Dobrý den. Už se tady obdobné téma řešilo, ovšem vzhledem k tomu, že v daném návodu byla použita instalace různých prográmků, rozhodl jsem se založit, v souladu s pokyny, nové vlákno.
Netuším jak se mi to svinstvo do compu dostalo, nicméně chová se to přesně tak, jak popsal již dříve (21.6.2014) nevimnonick. Takže mi v prohlížeči (Opera) vyskakovala nevyžádaná okna a ten zmetek na liště nešel vypnout. Když jsem se dočetl, co všechno to dělá, zkoušel jsem se toho zbavit. Avast nepomohl, různé malware odstraňující prográmky taky ne, tak jsem zkusil reinstal opery. Jenže ouha. Zjistil jsem, že ta mrcha zřejmě blokuje download jakéhokoli programu z netu. Takže nevěda si rady, jsem zazálohoval to nejdůležitější a zpustil combofix (maximální riziko, ale taky maximální zoufalství). Ikonka sice zmizela, ale problémy s nevyžádanou reklamou a otevíráním oken mám dál a stahovat soubory taky nemůžu.
Napadlo mě ale použít jiný účet a RSIT stáhnout přes něj a naštěstí to jde, takže Vám můžu poslat log a poprosit Vás o pomoc.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Jiří at 2014-08-12 11:28:43
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 312 GB (68%) free of 455 GB
Total RAM: 4030 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:28:50, on 12.8.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\WebSpades\bin\WebSpades.BrowserAdapter.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files\trend micro\Jiří.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... S_S2W9GLBD
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1 ... S_S2W9GLBD
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Jiří\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-21-3812448238-747251444-1740478444-501\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Guest\AppData\Roaming\Seznam.cz\szninstall.exe" -c (User 'Guest')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Manager - Motorola Solutions, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update WebSpades - Unknown owner - C:\Program Files (x86)\WebSpades\updateWebSpades.exe
O23 - Service: Util WebSpades - Unknown owner - C:\Program Files (x86)\WebSpades\bin\utilWebSpades.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15496 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
C:\windows\system32\svchost.exe -k NetworkService
atieclxx
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\ProgramData\IePluginServices\PluginService.exe -service
C:\windows\System32\spoolsv.exe
taskeng.exe {F37B0373-0E8A-44A4-BA4F-DAD96D2B3221}
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
"taskhost.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
C:\windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
C:\windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files (x86)\WebSpades\updateWebSpades.exe"
"C:\Program Files (x86)\WebSpades\bin\utilWebSpades.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Motorola\Bluetooth\obexsrv.exe"
WLIDSvcM.exe 1160
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files\Motorola\Bluetooth\audiosrv.exe"
"C:\Program Files (x86)\WebSpades\bin\WebSpades.PurBrowse64.exe" /l false /s false /c "WebSpades" /t "C:\Program Files (x86)\WebSpades\bin\TEMP" /i "http://apiwebspadesinfo-a.akamaihd.net/ ... 0000000000" /d {ed7eb956-75ed-460d-8f69-29a93b07afd1}w64 /p 91a2d575-42ae-4e60-aa81-faadfee7fb67:chrome /p da124206-5a9a-485e-a709-57551fa308e6:iexplore
\??\C:\windows\system32\conhost.exe "-1620873499-4812907031060106090-1675238770-388491522-1046821723-13327966891213223292
/c 91a2d575-42ae-4e60-aa81-faadfee7fb67 /i da124206-5a9a-485e-a709-57551fa308e6 /z "n=WebSpades&is=fmxqtcz&dpt=20"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Users\Guest\AppData\Local\Programs\Opera\opera.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSdkHelperx64.exe"
C:\windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\system32\DllHost.exe /Processid:{F62FDD2E-66D2-423B-9A04-F71EA00F892A}
"C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe"
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d69e2167-6013-4ed6-9c36-a1f5965cf39c -SystemEventPortName:HostProcess-d9705d9e-5d1f-463f-b867-80bf3947fe37 -IoCancelEventPortName:HostProcess-24750682-2cb4-4a9e-8e34-421aa11a89a1 -NonStateChangingEventPortName:HostProcess-0738cef6-ce4e-4d54-9d40-18e46d31d53e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:1cd30144-03fe-4920-9603-c4220004cab7 -DeviceGroupId:WpdFsGroup
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
atieclxx
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Windows\System32\rundll32.exe" "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
/c 91a2d575-42ae-4e60-aa81-faadfee7fb67 /i da124206-5a9a-485e-a709-57551fa308e6 /z "n=WebSpades&is=fmxqtcz&dpt=20"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSdkHelperx64.exe"
C:\windows\system32\igfxext.exe -Embedding
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 88D6BE83-9DD1-4EA6-8A9E-36E281B27947 -Reinvoke
C:\windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Jiří\Desktop\RSITx64.exe"
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\AutoKMS.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\HPCeeScheduleForHP$.job
C:\windows\tasks\HPCeeScheduleForJiří.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-03-09 6669000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-11-23 537576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-06 612248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-11-23 193512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll [2013-09-06 95648]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07 117248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-08-10 507904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-03-09 4171464]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-06 457712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{687578b9-7132-4a7a-80e4-30ee31099e03}
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-01-27 13880]
"BTMTrayAgent"=C:\Program Files\Motorola\Bluetooth\btmshell.dll [2011-02-16 21709904]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-09-01 167704]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-09-01 392472]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-09-01 416024]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-01-27 835072]
"MfeEpePcMonitor"=C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [2013-02-01 200704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"uTorrent"=C:\Users\Jiří\AppData\Roaming\uTorrent\uTorrent.exe [2014-07-03 1322832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Jiří\AppData\Roaming\Seznam.cz\szninstall.exe [2012-09-13 1009288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Jiří\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2012-12-19 92296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun]
c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Jiří\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-20 138096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\File Sanitizer]
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-02-07 12274688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Handy Updater]
C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP HD Webcam [Fixed]_Monitor]
C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe [2010-11-26 267128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPConnectionManager]
c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-09-05 184736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPQuickWebProxy]
c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-11-10 169528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7M\ICQ.exe [2012-07-09 127040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MfeEpePcMonitor]
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [2013-02-01 200704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 720064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-08-11 658424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-06-20 333728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21445248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-14 343168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-11 2774256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe [2009-11-18 275072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\386EB9~1.130\SSSCHE~1.EXE [2013-09-06 324320]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TotalMedia Server.lnk]
C:\PROGRA~2\ArcSoft\TOTALM~2\TOTALM~1\TMSERV~1.EXE [2010-12-20 519744]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-29 4085896]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-09-05 184736]
""= []
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-08-11 658424]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-09-01 390144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-03-09 6669000]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-03-09 4171464]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2014-08-12 11:21:56 ----D---- C:\rsit
2014-08-12 11:21:56 ----D---- C:\Program Files\trend micro
2014-08-12 11:16:50 ----SHD---- C:\$RECYCLE.BIN
2014-08-11 23:42:32 ----A---- C:\ComboFix.txt
2014-08-11 22:59:06 ----D---- C:\ComboFix
2014-08-11 19:17:21 ----A---- C:\windows\SYSWOW64\sho85DA.tmp
2014-08-11 14:42:50 ----A---- C:\autoexec.bat
2014-08-11 14:42:00 ----D---- C:\Program Files\Enigma Software Group
2014-08-11 14:40:39 ----D---- C:\windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-08-11 11:09:39 ----A---- C:\windows\system32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys
2014-08-10 22:50:01 ----D---- C:\ProgramData\IePluginServices
2014-08-10 22:49:51 ----D---- C:\Program Files (x86)\SupTab
2014-08-10 22:49:38 ----D---- C:\ProgramData\WindowsMangerProtect
2014-08-10 22:47:47 ----D---- C:\Program Files (x86)\WebSpades
======List of files/folders modified in the last 1 months======
2014-08-12 11:28:46 ----D---- C:\windows\temp
2014-08-12 11:21:56 ----D---- C:\Program Files
2014-08-12 11:17:08 ----D---- C:\Users\Jiří\AppData\Roaming\uTorrent
2014-08-12 11:16:43 ----D---- C:\windows\Prefetch
2014-08-12 11:13:20 ----D---- C:\windows\system32\config
2014-08-12 11:05:42 ----D---- C:\windows\system32\Tasks
2014-08-12 11:05:37 ----D---- C:\windows\Tasks
2014-08-12 11:05:09 ----A---- C:\windows\SYSWOW64\log.txt
2014-08-12 11:04:42 ----A---- C:\windows\win.ini
2014-08-12 11:03:10 ----D---- C:\ProgramData\PDFC
2014-08-12 00:40:26 ----SD---- C:\Users\Jiří\AppData\Roaming\Microsoft
2014-08-12 00:38:40 ----D---- C:\Users\Jiří\AppData\Roaming\Skype
2014-08-12 00:38:30 ----D---- C:\Users\Jiří\AppData\Roaming\ICQ
2014-08-12 00:03:29 ----D---- C:\Program Files (x86)\Opera
2014-08-11 23:42:36 ----D---- C:\windows\system32\drivers
2014-08-11 23:42:36 ----D---- C:\Qoobox
2014-08-11 23:37:18 ----D---- C:\Windows
2014-08-11 23:37:17 ----A---- C:\windows\system.ini
2014-08-11 23:37:08 ----D---- C:\windows\system32\drivers\etc
2014-08-11 23:19:39 ----D---- C:\windows\erdnt
2014-08-11 23:12:10 ----D---- C:\windows\SYSWOW64\drivers
2014-08-11 23:12:10 ----D---- C:\windows\SysWOW64
2014-08-11 23:12:10 ----D---- C:\windows\AppPatch
2014-08-11 23:12:04 ----D---- C:\Program Files (x86)\Common Files
2014-08-11 22:31:46 ----D---- C:\windows\System32
2014-08-11 22:31:46 ----D---- C:\windows\inf
2014-08-11 22:31:46 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-08-11 21:50:35 ----RD---- C:\Program Files (x86)
2014-08-11 19:38:48 ----D---- C:\Users\Jiří\AppData\Roaming\Malwarebytes
2014-08-11 19:38:48 ----D---- C:\ProgramData\Malwarebytes
2014-08-11 17:48:18 ----SHD---- C:\windows\Installer
2014-08-11 17:48:14 ----D---- C:\Config.Msi
2014-08-11 17:44:45 ----SHD---- C:\System Volume Information
2014-08-11 13:41:52 ----D---- C:\Users\Jiří\AppData\Roaming\vlc
2014-08-11 11:18:28 ----D---- C:\Program Files (x86)\Hewlett-Packard
2014-08-11 11:08:06 ----D---- C:\windows\system32\wdi
2014-08-10 22:50:01 ----D---- C:\ProgramData
2014-08-10 11:31:57 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-08-06 00:01:51 ----D---- C:\windows\system32\catroot2
2014-07-22 06:09:54 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-07-16 20:36:57 ----D---- C:\windows\system32\NDF
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-07-06 65776]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-07-06 224896]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 MfeEpeOpal;MfeEpeOpal; C:\windows\system32\drivers\MfeEpeOpal.sys [2013-02-01 101288]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2013-02-01 158888]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 ArcSec;ArcSec; C:\windows\system32\drivers\ArcSec.sys [2010-09-21 312184]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2014-07-06 93568]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2014-07-06 1041168]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2014-07-06 427360]
R1 F06DEFF2-5B9C-490D-910F-35D3A91196222;F06DEFF2-5B9C-490D-910F-35D3A91196222; \??\C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\x64\configmgrc1.cfg [2014-05-12 36224]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2014-07-06 29208]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2014-07-06 79184]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2014-07-06 92008]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-10-14 10496000]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-10-14 326656]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-23 283200]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\drivers\HpqKbFiltr.sys [2010-12-03 25912]
R3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-09-01 12306848]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2013-06-30 175928]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2013-06-23 708200]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver; C:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-07-19 1145448]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2011-02-12 2612728]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2011-01-27 520192]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2013-12-11 524016]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2012-01-02 80384]
S3 BTMCOM;Bluetooth Serial Port; C:\windows\System32\Drivers\btmcom.sys [2010-06-30 52736]
S3 BTMUSB;Motorola Bluetooth Radio Service; C:\windows\System32\Drivers\btmusb.sys [2011-02-09 486144]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-05-10 64312]
S3 Dot4;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\windows\system32\DRIVERS\ew_hwusbdev.sys []
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\windows\system32\DRIVERS\ew_usbenumfilter.sys []
S3 huawei_cdcacm;huawei_cdcacm; C:\windows\system32\DRIVERS\ew_jucdcacm.sys []
S3 huawei_enumerator;huawei_enumerator; C:\windows\system32\DRIVERS\ew_jubusenum.sys []
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\windows\system32\DRIVERS\ew_juextctrl.sys []
S3 huawei_wwanecm;huawei_wwanecm; C:\windows\system32\DRIVERS\ew_juwwanecm.sys []
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-09-01 12306848]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-10-14 204288]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-06 50344]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2011-02-16 680016]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 DpHost;@C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-11-10 486224]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2012-06-20 523680]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\windows\system32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-09-24 31040]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-08-10 694784]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-17 326168]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2013-02-01 1323008]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-08-11 1128952]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2011-01-27 296448]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
R2 Update WebSpades;Update WebSpades; C:\Program Files (x86)\WebSpades\updateWebSpades.exe [2014-08-11 323360]
R2 Util WebSpades;Util WebSpades; C:\Program Files (x86)\WebSpades\bin\utilWebSpades.exe [2014-08-11 323360]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2011-02-09 4151376]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2011-03-01 1189968]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-01-09 1028096]
R3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2009-07-14 27136]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-19 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-22 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-05-10 464440]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-01-09 647680]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-22 116648]
S3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-09-05 1420192]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-09-06 288776]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-03-09 30798512]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-22 262320]
S4 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
S4 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-02-07 320000]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Search protect, problémy s prohlížečem
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Search protect, problémy s prohlížečem
Zdravim 
Poprosim o log z ComboFixu (c:\combofix.txt)
Poprosim o log z ComboFixu (c:\combofix.txt)
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Search protect, problémy s prohlížečem
Ještě jednou zdravím a posílám
ComboFix 13-03-24.03 - Jiří 11.08.2014 23:03:38.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4030.2062 [GMT 2:00]
Spuštěný z: c:\users\Jiří\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
c:\windows\WindowsUpdate.log . . . . nemohl být smazán
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-11 do 2014-08-11 )))))))))))))))))))))))))))))))
.
