VIRY.CZ

PC máme jsem koupil z firmy a už tam byl, takže bych řekl, že ano

Zacneme poradkem v zabezpeceni...
Mate 3 bezpecnostni reseni - ESET, avast a zapnuty defender... defender kazdopadne vypnete (na sedmickach plni jen funkci antispywaru) - http://windows.microsoft.com/cs-cz/wind ... =windows-7
a pak se rozhodnete, ktere reseni si nechate... velice varuju pred crackovanim bezpecnostniho softwaru (uz ze samotne logiky veci... upravovat produkt, ktery mi bezi na pozadi a hlida veskere deni na PC? Stale takovemu antiviru duveruju?)
Oba antiviry prochazi srovnavacimi testy s velice dobrymi vysledky, takze je jedno, ktere reseni si vyberete - to druhe odinstalujte pomoci oficialniho odinstalatoru viz web vyrobce.

odinstalujte i Adaware, Spyware Terminator a Trojan Remover

v logu je nainstalovany MBAM - provadel jste sken? Pripadne vlozte log s nalezy.


V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Clean
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Defender jsem vypnul
ESET jsem doplnil včera, když už AVAST selhal, AVAST není cracknutý, je to ta základní licence zdarma

ADW , ST, i TR už je pryč

log z MBAM přikládám :

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 30.1.2015
Čas skenování: 15:11:03
Protokol: MBAM.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2015.01.30.04
Databáze rootkitů: v2015.01.14.01
Licence: Premium
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Pavel

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 337009
Uplynulý čas: 6 min, 4 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 5
PUP.Optional.Babylon.A, HKU\S-1-5-21-1652633647-405593163-2038319680-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Do karantény, [ccc0996401887cba60fbde1af30f718f],
PUP.Optional.Kozaka.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mciekghplkkgcmofonmkmlomhkamochd, Do karantény, [c2ca41bcabde95a1c69642628a7960a0],
PUP.Optional.RegCleanPro.A, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\RegClean Pro, Do karantény, [4f3da855a9e08bab1828a6fb9271629e],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-1652633647-405593163-2038319680-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, Do karantény, [4448ea137118bd794c76bd20e51f41bf],
PUP.Optional.WebPlayer.A, HKU\S-1-5-21-1652633647-405593163-2038319680-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WEBPLAYER, Do karantény, [f89430cd23665dd9b8afefb1669de61a],

Hodnoty registru: 1
PUP.Optional.WebPlayer.A, HKU\S-1-5-21-1652633647-405593163-2038319680-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WEBPLAYER|AppsHat, 1, Do karantény, [f89430cd23665dd9b8afefb1669de61a]

Data registru: 2
PUP.Optional.DoSearches, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://search.dosearches.com/web/?utm_s ... earchTerms}, Dobré: (www.google.com), Špatné: (http://search.dosearches.com/web/?utm_s ... earchTerms}),Nahrazeno,[1c7017e6b6d37bbbee81ebb4cf36f50b]
PUP.Optional.DoSearches, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://search.dosearches.com/web/?utm_s ... earchTerms}, Dobré: (www.google.com), Špatné: (http://search.dosearches.com/web/?utm_s ... earchTerms}),Nahrazeno,[711b4db06c1d6fc78ae5ecb3aa5b30d0]

Složky: 12
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\icons, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\web_player, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro, Do karantény, [cbc1c9348405bc7a11a8c4ea857e0cf4],
PUP.Optional.Appshat.A, C:\Users\Pavel\AppData\Local\AppsHat Mobile Apps, Do karantény, [f59707f68702d462766b174731d2a45c],
PUP.Optional.AppsHat.A, C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat, Do karantény, [3f4dd7264940d4624a0fe98c946f827e],
PUP.Optional.MagnetTV.A, C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Magnet-TV.com, Do karantény, [810b5e9f8aff86b08d1c71098a7902fe],
PUP.Optional.MagnetTV.A, C:\Program Files (x86)\Magnet-TV.com, Do karantény, [afdd0cf11a6f49ed1397156548bbdc24],
PUP.Optional.MagnetTV.A, C:\Program Files (x86)\Magnet-TV.com\Torrents, Do karantény, [afdd0cf11a6f49ed1397156548bbdc24],

Soubory: 29
PUP.Optional.RegCleanerPro, C:\Windows\System32\Tasks\RegClean Pro, Do karantény, [f79515e84f3a51e5798832684ab93bc5],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\installer.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\common.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\Uninstall.exe, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\icons\main.ico, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\icons\shortcut.ico, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\icons\tray.ico, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\config.xml, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\default_config.json, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\main.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\stub.html, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\event_listener.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\initialize.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\io.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\json.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\jsonstorage.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\storage.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\utils.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\xhr.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\web_player\initialize.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\web_player\web_player.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\Register RegClean Pro.lnk, Do karantény, [cbc1c9348405bc7a11a8c4ea857e0cf4],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro.lnk, Do karantény, [cbc1c9348405bc7a11a8c4ea857e0cf4],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\Uninstall RegClean Pro.lnk, Do karantény, [cbc1c9348405bc7a11a8c4ea857e0cf4],
PUP.Optional.AppsHat.A, C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat\AppsHat.lnk, Do karantény, [3f4dd7264940d4624a0fe98c946f827e],
PUP.Optional.AppsHat.A, C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat\Uninstall.lnk, Do karantény, [3f4dd7264940d4624a0fe98c946f827e],
PUP.Optional.MagnetTV.A, C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Magnet-TV.com\MagnetTV.lnk, Do karantény, [810b5e9f8aff86b08d1c71098a7902fe],
PUP.Optional.MagnetTV.A, C:\Program Files (x86)\Magnet-TV.com\Torrents\WRC_FIA_World_Rally_Championship_4_PAL_XBOX360-COMPLEX.torrent, Do karantény, [afdd0cf11a6f49ed1397156548bbdc24],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

Defender jsem vypnul
ESET jsem doplnil včera, když už AVAST selhal, AVAST není cracknutý, je to ta základní licence zdarma

ADW , ST, i TR už je pryč

log z MBAM přikládám :

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 30.1.2015
Čas skenování: 15:11:03
Protokol: MBAM.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2015.01.30.04
Databáze rootkitů: v2015.01.14.01
Licence: Premium
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Pavel

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 337009
Uplynulý čas: 6 min, 4 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 5
PUP.Optional.Babylon.A, HKU\S-1-5-21-1652633647-405593163-2038319680-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Do karantény, [ccc0996401887cba60fbde1af30f718f],
PUP.Optional.Kozaka.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mciekghplkkgcmofonmkmlomhkamochd, Do karantény, [c2ca41bcabde95a1c69642628a7960a0],
PUP.Optional.RegCleanPro.A, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\RegClean Pro, Do karantény, [4f3da855a9e08bab1828a6fb9271629e],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-1652633647-405593163-2038319680-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, Do karantény, [4448ea137118bd794c76bd20e51f41bf],
PUP.Optional.WebPlayer.A, HKU\S-1-5-21-1652633647-405593163-2038319680-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WEBPLAYER, Do karantény, [f89430cd23665dd9b8afefb1669de61a],

Hodnoty registru: 1
PUP.Optional.WebPlayer.A, HKU\S-1-5-21-1652633647-405593163-2038319680-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WEBPLAYER|AppsHat, 1, Do karantény, [f89430cd23665dd9b8afefb1669de61a]

Data registru: 2
PUP.Optional.DoSearches, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://search.dosearches.com/web/?utm_s ... earchTerms}, Dobré: (www.google.com), Špatné: (http://search.dosearches.com/web/?utm_s ... earchTerms}),Nahrazeno,[1c7017e6b6d37bbbee81ebb4cf36f50b]
PUP.Optional.DoSearches, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://search.dosearches.com/web/?utm_s ... earchTerms}, Dobré: (www.google.com), Špatné: (http://search.dosearches.com/web/?utm_s ... earchTerms}),Nahrazeno,[711b4db06c1d6fc78ae5ecb3aa5b30d0]

Složky: 12
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\icons, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\web_player, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro, Do karantény, [cbc1c9348405bc7a11a8c4ea857e0cf4],
PUP.Optional.Appshat.A, C:\Users\Pavel\AppData\Local\AppsHat Mobile Apps, Do karantény, [f59707f68702d462766b174731d2a45c],
PUP.Optional.AppsHat.A, C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat, Do karantény, [3f4dd7264940d4624a0fe98c946f827e],
PUP.Optional.MagnetTV.A, C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Magnet-TV.com, Do karantény, [810b5e9f8aff86b08d1c71098a7902fe],
PUP.Optional.MagnetTV.A, C:\Program Files (x86)\Magnet-TV.com, Do karantény, [afdd0cf11a6f49ed1397156548bbdc24],
PUP.Optional.MagnetTV.A, C:\Program Files (x86)\Magnet-TV.com\Torrents, Do karantény, [afdd0cf11a6f49ed1397156548bbdc24],

Soubory: 29
PUP.Optional.RegCleanerPro, C:\Windows\System32\Tasks\RegClean Pro, Do karantény, [f79515e84f3a51e5798832684ab93bc5],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\installer.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\common.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\Uninstall.exe, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\icons\main.ico, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\icons\shortcut.ico, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\icons\tray.ico, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\config.xml, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\default_config.json, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\main.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\stub.html, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\event_listener.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\initialize.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\io.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\json.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\jsonstorage.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\storage.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\utils.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\xhr.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\web_player\initialize.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\web_player\web_player.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\Register RegClean Pro.lnk, Do karantény, [cbc1c9348405bc7a11a8c4ea857e0cf4],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro.lnk, Do karantény, [cbc1c9348405bc7a11a8c4ea857e0cf4],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\Uninstall RegClean Pro.lnk, Do karantény, [cbc1c9348405bc7a11a8c4ea857e0cf4],
PUP.Optional.AppsHat.A, C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat\AppsHat.lnk, Do karantény, [3f4dd7264940d4624a0fe98c946f827e],
PUP.Optional.AppsHat.A, C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat\Uninstall.lnk, Do karantény, [3f4dd7264940d4624a0fe98c946f827e],
PUP.Optional.MagnetTV.A, C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Magnet-TV.com\MagnetTV.lnk, Do karantény, [810b5e9f8aff86b08d1c71098a7902fe],
PUP.Optional.MagnetTV.A, C:\Program Files (x86)\Magnet-TV.com\Torrents\WRC_FIA_World_Rally_Championship_4_PAL_XBOX360-COMPLEX.torrent, Do karantény, [afdd0cf11a6f49ed1397156548bbdc24],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

