diky za kontrolu,
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-11-2014 01
Ran by Marketa (administrator) on MARKETA-PC on 26-11-2014 22:10:15
Running from C:\Users\Marketa\Desktop
Loaded Profile: Marketa (Available profiles: Marketa)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Roman Svihalek, ActivityMon Software) C:\Program Files\ActivityMon Software\ActivityMon\svchost.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(CobianSoft, Luis Cobian) C:\Program Files\Cobian Backup 11\cbVSCService11.exe
(Luis Cobian, CobianSoft) C:\Program Files\Cobian Backup 11\cbService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Bioscrypt Inc.) C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
() C:\Program Files\ActivityMon Software\ActivityMon\rundll32.exe
() C:\Program Files\ActivityMon Software\ActivityMon\actSessionUI32.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(forum.viry.cz) C:\Users\Marketa\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-21] (AVAST Software)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [90624 2013-04-11] ()
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200 2014-04-23] (Garmin Ltd or its subsidiaries)
AppInit_DLLs: C:\PROGRA~1\HEWLET~1\IAM\Bin\APSHook.dll => C:\Program Files\Hewlett-Packard\IAM\Bin\APSHook.dll [89872 2009-07-23] (Bioscrypt Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-730507215-887370363-3937766701-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
URLSearchHook: HKU\S-1-5-21-730507215-887370363-3937766701-1001 - (No Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll ()
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-730507215-887370363-3937766701-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: No Name -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Credential Manager for HP ProtectTools -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
BHO: No Name -> {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} -> No File
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - No Name - {cd1a63ba-a08c-431b-9a34-f240aadc728d} - No File
Toolbar: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> No Name - {CD1A63BA-A08C-431B-9A34-F240AADC728D} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl-esd.sun.com/update/1.7.0/ ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.1.1
Tcpip\..\Interfaces\{080FA4BF-28B2-4E7A-A306-E06364A2E9F9}: [NameServer] 217.77.165.81 217.77.161.131
Tcpip\..\Interfaces\{58A95CB5-18F8-4B18-929F-C7A966324B11}: [NameServer] 217.77.165.81 217.77.161.131
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Allin1Convert_8h.com/Plugin -> C:\Program Files\Allin1Convert_8h\bar\1.bin\NP8hStub.dll No File
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin: @real.com/nppl3260;version=15.0.0.198 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.0.198 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=15.0.0.198 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-03]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-09-14]
FF HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Profile: C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Peněženka Google) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-20]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [207400 2009-06-03] (ActivIdentity)
R2 ActivityMon2; C:\Program Files\ActivityMon Software\ActivityMon\svchost.exe [80568 2012-10-18] (Roman Svihalek, ActivityMon Software)
R2 ASBroker; C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [192784 2009-07-23] (Bioscrypt Inc.)
R2 ASChannel; C:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll [150288 2009-07-23] (Bioscrypt Inc.)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1201400 2009-07-29] (AuthenTec, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-20] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3192344 2014-11-20] (Avast Software)
R2 cbVSCService11; C:\Program Files\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
R2 CobianBackup11; C:\Program Files\Cobian Backup 11\cbService.exe [1131008 2012-12-05] (Luis Cobian, CobianSoft) [File not signed]
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [436056 2014-04-23] (Garmin Ltd or its subsidiaries)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-09] (Hewlett-Packard) [File not signed]
S3 HP ProtectTools Service; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [45056 2009-07-30] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HpFkCryptService; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [256544 2009-07-29] (McAfee, Inc.)
S3 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S3 PasswordBox; C:\Program Files\PasswordBox\pbbtnService.exe [67584 2013-11-01] (PasswordBox, Inc.) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-06-18] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 Správce výběru OS; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2011-12-12] ()
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 yksvc; C:\windows\System32\yk62x86.dll [364544 2009-09-28] (Marvell)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 5U876UVC; C:\windows\System32\DRIVERS\5U876.sys [118656 2009-06-30] (Ricoh co.,Ltd.)
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2014-11-20] ()
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [70384 2014-11-20] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81768 2014-11-20] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49944 2014-11-20] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [787800 2014-11-23] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [423784 2014-11-21] (AVAST Software)
S2 aswStm; C:\windows\system32\drivers\aswStm.sys [91496 2014-11-20] (AVAST Software)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [206248 2014-11-20] ()
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [232512 2011-10-07] (DT Soft Ltd)
S3 FsUsbExDisk; C:\windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [File not signed]
S3 grmnusb; C:\windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
S3 huawei_cdcacm; C:\windows\System32\DRIVERS\ew_jucdcacm.sys [89856 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\windows\System32\DRIVERS\ew_juextctrl.sys [26624 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\windows\System32\DRIVERS\ew_juwwanecm.sys [182272 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-10-16] (Malwarebytes Corporation)
S3 MfeAVFK; C:\windows\System32\drivers\MfeAVFK.sys [79816 2009-05-16] (McAfee, Inc.)
S3 MfeBOPK; C:\windows\System32\drivers\MfeBOPK.sys [35272 2009-05-16] (McAfee, Inc.)
R1 mfehidk; C:\windows\System32\drivers\mfehidk.sys [214024 2009-05-16] (McAfee, Inc.)
S3 MfeRKDK; C:\windows\System32\drivers\MfeRKDK.sys [34248 2009-05-16] (McAfee, Inc.)
R1 mfetdik; C:\windows\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)
S3 NETw1v32; C:\windows\System32\DRIVERS\NETw1v32.sys [5958656 2009-07-21] (Intel Corporation)
R2 npf; C:\windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
R1 RsvLock; C:\windows\system32\Drivers\RsvLock.sys [12528 2009-07-29] (SafeBoot International)
R0 SafeBoot; C:\windows\system32\Drivers\SafeBoot.sys [109216 2009-07-29] () [File not signed]
R0 SbAlg; C:\windows\system32\Drivers\SbAlg.sys [51408 2009-07-29] (SafeBoot N.V.)