.
2014-08-11 21:19 . 2014-08-11 21:19 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-08-11 21:19 . 2014-08-11 21:19 -------- d-----w- c:\users\JI4A0C~1\AppData\Local\temp
2014-08-11 21:19 . 2014-08-11 21:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-11 21:19 . 2014-08-11 21:19 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-08-11 17:17 . 2014-08-11 17:17 0 ----a-w- c:\windows\SysWow64\sho85DA.tmp
2014-08-11 12:42 . 2014-08-11 12:42 -------- d-----w- c:\program files\Enigma Software Group
2014-08-11 12:40 . 2014-08-11 15:48 -------- d-----w- c:\windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-08-11 12:40 . 2014-08-11 12:40 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2014-08-11 12:39 . 2014-08-11 21:32 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9B228FE1-256A-4AE4-A558-A57C4DC8DC01}\offreg.dll
2014-08-11 09:09 . 2014-08-09 11:19 61632 ----a-w- c:\windows\system32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys
2014-08-10 20:50 . 2014-08-10 20:50 -------- d-----w- c:\programdata\IePluginServices
2014-08-10 20:49 . 2014-08-10 20:50 -------- d-----w- c:\program files (x86)\SupTab
2014-08-10 20:49 . 2014-08-10 20:49 -------- d-----w- c:\programdata\WindowsMangerProtect
2014-08-10 20:47 . 2014-08-11 09:07 -------- d-----w- c:\program files (x86)\WebSpades
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-22 04:09 . 2012-07-09 13:23 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-22 04:09 . 2012-07-09 13:23 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-06 18:49 . 2013-07-11 20:50 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-07-06 18:48 . 2014-04-21 14:55 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-07-06 18:48 . 2014-03-19 11:10 92008 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-07-06 18:48 . 2013-07-11 20:50 1041168 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-07-06 18:48 . 2013-07-11 20:50 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-07-06 18:48 . 2013-07-11 20:50 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-07-06 18:48 . 2013-07-11 20:49 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-07-06 18:48 . 2013-07-11 20:49 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-07-06 18:48 . 2013-07-11 20:50 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-07-06 18:48 . 2014-07-06 18:48 43152 ----a-w- c:\windows\avastSS.scr
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
2014-03-11 21:36 1431712 ----a-w- c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
2014-08-10 20:49 507904 ----a-w- c:\program files (x86)\SupTab\SupTab.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"uTorrent"="c:\users\Jiří\AppData\Roaming\uTorrent\uTorrent.exe" [2014-07-03 1322832]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-29 4085896]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2012-09-05 184736]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-08-11 658424]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2011-05-09 23:43 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [2010-06-30 52736]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [2011-02-09 486144]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys [2011-05-09 64312]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe [2011-05-09 464440]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-09-05 1420192]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-26 111616]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-09-06 288776]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-09 1255736]
R4 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
R4 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-02-07 320000]
R4 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe [2011-03-07 62184]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S1 {ed7eb956-75ed-460d-8f69-29a93b07afd1}w64;{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64;c:\windows\system32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys [2014-08-09 61632]
S1 ArcSec;ArcSec;c:\windows\system32\drivers\ArcSec.sys [2010-09-21 312184]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-07-06 1041168]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-07-06 427360]
S1 F06DEFF2-5B9C-490D-910F-35D3A91196222;F06DEFF2-5B9C-490D-910F-35D3A91196222;c:\program files (x86)\Browser Tab Search by Ask\SafetyNut\x64\configmgrc1.cfg [2014-05-12 36224]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-10-14 204288]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-07-06 29208]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-07-06 79184]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-07-06 92008]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2011-02-16 680016]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2012-06-20 523680]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2012-09-24 31040]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
S2 IePluginServices;IePlugin Services;c:\programdata\IePluginServices\PluginService.exe [2014-08-10 694784]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2013-02-01 1323008]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-08-11 1128952]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
S2 Update WebSpades;Update WebSpades;c:\program files (x86)\WebSpades\updateWebSpades.exe [2014-08-11 323360]
S2 Util WebSpades;Util WebSpades;c:\program files (x86)\WebSpades\bin\utilWebSpades.exe [2014-08-11 323360]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2011-02-09 4151376]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2011-02-28 1189968]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-23 283200]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-01-08 1028096]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2011-09-01 12306848]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2013-06-30 175928]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2013-06-23 708200]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-07-19 1145448]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv_x64.sys [2011-02-12 2612728]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-19 10:29 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-08-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-09 04:09]
.
2014-08-11 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2012-09-24 12:35]
.
2014-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-22 17:27]
.
2014-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-22 17:27]
.
2014-07-31 c:\windows\Tasks\HPCeeScheduleForHP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
2014-08-11 c:\windows\Tasks\HPCeeScheduleForJiří.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
2014-03-11 21:30 1154720 ----a-w- c:\program files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-06 18:48 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-01-27 13880]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2011-02-16 21709904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-09-01 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-09-01 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-09-01 416024]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-27 835072]
"MfeEpePcMonitor"="c:\program files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" [2013-02-01 200704]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.istartsurf.com/?type=hp&ts=14077037 ... S_S2W9GLBD
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1407 ... earchTerms}
mDefault_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=14077037 ... S_S2W9GLBD
mDefault_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1407 ... earchTerms}
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
BHO-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
Toolbar-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-Torntv Downloader - c:\program files (x86)\TornTV.com\Torntv Downloader.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - (no file)
Toolbar-10 - (no file)
AddRemove-bi_uninstaller - c:\users\Jiří\Local Settings\Application Data\Bundled software uninstaller\bi_client.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\F06DEFF2-5B9C-490D-910F-35D3A91196222]
"ImagePath"="\??\c:\program files (x86)\Browser Tab Search by Ask\SafetyNut\x64\configmgrc1.cfg"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3812448238-747251444-1740478444-1002\Software\SecuROM\License information*]
"datasecu"=hex:59,31,36,cd,07,09,16,e0,3d,03,e4,60,10,01,01,34,37,05,57,2b,0a,
c7,f6,eb,74,ed,71,7f,02,b2,16,16,41,98,7b,5f,b2,67,eb,e0,a9,fd,88,58,19,21,\
"rkeysecu"=hex:90,ce,5e,06,79,88,10,8c,4e,15,8b,f6,c0,ee,b4,a4
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\users\Jic:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\program files (x86)\WebSpades\bin\WebSpades.BrowserAdapter.exe
.
**************************************************************************
.
Celkový čas: 2014-08-11 23:42:32 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-08-11 21:42
ComboFix2.txt 2013-03-25 10:26
ComboFix3.txt 2013-03-25 09:16
.
Před spuštěním: Volných bajtů: 325 060 927 488
Po spuštění: Volných bajtů: 326 864 269 312
.
- - End Of File - - E76A3FF425759F73B9F55348238F85FA
ComboFix 13-03-24.03 - Jiří 11.08.2014 23:03:38.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4030.2062 [GMT 2:00]
Spuštěný z: c:\users\Jiří\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
c:\windows\WindowsUpdate.log . . . . nemohl být smazán
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-11 do 2014-08-11 )))))))))))))))))))))))))))))))
.
.
2014-08-11 21:19 . 2014-08-11 21:19 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-08-11 21:19 . 2014-08-11 21:19 -------- d-----w- c:\users\JI4A0C~1\AppData\Local\temp
2014-08-11 21:19 . 2014-08-11 21:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-11 21:19 . 2014-08-11 21:19 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-08-11 17:17 . 2014-08-11 17:17 0 ----a-w- c:\windows\SysWow64\sho85DA.tmp
2014-08-11 12:42 . 2014-08-11 12:42 -------- d-----w- c:\program files\Enigma Software Group
2014-08-11 12:40 . 2014-08-11 15:48 -------- d-----w- c:\windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-08-11 12:40 . 2014-08-11 12:40 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2014-08-11 12:39 . 2014-08-11 21:32 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9B228FE1-256A-4AE4-A558-A57C4DC8DC01}\offreg.dll
2014-08-11 09:09 . 2014-08-09 11:19 61632 ----a-w- c:\windows\system32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys
2014-08-10 20:50 . 2014-08-10 20:50 -------- d-----w- c:\programdata\IePluginServices
2014-08-10 20:49 . 2014-08-10 20:50 -------- d-----w- c:\program files (x86)\SupTab
2014-08-10 20:49 . 2014-08-10 20:49 -------- d-----w- c:\programdata\WindowsMangerProtect
2014-08-10 20:47 . 2014-08-11 09:07 -------- d-----w- c:\program files (x86)\WebSpades
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-22 04:09 . 2012-07-09 13:23 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-22 04:09 . 2012-07-09 13:23 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-06 18:49 . 2013-07-11 20:50 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-07-06 18:48 . 2014-04-21 14:55 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-07-06 18:48 . 2014-03-19 11:10 92008 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-07-06 18:48 . 2013-07-11 20:50 1041168 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-07-06 18:48 . 2013-07-11 20:50 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-07-06 18:48 . 2013-07-11 20:50 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-07-06 18:48 . 2013-07-11 20:49 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-07-06 18:48 . 2013-07-11 20:49 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-07-06 18:48 . 2013-07-11 20:50 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-07-06 18:48 . 2014-07-06 18:48 43152 ----a-w- c:\windows\avastSS.scr
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
2014-03-11 21:36 1431712 ----a-w- c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
2014-08-10 20:49 507904 ----a-w- c:\program files (x86)\SupTab\SupTab.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"uTorrent"="c:\users\Jiří\AppData\Roaming\uTorrent\uTorrent.exe" [2014-07-03 1322832]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-29 4085896]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2012-09-05 184736]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-08-11 658424]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2011-05-09 23:43 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [2010-06-30 52736]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [2011-02-09 486144]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys [2011-05-09 64312]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe [2011-05-09 464440]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-09-05 1420192]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-26 111616]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-09-06 288776]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-09 1255736]
R4 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
R4 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-02-07 320000]
R4 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe [2011-03-07 62184]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S1 {ed7eb956-75ed-460d-8f69-29a93b07afd1}w64;{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64;c:\windows\system32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys [2014-08-09 61632]
S1 ArcSec;ArcSec;c:\windows\system32\drivers\ArcSec.sys [2010-09-21 312184]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-07-06 1041168]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-07-06 427360]
S1 F06DEFF2-5B9C-490D-910F-35D3A91196222;F06DEFF2-5B9C-490D-910F-35D3A91196222;c:\program files (x86)\Browser Tab Search by Ask\SafetyNut\x64\configmgrc1.cfg [2014-05-12 36224]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-10-14 204288]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-07-06 29208]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-07-06 79184]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-07-06 92008]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2011-02-16 680016]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2012-06-20 523680]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2012-09-24 31040]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
S2 IePluginServices;IePlugin Services;c:\programdata\IePluginServices\PluginService.exe [2014-08-10 694784]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2013-02-01 1323008]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-08-11 1128952]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
S2 Update WebSpades;Update WebSpades;c:\program files (x86)\WebSpades\updateWebSpades.exe [2014-08-11 323360]
S2 Util WebSpades;Util WebSpades;c:\program files (x86)\WebSpades\bin\utilWebSpades.exe [2014-08-11 323360]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2011-02-09 4151376]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2011-02-28 1189968]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-23 283200]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-01-08 1028096]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2011-09-01 12306848]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2013-06-30 175928]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2013-06-23 708200]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-07-19 1145448]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv_x64.sys [2011-02-12 2612728]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-19 10:29 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-08-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-09 04:09]
.