Defender jsem vypnul
ESET jsem doplnil včera, když už AVAST selhal, AVAST není cracknutý, je to ta základní licence zdarma

ADW , ST, i TR už je pryč

log z MBAM přikládám :

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 30.1.2015
Čas skenování: 15:11:03
Protokol: MBAM.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2015.01.30.04
Databáze rootkitů: v2015.01.14.01
Licence: Premium
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Pavel

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 337009
Uplynulý čas: 6 min, 4 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 5
PUP.Optional.Babylon.A, HKU\S-1-5-21-1652633647-405593163-2038319680-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Do karantény, [ccc0996401887cba60fbde1af30f718f],
PUP.Optional.Kozaka.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mciekghplkkgcmofonmkmlomhkamochd, Do karantény, [c2ca41bcabde95a1c69642628a7960a0],
PUP.Optional.RegCleanPro.A, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\RegClean Pro, Do karantény, [4f3da855a9e08bab1828a6fb9271629e],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-1652633647-405593163-2038319680-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, Do karantény, [4448ea137118bd794c76bd20e51f41bf],
PUP.Optional.WebPlayer.A, HKU\S-1-5-21-1652633647-405593163-2038319680-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WEBPLAYER, Do karantény, [f89430cd23665dd9b8afefb1669de61a],

Hodnoty registru: 1
PUP.Optional.WebPlayer.A, HKU\S-1-5-21-1652633647-405593163-2038319680-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WEBPLAYER|AppsHat, 1, Do karantény, [f89430cd23665dd9b8afefb1669de61a]

Data registru: 2
PUP.Optional.DoSearches, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://search.dosearches.com/web/?utm_s ... earchTerms}, Dobré: (www.google.com), Špatné: (http://search.dosearches.com/web/?utm_s ... earchTerms}),Nahrazeno,[1c7017e6b6d37bbbee81ebb4cf36f50b]
PUP.Optional.DoSearches, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://search.dosearches.com/web/?utm_s ... earchTerms}, Dobré: (www.google.com), Špatné: (http://search.dosearches.com/web/?utm_s ... earchTerms}),Nahrazeno,[711b4db06c1d6fc78ae5ecb3aa5b30d0]

Složky: 12
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\icons, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\web_player, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro, Do karantény, [cbc1c9348405bc7a11a8c4ea857e0cf4],
PUP.Optional.Appshat.A, C:\Users\Pavel\AppData\Local\AppsHat Mobile Apps, Do karantény, [f59707f68702d462766b174731d2a45c],
PUP.Optional.AppsHat.A, C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat, Do karantény, [3f4dd7264940d4624a0fe98c946f827e],
PUP.Optional.MagnetTV.A, C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Magnet-TV.com, Do karantény, [810b5e9f8aff86b08d1c71098a7902fe],
PUP.Optional.MagnetTV.A, C:\Program Files (x86)\Magnet-TV.com, Do karantény, [afdd0cf11a6f49ed1397156548bbdc24],
PUP.Optional.MagnetTV.A, C:\Program Files (x86)\Magnet-TV.com\Torrents, Do karantény, [afdd0cf11a6f49ed1397156548bbdc24],

Soubory: 29
PUP.Optional.RegCleanerPro, C:\Windows\System32\Tasks\RegClean Pro, Do karantény, [f79515e84f3a51e5798832684ab93bc5],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\installer.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\common.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\Uninstall.exe, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\icons\main.ico, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\icons\shortcut.ico, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\icons\tray.ico, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\config.xml, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\default_config.json, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\main.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\stub.html, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\event_listener.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\initialize.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\io.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\json.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\jsonstorage.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\storage.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\utils.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\xhr.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\web_player\initialize.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\web_player\web_player.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\Register RegClean Pro.lnk, Do karantény, [cbc1c9348405bc7a11a8c4ea857e0cf4],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro.lnk, Do karantény, [cbc1c9348405bc7a11a8c4ea857e0cf4],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\Uninstall RegClean Pro.lnk, Do karantény, [cbc1c9348405bc7a11a8c4ea857e0cf4],
PUP.Optional.AppsHat.A, C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat\AppsHat.lnk, Do karantény, [3f4dd7264940d4624a0fe98c946f827e],
PUP.Optional.AppsHat.A, C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat\Uninstall.lnk, Do karantény, [3f4dd7264940d4624a0fe98c946f827e],
PUP.Optional.MagnetTV.A, C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Magnet-TV.com\MagnetTV.lnk, Do karantény, [810b5e9f8aff86b08d1c71098a7902fe],
PUP.Optional.MagnetTV.A, C:\Program Files (x86)\Magnet-TV.com\Torrents\WRC_FIA_World_Rally_Championship_4_PAL_XBOX360-COMPLEX.torrent, Do karantény, [afdd0cf11a6f49ed1397156548bbdc24],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

Defender jsem vypnul
ESET jsem doplnil včera, když už AVAST selhal, AVAST není cracknutý, je to ta základní licence zdarma

ADW , ST, i TR už je pryč

log z MBAM přikládám :

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 30.1.2015
Čas skenování: 15:11:03
Protokol: MBAM.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2015.01.30.04
Databáze rootkitů: v2015.01.14.01
Licence: Premium
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Pavel

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 337009
Uplynulý čas: 6 min, 4 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 5
PUP.Optional.Babylon.A, HKU\S-1-5-21-1652633647-405593163-2038319680-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Do karantény, [ccc0996401887cba60fbde1af30f718f],
PUP.Optional.Kozaka.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mciekghplkkgcmofonmkmlomhkamochd, Do karantény, [c2ca41bcabde95a1c69642628a7960a0],
PUP.Optional.RegCleanPro.A, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\RegClean Pro, Do karantény, [4f3da855a9e08bab1828a6fb9271629e],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-1652633647-405593163-2038319680-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, Do karantény, [4448ea137118bd794c76bd20e51f41bf],
PUP.Optional.WebPlayer.A, HKU\S-1-5-21-1652633647-405593163-2038319680-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WEBPLAYER, Do karantény, [f89430cd23665dd9b8afefb1669de61a],

Hodnoty registru: 1
PUP.Optional.WebPlayer.A, HKU\S-1-5-21-1652633647-405593163-2038319680-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WEBPLAYER|AppsHat, 1, Do karantény, [f89430cd23665dd9b8afefb1669de61a]

Data registru: 2
PUP.Optional.DoSearches, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://search.dosearches.com/web/?utm_s ... earchTerms}, Dobré: (www.google.com), Špatné: (http://search.dosearches.com/web/?utm_s ... earchTerms}),Nahrazeno,[1c7017e6b6d37bbbee81ebb4cf36f50b]
PUP.Optional.DoSearches, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://search.dosearches.com/web/?utm_s ... earchTerms}, Dobré: (www.google.com), Špatné: (http://search.dosearches.com/web/?utm_s ... earchTerms}),Nahrazeno,[711b4db06c1d6fc78ae5ecb3aa5b30d0]

Složky: 12
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\icons, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\web_player, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro, Do karantény, [cbc1c9348405bc7a11a8c4ea857e0cf4],
PUP.Optional.Appshat.A, C:\Users\Pavel\AppData\Local\AppsHat Mobile Apps, Do karantény, [f59707f68702d462766b174731d2a45c],
PUP.Optional.AppsHat.A, C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat, Do karantény, [3f4dd7264940d4624a0fe98c946f827e],
PUP.Optional.MagnetTV.A, C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Magnet-TV.com, Do karantény, [810b5e9f8aff86b08d1c71098a7902fe],
PUP.Optional.MagnetTV.A, C:\Program Files (x86)\Magnet-TV.com, Do karantény, [afdd0cf11a6f49ed1397156548bbdc24],
PUP.Optional.MagnetTV.A, C:\Program Files (x86)\Magnet-TV.com\Torrents, Do karantény, [afdd0cf11a6f49ed1397156548bbdc24],

Soubory: 29
PUP.Optional.RegCleanerPro, C:\Windows\System32\Tasks\RegClean Pro, Do karantény, [f79515e84f3a51e5798832684ab93bc5],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\installer.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\common.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\Uninstall.exe, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\icons\main.ico, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\icons\shortcut.ico, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\icons\tray.ico, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\config.xml, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\default_config.json, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\main.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\stub.html, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\event_listener.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\initialize.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\io.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\json.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\jsonstorage.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\storage.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\utils.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\kango\xhr.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\web_player\initialize.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.WebPlayer.A, C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\scripts\web_player\web_player.js, Do karantény, [0b81c7362960b3838ed7bee221e2db25],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\Register RegClean Pro.lnk, Do karantény, [cbc1c9348405bc7a11a8c4ea857e0cf4],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro.lnk, Do karantény, [cbc1c9348405bc7a11a8c4ea857e0cf4],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\Uninstall RegClean Pro.lnk, Do karantény, [cbc1c9348405bc7a11a8c4ea857e0cf4],
PUP.Optional.AppsHat.A, C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat\AppsHat.lnk, Do karantény, [3f4dd7264940d4624a0fe98c946f827e],
PUP.Optional.AppsHat.A, C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat\Uninstall.lnk, Do karantény, [3f4dd7264940d4624a0fe98c946f827e],
PUP.Optional.MagnetTV.A, C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Magnet-TV.com\MagnetTV.lnk, Do karantény, [810b5e9f8aff86b08d1c71098a7902fe],
PUP.Optional.MagnetTV.A, C:\Program Files (x86)\Magnet-TV.com\Torrents\WRC_FIA_World_Rally_Championship_4_PAL_XBOX360-COMPLEX.torrent, Do karantény, [afdd0cf11a6f49ed1397156548bbdc24],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

# AdwCleaner v4.109 - Report created 30/01/2015 at 15:27:46
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Pavel - PAVEL-PC
# Running from : C:\Users\Pavel\Downloads\adwcleaner_4.109.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Users\Pavel\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Pavel\AppData\LocalLow\Minibar
Folder Deleted : C:\Users\Pavel\AppData\Roaming\goforfiles
Folder Deleted : C:\Users\Pavel\AppData\Roaming\Optimizer Pro
Folder Deleted : C:\Users\Pavel\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
File Deleted : C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\tije5ak8.default\searchplugins\securesearch.xml