R0 SbFsLock; C:\windows\system32\Drivers\SbFsLock.sys [12960 2009-07-29] (SafeBoot International)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [436792 2012-06-05] () [File not signed]
S3 ss_bbus; C:\windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [218192 2014-11-20] (Avast Software)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S1 A2DDA; \??\G:\RUN\a2ddax86.sys [X]
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 cleanhlp; \??\G:\Run\cleanhlp32.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-26 22:10 - 2014-11-26 22:10 - 00021319 _____ () C:\Users\Marketa\Desktop\FRST.txt
2014-11-26 22:04 - 2014-11-26 22:10 - 00000000 ____D () C:\FRST
2014-11-26 22:03 - 2014-11-26 22:04 - 01109504 _____ (Farbar) C:\Users\Marketa\Desktop\FRST.exe
2014-11-26 22:03 - 2014-11-26 22:03 - 00112640 _____ (forum.viry.cz) C:\Users\Marketa\Desktop\FRSTLauncher.exe
2014-11-26 20:17 - 2014-11-26 20:17 - 00000197 _____ () C:\windows\system32\2014-11-26-19-17-15.063-AvastVBoxSVC.exe-3936.log
2014-11-26 12:09 - 2014-11-26 12:09 - 00000197 _____ () C:\windows\system32\2014-11-26-11-09-12.032-AvastVBoxSVC.exe-3728.log
2014-11-26 11:58 - 2014-11-26 11:58 - 00000197 _____ () C:\windows\system32\2014-11-26-10-58-22.017-AvastVBoxSVC.exe-3872.log
2014-11-26 05:36 - 2014-11-26 05:36 - 00000197 _____ () C:\windows\system32\2014-11-26-04-36-09.021-AvastVBoxSVC.exe-3732.log
2014-11-26 04:03 - 2014-11-26 04:03 - 00000197 _____ () C:\windows\system32\2014-11-26-03-03-56.076-AvastVBoxSVC.exe-3696.log
2014-11-25 19:01 - 2014-11-25 19:01 - 00000197 _____ () C:\windows\system32\2014-11-25-18-01-40.053-AvastVBoxSVC.exe-5844.log
2014-11-25 05:37 - 2014-11-25 05:37 - 00000197 _____ () C:\windows\system32\2014-11-25-04-37-05.068-AvastVBoxSVC.exe-3924.log
2014-11-24 14:25 - 2014-11-24 14:25 - 00000197 _____ () C:\windows\system32\2014-11-24-13-25-23.052-AvastVBoxSVC.exe-3772.log
2014-11-24 11:34 - 2014-11-24 11:34 - 00000197 _____ () C:\windows\system32\2014-11-24-10-34-09.010-AvastVBoxSVC.exe-4052.log
2014-11-24 06:32 - 2014-11-24 06:32 - 00000197 _____ () C:\windows\system32\2014-11-24-05-32-40.088-AvastVBoxSVC.exe-4064.log
2014-11-23 14:32 - 2014-11-23 14:32 - 00000197 _____ () C:\windows\system32\2014-11-23-13-32-45.090-AvastVBoxSVC.exe-3972.log
2014-11-23 10:16 - 2014-11-23 10:16 - 00000197 _____ () C:\windows\system32\2014-11-23-09-16-02.042-AvastVBoxSVC.exe-3904.log
2014-11-23 08:15 - 2014-11-23 08:15 - 00000197 _____ () C:\windows\system32\2014-11-23-07-15-31.054-AvastVBoxSVC.exe-4076.log
2014-11-23 07:27 - 2014-11-23 07:27 - 00000197 _____ () C:\windows\system32\2014-11-23-06-27-25.058-AvastVBoxSVC.exe-3836.log
2014-11-22 20:18 - 2014-11-22 20:18 - 00000197 _____ () C:\windows\system32\2014-11-22-19-18-53.031-AvastVBoxSVC.exe-4028.log
2014-11-22 11:37 - 2014-11-22 11:37 - 00000197 _____ () C:\windows\system32\2014-11-22-10-37-07.045-AvastVBoxSVC.exe-3968.log
2014-11-21 16:01 - 2014-11-21 16:01 - 00000197 _____ () C:\windows\system32\2014-11-21-15-01-01.004-AvastVBoxSVC.exe-3776.log
2014-11-21 15:18 - 2014-11-21 15:18 - 00000197 _____ () C:\windows\system32\2014-11-21-14-18-04.056-AvastVBoxSVC.exe-2784.log
2014-11-21 14:35 - 2014-11-21 14:35 - 00000197 _____ () C:\windows\system32\2014-11-21-13-35-58.038-AvastVBoxSVC.exe-4064.log
2014-11-21 13:12 - 2014-11-21 13:12 - 00000197 _____ () C:\windows\system32\2014-11-21-12-12-37.053-AvastVBoxSVC.exe-3724.log
2014-11-21 08:30 - 2014-11-21 08:30 - 00000197 _____ () C:\windows\system32\2014-11-21-07-30-33.013-AvastVBoxSVC.exe-3336.log
2014-11-21 06:56 - 2014-11-21 06:56 - 00020132 _____ () C:\Users\Marketa\Downloads\Bloodbath.-.Grand.Morbid.Funeral.(Limited.Edition).(2014).torrent
2014-11-21 06:55 - 2014-11-21 06:55 - 00022534 _____ () C:\Users\Marketa\Downloads\King.Diamond.-.Dreams.of.Horror.(2014).torrent
2014-11-21 06:55 - 2014-11-21 06:55 - 00019363 _____ () C:\Users\Marketa\Downloads\Primordial.-.Where.Greater.Men.Have.Fallen.(2014).torrent
2014-11-21 06:54 - 2014-11-21 06:54 - 00014490 _____ () C:\Users\Marketa\Downloads\Avatarium.-.Moonhorse.[EP].(2013).torrent
2014-11-21 06:53 - 2014-11-21 06:53 - 00018889 _____ () C:\Users\Marketa\Downloads\Avatarium.-.Avatarium.(2013).torrent
2014-11-21 06:40 - 2014-11-21 06:40 - 00000247 _____ () C:\windows\system32\2014-11-21-05-40-53.091-aswFe.exe-5436.log
2014-11-21 06:32 - 2014-11-21 06:32 - 00000197 _____ () C:\windows\system32\2014-11-21-05-32-35.062-AvastVBoxSVC.exe-5696.log
2014-11-21 06:22 - 2014-11-21 06:22 - 00000000 ____D () C:\windows\system32\vbox
2014-11-20 14:39 - 2014-11-20 14:39 - 00291352 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-11-20 14:39 - 2014-11-20 14:39 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-11-20 14:39 - 2014-11-20 14:39 - 00002005 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-19 10:48 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-11-19 10:47 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-18 22:33 - 2014-11-18 22:33 - 00000000 ____D () C:\Users\Marketa\Desktop\Malované počasí
2014-11-18 09:56 - 2014-11-22 22:09 - 1714787004 _____ () C:\Users\Marketa\Downloads\Sleepy Hollow S02E08 Heartless (1920x1080) [Phr0stY].mkv
2014-11-18 09:54 - 2014-11-18 09:54 - 00046609 _____ () C:\Users\Marketa\Downloads\Sleepy.Hollow.S02E08.Heartless.1080p.WEB-DL.DD5.1.H.264-BS.srt
2014-11-18 07:32 - 2014-11-18 07:55 - 00000000 ____D () C:\Users\Marketa\Downloads\Sleepy.Hollow.S02E07.Deliverance.1080p.WEB-DL.DD5.1.H.264-BS[rarbg]
2014-11-18 07:30 - 2014-11-18 07:43 - 00000000 ____D () C:\Users\Marketa\Downloads\Sleepy.Hollow.S02E06.And.the.Abyss.Gazes.Back.1080p.WEB-DL.DD5.1.H.264-BS[rarbg]
2014-11-18 07:30 - 2014-11-18 07:30 - 00043723 _____ () C:\Users\Marketa\Downloads\Sleepy.Hollow.S02E07.Deliverance.1080p.WEB-DL.DD5.1.H.264-BS.srt
2014-11-18 07:29 - 2014-11-18 07:29 - 00048575 _____ () C:\Users\Marketa\Downloads\Sleepy.Hollow.S02E06.And.the.Abyss.Gazes.Back.1080p.WEB-DL.DD5.1.H.264-BS.srt
2014-11-17 18:37 - 2014-11-17 18:42 - 00000000 ____D () C:\Users\Marketa\Desktop\Frajeřinky
2014-11-15 09:05 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-11-15 09:05 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-11-15 09:05 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-11-15 09:05 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-11-15 09:05 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-11-15 09:05 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-11-15 09:05 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-11-15 09:05 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-11-15 09:05 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-11-15 09:05 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-11-15 09:05 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-11-15 09:05 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-11-15 09:05 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-11-15 09:05 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-11-15 09:05 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-11-15 09:05 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2014-11-15 09:04 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-11-15 09:04 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-11-15 09:04 - 2014-11-06 04:28 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-11-15 09:04 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-11-15 09:04 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-11-15 09:04 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-11-15 09:04 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-11-15 09:04 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-11-15 09:04 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-11-15 09:04 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-11-15 09:04 