2014-08-11 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2012-09-24 12:35]
.
2014-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-22 17:27]
.
2014-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-22 17:27]
.
2014-07-31 c:\windows\Tasks\HPCeeScheduleForHP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
2014-08-11 c:\windows\Tasks\HPCeeScheduleForJiří.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
2014-03-11 21:30 1154720 ----a-w- c:\program files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-06 18:48 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-01-27 13880]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2011-02-16 21709904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-09-01 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-09-01 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-09-01 416024]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-27 835072]
"MfeEpePcMonitor"="c:\program files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" [2013-02-01 200704]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.istartsurf.com/?type=hp&ts=14077037 ... S_S2W9GLBD
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1407 ... earchTerms}
mDefault_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=14077037 ... S_S2W9GLBD
mDefault_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1407 ... earchTerms}
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
BHO-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
Toolbar-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-Torntv Downloader - c:\program files (x86)\TornTV.com\Torntv Downloader.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - (no file)
Toolbar-10 - (no file)
AddRemove-bi_uninstaller - c:\users\Jiří\Local Settings\Application Data\Bundled software uninstaller\bi_client.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\F06DEFF2-5B9C-490D-910F-35D3A91196222]
"ImagePath"="\??\c:\program files (x86)\Browser Tab Search by Ask\SafetyNut\x64\configmgrc1.cfg"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3812448238-747251444-1740478444-1002\Software\SecuROM\License information*]
"datasecu"=hex:59,31,36,cd,07,09,16,e0,3d,03,e4,60,10,01,01,34,37,05,57,2b,0a,
c7,f6,eb,74,ed,71,7f,02,b2,16,16,41,98,7b,5f,b2,67,eb,e0,a9,fd,88,58,19,21,\
"rkeysecu"=hex:90,ce,5e,06,79,88,10,8c,4e,15,8b,f6,c0,ee,b4,a4
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\users\Jic:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\program files (x86)\WebSpades\bin\WebSpades.BrowserAdapter.exe
.
**************************************************************************
.
Celkový čas: 2014-08-11 23:42:32 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-08-11 21:42
ComboFix2.txt 2013-03-25 10:26
ComboFix3.txt 2013-03-25 09:16
.
Před spuštěním: Volných bajtů: 325 060 927 488
Po spuštění: Volných bajtů: 326 864 269 312
.
- - End Of File - - E76A3FF425759F73B9F55348238F85FA
Re: Search protect, problémy s prohlížečem
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Search protect, problémy s prohlížečem
Chtěl bych se zeptat, vzhledem k tomu, že na počítači mám 3 účty, jestli je potřeba daný proces opakovat pro každý účet, nebo zda je to potřeba pouze u účtu, na kterém proběhlo stažení škodlivého programu?
# AdwCleaner v3.304 - Report created 12/08/2014 at 22:49:37
# Updated 08/08/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Jiří - HP
# Running from : C:\Users\Jiří\Desktop\adwcleaner_3.304.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A91196222
Service Deleted : IePluginServices
[#] Service Deleted : Update WebSpades
[#] Service Deleted : Util WebSpades
Service Deleted : {ed7eb956-75ed-460d-8f69-29a93b07afd1}w64
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\SafetyNut
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\Program Files (x86)\Browser Tab Search by Ask
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DownLite
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Program Files (x86)\Unitech LLC
[!] Folder Deleted : C:\Program Files (x86)\WebSpades
Folder Deleted : C:\Program Files (x86)\WinZipper
Folder Deleted : C:\Program Files (x86)\uTorrentControl2
[!] Folder Deleted : C:\Program Files (x86)\WebSpades
Folder Deleted : C:\Program Files (x86)\Common Files\337
Folder Deleted : C:\Users\Guest\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Guest\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Guest\AppData\LocalLow\uTorrentControl2
Folder Deleted : C:\Users\Jiří\AppData\Local\Conduit
Folder Deleted : C:\Users\Jiří\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Jiří\AppData\LocalLow\uTorrentControl2
Folder Deleted : C:\Users\Jiří\AppData\Roaming\337
Folder Deleted : C:\Users\Jiří\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Jiří\AppData\Roaming\eIntaller
Folder Deleted : C:\Users\Jiří\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Jiří\AppData\Roaming\Unitech LLC
Folder Deleted : C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
File Deleted : C:\windows\System32\roboot64.exe
File Deleted : C:\windows\System32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys
File Deleted : C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage
File Deleted : C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal
File Deleted : C:\Users\Zaloha\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Zaloha\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : BrowserProtect
Task Deleted : Desk 365 RunAsStdUser
Task Deleted : Omiga Plus RunAsStdUser
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Jiří\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Jiří\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Jiří\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Jiří\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Opera.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKCU\Software\9578cdab26ae840
Key Deleted : HKLM\SOFTWARE\9578cdab26ae840
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_fifa-12_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_fifa-12_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_medieval_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_medieval_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{685F23D9-FCFD-475C-B56A-362645945C5A}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FA2FDDBC-7EA1-40A1-8CBF-B58003BFFCBB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49F5155F-B8B4-4671-9542-6B0FAC3A02C6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\SafetyNut
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\Unitech LLC
Key Deleted : HKCU\Software\WebSpades
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl2
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Desksvc
Key Deleted : HKLM\Software\hdcode
Key Deleted : HKLM\Software\omigaplusSvc
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SafetyNut
Key Deleted : HKLM\Software\SupDp
Key Deleted : HKLM\Software\SupTab
Key Deleted : HKLM\Software\supWindowsMangerProtect
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\Unitech LLC
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\Software\WebSpades
Key Deleted : HKLM\Software\winzipersvc
Key Deleted : HKLM\Software\uTorrentControl2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebSpades
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Google Chrome v36.0.1985.125
[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://isearch.babylon.com/?q={searchTerms}&affID=120328&babsrc=SP_ss&mntrId=BAB3AC8112E3AE94
Deleted [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&a ... 8112E3AE94
Deleted [Search Provider] : hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=ST9500325AS_S2W9GLBD&ts=1376249384&type=default&q={searchTerms}
Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=209&systemid=488&v=a12627-356&apn_uid=1596126521664644&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}
Deleted [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1407 ... earchTerms}
Deleted [Startup_urls] : hxxp://www.istartsurf.com/?type=hp&ts=14077037 ... S_S2W9GLBD
Deleted [Homepage] : hxxp://www.istartsurf.com/?type=hp&ts=14077037 ... S_S2W9GLBD
Deleted [Extension] : dhkplhfnhceodhffomolpfigojocbpcb
Deleted [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma
[ File : C:\Users\Zaloha\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [17672 octets] - [12/08/2014 22:47:24]
AdwCleaner[S0].txt - [14855 octets] - [12/08/2014 22:49:37]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14916 octets] ##########
# AdwCleaner v3.304 - Report created 12/08/2014 at 22:49:37
# Updated 08/08/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Jiří - HP
# Running from : C:\Users\Jiří\Desktop\adwcleaner_3.304.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A91196222
Service Deleted : IePluginServices
[#] Service Deleted : Update WebSpades
[#] Service Deleted : Util WebSpades
Service Deleted : {ed7eb956-75ed-460d-8f69-29a93b07afd1}w64
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\SafetyNut
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\Program Files (x86)\Browser Tab Search by Ask
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DownLite
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Program Files (x86)\Unitech LLC
[!] Folder Deleted : C:\Program Files (x86)\WebSpades
Folder Deleted : C:\Program Files (x86)\WinZipper
Folder Deleted : C:\Program Files (x86)\uTorrentControl2
[!] Folder Deleted : C:\Program Files (x86)\WebSpades
Folder Deleted : C:\Program Files (x86)\Common Files\337
Folder Deleted : C:\Users\Guest\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Guest\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Guest\AppData\LocalLow\uTorrentControl2
Folder Deleted : C:\Users\Jiří\AppData\Local\Conduit
Folder Deleted : C:\Users\Jiří\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Jiří\AppData\LocalLow\uTorrentControl2
Folder Deleted : C:\Users\Jiří\AppData\Roaming\337
Folder Deleted : C:\Users\Jiří\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Jiří\AppData\Roaming\eIntaller
Folder Deleted : C:\Users\Jiří\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Jiří\AppData\Roaming\Unitech LLC
Folder Deleted : C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
File Deleted : C:\windows\System32\roboot64.exe
File Deleted : C:\windows\System32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys
File Deleted : C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage
File Deleted : C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal
File Deleted : C:\Users\Zaloha\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Zaloha\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : BrowserProtect
Task Deleted : Desk 365 RunAsStdUser
Task Deleted : Omiga Plus RunAsStdUser
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Jiří\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Jiří\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Jiří\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Jiří\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Opera.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKCU\Software\9578cdab26ae840
Key Deleted : HKLM\SOFTWARE\9578cdab26ae840
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_fifa-12_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_fifa-12_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_medieval_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_medieval_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{685F23D9-FCFD-475C-B56A-362645945C5A}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FA2FDDBC-7EA1-40A1-8CBF-B58003BFFCBB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49F5155F-B8B4-4671-9542-6B0FAC3A02C6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\SafetyNut
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\Unitech LLC
Key Deleted : HKCU\Software\WebSpades
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl2
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Desksvc
Key Deleted : HKLM\Software\hdcode
Key Deleted : HKLM\Software\omigaplusSvc
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SafetyNut
Key Deleted : HKLM\Software\SupDp
Key Deleted : HKLM\Software\SupTab
Key Deleted : HKLM\Software\supWindowsMangerProtect
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\Unitech LLC
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\Software\WebSpades
Key Deleted : HKLM\Software\winzipersvc
Key Deleted : HKLM\Software\uTorrentControl2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebSpades
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Google Chrome v36.0.1985.125
[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://isearch.babylon.com/?q={searchTerms}&affID=120328&babsrc=SP_ss&mntrId=BAB3AC8112E3AE94
Deleted [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&a ... 8112E3AE94
Deleted [Search Provider] : hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=ST9500325AS_S2W9GLBD&ts=1376249384&type=default&q={searchTerms}
Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=209&systemid=488&v=a12627-356&apn_uid=1596126521664644&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}
Deleted [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1407 ... earchTerms}
Deleted [Startup_urls] : hxxp://www.istartsurf.com/?type=hp&ts=14077037 ... S_S2W9GLBD
Deleted [Homepage] : hxxp://www.istartsurf.com/?type=hp&ts=14077037 ... S_S2W9GLBD
Deleted [Extension] : dhkplhfnhceodhffomolpfigojocbpcb
Deleted [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma
[ File : C:\Users\Zaloha\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [17672 octets] - [12/08/2014 22:47:24]
AdwCleaner[S0].txt - [14855 octets] - [12/08/2014 22:49:37]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14916 octets] ##########
Re: Search protect, problémy s prohlížečem
V poradku, staci na jednom, nejlepe ten napadeny Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; emptyclsid; iedefaults; FFdefaults; CHRdefaults; emptyalltemp; resethosts;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Search protect, problémy s prohlížečem
Zoek.exe v5.0.0.0 Updated 11-August-2014
Tool run by Jiýˇ on st 13.08.2014 at 14:25:26,95.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\JI10BB~1\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
13.8.2014 14:27:16 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3812448238-747251444-1740478444-1002\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} deleted successfully
HKEY_USERS\S-1-5-21-3812448238-747251444-1740478444-1002\Software\Microsoft\Internet Explorer\SearchScopes\{C188AC59-6622-4165-BB3D-731D9F470CCE} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-3812448238-747251444-1740478444-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully
HKEY_USERS\S-1-5-21-3812448238-747251444-1740478444-501\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully
==== Deleting Services ======================
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Opera\shell\open\command]
@="C:\\Program Files (x86)\\Opera\\Opera.exe"
==== Deleting Files \ Folders ======================
C:\PROGRA~2\WebSpades deleted
C:\windows\Syswow64\sho1F49.tmp deleted
C:\windows\Syswow64\sho29A4.tmp deleted
C:\windows\Syswow64\sho2DB4.tmp deleted
C:\windows\Syswow64\sho3AB7.tmp deleted
C:\windows\Syswow64\sho4F67.tmp deleted
C:\windows\Syswow64\sho5322.tmp deleted
C:\windows\Syswow64\sho547A.tmp deleted
C:\windows\Syswow64\sho588D.tmp deleted
C:\windows\Syswow64\sho59E2.tmp deleted
C:\windows\Syswow64\sho6010.tmp deleted
C:\windows\Syswow64\sho63DC.tmp deleted
C:\windows\Syswow64\sho6694.tmp deleted
C:\windows\Syswow64\sho80F3.tmp deleted
C:\windows\Syswow64\sho8400.tmp deleted
C:\windows\Syswow64\sho85DA.tmp deleted
C:\windows\Syswow64\sho8BCA.tmp deleted
C:\windows\Syswow64\sho9240.tmp deleted
C:\windows\Syswow64\sho951E.tmp deleted
C:\windows\Syswow64\shoB9BF.tmp deleted
C:\windows\Syswow64\shoC24A.tmp deleted
C:\windows\Syswow64\shoDA6D.tmp deleted