***** [ Scheduled Tasks ] *****

Task Deleted : GoforFilesUpdate
Task Deleted : RegClean Pro

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\systweak
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - :0

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v34.0.5 (x86 cs)

[tije5ak8.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10088_cnet_150130");
[tije5ak8.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10088_cnet_150130");

-\\ Google Chrome v40.0.2214.93


*************************

AdwCleaner[R0].txt - [5128 octets] - [30/01/2015 15:26:15]
AdwCleaner[S0].txt - [4495 octets] - [30/01/2015 15:27:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4555 octets] ##########

Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
pri druhem a dalsim spusteni musite explicitne zatrhnout moznost Addition, aby se Addition.txt vytvoril

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by Pavel (administrator) on PAVEL-PC on 30-01-2015 17:37:42
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel (Available profiles: Pavel)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.1.4\LavasoftTcpService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher(2).exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1652633647-405593163-2038319680-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1652633647-405593163-2038319680-1000\...\Run: [uTorrent] => C:\Users\Pavel\AppData\Roaming\uTorrent\uTorrent.exe [1374032 2015-01-21] (BitTorrent Inc.)
HKU\S-1-5-21-1652633647-405593163-2038319680-1000\...\MountPoints2: {737d350d-26cc-11e3-9141-902b34957c42} - J:\autorun\autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\tije5ak8.default
FF DefaultSearchEngine: Ad-Aware SecureSearch
FF DefaultSearchUrl: https://www.google.com/search
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Ad-Aware SecureSearch
FF Keyword.URL: https://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-30]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-04]
FF HKU\S-1-5-21-1652633647-405593163-2038319680-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-20]
CHR Extension: (Peněženka Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-20]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-20] (AVAST Software)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-07-23] (Garmin Ltd or its subsidiaries)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.1.4\LavasoftTcpService.exe [1364392 2015-01-23] (Lavasoft Limited)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [15208 2015-01-23] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-21] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-20] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 17:37 - 2015-01-30 17:38 - 00015024 _____ () C:\Users\Pavel\Desktop\FRST.txt
2015-01-30 17:36 - 2015-01-30 17:36 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Downloads\FRSTLauncher(1).exe
2015-01-30 17:36 - 2015-01-30 17:36 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher(2).exe
2015-01-30 17:36 - 2015-01-30 17:36 - 00029696 _____ () C:\Users\Pavel\AppData\Local\MSGBOX.EXE
2015-01-30 17:36 - 2015-01-30 17:36 - 00015327 _____ () C:\Users\Pavel\Desktop\LM.bat
2015-01-30 15:40 - 2015-01-30 15:40 - 00000773 _____ () C:\Users\Pavel\Desktop\Pokuty.lnk
2015-01-30 15:40 - 2015-01-30 15:40 - 00000742 _____ () C:\Users\Pavel\Desktop\360.lnk
2015-01-30 15:39 - 2015-01-30 15:39 - 00000793 _____ () C:\Users\Pavel\Desktop\Zajímavé.lnk
2015-01-30 15:38 - 2015-01-30 15:38 - 00000733 _____ () C:\Users\Pavel\Desktop\KU.lnk
2015-01-30 15:36 - 2015-01-30 15:36 - 00000764 _____ () C:\Users\Pavel\Desktop\práce.lnk
2015-01-30 15:35 - 2015-01-30 15:35 - 00000820 _____ () C:\Users\Pavel\Desktop\Nemovitosti.lnk
2015-01-30 15:35 - 2015-01-30 15:35 - 00000773 _____ () C:\Users\Pavel\Desktop\Passat.lnk
2015-01-30 15:30 - 2015-01-30 15:30 - 00004675 _____ () C:\Users\Pavel\Desktop\AdwCleaner[S0].txt
2015-01-30 15:26 - 2015-01-30 15:27 - 00000000 ____D () C:\AdwCleaner
2015-01-30 15:24 - 2015-01-30 15:25 - 02194432 _____ () C:\Users\Pavel\Downloads\adwcleaner_4.109.exe
2015-01-30 15:21 - 2015-01-30 15:28 - 00012222 _____ () C:\Windows\PFRO.log
2015-01-30 15:18 - 2015-01-30 15:18 - 00009218 _____ () C:\Users\Pavel\Desktop\MBAM.txt
2015-01-30 15:07 - 2015-01-30 15:07 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-30 15:05 - 2015-01-30 15:05 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Ad-Aware Antivirus
2015-01-30 13:40 - 2015-01-30 13:40 - 00072182 _____ () C:\Users\Pavel\Desktop\Extras.Txt
2015-01-30 13:39 - 2015-01-30 13:39 - 00257074 _____ () C:\Users\Pavel\Desktop\OTL.Txt
2015-01-30 12:50 - 2015-01-30 12:50 - 00000000 ____H () C:\Users\Pavel\AppData\Local\BITF2F5.tmp
2015-01-30 12:48 - 2015-01-30 12:48 - 00000000 _____ () C:\Users\Pavel\AppData\Local\{D00617FA-3E29-4D22-A084-EDC5C21D78A1}
2015-01-30 12:47 - 2015-01-30 15:28 - 00000224 _____ () C:\Windows\setupact.log
2015-01-30 12:47 - 2015-01-30 12:47 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-30 03:16 - 2015-01-30 03:16 - 00000681 _____ () C:\Users\Pavel\Desktop\trutriko – zástupce.lnk
2015-01-30 03:06 - 2015-01-30 13:00 - 00000512 _____ () C:\PhysicalMBR.bin
2015-01-30 03:02 - 2015-01-30 03:02 - 00602112 _____ (OldTimer Tools) C:\Users\Pavel\Downloads\OTL (1).exe
2015-01-30 03:01 - 2015-01-30 03:02 - 00602112 _____ (OldTimer Tools) C:\Users\Pavel\Desktop\OTL.exe
2015-01-30 02:53 - 2015-01-30 02:53 - 00000000 ____D () C:\Users\Pavel\AppData\Local\ESET
2015-01-30 02:45 - 2015-01-30 17:37 - 00000000 ____D () C:\FRST
2015-01-30 02:43 - 2015-01-30 02:43 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Downloads\FRSTLauncher.exe
2015-01-30 02:41 - 2015-01-30 02:41 - 02130432 _____ (Farbar) C:\Users\Pavel\Desktop\FRST64.exe
2015-01-30 02:27 - 2015-01-30 02:30 - 00001634 _____ () C:\Users\Pavel\Desktop\Rkill.txt
2015-01-30 02:27 - 2015-01-30 02:27 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Pavel\Downloads\rkill.com
2015-01-30 02:25 - 2015-01-30 02:25 - 00009631 _____ () C:\Users\Pavel\Downloads\hijackthis.log
2015-01-30 02:24 - 2015-01-30 02:24 - 00388608 _____ (Trend Micro Inc.) C:\Users\Pavel\Downloads\HijackThis.exe
2015-01-30 02:16 - 2015-01-30 02:18 - 73400320 _____ () C:\Users\Pavel\Downloads\eav_nt64_csy.msi
2015-01-30 02:01 - 2015-01-30 02:01 - 00000708 _____ () C:\Users\Pavel\Desktop\focení vlak – zástupce.lnk
2015-01-30 01:07 - 2015-01-30 01:07 - 00005096 _____ () C:\Windows\SysWOW64\LavasoftTcpService.ini
2015-01-30 01:07 - 2015-01-30 01:07 - 00002792 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-01-30 01:07 - 2015-01-30 01:07 - 00002792 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-01-30 01:07 - 2015-01-30 01:07 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Lavasoft
2015-01-30 01:07 - 2015-01-23 06:39 - 00378832 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-01-30 01:07 - 2015-01-23 06:39 - 00332216 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-01-30 01:06 - 2015-01-30 01:49 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Lavasoft
2015-01-30 01:06 - 2015-01-30 01:06 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2015-01-30 01:05 - 2015-01-30 01:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-01-30 01:00 - 2015-01-30 01:07 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\LavasoftStatistics
2015-01-30 00:58 - 2015-01-30 00:58 - 00937208 _____ (Crawler.com ) C:\Users\Pavel\Downloads\SpywareTerminatorSetup.exe
2015-01-30 00:57 - 2015-01-30 00:57 - 01924232 _____ () C:\Users\Pavel\Downloads\Adaware_Installer.exe
2015-01-30 00:52 - 2015-01-30 00:52 - 00880784 _____ (Google Inc.) C:\Users\Pavel\Downloads\ChromeSetup.exe
2015-01-30 00:38 - 2015-01-30 00:38 - 00000000 ____D () C:\ProgramData\Licenses
2015-01-30 00:36 - 2015-01-30 00:36 - 21657592 _____ (Simply Super Software ) C:\Users\Pavel\Downloads\trjsetup.exe
2015-01-29 23:24 - 2015-01-29 23:24 - 00080021 _____ () C:\Users\Pavel\Downloads\Dragons.Dogma.Dark.Arisen.XBOX360-iMARS.torrent
2015-01-29 23:22 - 2015-01-29 23:22 - 00105695 _____ () C:\Users\Pavel\Downloads\EA_SPORTS_MMA_360-CCCLX.torrent
2015-01-29 23:22 - 2015-01-29 23:22 - 00105628 _____ () C:\Users\Pavel\Downloads\F9B56521B074C00D52CDB81E1D76AD938E79B204.torrent
2015-01-29 23:15 - 2015-01-29 23:15 - 00072878 _____ () C:\Users\Pavel\Downloads\Project_gotham_racing_4_xbox360 ccclx.torrent
2015-01-29 23:07 - 2015-01-29 23:07 - 00038936 _____ () C:\Users\Pavel\Downloads\Pure USA XBOX360 iMARS.torrent
2015-01-29 23:05 - 2015-01-29 23:05 - 00527257 _____ () C:\Users\Pavel\Downloads\Dark.Souls.II.XBOX360-iMARS.torrent
2015-01-29 23:04 - 2015-01-29 23:04 - 00167583 _____ () C:\Users\Pavel\Downloads\Arcania.The.Complete.Tale.XBOX360-COMPLEX.torrent
2015-01-29 22:59 - 2015-01-29 22:59 - 00667933 _____ () C:\Users\Pavel\Downloads\Sleeping.Dogs.XBOX360-SWAG.torrent
2015-01-29 21:26 - 2015-01-29 21:26 - 00070399 _____ () C:\Users\Pavel\Downloads\mostlymono.zip
2015-01-29 20:36 - 2015-01-29 20:36 - 00037708 _____ () C:\Users\Pavel\Downloads\short-stack.zip
2015-01-28 18:06 - 2015-01-28 18:06 - 03655511 _____ () C:\Users\Pavel\Downloads\2147499535 (1).zip
2015-01-28 18:01 - 2015-01-28 18:02 - 01116815 _____ () C:\Users\Pavel\Downloads\2147498593.zip
2015-01-28 18:00 - 2015-01-28 18:01 - 01741931 _____ () C:\Users\Pavel\Downloads\2147488856.zip
2015-01-28 17:59 - 2015-01-28 17:59 - 03655511 _____ () C:\Users\Pavel\Downloads\2147499535.zip
2015-01-28 17:44 - 2015-01-28 17:44 - 01945541 _____ () C:\Users\Pavel\Downloads\2147498594.zip
2015-01-28 17:34 - 2015-01-28 17:35 - 04761973 _____ () C:\Users\Pavel\Downloads\2147491427.zip
2015-01-27 10:48 - 2015-01-27 10:56 - 23495416 _____ () C:\Users\Pavel\Downloads\1276103136400_zcool.com.cn.rar
2015-01-27 10:39 - 2015-01-27 10:39 - 03390087 _____ () C:\Users\Pavel\Downloads\2147496323.zip
2015-01-25 12:39 - 2015-01-25 12:39 - 07787149 _____ () C:\Users\Pavel\Downloads\hitchcock.ai
2015-01-24 21:08 - 2015-01-24 21:08 - 01537076 _____ () C:\Users\Pavel\Downloads\2147500285 (1).zip
2015-01-24 21:05 - 2015-01-24 21:05 - 01537076 _____ () C:\Users\Pavel\Downloads\2147500285.zip
2015-01-24 19:53 - 2015-01-24 19:54 - 03906844 _____ () C:\Users\Pavel\Downloads\2147493159.zip
2015-01-24 17:47 - 2015-01-24 17:47 - 01026511 _____ () C:\Users\Pavel\Downloads\umbrella-vector-set.zip
2015-01-24 17:27 - 2015-01-24 17:29 - 01446158 _____ () C:\Users\Pavel\Downloads\1321242296456_zcool.com.cn.rar
2015-01-24 17:16 - 2015-01-24 17:16 - 01623795 _____ () C:\Users\Pavel\Downloads\trendy-dark-mens-suit-vector-graphic (1).zip
2015-01-24 17:14 - 2015-01-24 17:15 - 01623795 _____ () C:\Users\Pavel\Downloads\trendy-dark-mens-suit-vector-graphic.zip
2015-01-24 17:08 - 2015-01-24 17:08 - 00188600 _____ () C:\Users\Pavel\Downloads\businessman-character-set.zip
2015-01-24 17:00 - 2015-01-24 17:00 - 00719995 _____ () C:\Users\Pavel\Downloads\2147486538.zip
2015-01-24 16:56 - 2015-01-24 16:56 - 00003894 _____ () C:\Users\Pavel\Downloads\charlie.eps