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-11-15 09:04 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-11-15 09:04 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-11-15 09:04 - 2014-11-06 03:59 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-11-15 09:04 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-11-15 09:04 - 2014-11-06 03:51 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-15 09:04 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-11-15 09:04 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-15 09:04 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-11-15 09:04 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-11-15 09:04 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-11-15 09:04 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-11-15 09:04 - 2014-11-06 03:22 - 00683008 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-11-15 09:04 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-11-15 09:04 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-11-15 09:04 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-11-15 09:04 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-11-15 09:04 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-11-15 09:04 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-11-15 09:04 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-11-15 09:04 - 2014-11-05 18:50 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-11-15 09:04 - 2014-11-05 18:50 - 00203776 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-11-15 09:04 - 2014-11-05 18:47 - 00302592 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-11-15 09:04 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-11-13 15:52 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-11-13 15:52 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-11-13 15:52 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-11-13 15:52 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-11-13 15:52 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-11-13 15:52 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-11-12 17:26 - 2014-11-12 17:26 - 00000000 __SHD () C:\Users\Marketa\AppData\Local\EmieBrowserModeList
2014-11-12 16:27 - 2014-11-15 08:39 - 00000000 ____D () C:\Users\Marketa\Downloads\Dawn.of.the.Planet.of.the.Apes.2014-PLYNOW
2014-11-08 18:14 - 2014-11-08 18:15 - 00000000 ____D () C:\Users\Marketa\Downloads\A.Walk.Among.the.Tombstones.2014.WEBRip.x264.AAC
2014-11-04 08:36 - 2014-11-04 08:43 - 00000000 ____D () C:\Users\Marketa\Downloads\HIRAX
2014-10-30 15:03 - 2014-10-30 16:07 - 00000000 ____D () C:\Users\Marketa\Downloads\Dárce The Giver
2014-10-30 14:57 - 2014-10-30 14:57 - 00000000 ____D () C:\Users\Marketa\Downloads\VA - Relaxing Classical Piano (2014)
2014-10-29 05:38 - 2014-10-29 05:38 - 01055936 _____ (Adobe) C:\Users\Marketa\Downloads\install_flashplayer15x32axau_gtba_chra_dy_aaa_aih.exe
2014-10-28 13:58 - 2014-10-28 13:58 - 00000000 ____D () C:\Users\Marketa\Downloads\Cvičíme s Míšou 2
2014-10-28 13:56 - 2014-10-28 13:56 - 00000000 ____D () C:\Users\Marketa\Downloads\Cvicime s Misou 1
2014-10-28 13:55 - 2014-10-28 13:55 - 00000000 ____D () C:\Users\Marketa\Downloads\Cvičíme s Míšou 1,2,3
2014-10-28 10:46 - 2014-10-28 13:22 - 00000000 ____D () C:\Users\Marketa\Downloads\VA - ClubTime Fresh Music Compilation #6
2014-10-28 10:42 - 2014-10-28 13:37 - 00000000 ____D () C:\Users\Marketa\Downloads\VA - Absolute Dance Hits Vol.01 (2014)
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-26 22:10 - 2013-01-28 22:49 - 00000000 ____D () C:\ProgramData\ActivityMon
2014-11-26 21:49 - 2014-06-17 00:47 - 00000940 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-26 21:40 - 2014-07-21 21:18 - 00000970 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job
2014-11-26 21:22 - 2013-07-26 20:31 - 01323220 _____ () C:\windows\WindowsUpdate.log
2014-11-26 20:22 - 2009-07-14 05:34 - 00022688 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-26 20:22 - 2009-07-14 05:34 - 00022688 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-26 20:14 - 2014-06-17 00:47 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-26 20:13 - 2014-10-03 04:37 - 00021114 _____ () C:\windows\setupact.log
2014-11-26 20:13 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-26 18:25 - 2014-06-16 20:07 - 00000000 ____D () C:\Users\Marketa\Desktop\RQMONEY
2014-11-26 17:42 - 2014-08-11 11:01 - 00000000 ____D () C:\Users\Marketa\Desktop\MŠ Rybička
2014-11-25 19:38 - 2012-04-09 16:13 - 11638784 ___SH () C:\Users\Marketa\Desktop\Thumbs.db
2014-11-23 14:33 - 2011-09-14 10:28 - 00787800 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2014-11-23 07:26 - 2009-09-20 08:18 - 00000000 ____D () C:\ProgramData\PDFC
2014-11-22 22:11 - 2011-09-14 10:39 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\uTorrent
2014-11-22 11:40 - 2009-09-20 08:17 - 00006432 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-21 09:46 - 2014-07-21 21:18 - 00000918 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job
2014-11-21 08:27 - 2014-05-06 04:00 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-21 06:40 - 2012-04-02 04:04 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-11-21 06:40 - 2011-09-26 19:32 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-21 06:40 - 2011-09-14 18:14 - 00000000 ____D () C:\Users\Marketa\AppData\Local\Adobe
2014-11-21 06:26 - 2014-05-11 09:52 - 00000000 ____D () C:\Program Files\Opera
2014-11-21 06:22 - 2011-09-14 10:28 - 00423784 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-11-20 19:45 - 2011-09-15 19:00 - 00000052 _____ () C:\windows\system32\DOErrors.log
2014-11-20 19:43 - 2011-09-20 12:54 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\HpUpdate
2014-11-20 17:57 - 2011-09-20 12:11 - 00000000 ____D () C:\Users\Marketa\Desktop\Herzánka
2014-11-20 17:16 - 2014-10-07 04:36 - 00007574 _____ () C:\windows\PFRO.log
2014-11-20 14:39 - 2014-04-25 19:17 - 00024184 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-11-20 14:39 - 2013-12-26 15:31 - 00091496 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2014-11-20 14:39 - 2013-03-01 23:39 - 00206248 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-11-20 14:39 - 2013-03-01 23:39 - 00049944 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-11-20 14:39 - 2012-02-25 22:34 - 00081768 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-11-20 14:39 - 2011-09-14 10:28 - 00070384 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-11-17 21:20 - 2013-09-13 18:59 - 00000000 ____D () C:\windows\rescache
2014-11-17 15:20 - 2009-07-14 05:52 - 00000000 ____D () C:\windows\twain_32
2014-11-17 15:20 - 2009-07-14 03:04 - 00000513 _____ () C:\windows\win.ini
2014-11-17 11:24 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\Microsoft.NET
2014-11-15 17:13 - 2009-07-14 05:33 - 03815864 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-15 17:10 - 2014-05-07 05:16 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-11-15 08:39 - 2011-09-12 15:27 - 00000000 ____D () C:\Users\Marketa
2014-11-15 08:39 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\system32\wfp
2014-11-15 08:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-11-15 08:38 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\registration
2014-11-13 16:05 - 2009-09-20 08:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-13 16:01 - 2013-08-05 08:25 - 00000000 ____D () C:\windows\system32\MRT
2014-11-13 15:56 - 2011-09-16 05:32 - 100445232 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-11-13 15:32 - 2012-03-17 07:21 - 00000000 ____D () C:\windows\Minidump
2014-11-12 15:31 - 2013-11-05 23:47 - 00000058 _____ () C:\Users\Marketa\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2014-11-10 06:10 - 2013-11-12 07:16 - 00000000 ____D () C:\Users\Marketa\Desktop\Háčkování a pletení návody