C:\windows\Syswow64\shoDD46.tmp deleted
C:\windows\Syswow64\shoE68E.tmp deleted
C:\windows\Syswow64\shoFAD1.tmp deleted
C:\windows\Syswow64\InstallUtil.InstallLog deleted
C:\windows\SysWow64\searchplugins deleted
C:\windows\SysWow64\Extensions deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06.07.2014 20:48]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [30.07.2012 17:01]
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[06.07.2014 20:48]
Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\eibfgbclmgnmffinenpipoibfdoblond
Seznam Li\u0161ti\u010Dka - Email - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkfpcckoflkdgjdobdkpclgngaahgbpi
Seznam Li\u0161ti\u010Dka - Slovn\u00EDk - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghoooididkjbjjldgojdgceoinbhbjmh
Seznam Li\u0161ti\u010Dka - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lelcohngbjgpiibagnfmncojacafbbpg
Docs - Zaloha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
avast Online Security - Zaloha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Chromium Startpages ======================
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.seznam.cz/?clid=13415",
C:\Users\Zaloha\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com/",
==== Chrome Fix ======================
C:\Users\Zaloha\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.istartsurf.com_0.localstorage deleted successfully
C:\Users\Zaloha\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.istartsurf.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... d=ie7&rlz="
{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} Bing Url="http://www.bing.com/search?q={searchTer ... -SearchBox"
==== Reset Google Chrome ======================
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Zaloha\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Zaloha\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Handy Updater deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Zaloha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Zaloha\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache is not empty, a reboot is needed
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=33 folders=4 1288350 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Guest\AppData\Local\temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\Zaloha\AppData\Local\temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\JI10BB~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Guest\AppData\Local\temp\FXSAPIDebugLogFile.txt" not found
"C:\Users\Guest\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ULXTDU8Z\bbcdn-bbnaut.ibillboard.com" not found
==== EOF on st 13.08.2014 at 14:51:28,02 ======================
Tool run by Jiýˇ on st 13.08.2014 at 14:25:26,95.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\JI10BB~1\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
13.8.2014 14:27:16 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3812448238-747251444-1740478444-1002\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} deleted successfully
HKEY_USERS\S-1-5-21-3812448238-747251444-1740478444-1002\Software\Microsoft\Internet Explorer\SearchScopes\{C188AC59-6622-4165-BB3D-731D9F470CCE} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-3812448238-747251444-1740478444-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully
HKEY_USERS\S-1-5-21-3812448238-747251444-1740478444-501\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully
==== Deleting Services ======================
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Opera\shell\open\command]
@="C:\\Program Files (x86)\\Opera\\Opera.exe"
==== Deleting Files \ Folders ======================
C:\PROGRA~2\WebSpades deleted
C:\windows\Syswow64\sho1F49.tmp deleted
C:\windows\Syswow64\sho29A4.tmp deleted
C:\windows\Syswow64\sho2DB4.tmp deleted
C:\windows\Syswow64\sho3AB7.tmp deleted
C:\windows\Syswow64\sho4F67.tmp deleted
C:\windows\Syswow64\sho5322.tmp deleted
C:\windows\Syswow64\sho547A.tmp deleted
C:\windows\Syswow64\sho588D.tmp deleted
C:\windows\Syswow64\sho59E2.tmp deleted
C:\windows\Syswow64\sho6010.tmp deleted
C:\windows\Syswow64\sho63DC.tmp deleted
C:\windows\Syswow64\sho6694.tmp deleted
C:\windows\Syswow64\sho80F3.tmp deleted
C:\windows\Syswow64\sho8400.tmp deleted
C:\windows\Syswow64\sho85DA.tmp deleted
C:\windows\Syswow64\sho8BCA.tmp deleted
C:\windows\Syswow64\sho9240.tmp deleted
C:\windows\Syswow64\sho951E.tmp deleted
C:\windows\Syswow64\shoB9BF.tmp deleted
C:\windows\Syswow64\shoC24A.tmp deleted
C:\windows\Syswow64\shoDA6D.tmp deleted
C:\windows\Syswow64\shoDD46.tmp deleted
C:\windows\Syswow64\shoE68E.tmp deleted
C:\windows\Syswow64\shoFAD1.tmp deleted
C:\windows\Syswow64\InstallUtil.InstallLog deleted
C:\windows\SysWow64\searchplugins deleted
C:\windows\SysWow64\Extensions deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06.07.2014 20:48]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [30.07.2012 17:01]
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[06.07.2014 20:48]
Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\eibfgbclmgnmffinenpipoibfdoblond
Seznam Li\u0161ti\u010Dka - Email - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkfpcckoflkdgjdobdkpclgngaahgbpi
Seznam Li\u0161ti\u010Dka - Slovn\u00EDk - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghoooididkjbjjldgojdgceoinbhbjmh
Seznam Li\u0161ti\u010Dka - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lelcohngbjgpiibagnfmncojacafbbpg
Docs - Zaloha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
avast Online Security - Zaloha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Chromium Startpages ======================
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.seznam.cz/?clid=13415",
C:\Users\Zaloha\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com/",
==== Chrome Fix ======================
C:\Users\Zaloha\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.istartsurf.com_0.localstorage deleted successfully
C:\Users\Zaloha\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.istartsurf.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... d=ie7&rlz="
{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} Bing Url="http://www.bing.com/search?q={searchTer ... -SearchBox"
==== Reset Google Chrome ======================
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Zaloha\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Zaloha\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Handy Updater deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Zaloha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Zaloha\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache is not empty, a reboot is needed
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=33 folders=4 1288350 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Guest\AppData\Local\temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\Zaloha\AppData\Local\temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\JI10BB~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Guest\AppData\Local\temp\FXSAPIDebugLogFile.txt" not found
"C:\Users\Guest\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ULXTDU8Z\bbcdn-bbnaut.ibillboard.com" not found
==== EOF on st 13.08.2014 at 14:51:28,02 ======================
Re: Search protect, problémy s prohlížečem
Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Search protect, problémy s prohlížečem
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-08-2014 01
Ran by Jiří (administrator) on HP on 14-08-2014 11:01:51
Running from C:\Users\Jiří\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (IDT, Inc.)
HKLM\...\Run: [MfeEpePcMonitor] => C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2013-02-01] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-29] (AVAST Software)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [184736 2012-09-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-11] (PDF Complete Inc)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-3812448238-747251444-1740478444-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3812448238-747251444-1740478444-1002\...\Run: [uTorrent] => "C:\Users\JiYí\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Jiří\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-07-30]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2014-02-23]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-07-11]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR NewTab: "chrome-extension://pelmeidfhdlhlbjimpabfcbnnojbboma/index.html"
CHR DefaultSearchKeyword: istartsurf
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Delta Toolbar) - C:\Users\Ji\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\DeltaChromeToolbar.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Ji\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Seznam Lištička - Email) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2013-02-19]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2013-02-19]
CHR Extension: (AdBlock) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-04]
CHR Extension: (Peněženka Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-22]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2013-02-19]
CHR Extension: (No Name) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-08-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-06]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-06] (AVAST Software)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [486224 2011-11-10] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464440 2011-05-10] (Hewlett-Packard Company)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2012-01-09] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2012-01-09] (Macrovision Europe Ltd.) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S4 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
S4 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320000 2011-02-07] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [523680 2012-06-20] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-11] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S4 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 ArcSec; C:\Windows\System32\drivers\ArcSec.sys [312184 2010-09-21] ()
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-06] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-06] ()
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64312 2011-05-10] (Hewlett-Packard Company)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-23] (DT Soft Ltd)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc.)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2612728 2011-02-12] (Sunplus Technology)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-14 11:01 - 2014-08-14 11:03 - 00023530 _____ () C:\Users\Jiří\Desktop\FRST.txt
2014-08-14 10:57 - 2014-08-14 10:57 - 02100224 _____ (Farbar) C:\Users\Jiří\Desktop\FRST64.exe
2014-08-14 10:56 - 2014-08-14 11:01 - 00000000 ____D () C:\FRST
2014-08-13 19:03 - 2014-08-13 19:03 - 13168336 _____ (Opera Software ASA) C:\Users\Jiří\Downloads\Opera_12.14 (2).exe
2014-08-13 19:02 - 2014-08-13 19:02 - 00001841 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 12.17 1863.lnk
2014-08-13 19:02 - 2014-08-13 19:02 - 00001829 _____ () C:\Users\Public\Desktop\Opera 12.17 1863.lnk
2014-08-13 19:00 - 2014-08-13 19:00 - 13168336 _____ (Opera Software ASA) C:\Users\Jiří\Downloads\Opera_12.14 (1).exe
2014-08-13 18:59 - 2014-08-13 18:59 - 00003804 _____ () C:\windows\System32\Tasks\Opera scheduled Autoupdate 1407949179
2014-08-13 18:59 - 2014-08-13 18:59 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-08-13 18:57 - 2014-08-13 18:57 - 00011773 _____ () C:\Users\Jiří\Desktop\zoek-results.txt
2014-08-13 14:45 - 2014-08-13 14:25 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-08-13 14:26 - 2014-08-13 14:51 - 00011773 _____ () C:\zoek-results.log
2014-08-13 14:21 - 2014-08-13 14:41 - 00000000 ____D () C:\zoek_backup
2014-08-13 14:21 - 2014-08-13 14:20 - 01288704 _____ () C:\Users\Jiří\Desktop\zoek.exe
2014-08-13 14:20 - 2014-08-13 14:20 - 01288704 _____ () C:\Users\Jiří\Downloads\zoek.exe
2014-08-13 14:18 - 2014-08-13 14:18 - 00000000 __SHD () C:\Users\Jiří\AppData\Local\EmieUserList
2014-08-13 14:18 - 2014-08-13 14:18 - 00000000 __SHD () C:\Users\Jiří\AppData\Local\EmieSiteList
2014-08-13 14:12 - 2014-08-13 14:12 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieUserList
2014-08-13 14:12 - 2014-08-13 14:12 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieSiteList
2014-08-13 03:00 - 2014-05-08 06:57 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-08-13 03:00 - 2014-05-08 06:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-08-13 02:46 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-08-13 02:46 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-08-13 02:46 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-08-13 02:46 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-08-13 02:46 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-08-13 02:46 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-08-13 02:46 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-08-13 02:46 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-08-13 02:46 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-08-13 02:46 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-08-13 02:46 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-08-13 02:46 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-08-13 02:46 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-08-13 02:46 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-08-13 02:46 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-08-13 02:46 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-08-13 02:46 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-08-13 02:46 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-08-13 02:46 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-08-13 02:46 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 02:46 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-08-13 02:46 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-08-13 02:46 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-08-13 02:46 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-08-13 02:46 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-08-13 02:46 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-08-13 02:46 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-08-13 02:46 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-08-13 02:46 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-08-13 02:46 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 02:46 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-08-13 02:46 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-08-13 02:46 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-08-13 02:46 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-08-13 02:46 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-08-13 02:45 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-08-13 02:45 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-08-13 02:45 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-08-13 02:45 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-08-13 02:45 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-08-13 02:45 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-08-13 02:45 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-08-13 02:45 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-08-13 02:45 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-08-13 02:45 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-08-13 02:45 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-08-13 02:45 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-08-13 02:45 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-08-12 22:59 - 2014-08-12 22:59 - 00015037 _____ () C:\Users\Jiří\Desktop\AdwCleaner[S0].txt
2014-08-12 22:52 - 2014-08-13 14:46 - 00006268 _____ () C:\windows\PFRO.log