2015-01-24 16:47 - 2015-01-24 16:47 - 00057598 _____ () C:\Users\Pavel\Downloads\2009100647.zip
2015-01-24 12:37 - 2015-01-24 12:37 - 02027115 _____ () C:\Users\Pavel\Downloads\cute-olws.zip
2015-01-24 12:34 - 2015-01-24 12:34 - 01007391 _____ () C:\Users\Pavel\Downloads\Halloween_02.zip
2015-01-23 19:28 - 2015-01-23 19:28 - 00025283 _____ () C:\Users\Pavel\Downloads\atmahoganyscript.zip
2015-01-23 19:20 - 2015-01-23 19:20 - 09401556 _____ () C:\Users\Pavel\Downloads\mtf_allfonts (3).zip
2015-01-23 19:19 - 2015-01-23 19:20 - 09401556 _____ () C:\Users\Pavel\Downloads\mtf_allfonts (2).zip
2015-01-23 19:19 - 2015-01-23 19:19 - 00099485 _____ () C:\Users\Pavel\Downloads\mtf_baseoutline_ttf.zip
2015-01-23 00:58 - 2015-01-23 00:59 - 00088369 _____ () C:\Users\Pavel\Downloads\fwd-_preklad_a_korektura.eml
2015-01-22 22:09 - 2015-01-22 22:09 - 04038864 _____ () C:\Users\Pavel\Downloads\2147492457.zip
2015-01-22 20:57 - 2015-01-22 20:57 - 01282574 _____ () C:\Users\Pavel\Downloads\2147490130.zip
2015-01-22 20:54 - 2015-01-22 20:54 - 01516662 _____ () C:\Users\Pavel\Downloads\2147498109.zip
2015-01-22 18:59 - 2015-01-22 18:59 - 01296811 _____ () C:\Users\Pavel\Downloads\2147500240 (1).zip
2015-01-22 18:54 - 2015-01-22 18:54 - 01296811 _____ () C:\Users\Pavel\Downloads\2147500240.zip
2015-01-22 18:54 - 2015-01-22 18:54 - 01030028 _____ () C:\Users\Pavel\Downloads\BIRD_IN_NEST.zip
2015-01-22 16:59 - 2015-01-22 16:59 - 18219168 _____ () C:\Users\Pavel\Downloads\BOTANICALSVINTAGE.zip
2015-01-21 00:30 - 2015-01-21 00:30 - 02412587 _____ () C:\Users\Pavel\Downloads\2147500647.zip
2015-01-21 00:27 - 2015-01-21 00:27 - 00939318 _____ () C:\Users\Pavel\Downloads\6336715.zip
2015-01-21 00:26 - 2015-01-21 00:26 - 01968684 _____ () C:\Users\Pavel\Downloads\7-tree-silhouettes.zip
2015-01-21 00:24 - 2015-01-21 00:24 - 05240278 _____ () C:\Users\Pavel\Downloads\2147496927.zip
2015-01-20 21:10 - 2015-01-20 21:10 - 03454354 _____ () C:\Users\Pavel\Downloads\2147492092.zip
2015-01-20 21:02 - 2015-01-20 21:02 - 00779500 _____ () C:\Users\Pavel\Downloads\2147493522.zip
2015-01-20 20:29 - 2015-01-20 20:29 - 02221571 _____ () C:\Users\Pavel\Downloads\682818.zip
2015-01-20 19:48 - 2015-01-20 19:48 - 02193320 _____ () C:\Users\Pavel\Downloads\2147496782.zip
2015-01-20 19:46 - 2015-01-20 19:46 - 02185465 _____ () C:\Users\Pavel\Downloads\2147486617.zip
2015-01-20 16:54 - 2015-01-20 16:56 - 59133100 _____ () C:\Users\Pavel\Downloads\Volume 01.rar
2015-01-20 16:50 - 2015-01-20 16:50 - 05060023 _____ () C:\Users\Pavel\Downloads\Guvernérove akváriá.rar
2015-01-20 16:43 - 2015-01-20 16:43 - 00012569 _____ () C:\Users\Pavel\Downloads\The_Walking_Dead.torrent
2015-01-20 16:42 - 2015-01-20 16:42 - 00059698 _____ () C:\Users\Pavel\Downloads\The_Walking_Dead.ep.1-5.torrent
2015-01-20 10:34 - 2015-01-20 10:34 - 01024405 _____ () C:\Users\Pavel\Downloads\2147493788.zip
2015-01-19 23:41 - 2015-01-19 23:41 - 00003490 _____ () C:\Users\Pavel\Downloads\phone37.eps
2015-01-19 23:38 - 2015-01-19 23:38 - 01886327 _____ () C:\Users\Pavel\Downloads\2147490624.zip
2015-01-19 23:29 - 2015-01-19 23:29 - 02058993 _____ () C:\Users\Pavel\Downloads\intro.zip
2015-01-19 23:15 - 2015-01-19 23:15 - 00196606 _____ () C:\Users\Pavel\Downloads\saf.zip
2015-01-18 19:53 - 2015-01-18 19:53 - 03988669 _____ () C:\Users\Pavel\Downloads\2147497421.zip
2015-01-18 19:51 - 2015-01-18 19:52 - 05860297 _____ () C:\Users\Pavel\Downloads\2147502750.zip
2015-01-18 19:46 - 2015-01-18 19:46 - 02383210 _____ () C:\Users\Pavel\Downloads\FreeVector.com-Amy-Winehouse-Vector-Graphics.zip
2015-01-18 19:39 - 2015-01-18 19:39 - 03170978 _____ () C:\Users\Pavel\Downloads\2147495385.zip
2015-01-18 19:31 - 2015-01-18 19:31 - 04598577 _____ () C:\Users\Pavel\Downloads\FreeVector-Amy-Winehouse-Vector.zip
2015-01-18 19:27 - 2015-01-18 19:27 - 00728457 _____ () C:\Users\Pavel\Downloads\682815.zip
2015-01-18 19:22 - 2015-01-18 19:22 - 00188019 _____ () C:\Users\Pavel\Downloads\afro1.zip
2015-01-18 19:04 - 2015-01-18 19:04 - 04035373 _____ () C:\Users\Pavel\Downloads\FreeVector-Free-Elvis-Presley-Vector.zip
2015-01-18 15:48 - 2015-01-18 15:48 - 00186229 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000119-light-blue (2).zip
2015-01-18 15:19 - 2015-01-18 15:19 - 02325727 _____ () C:\Users\Pavel\Downloads\2147496443 (1).zip
2015-01-18 14:57 - 2015-01-18 14:57 - 03733428 _____ () C:\Users\Pavel\Downloads\2147502810.zip
2015-01-17 23:13 - 2015-01-17 23:13 - 00045832 _____ () C:\Users\Pavel\Desktop\Splň si sny v SABANERO.html
2015-01-17 23:13 - 2015-01-17 23:13 - 00000000 ____D () C:\Users\Pavel\Desktop\Splň si sny v SABANERO_files
2015-01-17 22:54 - 2015-01-17 22:54 - 00037985 _____ () C:\Users\Pavel\Desktop\Práce Grafik, pracovník reklamy - Karel Fukala - Atelier eye - Havířov Indeed.com.html
2015-01-17 22:54 - 2015-01-17 22:54 - 00000000 ____D () C:\Users\Pavel\Desktop\Práce Grafik, pracovník reklamy - Karel Fukala - Atelier eye - Havířov Indeed.com_files
2015-01-17 22:20 - 2015-01-17 22:20 - 00019966 _____ () C:\Users\Pavel\Desktop\Prace.cz - GRAFIK - ADMINISTRATIVNÍ PRACOVNÍK.html
2015-01-17 22:20 - 2015-01-17 22:20 - 00000000 ____D () C:\Users\Pavel\Desktop\Prace.cz - GRAFIK - ADMINISTRATIVNÍ PRACOVNÍK_files
2015-01-17 22:15 - 2015-01-17 22:15 - 00019530 _____ () C:\Users\Pavel\Desktop\Prace.cz - TECHNICKÝ GRAFIK GRAFIČKA.html
2015-01-17 22:15 - 2015-01-17 22:15 - 00000000 ____D () C:\Users\Pavel\Desktop\Prace.cz - TECHNICKÝ GRAFIK GRAFIČKA_files
2015-01-16 21:50 - 2015-01-16 21:50 - 00707485 _____ () C:\Users\Pavel\Downloads\714364.zip
2015-01-16 21:48 - 2015-01-16 21:49 - 09229557 _____ () C:\Users\Pavel\Downloads\2147502872.zip
2015-01-16 13:57 - 2015-01-16 13:57 - 04790680 _____ () C:\Users\Pavel\Downloads\2147502874 (1).zip
2015-01-16 13:56 - 2015-01-16 13:56 - 04790680 _____ () C:\Users\Pavel\Downloads\2147502874.zip
2015-01-16 13:08 - 2015-01-16 13:08 - 00018944 _____ () C:\Users\Pavel\Downloads\faktura.xls
2015-01-16 10:54 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-16 10:54 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-16 10:54 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-16 10:54 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-16 10:54 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-16 10:54 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-16 10:54 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-15 23:03 - 2015-01-15 23:03 - 01616461 _____ () C:\Users\Pavel\Downloads\2147502858.zip
2015-01-15 21:29 - 2015-01-15 21:29 - 02758008 _____ () C:\Users\Pavel\Downloads\2147498125.zip
2015-01-15 21:29 - 2015-01-15 21:29 - 02758008 _____ () C:\Users\Pavel\Downloads\2147498125 (1).zip
2015-01-15 21:26 - 2015-01-15 21:26 - 05887127 _____ () C:\Users\Pavel\Downloads\2147493161.zip
2015-01-15 21:23 - 2015-01-15 21:23 - 00209197 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000011-maroon-copper.zip
2015-01-15 21:21 - 2015-01-15 21:21 - 00123768 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000002-gray-black (1).zip
2015-01-15 21:18 - 2015-01-15 21:18 - 00214778 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000057-sandy-burnt-umber.zip
2015-01-15 21:17 - 2015-01-15 21:17 - 00181022 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000096-golden-yellow.zip
2015-01-15 21:16 - 2015-01-15 21:16 - 00208647 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000108-medium-tea-rose.zip
2015-01-15 21:16 - 2015-01-15 21:16 - 00195635 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000029-orange-red-violet.zip
2015-01-15 21:09 - 2015-01-15 21:09 - 00123768 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000002-gray-black.zip
2015-01-15 21:08 - 2015-01-15 21:08 - 00189056 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000042-gradient-dark-blue.zip
2015-01-15 21:08 - 2015-01-15 21:08 - 00171708 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000055-melted-chocolate.zip
2015-01-15 21:07 - 2015-01-15 21:07 - 00134513 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000040-dark-midnight-blue.zip
2015-01-15 21:07 - 2015-01-15 21:07 - 00081050 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000023-midnight-blue.zip
2015-01-15 21:06 - 2015-01-15 21:06 - 00187153 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000054-deep-green.zip
2015-01-15 21:06 - 2015-01-15 21:06 - 00186229 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000119-light-blue.zip
2015-01-15 21:06 - 2015-01-15 21:06 - 00186229 _____ () C:\Users\Pavel\Downloads\watercolor-grunge-000119-light-blue (1).zip
2015-01-15 21:01 - 2015-01-15 21:01 - 01098375 _____ () C:\Users\Pavel\Downloads\2147502125.zip
2015-01-15 20:59 - 2015-01-15 20:59 - 01601845 _____ () C:\Users\Pavel\Downloads\2147500767.zip
2015-01-15 15:14 - 2015-01-15 15:14 - 01471273 _____ () C:\Users\Pavel\Downloads\2147494480.zip
2015-01-15 14:36 - 2015-01-15 14:36 - 00452281 _____ () C:\Users\Pavel\Downloads\2147486282.zip
2015-01-15 14:34 - 2015-01-15 14:34 - 01649092 _____ () C:\Users\Pavel\Downloads\2147491234.zip
2015-01-15 12:29 - 2015-01-15 12:31 - 00047104 _____ () C:\Users\Pavel\Desktop\Pinďondírov bonami naskladneni.xls
2015-01-14 17:11 - 2015-01-14 17:11 - 00997050 _____ () C:\Users\Pavel\Downloads\oksf4.zip
2015-01-14 17:05 - 2015-01-14 17:05 - 04233283 _____ () C:\Users\Pavel\Downloads\2147495994.zip
2015-01-14 17:04 - 2015-01-14 17:04 - 01867023 _____ () C:\Users\Pavel\Downloads\2147496853.zip
2015-01-14 17:03 - 2015-01-14 17:03 - 03447521 _____ () C:\Users\Pavel\Downloads\2147495964.zip
2015-01-14 16:20 - 2015-01-14 16:21 - 04055590 _____ () C:\Users\Pavel\Downloads\2147496378.zip
2015-01-14 10:01 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 10:01 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 10:01 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 10:01 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 10:01 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 10:01 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 10:01 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-14 10:01 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-13 19:14 - 2015-01-13 19:14 - 00038400 _____ () C:\Users\Pavel\Downloads\startovka_2015.xls
2015-01-13 09:31 - 2015-01-13 09:31 - 01059547 _____ () C:\Users\Pavel\Downloads\2147488790.zip
2015-01-12 21:49 - 2015-01-12 21:49 - 00085320 _____ () C:\Users\Pavel\Downloads\character_sketch-logs.zip
2015-01-12 21:47 - 2015-01-12 21:47 - 01382282 _____ () C:\Users\Pavel\Downloads\Wood-Background-vector-EPS (1).zip
2015-01-12 21:46 - 2015-01-12 21:46 - 01382282 _____ () C:\Users\Pavel\Downloads\Wood-Background-vector-EPS.zip
2015-01-12 21:45 - 2015-01-12 21:45 - 01449434 _____ () C:\Users\Pavel\Downloads\Wood-background-Texture.zip
2015-01-12 21:18 - 2015-01-12 21:18 - 05803396 _____ () C:\Users\Pavel\Downloads\2147499402 (1).zip
2015-01-12 21:17 - 2015-01-12 21:17 - 05803396 _____ () C:\Users\Pavel\Downloads\2147499402.zip
2015-01-12 21:13 - 2015-01-12 21:13 - 03477678 _____ () C:\Users\Pavel\Downloads\2147499894.zip
