskakování nechtěných oken při prohlížení

Re: Vyskakování nechtěných oken při prohlížení

Re: Vyskakování nechtěných oken při prohlížení

Re: Vyskakování nechtěných oken při prohlížení

Re: Vyskakování nechtěných oken při prohlížení

Re: Vyskakování nechtěných oken při prohlížení

Re: Vyskakování nechtěných oken při prohlížení

Re: Vyskakování nechtěných oken při prohlížení