2014-08-12 22:49 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-08-12 22:47 - 2014-08-12 22:50 - 00000000 ____D () C:\AdwCleaner
2014-08-12 22:47 - 2014-08-12 22:43 - 01366203 _____ () C:\Users\Jiří\Desktop\adwcleaner_3.304.exe
2014-08-12 22:43 - 2014-08-12 22:43 - 01366203 _____ () C:\Users\Guest\Desktop\adwcleaner_3.304.exe
2014-08-12 16:46 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-08-12 16:46 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-08-12 16:46 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-08-12 16:46 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-08-12 16:46 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-08-12 16:46 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-08-12 16:46 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-08-12 16:46 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-08-12 16:46 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-08-12 16:46 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-08-12 16:46 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-08-12 16:46 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-08-12 16:46 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-08-12 16:46 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2014-08-12 16:46 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2014-08-12 16:46 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2014-08-12 16:46 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2014-08-12 16:46 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-08-12 16:46 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2014-08-12 16:46 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-08-12 16:44 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-08-12 15:42 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-08-12 15:42 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-08-12 15:42 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-08-12 15:41 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-08-12 15:41 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2014-08-12 15:40 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-08-12 15:40 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-08-12 15:40 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2014-08-12 15:40 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2014-08-12 15:40 - 2014-01-01 01:05 - 00420008 _____ () C:\windows\SysWOW64\locale.nls
2014-08-12 15:40 - 2014-01-01 01:04 - 00420008 _____ () C:\windows\system32\locale.nls
2014-08-12 15:39 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-08-12 15:39 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-08-12 15:39 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-08-12 15:39 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-08-12 15:39 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-08-12 15:39 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-08-12 15:39 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-08-12 15:39 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-08-12 15:38 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-08-12 15:38 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-08-12 15:38 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-12 15:38 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2014-08-12 15:38 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2014-08-12 15:38 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2014-08-12 15:38 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2014-08-12 15:38 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-08-12 15:38 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2014-08-12 15:38 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2014-08-12 15:38 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2014-08-12 15:38 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2014-08-12 15:38 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll
2014-08-12 15:38 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll
2014-08-12 15:38 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll
2014-08-12 15:38 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll
2014-08-12 15:38 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-08-12 15:38 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe
2014-08-12 15:38 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe
2014-08-12 15:38 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe
2014-08-12 15:38 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe
2014-08-12 15:37 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-08-12 15:37 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-08-12 15:37 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-08-12 15:35 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-08-12 15:35 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-08-12 15:35 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-08-12 15:35 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-08-12 15:35 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-08-12 15:35 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-08-12 15:35 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-08-12 15:35 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-08-12 15:35 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-08-12 15:35 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-08-12 15:35 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-08-12 15:35 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-08-12 15:35 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-08-12 15:35 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-08-12 15:35 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-08-12 15:35 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-08-12 15:35 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-08-12 15:35 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-08-12 15:35 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2014-08-12 15:34 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-08-12 15:34 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-08-12 15:34 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-08-12 15:34 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-08-12 15:34 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-08-12 15:34 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-08-12 15:34 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-08-12 15:34 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-08-12 15:34 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-08-12 15:34 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-08-12 15:34 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-08-12 15:34 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2014-08-12 15:34 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2014-08-12 15:34 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2014-08-12 15:34 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2014-08-12 15:34 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-08-12 15:34 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2014-08-12 15:34 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2014-08-12 15:34 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2014-08-12 15:34 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2014-08-12 15:33 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-08-12 15:33 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-08-12 15:00 - 2014-08-12 15:00 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\Macromedia
2014-08-12 13:37 - 2014-08-12 13:41 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\Hewlett-Packard
2014-08-12 13:37 - 2014-08-12 13:37 - 00115688 _____ () C:\Users\Zaloha\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-12 13:37 - 2014-08-12 13:37 - 00001353 _____ () C:\Users\Zaloha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\Documents\Moje přijaté soubory
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\Intel Corporation
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\hpqLog
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\AVAST Software
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\Adobe
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Local\PDFC
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Local\Google
2014-08-12 13:36 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Šablony
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Soubory cookie
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Poslední
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Okolní tiskárny
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Okolní síť
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Nabídka Start
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Dokumenty
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Documents\Obrázky
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Documents\Hudba
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Documents\Filmy
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Data aplikací
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\AppData\Local\Data aplikací
2014-08-12 13:36 - 2012-07-27 01:18 - 00000000 ____D () C:\Users\Zaloha\AppData\Local\Microsoft Help
2014-08-12 13:36 - 2011-02-11 07:19 - 00000020 ___SH () C:\Users\Zaloha\ntuser.ini
2014-08-12 13:36 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Zaloha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-12 13:36 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Zaloha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-12 11:21 - 2014-08-12 11:28 - 00000000 ____D () C:\Program Files\trend micro
2014-08-12 11:21 - 2014-08-12 11:25 - 00000000 ____D () C:\rsit
2014-08-12 11:17 - 2014-08-12 11:14 - 00832273 _____ () C:\Users\Jiří\Desktop\RSITx64.exe
2014-08-12 11:14 - 2014-08-12 11:14 - 00832273 _____ () C:\Users\Guest\Desktop\RSITx64.exe
2014-08-12 11:08 - 2014-08-12 11:08 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\WinRAR
2014-08-12 01:44 - 2014-08-12 01:46 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\ICQ
2014-08-12 01:21 - 2014-08-12 01:21 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Hewlett-Packard
2014-08-12 00:33 - 2014-08-12 00:33 - 02098252 _____ () C:\Users\Jiří\Downloads\FRST64.exe
2014-08-11 23:42 - 2014-08-11 23:42 - 00024657 _____ () C:\ComboFix.txt
2014-08-11 22:59 - 2014-08-11 23:42 - 00000000 ____D () C:\ComboFix
2014-08-11 14:42 - 2014-08-11 14:42 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-11 14:42 - 2014-08-11 14:42 - 00000000 _____ () C:\autoexec.bat
2014-08-11 14:40 - 2014-08-11 17:48 - 00000000 ____D () C:\windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-08-10 11:22 - 2014-08-14 09:20 - 00002896 _____ () C:\windows\System32\Tasks\AutoKMS
2014-08-09 20:48 - 2014-08-09 21:46 - 1036210104 _____ () C:\Users\Jiří\Desktop\Mary-a-Max-(Mary-and-Max)-CZ-tit-2009.avi
2014-07-27 09:03 - 2014-08-11 11:04 - 00000328 _____ () C:\windows\Tasks\HPCeeScheduleForJiří.job
2014-07-27 09:03 - 2014-08-10 11:33 - 00003180 _____ () C:\windows\System32\Tasks\HPCeeScheduleForJiří
2014-07-24 16:04 - 2014-07-25 13:48 - 00000000 ____D () C:\Users\Jiří\Desktop\Závazky od Claudie s poznámkami
2014-07-24 11:22 - 2014-07-24 11:22 - 00124377 _____ () C:\Users\Jiří\Downloads\watch.htm
2014-07-20 15:11 - 2014-07-20 16:29 - 723245054 _____ () C:\Users\Jiří\Desktop\Hulk-1-CZ.avi
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-14 11:03 - 2014-08-14 11:01 - 00023530 _____ () C:\Users\Jiří\Desktop\FRST.txt
2014-08-14 11:01 - 2014-08-14 10:56 - 00000000 ____D () C:\FRST
2014-08-14 11:01 - 2012-01-09 01:06 - 01234383 _____ () C:\windows\WindowsUpdate.log
2014-08-14 10:57 - 2014-08-14 10:57 - 02100224 _____ (Farbar) C:\Users\Jiří\Desktop\FRST64.exe
2014-08-14 10:51 - 2012-07-09 15:23 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-08-14 10:07 - 2012-07-22 19:27 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-14 09:25 - 2009-07-14 06:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-14 09:25 - 2009-07-14 06:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-14 09:23 - 2012-07-11 18:14 - 00000000 ____D () C:\Users\Jiří\AppData\Roaming\uTorrent
2014-08-14 09:20 - 2014-08-10 11:22 - 00002896 _____ () C:\windows\System32\Tasks\AutoKMS
2014-08-14 09:20 - 2012-09-24 14:35 - 00000266 _____ () C:\windows\Tasks\AutoKMS.job
2014-08-14 09:18 - 2012-01-02 20:41 - 00000000 ____D () C:\ProgramData\PDFC
2014-08-14 09:17 - 2012-07-22 19:27 - 00000944 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-14 09:16 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-08-14 09:16 - 2009-07-14 06:51 - 00116530 _____ () C:\windows\setupact.log
2014-08-13 23:52 - 2012-07-09 17:18 - 00000000 ____D () C:\Users\Jiří\AppData\Roaming\Skype
2014-08-13 23:36 - 2012-07-13 16:16 - 00000000 ____D () C:\Users\Jiří\Desktop\Basnicky a jine vylomeniny
2014-08-13 19:04 - 2012-07-09 15:08 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-08-13 19:03 - 2014-08-13 19:03 - 13168336 _____ (Opera Software ASA) C:\Users\Jiří\Downloads\Opera_12.14 (2).exe
2014-08-13 19:02 - 2014-08-13 19:02 - 00001841 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 12.17 1863.lnk
2014-08-13 19:02 - 2014-08-13 19:02 - 00001829 _____ () C:\Users\Public\Desktop\Opera 12.17 1863.lnk
2014-08-13 19:00 - 2014-08-13 19:00 - 13168336 _____ (Opera Software ASA) C:\Users\Jiří\Downloads\Opera_12.14 (1).exe
2014-08-13 18:59 - 2014-08-13 18:59 - 00003804 _____ () C:\windows\System32\Tasks\Opera scheduled Autoupdate 1407949179
2014-08-13 18:59 - 2014-08-13 18:59 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-08-13 18:57 - 2014-08-13 18:57 - 00011773 _____ () C:\Users\Jiří\Desktop\zoek-results.txt
2014-08-13 15:58 - 2013-07-11 22:49 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-08-13 15:01 - 2013-03-04 15:45 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Seznam.cz
2014-08-13 14:51 - 2014-08-13 14:26 - 00011773 _____ () C:\zoek-results.log
2014-08-13 14:46 - 2014-08-12 22:52 - 00006268 _____ () C:\windows\PFRO.log
2014-08-13 14:41 - 2014-08-13 14:21 - 00000000 ____D () C:\zoek_backup
2014-08-13 14:25 - 2014-08-13 14:45 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-08-13 14:20 - 2014-08-13 14:21 - 01288704 _____ () C:\Users\Jiří\Desktop\zoek.exe
2014-08-13 14:20 - 2014-08-13 14:20 - 01288704 _____ () C:\Users\Jiří\Downloads\zoek.exe
2014-08-13 14:18 - 2014-08-13 14:18 - 00000000 __SHD () C:\Users\Jiří\AppData\Local\EmieUserList
2014-08-13 14:18 - 2014-08-13 14:18 - 00000000 __SHD () C:\Users\Jiří\AppData\Local\EmieSiteList
2014-08-13 14:12 - 2014-08-13 14:12 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieUserList
2014-08-13 14:12 - 2014-08-13 14:12 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieSiteList
2014-08-13 08:17 - 2009-07-14 06:45 - 00445264 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-13 08:13 - 2011-02-11 06:47 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-13 08:12 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-08-13 08:12 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\Dism
2014-08-13 08:12 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-08-13 08:11 - 2009-07-14 07:08 - 00032624 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-08-13 08:09 - 2013-03-14 02:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-13 08:09 - 2013-03-14 02:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-13 03:00 - 2012-01-02 20:11 - 01566012 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-08-13 03:00 - 2012-01-02 19:36 - 00670188 _____ () C:\windows\system32\perfh005.dat
2014-08-13 03:00 - 2012-01-02 19:36 - 00141530 _____ () C:\windows\system32\perfc005.dat
2014-08-13 03:00 - 2009-07-14 07:13 - 01566012 _____ () C:\windows\system32\PerfStringBackup.INI
2014-08-13 02:53 - 2012-07-26 13:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 02:27 - 2009-07-14 04:34 - 00000615 _____ () C:\windows\win.ini