2015-01-12 21:03 - 2015-01-12 21:03 - 05076668 _____ () C:\Users\Pavel\Downloads\2147500177.zip
2015-01-10 00:05 - 2015-01-10 00:05 - 00011138 _____ () C:\Users\Pavel\Desktop\Lindex Central Europe - Sales Assistant Prodavačka.html
2015-01-10 00:05 - 2015-01-10 00:05 - 00000000 ____D () C:\Users\Pavel\Desktop\Lindex Central Europe - Sales Assistant Prodavačka_files
2015-01-09 22:41 - 2015-01-09 22:41 - 02327218 _____ () C:\Users\Pavel\Downloads\2147502551.zip
2015-01-09 22:39 - 2015-01-09 22:39 - 01460256 _____ () C:\Users\Pavel\Downloads\2147502071 (2).zip
2015-01-09 22:23 - 2015-01-09 22:24 - 09401556 _____ () C:\Users\Pavel\Downloads\mtf_allfonts (1).zip
2015-01-09 22:20 - 2015-01-09 22:21 - 09401556 _____ () C:\Users\Pavel\Downloads\mtf_allfonts.zip
2015-01-09 22:11 - 2015-01-09 22:11 - 02011063 _____ () C:\Users\Pavel\Downloads\2147502045.zip
2015-01-09 21:39 - 2015-01-09 21:39 - 03659560 _____ () C:\Users\Pavel\Downloads\2147492518 (1).zip
2015-01-09 21:38 - 2015-01-09 21:38 - 02008273 _____ () C:\Users\Pavel\Downloads\2147499561.zip
2015-01-09 21:01 - 2015-01-09 21:01 - 01792804 _____ () C:\Users\Pavel\Downloads\2147493784 (2).zip
2015-01-09 20:36 - 2015-01-09 20:36 - 01180747 _____ () C:\Users\Pavel\Downloads\cute-vector-patterns.zip
2015-01-09 20:29 - 2015-01-09 20:29 - 08790885 _____ () C:\Users\Pavel\Downloads\2147502395.zip
2015-01-09 20:27 - 2015-01-09 20:28 - 01520529 _____ () C:\Users\Pavel\Downloads\2147496953 (1).zip
2015-01-09 19:23 - 2015-01-09 19:24 - 13165236 _____ () C:\Users\Pavel\Downloads\DD_Floral_Frames_67675.zip
2015-01-09 19:19 - 2015-01-09 19:20 - 02435535 _____ () C:\Users\Pavel\Downloads\indian_card_05_ai.zip
2015-01-09 17:39 - 2015-01-09 17:39 - 04854320 _____ () C:\Users\Pavel\Downloads\2147492779 (1).zip
2015-01-09 17:36 - 2015-01-09 17:37 - 03306629 _____ () C:\Users\Pavel\Downloads\2147493214.zip
2015-01-09 17:34 - 2015-01-09 17:34 - 06469438 _____ () C:\Users\Pavel\Downloads\2147491777.zip
2015-01-09 16:40 - 2015-01-09 16:40 - 01250513 _____ () C:\Users\Pavel\Downloads\2147497692.zip
2015-01-08 23:31 - 2015-01-08 23:31 - 00003276 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-1652633647-405593163-2038319680-1000
2015-01-08 21:11 - 2015-01-08 21:11 - 00025592 _____ () C:\Users\Pavel\Downloads\The.Walking.Dead.S04E02.1080p.WEB-DL.AAC2.0.H.264-Cyphanix.srt
2015-01-07 14:42 - 2015-01-07 14:42 - 00403056 _____ () C:\Users\Pavel\Downloads\tree-silhouette-pack.zip
2015-01-07 14:38 - 2015-01-07 14:38 - 00022256 _____ () C:\Users\Pavel\Downloads\deer5.eps
2015-01-07 14:37 - 2015-01-07 14:37 - 02037575 _____ () C:\Users\Pavel\Downloads\2147501607.zip
2015-01-07 13:45 - 2015-01-07 13:46 - 02560341 _____ () C:\Users\Pavel\Downloads\2147499528.zip
2015-01-07 12:46 - 2015-01-07 12:46 - 01313446 _____ () C:\Users\Pavel\Downloads\2147496662.zip
2015-01-07 10:22 - 2015-01-07 10:22 - 03652619 _____ () C:\Users\Pavel\Downloads\2147499043 (1).zip
2015-01-07 10:09 - 2015-01-07 10:09 - 00976818 _____ () C:\Users\Pavel\Downloads\2147496399.zip
2015-01-07 09:57 - 2015-01-07 09:57 - 00180571 _____ () C:\Users\Pavel\Downloads\father-s-day-riding-bike-with-son.zip
2015-01-07 09:46 - 2015-01-07 09:46 - 00184136 _____ () C:\Users\Pavel\Downloads\delivery-character-set.zip
2015-01-06 23:18 - 2015-01-06 23:19 - 03652619 _____ () C:\Users\Pavel\Downloads\2147499043.zip
2015-01-06 20:04 - 2015-01-06 20:04 - 00052751 _____ () C:\Users\Pavel\Downloads\typesetit_great-vibes.zip
2015-01-06 20:03 - 2015-01-06 20:03 - 00564594 _____ () C:\Users\Pavel\Downloads\måns-grebäck_respective.zip
2015-01-06 19:57 - 2015-01-06 19:57 - 00027602 _____ () C:\Users\Pavel\Downloads\alex-brush.zip
2015-01-06 19:35 - 2015-01-06 19:35 - 02869330 _____ () C:\Users\Pavel\Downloads\2147498302.zip
2015-01-06 19:30 - 2015-01-06 19:30 - 01479398 _____ () C:\Users\Pavel\Downloads\2147493763.zip
2015-01-06 19:18 - 2015-01-06 19:18 - 01509625 _____ () C:\Users\Pavel\Downloads\2147496900 (1).zip
2015-01-06 18:05 - 2015-01-06 18:05 - 04779285 _____ () C:\Users\Pavel\Downloads\pretty-winter-birds-in-tree-background.zip
2015-01-06 18:05 - 2015-01-06 18:05 - 02632684 _____ () C:\Users\Pavel\Downloads\2147499373 (2).zip
2015-01-06 18:03 - 2015-01-06 18:03 - 02632684 _____ () C:\Users\Pavel\Downloads\2147499373.zip
2015-01-06 18:03 - 2015-01-06 18:03 - 02632684 _____ () C:\Users\Pavel\Downloads\2147499373 (1).zip
2015-01-06 18:03 - 2015-01-06 18:03 - 00900318 _____ () C:\Users\Pavel\Downloads\2147496923.zip
2015-01-06 17:48 - 2015-01-06 17:48 - 00895851 _____ () C:\Users\Pavel\Downloads\2147496928.zip
2015-01-05 23:02 - 2015-01-05 23:03 - 02739321 _____ () C:\Users\Pavel\Downloads\2147500187 (1).zip
2015-01-05 23:02 - 2015-01-05 23:02 - 02739321 _____ () C:\Users\Pavel\Downloads\2147500187.zip
2015-01-05 22:55 - 2015-01-05 22:56 - 07977056 _____ () C:\Users\Pavel\Downloads\2147501410.zip
2015-01-05 19:39 - 2015-01-05 19:39 - 00575350 _____ () C:\Users\Pavel\Downloads\painting_birds_vector_293485.zip
2015-01-05 19:37 - 2015-01-05 19:37 - 00578175 _____ () C:\Users\Pavel\Downloads\chinese_painting_bird_vector_293486.zip
2015-01-05 19:35 - 2015-01-05 19:35 - 00178753 _____ () C:\Users\Pavel\Downloads\vector-lovebirds_2012_03_19.zip
2015-01-05 19:34 - 2015-01-05 19:35 - 08416220 _____ () C:\Users\Pavel\Downloads\European-retro-bird-and-flower-painting004.rar
2015-01-05 19:32 - 2015-01-05 19:32 - 04277656 _____ () C:\Users\Pavel\Downloads\127_animals.zip
2015-01-05 19:29 - 2015-01-05 19:29 - 00743614 _____ () C:\Users\Pavel\Downloads\realistic-colorful-bird-pack.zip
2015-01-05 10:05 - 2015-01-05 10:05 - 00038912 _____ () C:\Users\Pavel\Downloads\dodaci-list bonami.xls
2015-01-04 20:50 - 2015-01-04 20:51 - 02954904 _____ () C:\Users\Pavel\Downloads\2147498051.zip
2015-01-04 20:25 - 2015-01-04 20:25 - 01520529 _____ () C:\Users\Pavel\Downloads\2147496953.zip
2015-01-04 20:12 - 2015-01-04 20:12 - 00589532 _____ () C:\Users\Pavel\Downloads\sverige_script.zip
2015-01-04 20:10 - 2015-01-04 20:10 - 01180564 _____ () C:\Users\Pavel\Downloads\florence_regular.zip
2015-01-04 20:07 - 2015-01-04 20:07 - 00021868 _____ () C:\Users\Pavel\Downloads\monty.ttf
2015-01-04 18:14 - 2015-01-04 18:14 - 01460256 _____ () C:\Users\Pavel\Downloads\2147502071 (1).zip
2015-01-04 18:13 - 2015-01-04 18:13 - 01460256 _____ () C:\Users\Pavel\Downloads\2147502071.zip
2015-01-04 18:06 - 2015-01-04 18:06 - 01599463 _____ () C:\Users\Pavel\Downloads\2147499955.zip
2015-01-04 18:02 - 2015-01-04 18:03 - 22308043 _____ () C:\Users\Pavel\Downloads\2147501868.zip
2015-01-04 17:51 - 2015-01-04 17:52 - 03306629 _____ () C:\Users\Pavel\Downloads\2147493214 (1).zip
2015-01-04 17:49 - 2015-01-04 17:49 - 03217199 _____ () C:\Users\Pavel\Downloads\2147493765.zip
2015-01-04 17:48 - 2015-01-04 17:48 - 06961509 _____ () C:\Users\Pavel\Downloads\2147491449.zip
2015-01-04 17:45 - 2015-01-04 17:45 - 01592798 _____ () C:\Users\Pavel\Downloads\2147491436.zip
2015-01-04 17:39 - 2015-01-04 17:39 - 02796884 _____ () C:\Users\Pavel\Downloads\2147489627.zip
2015-01-03 20:08 - 2015-01-03 20:08 - 01771150 _____ () C:\Users\Pavel\Downloads\2147497436.zip
2015-01-03 19:53 - 2015-01-03 19:53 - 01696626 _____ () C:\Users\Pavel\Downloads\2147492556.zip
2015-01-03 19:51 - 2015-01-03 19:51 - 02996535 _____ () C:\Users\Pavel\Downloads\pixel77-free-vector-watercolor-lips-1008.zip
2015-01-03 19:38 - 2015-01-03 19:38 - 00219165 _____ () C:\Users\Pavel\Downloads\a_woman39s_eyes_color_vector_161767.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 17:35 - 2013-11-08 20:33 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-30 17:34 - 2014-04-16 00:51 - 02014554 _____ () C:\Windows\WindowsUpdate.log
2015-01-30 17:31 - 2013-11-08 19:04 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\uTorrent
2015-01-30 16:47 - 2011-04-12 09:34 - 00666320 _____ () C:\Windows\system32\perfh005.dat
2015-01-30 16:47 - 2011-04-12 09:34 - 00140016 _____ () C:\Windows\system32\perfc005.dat
2015-01-30 16:47 - 2009-07-14 06:13 - 01577062 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-30 16:40 - 2013-11-08 22:13 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\abgx360
2015-01-30 16:03 - 2014-04-22 16:16 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-30 15:50 - 2009-07-14 05:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-30 15:50 - 2009-07-14 05:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-30 15:28 - 2013-11-08 20:33 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-30 15:28 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-30 15:21 - 2014-04-22 15:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-30 15:21 - 2013-11-08 20:47 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2015-01-30 15:21 - 2009-07-14 06:08 - 00032538 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-30 15:07 - 2014-04-22 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-30 12:55 - 2012-11-30 18:44 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-30 05:21 - 2014-04-02 19:53 - 00000000 ____D () C:\Users\Pavel\Downloads\123
2015-01-30 01:49 - 2013-10-21 15:54 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-01-30 00:49 - 2013-09-26 15:44 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-29 23:56 - 2012-11-20 22:31 - 00185016 _____ () C:\Users\Pavel\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-29 23:55 - 2009-07-14 05:45 - 05287208 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-27 16:02 - 2014-10-24 18:13 - 00000099 _____ () C:\Users\Public\LMDebug.log
2015-01-24 15:41 - 2013-12-19 22:10 - 00000000 ____D () C:\Users\Pavel\Desktop\byt
2015-01-20 21:28 - 2014-11-22 10:59 - 00000000 ____D () C:\Users\Pavel\Desktop\zivotopis
2015-01-19 13:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-01-14 14:33 - 2013-08-14 22:34 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 14:30 - 2012-11-20 22:45 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-08 23:31 - 2014-12-23 14:00 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2014-12-19 08:12 - 2014-12-19 08:12 - 0000132 _____ () C:\Users\Pavel\AppData\Roaming\Adobe Formát GIF CS6 – předvolby
2014-06-21 11:58 - 2014-06-21 13:52 - 0000132 _____ () C:\Users\Pavel\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-11-15 19:44 - 2014-11-15 19:44 - 181974983 _____ () C:\Users\Pavel\AppData\Local\ACCCx2_8_1_451.zip.aamdownload
2014-11-15 19:44 - 2014-11-15 19:44 - 0002174 _____ () C:\Users\Pavel\AppData\Local\ACCCx2_8_1_451.zip.aamdownload.aamd
2012-12-21 23:09 - 2014-11-15 22:15 - 0001480 _____ () C:\Users\Pavel\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-01-30 12:50 - 2015-01-30 12:50 - 0000000 ____H () C:\Users\Pavel\AppData\Local\BITF2F5.tmp
2015-01-30 17:36 - 2015-01-30 17:36 - 0029696 _____ () C:\Users\Pavel\AppData\Local\MSGBOX.EXE
2015-01-30 12:48 - 2015-01-30 12:48 - 0000000 _____ () C:\Users\Pavel\AppData\Local\{D00617FA-3E29-4D22-A084-EDC5C21D78A1}
2013-02-04 10:51 - 2013-11-08 18:36 - 0003249 _____ () C:\ProgramData\hpzinstall.log