2014-11-08 19:58 - 2009-07-14 05:53 - 00032634 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-11-07 10:34 - 2011-09-23 16:30 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\BatteryBar
2014-11-04 14:30 - 2011-09-23 16:07 - 00229000 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-11-04 06:59 - 2013-05-06 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-02 17:12 - 2009-07-14 05:52 - 00000000 ____D () C:\windows\system32\FxsTmp
Some content of TEMP:
====================
C:\Users\Marketa\AppData\Local\Temp\BatteryBarSetup-3.6.4.exe
C:\Users\Marketa\AppData\Local\Temp\ochelper.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Marketa\Desktop" je 62925 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\accrdsub
"C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\acevents
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTibMounterMonitor
c:\program files\common files\acronis\tibmounter\tibmountermonitor.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\actSessionUI32.exe
"C:\Program Files\ActivityMon Software\ActivityMon\actSessionUI32.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANT Agent
c:\program files\garmin\ant agent\ant agent.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cobian Backup 11 interface
"C:\Program Files\Cobian Backup 11\cbInterface.exe" -service [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS
rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp
"C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileBroadband
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCPluginUpdater
"C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Slu�ba Acronis Scheduler2
c:\program files\common files\acronis\schedule2\schedhlp.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX
C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP
C:\Program Files\Analog Devices\Core\smax4pnp.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe
c:\program files\acronis\trueimagehome\trueimagemonitor.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia
"C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk
C:\PROGRA~1\WinZip\WZQKPICK.EXE [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\Marketa\AppData\Roaming\Dropbox\bin\Dropbox.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2010.lnk
C:\PROGRA~1\MICROS~2\Office14\ONENOTEM.EXE
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
prosím o kontrolu logu
- Přílohy
-
- Addition.zip
- (7.36 KiB) Staženo 194 x
-
Rudy
- Site Admin
- Příspěvky: 119556
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu logu
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu logu
# AdwCleaner v4.102 - Report created 26/11/2014 at 22:27:43
# Updated 23/11/2014 by Xplode
# Database : 2014-11-26.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Marketa - MARKETA-PC
# Running from : C:\Users\Marketa\Desktop\adwcleaner_4.102.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\ytd video downloader
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Folder Deleted : C:\Program Files\Allin1Convert_8h
Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Users\Marketa\AppData\Local\Allin1Convert_8h
Folder Deleted : C:\Users\Marketa\AppData\LocalLow\Allin1Convert_8h
Folder Deleted : C:\Users\Marketa\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Marketa\AppData\LocalLow\iac
Folder Deleted : C:\Users\Public\Conduit
Folder Deleted : C:\Users\Marketa\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\8hffxtbr@Allin1Convert_8h.com
Folder Deleted : C:\Users\Marketa\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\ascsurfingprotection@iobit.com
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.feedmanager
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.feedmanager.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.htmlmenu
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.htmlmenu.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.htmlpanel
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.htmlpanel.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.multiplebutton
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.multiplebutton.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.pseudotransparentplugin
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.pseudotransparentplugin.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.scriptbutton
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.scriptbutton.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.settingsplugin
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.settingsplugin.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.thirdpartyinstaller
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.thirdpartyinstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector
Key Deleted : HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@Allin1Convert_8h.com/Plugin
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{248B3E95-17A4-482D-A8A8-6B3DF4D05C35}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27F49273-DE3A-4111-90F9-6C474C37AEFB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{39D4F1A1-A94D-4B7D-BF1D-7446308800ED}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{443321F7-E46C-42F8-812B-F35E98CBB44F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{889F49D2-6CEA-40BE-BE5F-7217485F9745}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F83D657-5993-4FFA-9AEE-DA0B20D828A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE0F6787-9D1C-42B7-A0B9-EAC630F87902}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E4EF697F-434B-4DC7-A464-4412462206DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF3F28C8-0330-4D18-B901-D24CB83E5AA1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF5DB804-585B-472E-B415-BC63F8F01BF6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F2C368C5-9F44-4D43-89F3-A1CC87F1DA96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F99DDD9A-07D0-47AB-86F1-193533DD2C60}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0B79C149-3B19-40DE-92BF-1A3AD9C1DA9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{229C56BB-A36A-4323-8C82-B136DF45697D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33E2B3CB-322E-4CBE-89F2-C06F5A35DB46}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{51080E66-F357-4F2A-9BFC-2456695883B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537AD3CF-DE2B-4A1C-8279-C946B7E490D4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5BF7365D-25FF-40F3-8DEE-06ABEDF177CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A10A1344-B533-4C9E-BE4E-4C5BC4953047}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA94BCE1-7E60-422D-9E7D-B853BC03FE78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BDCE611F-FDAA-4B10-A8E8-220A7897A69F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D0F1E414-1FAE-466C-B122-DE735B7BFF9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E458510C-1DD5-4A05-8C4C-53BEF69C05E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2561FD25-FE31-4E56-A120-AF7FEAAE3124}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4BD0FCFF-AD64-4315-9F2C-960EF3C21623}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{507C73BB-FC69-425E-8A49-9204F886B328}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6EC57031-1740-4151-93C5-C465D6063DD2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{76FC1003-0825-48BD-B59B-3B7A5754972C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9D217B94-6FC9-44FE-94B1-30C711871266}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B48AC2CD-9662-47E0-A3C0-3B01BB3F463E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BE698E51-830B-447A-954D-901D6E05DDE2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BFCF748F-A56E-451F-AA45-0D7EB699E416}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D617CF84-B0BC-441F-9984-B676AFBA1E8D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{27F49273-DE3A-4111-90F9-6C474C37AEFB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E4EF697F-434B-4DC7-A464-4412462206DB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F99DDD9A-07D0-47AB-86F1-193533DD2C60}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{248B3E95-17A4-482D-A8A8-6B3DF4D05C35}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88E44198-D164-4EC0-B2C0-F679D866C6DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F671C1B3-9776-426D-A350-55FB2D9B53F7}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CD1A63BA-A08C-431B-9A34-F240AADC728D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CD1A63BA-A08C-431B-9A34-F240AADC728D}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}