2014-08-13 02:17 - 2013-03-14 02:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-12 22:59 - 2014-08-12 22:59 - 00015037 _____ () C:\Users\Jiří\Desktop\AdwCleaner[S0].txt
2014-08-12 22:50 - 2014-08-12 22:47 - 00000000 ____D () C:\AdwCleaner
2014-08-12 22:50 - 2012-08-29 09:22 - 00001286 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-12 22:50 - 2012-08-29 09:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-12 22:50 - 2012-07-09 14:40 - 00000927 _____ () C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-12 22:43 - 2014-08-12 22:47 - 01366203 _____ () C:\Users\Jiří\Desktop\adwcleaner_3.304.exe
2014-08-12 22:43 - 2014-08-12 22:43 - 01366203 _____ () C:\Users\Guest\Desktop\adwcleaner_3.304.exe
2014-08-12 15:00 - 2014-08-12 15:00 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\Macromedia
2014-08-12 13:41 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\Hewlett-Packard
2014-08-12 13:37 - 2014-08-12 13:37 - 00115688 _____ () C:\Users\Zaloha\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-12 13:37 - 2014-08-12 13:37 - 00001353 _____ () C:\Users\Zaloha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\Documents\Moje přijaté soubory
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\Intel Corporation
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\hpqLog
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\AVAST Software
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\Adobe
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Local\PDFC
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Local\Google
2014-08-12 13:37 - 2014-08-12 13:36 - 00000000 ____D () C:\Users\Zaloha
2014-08-12 13:37 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Šablony
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Soubory cookie
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Poslední
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Okolní tiskárny
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Okolní síť
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Nabídka Start
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Dokumenty
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Documents\Obrázky
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Documents\Hudba
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Documents\Filmy
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Data aplikací
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\AppData\Local\Data aplikací
2014-08-12 11:28 - 2014-08-12 11:21 - 00000000 ____D () C:\Program Files\trend micro
2014-08-12 11:25 - 2014-08-12 11:21 - 00000000 ____D () C:\rsit
2014-08-12 11:14 - 2014-08-12 11:17 - 00832273 _____ () C:\Users\Jiří\Desktop\RSITx64.exe
2014-08-12 11:14 - 2014-08-12 11:14 - 00832273 _____ () C:\Users\Guest\Desktop\RSITx64.exe
2014-08-12 11:08 - 2014-08-12 11:08 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\WinRAR
2014-08-12 01:46 - 2014-08-12 01:44 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\ICQ
2014-08-12 01:21 - 2014-08-12 01:21 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Hewlett-Packard
2014-08-12 01:19 - 2012-09-09 21:32 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\hpqLog
2014-08-12 00:38 - 2012-07-09 15:37 - 00000000 ____D () C:\Users\Jiří\AppData\Roaming\ICQ
2014-08-12 00:33 - 2014-08-12 00:33 - 02098252 _____ () C:\Users\Jiří\Downloads\FRST64.exe
2014-08-11 23:42 - 2014-08-11 23:42 - 00024657 _____ () C:\ComboFix.txt
2014-08-11 23:42 - 2014-08-11 22:59 - 00000000 ____D () C:\ComboFix
2014-08-11 23:42 - 2013-03-25 10:28 - 00000000 ____D () C:\Qoobox
2014-08-11 23:37 - 2009-07-14 04:34 - 00000215 _____ () C:\windows\system.ini
2014-08-11 23:20 - 2009-07-14 04:34 - 92536832 _____ () C:\windows\system32\config\software.bak
2014-08-11 23:20 - 2009-07-14 04:34 - 16515072 _____ () C:\windows\system32\config\system.bak
2014-08-11 23:20 - 2009-07-14 04:34 - 01310720 _____ () C:\windows\system32\config\default.bak
2014-08-11 23:20 - 2009-07-14 04:34 - 00061440 _____ () C:\windows\system32\config\sam.bak
2014-08-11 23:20 - 2009-07-14 04:34 - 00028672 _____ () C:\windows\system32\config\security.bak
2014-08-11 23:19 - 2013-03-25 10:28 - 00000000 ____D () C:\windows\erdnt
2014-08-11 19:38 - 2014-02-04 12:27 - 00000000 ____D () C:\Users\Jiří\AppData\Roaming\Malwarebytes
2014-08-11 19:38 - 2014-02-04 12:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-11 17:48 - 2014-08-11 14:40 - 00000000 ____D () C:\windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-08-11 16:39 - 2012-11-08 07:35 - 00002226 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-08-11 16:39 - 2012-11-08 07:35 - 00002218 _____ () C:\Users\Guest\Desktop\Opera.lnk
2014-08-11 14:42 - 2014-08-11 14:42 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-11 14:42 - 2014-08-11 14:42 - 00000000 _____ () C:\autoexec.bat
2014-08-11 13:41 - 2013-06-25 16:59 - 00000000 ____D () C:\Users\Jiří\AppData\Roaming\vlc
2014-08-11 11:18 - 2012-01-02 20:00 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-08-11 11:04 - 2014-07-27 09:03 - 00000328 _____ () C:\windows\Tasks\HPCeeScheduleForJiří.job
2014-08-10 11:33 - 2014-07-27 09:03 - 00003180 _____ () C:\windows\System32\Tasks\HPCeeScheduleForJiří
2014-08-10 11:32 - 2012-07-10 18:44 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-08-10 11:31 - 2013-02-10 13:07 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-08-09 21:46 - 2014-08-09 20:48 - 1036210104 _____ () C:\Users\Jiří\Desktop\Mary-a-Max-(Mary-and-Max)-CZ-tit-2009.avi
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-08-01 00:06 - 2012-08-09 08:47 - 00003206 _____ () C:\windows\System32\Tasks\HPCeeScheduleForHP$
2014-08-01 00:06 - 2012-08-09 08:47 - 00000330 _____ () C:\windows\Tasks\HPCeeScheduleForHP$.job
2014-07-26 12:12 - 2013-07-27 18:16 - 00000000 ____D () C:\Users\Jiří\Documents\Soubory aplikace Outlook
2014-07-25 13:48 - 2014-07-24 16:04 - 00000000 ____D () C:\Users\Jiří\Desktop\Závazky od Claudie s poznámkami
2014-07-24 11:22 - 2014-07-24 11:22 - 00124377 _____ () C:\Users\Jiří\Downloads\watch.htm
2014-07-22 06:09 - 2012-07-09 15:23 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-07-22 06:09 - 2012-07-09 15:23 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-22 06:09 - 2012-07-09 15:23 - 00003852 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-07-20 21:36 - 2014-05-17 00:29 - 00000000 ____D () C:\Users\Jiří\Desktop\Materialy od Claudie
2014-07-20 16:29 - 2014-07-20 15:11 - 723245054 _____ () C:\Users\Jiří\Desktop\Hulk-1-CZ.avi
2014-07-19 12:30 - 2012-08-04 23:05 - 00000000 ____D () C:\Users\Jiří\AppData\Local\CrashDumps
2014-07-16 20:36 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\NDF
2014-07-16 17:58 - 2014-04-18 11:48 - 00000000 ____D () C:\Users\Jiří\Desktop\Verejne zakazky
2014-07-15 06:20 - 2013-10-29 21:36 - 00002220 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-16 22:41
==================== End Of Log ============================
Ran by Jiří (administrator) on HP on 14-08-2014 11:01:51
Running from C:\Users\Jiří\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (IDT, Inc.)
HKLM\...\Run: [MfeEpePcMonitor] => C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2013-02-01] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-29] (AVAST Software)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [184736 2012-09-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-11] (PDF Complete Inc)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-3812448238-747251444-1740478444-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3812448238-747251444-1740478444-1002\...\Run: [uTorrent] => "C:\Users\JiYí\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Jiří\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-07-30]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2014-02-23]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-07-11]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR NewTab: "chrome-extension://pelmeidfhdlhlbjimpabfcbnnojbboma/index.html"
CHR DefaultSearchKeyword: istartsurf
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Delta Toolbar) - C:\Users\Ji\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\DeltaChromeToolbar.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Ji\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Seznam Lištička - Email) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2013-02-19]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2013-02-19]
CHR Extension: (AdBlock) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-04]
CHR Extension: (Peněženka Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-22]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2013-02-19]
CHR Extension: (No Name) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-08-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-06]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-06] (AVAST Software)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [486224 2011-11-10] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464440 2011-05-10] (Hewlett-Packard Company)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2012-01-09] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2012-01-09] (Macrovision Europe Ltd.) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S4 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
S4 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320000 2011-02-07] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [523680 2012-06-20] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-11] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S4 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 ArcSec; C:\Windows\System32\drivers\ArcSec.sys [312184 2010-09-21] ()
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-06] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-06] ()
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64312 2011-05-10] (Hewlett-Packard Company)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-23] (DT Soft Ltd)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc.)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2612728 2011-02-12] (Sunplus Technology)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-14 11:01 - 2014-08-14 11:03 - 00023530 _____ () C:\Users\Jiří\Desktop\FRST.txt
2014-08-14 10:57 - 2014-08-14 10:57 - 02100224 _____ (Farbar) C:\Users\Jiří\Desktop\FRST64.exe
2014-08-14 10:56 - 2014-08-14 11:01 - 00000000 ____D () C:\FRST
2014-08-13 19:03 - 2014-08-13 19:03 - 13168336 _____ (Opera Software ASA) C:\Users\Jiří\Downloads\Opera_12.14 (2).exe
2014-08-13 19:02 - 2014-08-13 19:02 - 00001841 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 12.17 1863.lnk
2014-08-13 19:02 - 2014-08-13 19:02 - 00001829 _____ () C:\Users\Public\Desktop\Opera 12.17 1863.lnk
2014-08-13 19:00 - 2014-08-13 19:00 - 13168336 _____ (Opera Software ASA) C:\Users\Jiří\Downloads\Opera_12.14 (1).exe
2014-08-13 18:59 - 2014-08-13 18:59 - 00003804 _____ () C:\windows\System32\Tasks\Opera scheduled Autoupdate 1407949179
2014-08-13 18:59 - 2014-08-13 18:59 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-08-13 18:57 - 2014-08-13 18:57 - 00011773 _____ () C:\Users\Jiří\Desktop\zoek-results.txt
2014-08-13 14:45 - 2014-08-13 14:25 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-08-13 14:26 - 2014-08-13 14:51 - 00011773 _____ () C:\zoek-results.log
2014-08-13 14:21 - 2014-08-13 14:41 - 00000000 ____D () C:\zoek_backup
2014-08-13 14:21 - 2014-08-13 14:20 - 01288704 _____ () C:\Users\Jiří\Desktop\zoek.exe
2014-08-13 14:20 - 2014-08-13 14:20 - 01288704 _____ () C:\Users\Jiří\Downloads\zoek.exe
2014-08-13 14:18 - 2014-08-13 14:18 - 00000000 __SHD () C:\Users\Jiří\AppData\Local\EmieUserList
2014-08-13 14:18 - 2014-08-13 14:18 - 00000000 __SHD () C:\Users\Jiří\AppData\Local\EmieSiteList
2014-08-13 14:12 - 2014-08-13 14:12 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieUserList
2014-08-13 14:12 - 2014-08-13 14:12 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieSiteList
2014-08-13 03:00 - 2014-05-08 06:57 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-08-13 03:00 - 2014-05-08 06:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-08-13 02:46 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-08-13 02:46 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-08-13 02:46 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-08-13 02:46 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-08-13 02:46 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-08-13 02:46 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-08-13 02:46 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-08-13 02:46 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-08-13 02:46 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-08-13 02:46 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-08-13 02:46 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-08-13 02:46 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-08-13 02:46 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-08-13 02:46 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-08-13 02:46 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-08-13 02:46 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-08-13 02:46 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-08-13 02:46 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-08-13 02:46 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-08-13 02:46 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 02:46 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-08-13 02:46 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-08-13 02:46 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-08-13 02:46 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-08-13 02:46 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-08-13 02:46 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-08-13 02:46 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-08-13 02:46 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-08-13 02:46 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-08-13 02:46 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 02:46 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-08-13 02:46 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-08-13 02:46 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-08-13 02:46 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-08-13 02:46 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-08-13 02:45 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-08-13 02:45 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-08-13 02:45 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-08-13 02:45 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-08-13 02:45 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-08-13 02:45 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-08-13 02:45 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-08-13 02:45 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-08-13 02:45 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-08-13 02:45 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-08-13 02:45 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-08-13 02:45 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-08-13 02:45 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-08-12 22:59 - 2014-08-12 22:59 - 00015037 _____ () C:\Users\Jiří\Desktop\AdwCleaner[S0].txt
2014-08-12 22:52 - 2014-08-13 14:46 - 00006268 _____ () C:\windows\PFRO.log
2014-08-12 22:49 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-08-12 22:47 - 2014-08-12 22:50 - 00000000 ____D () C:\AdwCleaner
2014-08-12 22:47 - 2014-08-12 22:43 - 01366203 _____ () C:\Users\Jiří\Desktop\adwcleaner_3.304.exe
2014-08-12 22:43 - 2014-08-12 22:43 - 01366203 _____ () C:\Users\Guest\Desktop\adwcleaner_3.304.exe