Some content of TEMP:
====================
C:\Users\Pavel\AppData\Local\Temp\e5b08f4a-2ddc-453e-b231-12b1d61fcf21.exe
C:\Users\Pavel\AppData\Local\Temp\InstHelper.exe
C:\Users\Pavel\AppData\Local\Temp\Quarantine.exe
C:\Users\Pavel\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 00:53

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-01-2015
Ran by Pavel at 2015-01-30 17:38:32
Running from C:\Users\Pavel\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1652633647-405593163-2038319680-1000\...\uTorrent) (Version: 3.3.2.30180 - BitTorrent Inc.)
5600 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
5600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
5600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Ad-Aware Web Companion (x32 Version: 1.1.862.1653 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.110 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.5.502.110 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Ashampoo Burning Studio 11 v.11.0.4 (HKLM-x32\...\Ashampoo Burning Studio 11_is1) (Version: 11.0.4 - Ashampoo GmbH & Co. KG)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Convert MOV to AVI 1.0 (HKLM-x32\...\{A39EA3C8-7BF3-4FA7-9A67-3D3611BAE59E}_is1) (Version: - convertmovtoavi.com)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}) (Version: 16.0.0.707 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.0.707 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.0.707 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - CZ (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (64-Bit) (HKLM\...\_{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.0.0.707 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x64) (Version: 16.0 - Corel Corporation) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Elevated Installer (x32 Version: 3.2.16.0 - Garmin Ltd or its subsidiaries) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Garmin Communicator Plugin (HKLM-x32\...\{032A13FF-D26D-4844-9597-7EF698627985}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{AFA301E1-B410-4F1B-B1C0-2E92FDCD94AD}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{817c6bb8-ea2d-4e12-abbc-e33c3de43f64}) (Version: 3.2.16.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.16.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.16.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Iso2God v1.3.6 (HKLM-x32\...\{AB95979D-85EF-484A-9805-EB28E676E201}_is1) (Version: - Team 360h)
Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.90 - Oracle)
LavasoftTcpService (x32 Version: 2.3.1.4 - Lavasoft) Hidden
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Might and Magic® VI (HKLM-x32\...\Might and Magic® VI) (Version: - )
Mozilla Firefox 34.0.5 (x86 cs) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 cs)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{82f3b1b4-2a5d-4ff3-b951-368f2ba905b0}) (Version: - Nero AG)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Pazera Free MP4 to AVI Converter 1.6 (HKLM-x32\...\{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1) (Version: 1.6 - Pazera Jacek)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Portrait Professional Studio 10.9 (HKLM-x32\...\PortraitProfessionalStudio10_is1) (Version: 10.9 - Anthropics Technology Ltd.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Samsung C410 Series (HKLM-x32\...\Samsung C410 Series) (Version: 1.02 (11.7.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.03.23.00(3.5.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.60.25 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
TL-WN721N/TL-WN722N Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.0.0 - TP-LINK)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.0.0 - TP-LINK)
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update 4.0.3 for Microsoft .NET Framework 4 Client Profile (KB2600211) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600211) (Version: 1 - Microsoft Corporation)
Update 4.0.3 for Microsoft .NET Framework 4 Extended (KB2600211) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600211) (Version: 1 - Microsoft Corporation)
Web Companion (HKLM-x32\...\{8BC95771-8634-499F-9EA5-1498A2701C7A}_WebCompanion) (Version: 1.1.862.1653 - Lavasoft)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Movie Maker (HKLM\...\Windows Movie Maker) (Version: 6.0.6002.18005 - Microsoft Corporation)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinX Video Converter 4.1.1 (HKLM-x32\...\WinX Video Converter_is1) (Version: - Digiarty Software,Inc.)
Zobrazit uživatelskou příručku (HKLM-x32\...\View User Guide) (Version: 3.60.02.0 - )
Zoner Photo Studio 14 FREE (HKLM-x32\...\ZonerPhotoStudio14_EN_is1) (Version: 14.0.1.4 - ZONER software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