Key Deleted : HKCU\Software\allin1convert_8h
Key Deleted : HKCU\Software\AppDataLow\Software\allin1convert_8h
Key Deleted : HKLM\SOFTWARE\allin1convert_8h
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\allin1convert_8hbar uninstall firefox
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Mozilla Firefox v
-\\ Google Chrome v39.0.2171.71
-\\ Opera v26.0.1656.24
*************************
AdwCleaner[R1].txt - [8702 octets] - [26/11/2014 22:23:13]
AdwCleaner[S1].txt - [8811 octets] - [26/11/2014 22:27:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [8871 octets] ##########
# Updated 23/11/2014 by Xplode
# Database : 2014-11-26.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Marketa - MARKETA-PC
# Running from : C:\Users\Marketa\Desktop\adwcleaner_4.102.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\ytd video downloader
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Folder Deleted : C:\Program Files\Allin1Convert_8h
Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Users\Marketa\AppData\Local\Allin1Convert_8h
Folder Deleted : C:\Users\Marketa\AppData\LocalLow\Allin1Convert_8h
Folder Deleted : C:\Users\Marketa\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Marketa\AppData\LocalLow\iac
Folder Deleted : C:\Users\Public\Conduit
Folder Deleted : C:\Users\Marketa\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\8hffxtbr@Allin1Convert_8h.com
Folder Deleted : C:\Users\Marketa\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\ascsurfingprotection@iobit.com
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.feedmanager
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.feedmanager.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.htmlmenu
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.htmlmenu.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.htmlpanel
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.htmlpanel.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.multiplebutton
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.multiplebutton.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.pseudotransparentplugin
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.pseudotransparentplugin.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.scriptbutton
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.scriptbutton.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.settingsplugin
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.settingsplugin.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.thirdpartyinstaller
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.thirdpartyinstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector
Key Deleted : HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@Allin1Convert_8h.com/Plugin
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{248B3E95-17A4-482D-A8A8-6B3DF4D05C35}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27F49273-DE3A-4111-90F9-6C474C37AEFB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{39D4F1A1-A94D-4B7D-BF1D-7446308800ED}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{443321F7-E46C-42F8-812B-F35E98CBB44F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{889F49D2-6CEA-40BE-BE5F-7217485F9745}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F83D657-5993-4FFA-9AEE-DA0B20D828A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE0F6787-9D1C-42B7-A0B9-EAC630F87902}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E4EF697F-434B-4DC7-A464-4412462206DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF3F28C8-0330-4D18-B901-D24CB83E5AA1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF5DB804-585B-472E-B415-BC63F8F01BF6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F2C368C5-9F44-4D43-89F3-A1CC87F1DA96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F99DDD9A-07D0-47AB-86F1-193533DD2C60}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0B79C149-3B19-40DE-92BF-1A3AD9C1DA9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{229C56BB-A36A-4323-8C82-B136DF45697D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33E2B3CB-322E-4CBE-89F2-C06F5A35DB46}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{51080E66-F357-4F2A-9BFC-2456695883B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537AD3CF-DE2B-4A1C-8279-C946B7E490D4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5BF7365D-25FF-40F3-8DEE-06ABEDF177CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A10A1344-B533-4C9E-BE4E-4C5BC4953047}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA94BCE1-7E60-422D-9E7D-B853BC03FE78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BDCE611F-FDAA-4B10-A8E8-220A7897A69F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D0F1E414-1FAE-466C-B122-DE735B7BFF9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E458510C-1DD5-4A05-8C4C-53BEF69C05E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2561FD25-FE31-4E56-A120-AF7FEAAE3124}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4BD0FCFF-AD64-4315-9F2C-960EF3C21623}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{507C73BB-FC69-425E-8A49-9204F886B328}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6EC57031-1740-4151-93C5-C465D6063DD2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{76FC1003-0825-48BD-B59B-3B7A5754972C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9D217B94-6FC9-44FE-94B1-30C711871266}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B48AC2CD-9662-47E0-A3C0-3B01BB3F463E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BE698E51-830B-447A-954D-901D6E05DDE2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BFCF748F-A56E-451F-AA45-0D7EB699E416}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D617CF84-B0BC-441F-9984-B676AFBA1E8D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{27F49273-DE3A-4111-90F9-6C474C37AEFB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E4EF697F-434B-4DC7-A464-4412462206DB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F99DDD9A-07D0-47AB-86F1-193533DD2C60}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{248B3E95-17A4-482D-A8A8-6B3DF4D05C35}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88E44198-D164-4EC0-B2C0-F679D866C6DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F671C1B3-9776-426D-A350-55FB2D9B53F7}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CD1A63BA-A08C-431B-9A34-F240AADC728D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CD1A63BA-A08C-431B-9A34-F240AADC728D}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}
Key Deleted : HKCU\Software\allin1convert_8h
Key Deleted : HKCU\Software\AppDataLow\Software\allin1convert_8h
Key Deleted : HKLM\SOFTWARE\allin1convert_8h
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\allin1convert_8hbar uninstall firefox
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Mozilla Firefox v
-\\ Google Chrome v39.0.2171.71
-\\ Opera v26.0.1656.24
*************************
AdwCleaner[R1].txt - [8702 octets] - [26/11/2014 22:23:13]