2014-08-12 16:46 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-08-12 16:46 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-08-12 16:46 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-08-12 16:46 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-08-12 16:46 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-08-12 16:46 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-08-12 16:46 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-08-12 16:46 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-08-12 16:46 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-08-12 16:46 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-08-12 16:46 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-08-12 16:46 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-08-12 16:46 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-08-12 16:46 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2014-08-12 16:46 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2014-08-12 16:46 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2014-08-12 16:46 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2014-08-12 16:46 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-08-12 16:46 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2014-08-12 16:46 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-08-12 16:44 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-08-12 15:42 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-08-12 15:42 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-08-12 15:42 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-08-12 15:41 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-08-12 15:41 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2014-08-12 15:40 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-08-12 15:40 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-08-12 15:40 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2014-08-12 15:40 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2014-08-12 15:40 - 2014-01-01 01:05 - 00420008 _____ () C:\windows\SysWOW64\locale.nls
2014-08-12 15:40 - 2014-01-01 01:04 - 00420008 _____ () C:\windows\system32\locale.nls
2014-08-12 15:39 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-08-12 15:39 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-08-12 15:39 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-08-12 15:39 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-08-12 15:39 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-08-12 15:39 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-08-12 15:39 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-08-12 15:39 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-08-12 15:38 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-08-12 15:38 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-08-12 15:38 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-12 15:38 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2014-08-12 15:38 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2014-08-12 15:38 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2014-08-12 15:38 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2014-08-12 15:38 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-08-12 15:38 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2014-08-12 15:38 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2014-08-12 15:38 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2014-08-12 15:38 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2014-08-12 15:38 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll
2014-08-12 15:38 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll
2014-08-12 15:38 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll
2014-08-12 15:38 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll
2014-08-12 15:38 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-08-12 15:38 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe
2014-08-12 15:38 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe
2014-08-12 15:38 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe
2014-08-12 15:38 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe
2014-08-12 15:37 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-08-12 15:37 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-08-12 15:37 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-08-12 15:35 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-08-12 15:35 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-08-12 15:35 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-08-12 15:35 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-08-12 15:35 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-08-12 15:35 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-08-12 15:35 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-08-12 15:35 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-08-12 15:35 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-08-12 15:35 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-08-12 15:35 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-08-12 15:35 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-08-12 15:35 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-08-12 15:35 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-08-12 15:35 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-08-12 15:35 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-08-12 15:35 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-08-12 15:35 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-08-12 15:35 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2014-08-12 15:34 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-08-12 15:34 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-08-12 15:34 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-08-12 15:34 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-08-12 15:34 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-08-12 15:34 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-08-12 15:34 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-08-12 15:34 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-08-12 15:34 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-08-12 15:34 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-08-12 15:34 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-08-12 15:34 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2014-08-12 15:34 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2014-08-12 15:34 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2014-08-12 15:34 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2014-08-12 15:34 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-08-12 15:34 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2014-08-12 15:34 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2014-08-12 15:34 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2014-08-12 15:34 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2014-08-12 15:33 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-08-12 15:33 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-08-12 15:00 - 2014-08-12 15:00 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\Macromedia
2014-08-12 13:37 - 2014-08-12 13:41 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\Hewlett-Packard
2014-08-12 13:37 - 2014-08-12 13:37 - 00115688 _____ () C:\Users\Zaloha\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-12 13:37 - 2014-08-12 13:37 - 00001353 _____ () C:\Users\Zaloha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\Documents\Moje přijaté soubory
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\Intel Corporation
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\hpqLog
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\AVAST Software
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\Adobe
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Local\PDFC
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Local\Google
2014-08-12 13:36 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Šablony
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Soubory cookie
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Poslední
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Okolní tiskárny
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Okolní síť
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Nabídka Start
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Dokumenty
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Documents\Obrázky
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Documents\Hudba
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Documents\Filmy
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Data aplikací
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\AppData\Local\Data aplikací
2014-08-12 13:36 - 2012-07-27 01:18 - 00000000 ____D () C:\Users\Zaloha\AppData\Local\Microsoft Help
2014-08-12 13:36 - 2011-02-11 07:19 - 00000020 ___SH () C:\Users\Zaloha\ntuser.ini
2014-08-12 13:36 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Zaloha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-12 13:36 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Zaloha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-12 11:21 - 2014-08-12 11:28 - 00000000 ____D () C:\Program Files\trend micro
2014-08-12 11:21 - 2014-08-12 11:25 - 00000000 ____D () C:\rsit
2014-08-12 11:17 - 2014-08-12 11:14 - 00832273 _____ () C:\Users\Jiří\Desktop\RSITx64.exe
2014-08-12 11:14 - 2014-08-12 11:14 - 00832273 _____ () C:\Users\Guest\Desktop\RSITx64.exe
2014-08-12 11:08 - 2014-08-12 11:08 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\WinRAR
2014-08-12 01:44 - 2014-08-12 01:46 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\ICQ
2014-08-12 01:21 - 2014-08-12 01:21 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Hewlett-Packard
2014-08-12 00:33 - 2014-08-12 00:33 - 02098252 _____ () C:\Users\Jiří\Downloads\FRST64.exe
2014-08-11 23:42 - 2014-08-11 23:42 - 00024657 _____ () C:\ComboFix.txt
2014-08-11 22:59 - 2014-08-11 23:42 - 00000000 ____D () C:\ComboFix
2014-08-11 14:42 - 2014-08-11 14:42 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-11 14:42 - 2014-08-11 14:42 - 00000000 _____ () C:\autoexec.bat
2014-08-11 14:40 - 2014-08-11 17:48 - 00000000 ____D () C:\windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-08-10 11:22 - 2014-08-14 09:20 - 00002896 _____ () C:\windows\System32\Tasks\AutoKMS
2014-08-09 20:48 - 2014-08-09 21:46 - 1036210104 _____ () C:\Users\Jiří\Desktop\Mary-a-Max-(Mary-and-Max)-CZ-tit-2009.avi
2014-07-27 09:03 - 2014-08-11 11:04 - 00000328 _____ () C:\windows\Tasks\HPCeeScheduleForJiří.job
2014-07-27 09:03 - 2014-08-10 11:33 - 00003180 _____ () C:\windows\System32\Tasks\HPCeeScheduleForJiří
2014-07-24 16:04 - 2014-07-25 13:48 - 00000000 ____D () C:\Users\Jiří\Desktop\Závazky od Claudie s poznámkami
2014-07-24 11:22 - 2014-07-24 11:22 - 00124377 _____ () C:\Users\Jiří\Downloads\watch.htm
2014-07-20 15:11 - 2014-07-20 16:29 - 723245054 _____ () C:\Users\Jiří\Desktop\Hulk-1-CZ.avi
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-14 11:03 - 2014-08-14 11:01 - 00023530 _____ () C:\Users\Jiří\Desktop\FRST.txt
2014-08-14 11:01 - 2014-08-14 10:56 - 00000000 ____D () C:\FRST
2014-08-14 11:01 - 2012-01-09 01:06 - 01234383 _____ () C:\windows\WindowsUpdate.log
2014-08-14 10:57 - 2014-08-14 10:57 - 02100224 _____ (Farbar) C:\Users\Jiří\Desktop\FRST64.exe
2014-08-14 10:51 - 2012-07-09 15:23 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-08-14 10:07 - 2012-07-22 19:27 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-14 09:25 - 2009-07-14 06:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-14 09:25 - 2009-07-14 06:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-14 09:23 - 2012-07-11 18:14 - 00000000 ____D () C:\Users\Jiří\AppData\Roaming\uTorrent
2014-08-14 09:20 - 2014-08-10 11:22 - 00002896 _____ () C:\windows\System32\Tasks\AutoKMS
2014-08-14 09:20 - 2012-09-24 14:35 - 00000266 _____ () C:\windows\Tasks\AutoKMS.job
2014-08-14 09:18 - 2012-01-02 20:41 - 00000000 ____D () C:\ProgramData\PDFC
2014-08-14 09:17 - 2012-07-22 19:27 - 00000944 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-14 09:16 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-08-14 09:16 - 2009-07-14 06:51 - 00116530 _____ () C:\windows\setupact.log
2014-08-13 23:52 - 2012-07-09 17:18 - 00000000 ____D () C:\Users\Jiří\AppData\Roaming\Skype
2014-08-13 23:36 - 2012-07-13 16:16 - 00000000 ____D () C:\Users\Jiří\Desktop\Basnicky a jine vylomeniny
2014-08-13 19:04 - 2012-07-09 15:08 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-08-13 19:03 - 2014-08-13 19:03 - 13168336 _____ (Opera Software ASA) C:\Users\Jiří\Downloads\Opera_12.14 (2).exe
2014-08-13 19:02 - 2014-08-13 19:02 - 00001841 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 12.17 1863.lnk
2014-08-13 19:02 - 2014-08-13 19:02 - 00001829 _____ () C:\Users\Public\Desktop\Opera 12.17 1863.lnk
2014-08-13 19:00 - 2014-08-13 19:00 - 13168336 _____ (Opera Software ASA) C:\Users\Jiří\Downloads\Opera_12.14 (1).exe
2014-08-13 18:59 - 2014-08-13 18:59 - 00003804 _____ () C:\windows\System32\Tasks\Opera scheduled Autoupdate 1407949179
2014-08-13 18:59 - 2014-08-13 18:59 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-08-13 18:57 - 2014-08-13 18:57 - 00011773 _____ () C:\Users\Jiří\Desktop\zoek-results.txt
2014-08-13 15:58 - 2013-07-11 22:49 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-08-13 15:01 - 2013-03-04 15:45 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Seznam.cz
2014-08-13 14:51 - 2014-08-13 14:26 - 00011773 _____ () C:\zoek-results.log
2014-08-13 14:46 - 2014-08-12 22:52 - 00006268 _____ () C:\windows\PFRO.log
2014-08-13 14:41 - 2014-08-13 14:21 - 00000000 ____D () C:\zoek_backup
2014-08-13 14:25 - 2014-08-13 14:45 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-08-13 14:20 - 2014-08-13 14:21 - 01288704 _____ () C:\Users\Jiří\Desktop\zoek.exe
2014-08-13 14:20 - 2014-08-13 14:20 - 01288704 _____ () C:\Users\Jiří\Downloads\zoek.exe
2014-08-13 14:18 - 2014-08-13 14:18 - 00000000 __SHD () C:\Users\Jiří\AppData\Local\EmieUserList
2014-08-13 14:18 - 2014-08-13 14:18 - 00000000 __SHD () C:\Users\Jiří\AppData\Local\EmieSiteList
2014-08-13 14:12 - 2014-08-13 14:12 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieUserList
2014-08-13 14:12 - 2014-08-13 14:12 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieSiteList
2014-08-13 08:17 - 2009-07-14 06:45 - 00445264 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-13 08:13 - 2011-02-11 06:47 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-13 08:12 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-08-13 08:12 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\Dism
2014-08-13 08:12 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-08-13 08:11 - 2009-07-14 07:08 - 00032624 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-08-13 08:09 - 2013-03-14 02:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-13 08:09 - 2013-03-14 02:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-13 03:00 - 2012-01-02 20:11 - 01566012 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-08-13 03:00 - 2012-01-02 19:36 - 00670188 _____ () C:\windows\system32\perfh005.dat
2014-08-13 03:00 - 2012-01-02 19:36 - 00141530 _____ () C:\windows\system32\perfc005.dat
2014-08-13 03:00 - 2009-07-14 07:13 - 01566012 _____ () C:\windows\system32\PerfStringBackup.INI
2014-08-13 02:53 - 2012-07-26 13:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 02:27 - 2009-07-14 04:34 - 00000615 _____ () C:\windows\win.ini
2014-08-13 02:17 - 2013-03-14 02:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-12 22:59 - 2014-08-12 22:59 - 00015037 _____ () C:\Users\Jiří\Desktop\AdwCleaner[S0].txt
2014-08-12 22:50 - 2014-08-12 22:47 - 00000000 ____D () C:\AdwCleaner
2014-08-12 22:50 - 2012-08-29 09:22 - 00001286 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-12 22:50 - 2012-08-29 09:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-12 22:50 - 2012-07-09 14:40 - 00000927 _____ () C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-12 22:43 - 2014-08-12 22:47 - 01366203 _____ () C:\Users\Jiří\Desktop\adwcleaner_3.304.exe