30-01-2015 03:05:59 OTL Restore Point - 30.1.2015 3:05:54
30-01-2015 08:00:22 OTL Restore Point - 30.1.2015 8:00:22
30-01-2015 12:59:41 OTL Restore Point - 30.1.2015 12:59:37
30-01-2015 15:02:43 Revo Uninstaller's restore point - Trojan Remover 6.9.1
30-01-2015 15:03:44 Revo Uninstaller's restore point - Spyware Terminator 2012

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2012-11-22 17:44 - 00002617 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com

There are 28 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {102E7B4F-D04C-42EF-8EE2-67B70AEA5C60} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {25F99974-C6DC-4AAE-AF23-2E0DC9FB52D7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-20] (AVAST Software)
Task: {413D55AC-02C9-4CAB-A8BF-5D8E3007FDC5} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-07-23] ()
Task: {45E8E16D-D99F-4358-9021-A0A1448270D7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08] (Google Inc.)
Task: {6C2F727A-EA37-482F-A542-8400083D87E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08] (Google Inc.)
Task: {8A617D07-6378-4CE3-8969-B81693930495} - \Ad-Aware Antivirus Scheduled Scan No Task File <==== ATTENTION
Task: {8FF6E8C3-C7AC-46AA-9909-138AA15ACE7D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {B7BCF8E6-114E-4794-8104-24EB92A95560} - System32\Tasks\avastBCLRestartS-1-5-21-1652633647-405593163-2038319680-1000 => Chrome.exe
Task: {E2A91DA6-4F14-4908-AC52-C96614D505C5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {F288E143-52AB-4119-8257-C16094867FE2} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-10-24 18:06 - 2013-05-06 07:07 - 00034304 _____ () C:\Windows\System32\sst8clm.dll
2012-11-20 23:10 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2012-11-25 16:56 - 2011-11-18 17:14 - 00788992 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2015-01-23 06:38 - 2015-01-23 06:38 - 00015208 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
2015-01-23 06:38 - 2015-01-23 06:38 - 00012144 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Service.Logger.dll
2015-01-23 06:38 - 2015-01-23 06:38 - 00032616 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WcfService.dll
2014-07-20 15:34 - 2014-07-20 15:34 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-01-29 22:14 - 2015-01-29 22:14 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15012901\algo.dll
2015-01-30 17:35 - 2015-01-30 17:35 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15013000\algo.dll
2012-11-25 16:56 - 2011-08-25 14:02 - 01425920 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2012-11-25 16:56 - 2011-03-31 15:36 - 00167424 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2012-11-25 16:56 - 2011-03-31 15:36 - 00128000 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll
2012-11-25 16:56 - 2011-03-31 15:36 - 00111616 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.DLL
2014-07-20 15:34 - 2014-07-20 15:34 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-11-20 22:31 - 2012-07-18 11:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-12-23 14:00 - 2014-11-26 17:40 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-30 00:55 - 2015-01-25 22:08 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
2015-01-30 00:55 - 2015-01-25 22:08 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libegl.dll
2015-01-30 00:55 - 2015-01-25 22:08 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\Users\Pavel\Downloads\fwd-_preklad_a_korektura.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: 20131121 => C:\Program Files\AVAST Software\Avast\setup\emupdate\7fb2eaf7-f5be-4ce4-a98f-1feaac3774c8.exe /check
MSCONFIG\startupreg: AdAwareTray => "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: AppsHat => C:\Users\Pavel\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MSCONFIG\startupreg: cz.seznam.software.autoupdate => "C:\Users\Pavel\AppData\Roaming\Seznam.cz\szninstall.exe" -c
MSCONFIG\startupreg: cz.seznam.software.szndesktop => "C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: icq => C:\Users\Pavel\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: Optimizer Pro => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: SDP => C:\Users\Pavel\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto
MSCONFIG\startupreg: seznam-listicka-distribuce => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TrojanScanner => C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Pavel\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: Web Companion => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize

========================= Accounts: ==========================

Administrator (S-1-5-21-1652633647-405593163-2038319680-500 - Administrator - Disabled)
Guest (S-1-5-21-1652633647-405593163-2038319680-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1652633647-405593163-2038319680-1002 - Limited - Enabled)
Pavel (S-1-5-21-1652633647-405593163-2038319680-1000 - Administrator - Enabled) => C:\Users\Pavel

==================== Faulty Device Manager Devices =============

Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/30/2015 03:44:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WINWORD.EXE verze 14.0.4762.1000 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: e18

Čas spuštění: 01d03c9b0a2a58a1

Čas ukončení: 0

Cesta k aplikaci: C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

ID hlášení: 4fa8c8c9-a88e-11e4-92a8-902b34957c42

Error: (01/30/2015 03:30:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2015 03:22:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2015 01:10:04 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. 0xc0041801 (0xc0041801)

Error: (01/30/2015 01:10:04 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=2350} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.

Podrobnosti:
Katalog indexu obsahu je poškozený. 0xc0041801 (0xc0041801)

Error: (01/30/2015 00:54:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2015 00:48:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2015 01:52:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2015 01:24:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2015 00:49:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (01/30/2015 04:29:54 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk5\DR5.

Error: (01/30/2015 03:37:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service přestala během spouštění reagovat.

Error: (01/30/2015 03:35:20 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (01/30/2015 03:30:13 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
SBRE

Error: (01/30/2015 03:29:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Garmin Core Update Service neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (01/30/2015 03:29:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Garmin Core Update Service bylo dosaženo časového limitu (30000 ms).

Error: (01/30/2015 03:27:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (01/30/2015 03:27:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (01/30/2015 03:27:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/30/2015 03:27:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.