AdwCleaner[S1].txt - [8811 octets] - [26/11/2014 22:27:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [8871 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119556
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu logu
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu logu
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-11-2014 01
Ran by Marketa (administrator) on MARKETA-PC on 28-11-2014 17:00:34
Running from C:\Users\Marketa\Desktop
Loaded Profile: Marketa (Available profiles: Marketa)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
(Roman Svihalek, ActivityMon Software) C:\Program Files\ActivityMon Software\ActivityMon\svchost.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(CobianSoft, Luis Cobian) C:\Program Files\Cobian Backup 11\cbVSCService11.exe
(Luis Cobian, CobianSoft) C:\Program Files\Cobian Backup 11\cbService.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Bioscrypt Inc.) C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
() C:\Program Files\ActivityMon Software\ActivityMon\rundll32.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
() C:\Program Files\ActivityMon Software\ActivityMon\actSessionUI32.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Vladimír Kraus, Czech Republic) G:\Trefik12\Trefik12.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(forum.viry.cz) C:\Users\Marketa\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-21] (AVAST Software)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [90624 2013-04-11] ()
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200 2014-04-23] (Garmin Ltd or its subsidiaries)
AppInit_DLLs: C:\PROGRA~1\HEWLET~1\IAM\Bin\APSHook.dll => C:\Program Files\Hewlett-Packard\IAM\Bin\APSHook.dll [89872 2009-07-23] (Bioscrypt Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-730507215-887370363-3937766701-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
URLSearchHook: HKU\S-1-5-21-730507215-887370363-3937766701-1001 - (No Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll ()
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-730507215-887370363-3937766701-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: No Name -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Credential Manager for HP ProtectTools -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
BHO: No Name -> {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} -> No File
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - No Name - {cd1a63ba-a08c-431b-9a34-f240aadc728d} - No File
Toolbar: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> No Name - {CD1A63BA-A08C-431B-9A34-F240AADC728D} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl-esd.sun.com/update/1.7.0/ ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.1.1
Tcpip\..\Interfaces\{080FA4BF-28B2-4E7A-A306-E06364A2E9F9}: [NameServer] 217.77.165.81 217.77.161.131
Tcpip\..\Interfaces\{58A95CB5-18F8-4B18-929F-C7A966324B11}: [NameServer] 217.77.165.81 217.77.161.131
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Allin1Convert_8h.com/Plugin -> C:\Program Files\Allin1Convert_8h\bar\1.bin\NP8hStub.dll No File
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin: @real.com/nppl3260;version=15.0.0.198 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.0.198 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=15.0.0.198 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-03]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-09-14]
FF HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Profile: C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Peněženka Google) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-20]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [207400 2009-06-03] (ActivIdentity)
R2 ActivityMon2; C:\Program Files\ActivityMon Software\ActivityMon\svchost.exe [80568 2012-10-18] (Roman Svihalek, ActivityMon Software)
R2 ASBroker; C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [192784 2009-07-23] (Bioscrypt Inc.)
R2 ASChannel; C:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll [150288 2009-07-23] (Bioscrypt Inc.)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1201400 2009-07-29] (AuthenTec, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-20] (AVAST Software)
R2 cbVSCService11; C:\Program Files\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
R2 CobianBackup11; C:\Program Files\Cobian Backup 11\cbService.exe [1131008 2012-12-05] (Luis Cobian, CobianSoft) [File not signed]
S2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [436056 2014-04-23] (Garmin Ltd or its subsidiaries)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-09] (Hewlett-Packard) [File not signed]
S3 HP ProtectTools Service; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [45056 2009-07-30] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HpFkCryptService; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [256544 2009-07-29] (McAfee, Inc.)
S3 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S3 PasswordBox; C:\Program Files\PasswordBox\pbbtnService.exe [67584 2013-11-01] (PasswordBox, Inc.) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-06-18] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 Správce výběru OS; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2011-12-12] ()
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 VmbService; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [9216 2011-07-14] (Vodafone) [File not signed]
S2 yksvc; C:\windows\System32\yk62x86.dll [364544 2009-09-28] (Marvell)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 5U876UVC; C:\windows\System32\DRIVERS\5U876.sys [118656 2009-06-30] (Ricoh co.,Ltd.)
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2014-11-20] ()
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [70384 2014-11-20] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81768 2014-11-20] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49944 2014-11-20] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [787800 2014-11-23] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [423784 2014-11-21] (AVAST Software)
S2 aswStm; C:\windows\system32\drivers\aswStm.sys [91496 2014-11-20] (AVAST Software)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [206248 2014-11-20] ()
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [232512 2011-10-07] (DT Soft Ltd)
S3 FsUsbExDisk; C:\windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [File not signed]
S3 grmnusb; C:\windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
S3 huawei_cdcacm; C:\windows\System32\DRIVERS\ew_jucdcacm.sys [89856 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\windows\System32\DRIVERS\ew_juextctrl.sys [26624 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\windows\System32\DRIVERS\ew_juwwanecm.sys [182272 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-10-16] (Malwarebytes Corporation)
S3 MfeAVFK; C:\windows\System32\drivers\MfeAVFK.sys [79816 2009-05-16] (McAfee, Inc.)
S3 MfeBOPK; C:\windows\System32\drivers\MfeBOPK.sys [35272 2009-05-16] (McAfee, Inc.)
R1 mfehidk; C:\windows\System32\drivers\mfehidk.sys [214024 2009-05-16] (McAfee, Inc.)
S3 MfeRKDK; C:\windows\System32\drivers\MfeRKDK.sys [34248 2009-05-16] (McAfee, Inc.)
R1 mfetdik; C:\windows\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)
S3 NETw1v32; C:\windows\System32\DRIVERS\NETw1v32.sys [5958656 2009-07-21] (Intel Corporation)
R2 npf; C:\windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
R1 RsvLock; C:\windows\system32\Drivers\RsvLock.sys [12528 2009-07-29] (SafeBoot International)
R0 SafeBoot; C:\windows\system32\Drivers\SafeBoot.sys [109216 2009-07-29] () [File not signed]
R0 SbAlg; C:\windows\system32\Drivers\SbAlg.sys [51408 2009-07-29] (SafeBoot N.V.)