2014-08-12 22:43 - 2014-08-12 22:43 - 01366203 _____ () C:\Users\Guest\Desktop\adwcleaner_3.304.exe
2014-08-12 15:00 - 2014-08-12 15:00 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\Macromedia
2014-08-12 13:41 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\Hewlett-Packard
2014-08-12 13:37 - 2014-08-12 13:37 - 00115688 _____ () C:\Users\Zaloha\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-12 13:37 - 2014-08-12 13:37 - 00001353 _____ () C:\Users\Zaloha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\Documents\Moje přijaté soubory
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\Intel Corporation
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\hpqLog
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\AVAST Software
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Roaming\Adobe
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Local\PDFC
2014-08-12 13:37 - 2014-08-12 13:37 - 00000000 ____D () C:\Users\Zaloha\AppData\Local\Google
2014-08-12 13:37 - 2014-08-12 13:36 - 00000000 ____D () C:\Users\Zaloha
2014-08-12 13:37 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Šablony
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Soubory cookie
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Poslední
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Okolní tiskárny
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Okolní síť
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Nabídka Start
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Dokumenty
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Documents\Obrázky
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Documents\Hudba
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Documents\Filmy
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\Data aplikací
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-08-12 13:36 - 2014-08-12 13:36 - 00000000 _SHDL () C:\Users\Zaloha\AppData\Local\Data aplikací
2014-08-12 11:28 - 2014-08-12 11:21 - 00000000 ____D () C:\Program Files\trend micro
2014-08-12 11:25 - 2014-08-12 11:21 - 00000000 ____D () C:\rsit
2014-08-12 11:14 - 2014-08-12 11:17 - 00832273 _____ () C:\Users\Jiří\Desktop\RSITx64.exe
2014-08-12 11:14 - 2014-08-12 11:14 - 00832273 _____ () C:\Users\Guest\Desktop\RSITx64.exe
2014-08-12 11:08 - 2014-08-12 11:08 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\WinRAR
2014-08-12 01:46 - 2014-08-12 01:44 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\ICQ
2014-08-12 01:21 - 2014-08-12 01:21 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Hewlett-Packard
2014-08-12 01:19 - 2012-09-09 21:32 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\hpqLog
2014-08-12 00:38 - 2012-07-09 15:37 - 00000000 ____D () C:\Users\Jiří\AppData\Roaming\ICQ
2014-08-12 00:33 - 2014-08-12 00:33 - 02098252 _____ () C:\Users\Jiří\Downloads\FRST64.exe
2014-08-11 23:42 - 2014-08-11 23:42 - 00024657 _____ () C:\ComboFix.txt
2014-08-11 23:42 - 2014-08-11 22:59 - 00000000 ____D () C:\ComboFix
2014-08-11 23:42 - 2013-03-25 10:28 - 00000000 ____D () C:\Qoobox
2014-08-11 23:37 - 2009-07-14 04:34 - 00000215 _____ () C:\windows\system.ini
2014-08-11 23:20 - 2009-07-14 04:34 - 92536832 _____ () C:\windows\system32\config\software.bak
2014-08-11 23:20 - 2009-07-14 04:34 - 16515072 _____ () C:\windows\system32\config\system.bak
2014-08-11 23:20 - 2009-07-14 04:34 - 01310720 _____ () C:\windows\system32\config\default.bak
2014-08-11 23:20 - 2009-07-14 04:34 - 00061440 _____ () C:\windows\system32\config\sam.bak
2014-08-11 23:20 - 2009-07-14 04:34 - 00028672 _____ () C:\windows\system32\config\security.bak
2014-08-11 23:19 - 2013-03-25 10:28 - 00000000 ____D () C:\windows\erdnt
2014-08-11 19:38 - 2014-02-04 12:27 - 00000000 ____D () C:\Users\Jiří\AppData\Roaming\Malwarebytes
2014-08-11 19:38 - 2014-02-04 12:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-11 17:48 - 2014-08-11 14:40 - 00000000 ____D () C:\windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-08-11 16:39 - 2012-11-08 07:35 - 00002226 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-08-11 16:39 - 2012-11-08 07:35 - 00002218 _____ () C:\Users\Guest\Desktop\Opera.lnk
2014-08-11 14:42 - 2014-08-11 14:42 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-11 14:42 - 2014-08-11 14:42 - 00000000 _____ () C:\autoexec.bat
2014-08-11 13:41 - 2013-06-25 16:59 - 00000000 ____D () C:\Users\Jiří\AppData\Roaming\vlc
2014-08-11 11:18 - 2012-01-02 20:00 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-08-11 11:04 - 2014-07-27 09:03 - 00000328 _____ () C:\windows\Tasks\HPCeeScheduleForJiří.job
2014-08-10 11:33 - 2014-07-27 09:03 - 00003180 _____ () C:\windows\System32\Tasks\HPCeeScheduleForJiří
2014-08-10 11:32 - 2012-07-10 18:44 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-08-10 11:31 - 2013-02-10 13:07 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-08-09 21:46 - 2014-08-09 20:48 - 1036210104 _____ () C:\Users\Jiří\Desktop\Mary-a-Max-(Mary-and-Max)-CZ-tit-2009.avi
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-08-01 00:06 - 2012-08-09 08:47 - 00003206 _____ () C:\windows\System32\Tasks\HPCeeScheduleForHP$
2014-08-01 00:06 - 2012-08-09 08:47 - 00000330 _____ () C:\windows\Tasks\HPCeeScheduleForHP$.job
2014-07-26 12:12 - 2013-07-27 18:16 - 00000000 ____D () C:\Users\Jiří\Documents\Soubory aplikace Outlook
2014-07-25 13:48 - 2014-07-24 16:04 - 00000000 ____D () C:\Users\Jiří\Desktop\Závazky od Claudie s poznámkami
2014-07-24 11:22 - 2014-07-24 11:22 - 00124377 _____ () C:\Users\Jiří\Downloads\watch.htm
2014-07-22 06:09 - 2012-07-09 15:23 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-07-22 06:09 - 2012-07-09 15:23 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-22 06:09 - 2012-07-09 15:23 - 00003852 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-07-20 21:36 - 2014-05-17 00:29 - 00000000 ____D () C:\Users\Jiří\Desktop\Materialy od Claudie
2014-07-20 16:29 - 2014-07-20 15:11 - 723245054 _____ () C:\Users\Jiří\Desktop\Hulk-1-CZ.avi
2014-07-19 12:30 - 2012-08-04 23:05 - 00000000 ____D () C:\Users\Jiří\AppData\Local\CrashDumps
2014-07-16 20:36 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\NDF
2014-07-16 17:58 - 2014-04-18 11:48 - 00000000 ____D () C:\Users\Jiří\Desktop\Verejne zakazky
2014-07-15 06:20 - 2013-10-29 21:36 - 00002220 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-16 22:41
==================== End Of Log ============================
- Přílohy
-
- Addition.rar
- (12.83 KiB) Staženo 18 x
Re: Search protect, problémy s prohlížečem
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-11] (PDF Complete Inc) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKU\S-1-5-21-3812448238-747251444-1740478444-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd) HKU\S-1-5-21-3812448238-747251444-1740478444-1002\...\Run: [uTorrent] => "C:\Users\JiYí\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File CHR NewTab: "chrome-extension://pelmeidfhdlhlbjimpabfcbnnojbboma/index.html" CHR DefaultSearchKeyword: istartsurf CHR Extension: (No Name) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-08-10] CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X] S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X] S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X] S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X] C:\Program Files\Enigma Software Group 2014-08-13 18:57 - 2014-08-13 18:57 - 00011773 _____ () C:\Users\Jiří\Desktop\zoek-results.txt 2014-08-13 14:45 - 2014-08-13 14:25 - 00024064 _____ () C:\windows\zoek-delete.exe 2014-08-13 14:26 - 2014-08-13 14:51 - 00011773 _____ () C:\zoek-results.log 2014-08-13 14:21 - 2014-08-13 14:41 - 00000000 ____D () C:\zoek_backup 2014-08-13 14:21 - 2014-08-13 14:20 - 01288704 _____ () C:\Users\Jiří\Desktop\zoek.exe 2014-08-13 14:20 - 2014-08-13 14:20 - 01288704 _____ () C:\Users\Jiří\Downloads\zoek.exe C:\windows\AutoKMS Task: {8483DCAB-B0AB-43D4-B773-B323A681EC40} - System32\Tasks\AutoKMS => C:\windows\AutoKMS\AutoKMS.exe [2012-09-24] () Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\AutoKMS.job => C:\windows\AutoKMS\AutoKMS.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\HPCeeScheduleForHP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\windows\Tasks\HPCeeScheduleForJiří.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Hosts: Reboot: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Search protect, problémy s prohlížečem
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-08-2014 01
Ran by Jiří at 2014-08-14 12:54:33 Run:1
Running from C:\Users\Jiří\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-11] (PDF Complete Inc)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-3812448238-747251444-1740478444-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3812448238-747251444-1740478444-1002\...\Run: [uTorrent] => "C:\Users\JiYí\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
CHR NewTab: "chrome-extension://pelmeidfhdlhlbjimpabfcbnnojbboma/index.html"
CHR DefaultSearchKeyword: istartsurf
CHR Extension: (No Name) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-08-10]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]
C:\Program Files\Enigma Software Group
2014-08-13 18:57 - 2014-08-13 18:57 - 00011773 _____ () C:\Users\Jiří\Desktop\zoek-results.txt
2014-08-13 14:45 - 2014-08-13 14:25 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-08-13 14:26 - 2014-08-13 14:51 - 00011773 _____ () C:\zoek-results.log
2014-08-13 14:21 - 2014-08-13 14:41 - 00000000 ____D () C:\zoek_backup
2014-08-13 14:21 - 2014-08-13 14:20 - 01288704 _____ () C:\Users\Jiří\Desktop\zoek.exe
2014-08-13 14:20 - 2014-08-13 14:20 - 01288704 _____ () C:\Users\Jiří\Downloads\zoek.exe
C:\windows\AutoKMS
Task: {8483DCAB-B0AB-43D4-B773-B323A681EC40} - System32\Tasks\AutoKMS => C:\windows\AutoKMS\AutoKMS.exe [2012-09-24] ()
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\AutoKMS.job => C:\windows\AutoKMS\AutoKMS.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForHP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\HPCeeScheduleForJiří.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Hosts:
Reboot:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\PDF Complete => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKU\S-1-5-21-3812448238-747251444-1740478444-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-3812448238-747251444-1740478444-1002\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
"HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found.
CHR DefaultSearchKeyword: istartsurf ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma => Moved successfully.
"HKCU\SOFTWARE\Policies\Google" => Key deleted successfully.
catchme => Service deleted successfully.
esgiguard => Service deleted successfully.
ew_hwusbdev => Service deleted successfully.
ew_usbenumfilter => Service deleted successfully.
huawei_cdcacm => Service deleted successfully.
huawei_enumerator => Service deleted successfully.
huawei_ext_ctrl => Service deleted successfully.
huawei_wwanecm => Service deleted successfully.
MBAMSwissArmy => Service deleted successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
C:\Users\Jiří\Desktop\zoek-results.txt => Moved successfully.
C:\windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Jiří\Desktop\zoek.exe => Moved successfully.
C:\Users\Jiří\Downloads\zoek.exe => Moved successfully.
C:\windows\AutoKMS => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{8483DCAB-B0AB-43D4-B773-B323A681EC40}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8483DCAB-B0AB-43D4-B773-B323A681EC40}" => Key deleted successfully.
C:\Windows\System32\Tasks\AutoKMS => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Key deleted successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\AutoKMS.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\HPCeeScheduleForHP$.job => Moved successfully.
C:\windows\Tasks\HPCeeScheduleForJiří.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
The system needed a reboot.
==== End of Fixlog ====
Ran by Jiří at 2014-08-14 12:54:33 Run:1
Running from C:\Users\Jiří\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-11] (PDF Complete Inc)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-3812448238-747251444-1740478444-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3812448238-747251444-1740478444-1002\...\Run: [uTorrent] => "C:\Users\JiYí\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
CHR NewTab: "chrome-extension://pelmeidfhdlhlbjimpabfcbnnojbboma/index.html"
CHR DefaultSearchKeyword: istartsurf
CHR Extension: (No Name) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-08-10]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]
C:\Program Files\Enigma Software Group
2014-08-13 18:57 - 2014-08-13 18:57 - 00011773 _____ () C:\Users\Jiří\Desktop\zoek-results.txt
2014-08-13 14:45 - 2014-08-13 14:25 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-08-13 14:26 - 2014-08-13 14:51 - 00011773 _____ () C:\zoek-results.log
2014-08-13 14:21 - 2014-08-13 14:41 - 00000000 ____D () C:\zoek_backup
2014-08-13 14:21 - 2014-08-13 14:20 - 01288704 _____ () C:\Users\Jiří\Desktop\zoek.exe
2014-08-13 14:20 - 2014-08-13 14:20 - 01288704 _____ () C:\Users\Jiří\Downloads\zoek.exe
C:\windows\AutoKMS
Task: {8483DCAB-B0AB-43D4-B773-B323A681EC40} - System32\Tasks\AutoKMS => C:\windows\AutoKMS\AutoKMS.exe [2012-09-24] ()
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\AutoKMS.job => C:\windows\AutoKMS\AutoKMS.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForHP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\HPCeeScheduleForJiří.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Hosts:
Reboot:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\PDF Complete => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKU\S-1-5-21-3812448238-747251444-1740478444-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-3812448238-747251444-1740478444-1002\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
"HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found.
CHR DefaultSearchKeyword: istartsurf ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma => Moved successfully.
"HKCU\SOFTWARE\Policies\Google" => Key deleted successfully.
catchme => Service deleted successfully.
esgiguard => Service deleted successfully.
ew_hwusbdev => Service deleted successfully.
ew_usbenumfilter => Service deleted successfully.
huawei_cdcacm => Service deleted successfully.
huawei_enumerator => Service deleted successfully.
huawei_ext_ctrl => Service deleted successfully.
huawei_wwanecm => Service deleted successfully.
MBAMSwissArmy => Service deleted successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
C:\Users\Jiří\Desktop\zoek-results.txt => Moved successfully.
C:\windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Jiří\Desktop\zoek.exe => Moved successfully.
C:\Users\Jiří\Downloads\zoek.exe => Moved successfully.
C:\windows\AutoKMS => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{8483DCAB-B0AB-43D4-B773-B323A681EC40}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8483DCAB-B0AB-43D4-B773-B323A681EC40}" => Key deleted successfully.
C:\Windows\System32\Tasks\AutoKMS => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Key deleted successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\AutoKMS.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\HPCeeScheduleForHP$.job => Moved successfully.
C:\windows\Tasks\HPCeeScheduleForJiří.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
The system needed a reboot.
==== End of Fixlog ====
Re: Search protect, problémy s prohlížečem
Jak se chova PC??
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Search protect, problémy s prohlížečem
Řekl bych, že normálně
Re: Search protect, problémy s prohlížečem
Tak jeste uklidime 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Search protect, problémy s prohlížečem
TFC se mi seklo:( Musel jsem počítač natvrdo vypnout. Nešlo to ani přes správce úloh. Doufám, že to na výsledek nebude mít vliv
Přispějete na provoz fóra?