Microsoft Office Sessions:
=========================
Error: (01/30/2015 03:44:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: WINWORD.EXE14.0.4762.1000e1801d03c9b0a2a58a10C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE4fa8c8c9-a88e-11e4-92a8-902b34957c42

Error: (01/30/2015 03:30:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2015 03:22:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2015 01:10:04 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Podrobnosti:
Katalog indexu obsahu je poškozený. 0xc0041801 (0xc0041801)
The catalog is corrupt

Error: (01/30/2015 01:10:04 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Podrobnosti:
Katalog indexu obsahu je poškozený. 0xc0041801 (0xc0041801)
2350

Error: (01/30/2015 00:54:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2015 00:48:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2015 01:52:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2015 01:24:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2015 00:49:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2015-01-30 00:42:38.613
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Pavel\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-30 00:42:38.597
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Pavel\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-30 00:42:38.566
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Pavel\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-30 00:42:38.535
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Pavel\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-30 00:42:32.404
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Pavel\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-30 00:42:32.373
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Pavel\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-30 00:42:32.341
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Pavel\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-30 00:42:32.310
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Pavel\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-30 00:42:30.516
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Pavel\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-30 00:42:30.485
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Pavel\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 27%
Total physical RAM: 8067.64 MB
Available physical RAM: 5825.71 MB
Total Pagefile: 16133.47 MB
Available Pagefile: 13693.37 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:108.3 GB) (Free:32.57 GB) NTFS
Drive d: () (Fixed) (Total:823.11 GB) (Free:199.66 GB) NTFS
Drive f: () (Removable) (Total:14.45 GB) (Free:8.21 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D10729AB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=108.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=823.1 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 14.5 GB) (Disk ID: 04DD5721)
Partition 1: (Active) - (Size=14.5 GB) - (Type=0C)

==================== End Of Log ============================

Odinstalujte starou a zranitelnou verzi javy Java 7 Update 9. Pokud javu potrebujete, pak nainstalujte novou z java.com - pozor na adware pri jeji instalaci http://forum.viry.cz/viewtopic.php?p=1374438#p1374438 . Z hlediska bezpecnosti (exploity) je lepsi ji nemit.

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CloseProcesses:
  HKU\S-1-5-21-1652633647-405593163-2038319680-1000\...\Run: [AdobeBridge] => [X]
  HKU\S-1-5-21-1652633647-405593163-2038319680-1000\...\MountPoints2: {737d350d-26cc-11e3-9141-902b34957c42} - J:\autorun\autorun.exe
  BootExecute: autocheck autochk * sdnclean64.exe
  
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  FF DefaultSearchEngine: Ad-Aware SecureSearch
  FF DefaultSearchUrl: https://www.google.com/search
  FF SearchEngineOrder.1: Google
  FF SelectedSearchEngine: Ad-Aware SecureSearch
  FF Keyword.URL: https://www.google.com/search
  FF Plugin: @microsoft.com/GENUINE -> disabled No File
  FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
  
  S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
  S3 VGPU; System32\drivers\rdvgkmd.sys [X]
  
  2015-01-30 17:36 - 2015-01-30 17:36 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Downloads\FRSTLauncher(1).exe
  2015-01-30 17:36 - 2015-01-30 17:36 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher(2).exe
  2015-01-30 17:36 - 2015-01-30 17:36 - 00029696 _____ () C:\Users\Pavel\AppData\Local\MSGBOX.EXE
  2015-01-30 17:36 - 2015-01-30 17:36 - 00015327 _____ () C:\Users\Pavel\Desktop\LM.bat
  2015-01-30 15:26 - 2015-01-30 15:27 - 00000000 ____D () C:\AdwCleaner
  2015-01-30 15:24 - 2015-01-30 15:25 - 02194432 _____ () C:\Users\Pavel\Downloads\adwcleaner_4.109.exe
  2015-01-30 12:50 - 2015-01-30 12:50 - 00000000 ____H () C:\Users\Pavel\AppData\Local\BITF2F5.tmp
  2015-01-30 02:43 - 2015-01-30 02:43 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Downloads\FRSTLauncher.exe
  2015-01-30 02:27 - 2015-01-30 02:30 - 00001634 _____ () C:\Users\Pavel\Desktop\Rkill.txt
  2015-01-30 02:27 - 2015-01-30 02:27 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Pavel\Downloads\rkill.com
  2015-01-30 02:25 - 2015-01-30 02:25 - 00009631 _____ () C:\Users\Pavel\Downloads\hijackthis.log
  2015-01-30 02:24 - 2015-01-30 02:24 - 00388608 _____ (Trend Micro Inc.) C:\Users\Pavel\Downloads\HijackThis.exe
  2015-01-30 00:58 - 2015-01-30 00:58 - 00937208 _____ (Crawler.com ) C:\Users\Pavel\Downloads\SpywareTerminatorSetup.exe
  2015-01-30 00:57 - 2015-01-30 00:57 - 01924232 _____ () C:\Users\Pavel\Downloads\Adaware_Installer.exe
  2015-01-30 00:36 - 2015-01-30 00:36 - 21657592 _____ (Simply Super Software ) C:\Users\Pavel\Downloads\trjsetup.exe
  2015-01-30 15:21 - 2013-11-08 20:47 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
  
  Task: {8A617D07-6378-4CE3-8969-B81693930495} - \Ad-Aware Antivirus Scheduled Scan No Task File <==== ATTENTION
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
  EmptyTemp:
  End
  

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-01-2015
Ran by Pavel at 2015-01-30 22:41:03 Run:1
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel (Available profiles: Pavel)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-1652633647-405593163-2038319680-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1652633647-405593163-2038319680-1000\...\MountPoints2: {737d350d-26cc-11e3-9141-902b34957c42} - J:\autorun\autorun.exe
BootExecute: autocheck autochk * sdnclean64.exe

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF DefaultSearchEngine: Ad-Aware SecureSearch
FF DefaultSearchUrl: https://www.google.com/search
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Ad-Aware SecureSearch
FF Keyword.URL: https://www.google.com/search
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

2015-01-30 17:36 - 2015-01-30 17:36 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Downloads\FRSTLauncher(1).exe
2015-01-30 17:36 - 2015-01-30 17:36 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher(2).exe
2015-01-30 17:36 - 2015-01-30 17:36 - 00029696 _____ () C:\Users\Pavel\AppData\Local\MSGBOX.EXE
2015-01-30 17:36 - 2015-01-30 17:36 - 00015327 _____ () C:\Users\Pavel\Desktop\LM.bat
2015-01-30 15:26 - 2015-01-30 15:27 - 00000000 ____D () C:\AdwCleaner
2015-01-30 15:24 - 2015-01-30 15:25 - 02194432 _____ () C:\Users\Pavel\Downloads\adwcleaner_4.109.exe
2015-01-30 12:50 - 2015-01-30 12:50 - 00000000 ____H () C:\Users\Pavel\AppData\Local\BITF2F5.tmp
2015-01-30 02:43 - 2015-01-30 02:43 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Downloads\FRSTLauncher.exe
2015-01-30 02:27 - 2015-01-30 02:30 - 00001634 _____ () C:\Users\Pavel\Desktop\Rkill.txt
2015-01-30 02:27 - 2015-01-30 02:27 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Pavel\Downloads\rkill.com
2015-01-30 02:25 - 2015-01-30 02:25 - 00009631 _____ () C:\Users\Pavel\Downloads\hijackthis.log
2015-01-30 02:24 - 2015-01-30 02:24 - 00388608 _____ (Trend Micro Inc.) C:\Users\Pavel\Downloads\HijackThis.exe
2015-01-30 00:58 - 2015-01-30 00:58 - 00937208 _____ (Crawler.com ) C:\Users\Pavel\Downloads\SpywareTerminatorSetup.exe
2015-01-30 00:57 - 2015-01-30 00:57 - 01924232 _____ () C:\Users\Pavel\Downloads\Adaware_Installer.exe
2015-01-30 00:36 - 2015-01-30 00:36 - 21657592 _____ (Simply Super Software ) C:\Users\Pavel\Downloads\trjsetup.exe
2015-01-30 15:21 - 2013-11-08 20:47 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator

Task: {8A617D07-6378-4CE3-8969-B81693930495} - \Ad-Aware Antivirus Scheduled Scan No Task File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-1652633647-405593163-2038319680-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
"HKU\S-1-5-21-1652633647-405593163-2038319680-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{737d350d-26cc-11e3-9141-902b34957c42}" => Key deleted successfully.
HKCR\CLSID\{737d350d-26cc-11e3-9141-902b34957c42} => Key not found.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
Firefox DefaultSearchEngine deleted successfully.
Firefox DefaultSearchUrl deleted successfully.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox Keyword.URL deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
SBRE => Service deleted successfully.
VGPU => Service deleted successfully.
C:\Users\Pavel\Downloads\FRSTLauncher(1).exe => Moved successfully.
C:\Users\Pavel\Desktop\FRSTLauncher(2).exe => Moved successfully.
C:\Users\Pavel\AppData\Local\MSGBOX.EXE => Moved successfully.
C:\Users\Pavel\Desktop\LM.bat => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Pavel\Downloads\adwcleaner_4.109.exe => Moved successfully.
C:\Users\Pavel\AppData\Local\BITF2F5.tmp => Moved successfully.
C:\Users\Pavel\Downloads\FRSTLauncher.exe => Moved successfully.
"C:\Users\Pavel\Desktop\Rkill.txt" => File/Directory not found.
C:\Users\Pavel\Downloads\rkill.com => Moved successfully.
C:\Users\Pavel\Downloads\hijackthis.log => Moved successfully.
C:\Users\Pavel\Downloads\HijackThis.exe => Moved successfully.
C:\Users\Pavel\Downloads\SpywareTerminatorSetup.exe => Moved successfully.
C:\Users\Pavel\Downloads\Adaware_Installer.exe => Moved successfully.
C:\Users\Pavel\Downloads\trjsetup.exe => Moved successfully.
C:\Program Files (x86)\Spyware Terminator => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A617D07-6378-4CE3-8969-B81693930495}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A617D07-6378-4CE3-8969-B81693930495}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ad-Aware Antivirus Scheduled Scan" => Key deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\ProgramData\TEMP => ":CB0AACC9" ADS removed successfully.
EmptyTemp: => Removed 696 MB temporary data.


The system needed a reboot.

==== End of Fixlog 22:41:25 ====

Log je ted cisty... otestujte vypinani antiviru a jine problemy.

děkuji moc

antivir se nevypíná, to je ok
počítač se hodně zrychlil, ale stále ne na původní úroveň
našel by se ještě nějaký typ?

Nemate zac

Jeste jednou jsem projizdel vsechny logy a krom defragmentace me nic nenapada... PC je cisty.