R0 SbFsLock; C:\windows\system32\Drivers\SbFsLock.sys [12960 2009-07-29] (SafeBoot International)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [436792 2012-06-05] () [File not signed]
S3 ss_bbus; C:\windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S1 A2DDA; \??\G:\RUN\a2ddax86.sys [X]
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 cleanhlp; \??\G:\Run\cleanhlp32.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-28 17:00 - 2014-11-28 17:02 - 00021197 _____ () C:\Users\Marketa\Desktop\FRST.txt
2014-11-28 16:59 - 2014-11-28 17:00 - 01109504 _____ (Farbar) C:\Users\Marketa\Desktop\FRST.exe
2014-11-28 16:59 - 2014-11-28 16:59 - 00112640 _____ (forum.viry.cz) C:\Users\Marketa\Desktop\FRSTLauncher.exe
2014-11-27 08:28 - 2014-11-27 08:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-27 08:27 - 2014-11-20 14:39 - 00291352 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-11-27 08:23 - 2014-11-27 08:23 - 317786463 _____ () C:\windows\MEMORY.DMP
2014-11-27 08:23 - 2014-11-27 08:23 - 00143896 _____ () C:\windows\Minidump\112714-23431-01.dmp
2014-11-26 23:00 - 2014-11-26 23:02 - 00000000 ____D () C:\Users\Marketa\Desktop\Estas Tonne - Discography (320kbps)
2014-11-26 23:00 - 2014-11-26 23:02 - 00000000 ____D () C:\Users\Marketa\Desktop\Dan Barta
2014-11-26 22:22 - 2014-11-26 22:27 - 00000000 ____D () C:\AdwCleaner
2014-11-26 22:22 - 2014-11-26 22:22 - 02148864 _____ () C:\Users\Marketa\Desktop\adwcleaner_4.102.exe
2014-11-26 22:04 - 2014-11-28 17:01 - 00000000 ____D () C:\FRST
2014-11-26 04:03 - 2014-11-26 04:03 - 00000197 _____ () C:\windows\system32\2014-11-26-03-03-56.076-AvastVBoxSVC.exe-3696.log
2014-11-25 19:01 - 2014-11-25 19:01 - 00000197 _____ () C:\windows\system32\2014-11-25-18-01-40.053-AvastVBoxSVC.exe-5844.log
2014-11-25 05:37 - 2014-11-25 05:37 - 00000197 _____ () C:\windows\system32\2014-11-25-04-37-05.068-AvastVBoxSVC.exe-3924.log
2014-11-24 14:25 - 2014-11-24 14:25 - 00000197 _____ () C:\windows\system32\2014-11-24-13-25-23.052-AvastVBoxSVC.exe-3772.log
2014-11-24 11:34 - 2014-11-24 11:34 - 00000197 _____ () C:\windows\system32\2014-11-24-10-34-09.010-AvastVBoxSVC.exe-4052.log
2014-11-24 06:32 - 2014-11-24 06:32 - 00000197 _____ () C:\windows\system32\2014-11-24-05-32-40.088-AvastVBoxSVC.exe-4064.log
2014-11-23 14:32 - 2014-11-23 14:32 - 00000197 _____ () C:\windows\system32\2014-11-23-13-32-45.090-AvastVBoxSVC.exe-3972.log
2014-11-23 10:16 - 2014-11-23 10:16 - 00000197 _____ () C:\windows\system32\2014-11-23-09-16-02.042-AvastVBoxSVC.exe-3904.log
2014-11-23 08:15 - 2014-11-23 08:15 - 00000197 _____ () C:\windows\system32\2014-11-23-07-15-31.054-AvastVBoxSVC.exe-4076.log
2014-11-23 07:27 - 2014-11-23 07:27 - 00000197 _____ () C:\windows\system32\2014-11-23-06-27-25.058-AvastVBoxSVC.exe-3836.log
2014-11-22 20:18 - 2014-11-22 20:18 - 00000197 _____ () C:\windows\system32\2014-11-22-19-18-53.031-AvastVBoxSVC.exe-4028.log
2014-11-22 11:37 - 2014-11-22 11:37 - 00000197 _____ () C:\windows\system32\2014-11-22-10-37-07.045-AvastVBoxSVC.exe-3968.log
2014-11-21 16:01 - 2014-11-21 16:01 - 00000197 _____ () C:\windows\system32\2014-11-21-15-01-01.004-AvastVBoxSVC.exe-3776.log
2014-11-21 15:18 - 2014-11-21 15:18 - 00000197 _____ () C:\windows\system32\2014-11-21-14-18-04.056-AvastVBoxSVC.exe-2784.log
2014-11-21 14:35 - 2014-11-21 14:35 - 00000197 _____ () C:\windows\system32\2014-11-21-13-35-58.038-AvastVBoxSVC.exe-4064.log
2014-11-21 13:12 - 2014-11-21 13:12 - 00000197 _____ () C:\windows\system32\2014-11-21-12-12-37.053-AvastVBoxSVC.exe-3724.log
2014-11-21 08:30 - 2014-11-21 08:30 - 00000197 _____ () C:\windows\system32\2014-11-21-07-30-33.013-AvastVBoxSVC.exe-3336.log
2014-11-21 06:56 - 2014-11-21 06:56 - 00020132 _____ () C:\Users\Marketa\Downloads\Bloodbath.-.Grand.Morbid.Funeral.(Limited.Edition).(2014).torrent
2014-11-21 06:55 - 2014-11-21 06:55 - 00022534 _____ () C:\Users\Marketa\Downloads\King.Diamond.-.Dreams.of.Horror.(2014).torrent
2014-11-21 06:55 - 2014-11-21 06:55 - 00019363 _____ () C:\Users\Marketa\Downloads\Primordial.-.Where.Greater.Men.Have.Fallen.(2014).torrent
2014-11-21 06:54 - 2014-11-21 06:54 - 00014490 _____ () C:\Users\Marketa\Downloads\Avatarium.-.Moonhorse.[EP].(2013).torrent
2014-11-21 06:53 - 2014-11-21 06:53 - 00018889 _____ () C:\Users\Marketa\Downloads\Avatarium.-.Avatarium.(2013).torrent
2014-11-21 06:40 - 2014-11-21 06:40 - 00000247 _____ () C:\windows\system32\2014-11-21-05-40-53.091-aswFe.exe-5436.log
2014-11-21 06:32 - 2014-11-21 06:32 - 00000197 _____ () C:\windows\system32\2014-11-21-05-32-35.062-AvastVBoxSVC.exe-5696.log
2014-11-21 06:22 - 2014-11-21 06:22 - 00000000 ____D () C:\windows\system32\vbox
2014-11-20 14:39 - 2014-11-27 08:28 - 00002005 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-20 14:39 - 2014-11-20 14:39 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-11-19 10:48 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-11-19 10:47 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-18 22:33 - 2014-11-18 22:33 - 00000000 ____D () C:\Users\Marketa\Desktop\Malované počasí
2014-11-18 09:56 - 2014-11-22 22:09 - 1714787004 _____ () C:\Users\Marketa\Downloads\Sleepy Hollow S02E08 Heartless (1920x1080) [Phr0stY].mkv
2014-11-18 09:54 - 2014-11-18 09:54 - 00046609 _____ () C:\Users\Marketa\Downloads\Sleepy.Hollow.S02E08.Heartless.1080p.WEB-DL.DD5.1.H.264-BS.srt
2014-11-18 07:32 - 2014-11-18 07:55 - 00000000 ____D () C:\Users\Marketa\Downloads\Sleepy.Hollow.S02E07.Deliverance.1080p.WEB-DL.DD5.1.H.264-BS[rarbg]
2014-11-18 07:30 - 2014-11-18 07:43 - 00000000 ____D () C:\Users\Marketa\Downloads\Sleepy.Hollow.S02E06.And.the.Abyss.Gazes.Back.1080p.WEB-DL.DD5.1.H.264-BS[rarbg]
2014-11-18 07:30 - 2014-11-18 07:30 - 00043723 _____ () C:\Users\Marketa\Downloads\Sleepy.Hollow.S02E07.Deliverance.1080p.WEB-DL.DD5.1.H.264-BS.srt
2014-11-18 07:29 - 2014-11-18 07:29 - 00048575 _____ () C:\Users\Marketa\Downloads\Sleepy.Hollow.S02E06.And.the.Abyss.Gazes.Back.1080p.WEB-DL.DD5.1.H.264-BS.srt
2014-11-17 18:37 - 2014-11-17 18:42 - 00000000 ____D () C:\Users\Marketa\Desktop\Frajeřinky
2014-11-15 09:05 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-11-15 09:05 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-11-15 09:05 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-11-15 09:05 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-11-15 09:05 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-11-15 09:05 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-11-15 09:05 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-11-15 09:05 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-11-15 09:05 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-11-15 09:05 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-11-15 09:05 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-11-15 09:05 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-11-15 09:05 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-11-15 09:05 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-11-15 09:05 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-11-15 09:05 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2014-11-15 09:04 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-11-15 09:04 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-11-15 09:04 - 2014-11-06 04:28 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-11-15 09:04 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-11-15 09:04 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-11-15 09:04 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-11-15 09:04 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-11-15 09:04 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-11-15 09:04 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-11-15 09:04 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-11-15 09:04 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-11-15 09:04 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-11-15 09:04 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-11-15 09:04 - 2014-11-06 03:59 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-11-15 09:04 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-11-15 09:04 - 2014-11-06 03:51 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-15 09:04 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-11-15 09:04 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-15 09:04 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-11-15 09:04 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-11-15 09:04 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-11-15 09:04 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-11-15 09:04 - 2014-11-06 03:22 - 00683008 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-11-15 09:04 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-11-15 09:04 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-11-15 09:04 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-11-15 09:04 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-11-15 09:04 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-11-15 09:04 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-11-15 09:04 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-11-15 09:04 - 2014-11-05 18:50 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-11-15 09:04 - 2014-11-05 18:50 - 00203776 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-11-15 09:04 - 2014-11-05 18:47 - 00302592 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-11-15 09:04 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-11-13 15:52 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-11-13 15:52 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-11-13 15:52 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-11-13 15:52 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-11-13 15:52 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-11-13 15:52 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-11-12 17:26 - 2014-11-12 17:26 - 00000000 __SHD () C:\Users\Marketa\AppData\Local\EmieBrowserModeList
2014-11-12 16:27 - 2014-11-15 08:39 - 00000000 ____D () C:\Users\Marketa\Downloads\Dawn.of.the.Planet.of.the.Apes.2014-PLYNOW
2014-11-08 18:14 - 2014-11-08 18:15 - 00000000 ____D () C:\Users\Marketa\Downloads\A.Walk.Among.the.Tombstones.2014.WEBRip.x264.AAC
2014-11-04 08:36 - 2014-11-04 08:43 - 00000000 ____D () C:\Users\Marketa\Downloads\HIRAX
2014-10-30 15:03 - 2014-10-30 16:07 - 00000000 ____D () C:\Users\Marketa\Downloads\Dárce The Giver
2014-10-30 14:57 - 2014-10-30 14:57 - 00000000 ____D () C:\Users\Marketa\Downloads\VA - Relaxing Classical Piano (2014)
2014-10-29 05:38 - 2014-10-29 05:38 - 01055936 _____ (Adobe) C:\Users\Marketa\Downloads\install_flashplayer15x32axau_gtba_chra_dy_aaa_aih.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-28 17:02 - 2013-01-28 22:49 - 00000000 ____D () C:\ProgramData\ActivityMon
2014-11-28 16:55 - 2013-07-26 20:31 - 01386269 _____ () C:\windows\WindowsUpdate.log
2014-11-28 16:54 - 2009-09-20 08:17 - 00006432 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-28 16:54 - 2009-07-14 05:34 - 00022688 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-28 16:54 - 2009-07-14 05:34 - 00022688 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-28 16:50 - 2014-06-17 00:47 - 00000940 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-28 16:47 - 2014-06-17 00:47 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-28 16:46 - 2014-10-03 04:37 - 00021114 _____ () C:\windows\setupact.log
2014-11-28 16:46 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-28 12:40 - 2014-07-21 21:18 - 00000970 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job
2014-11-28 12:36 - 2011-09-15 19:00 - 00000052 _____ () C:\windows\system32\DOErrors.log
2014-11-28 12:34 - 2011-09-20 12:54 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\HpUpdate
2014-11-27 16:57 - 2014-10-07 04:36 - 00008406 _____ () C:\windows\PFRO.log
2014-11-27 08:23 - 2012-03-17 07:21 - 00000000 ____D () C:\windows\Minidump
2014-11-27 08:23 - 2011-09-12 15:27 - 00000000 ____D () C:\Users\Marketa
2014-11-27 08:22 - 2014-10-06 05:28 - 00000000 ____D () C:\Users\Marketa\AppData\Local\Allin1Convert_8h
2014-11-27 08:22 - 2014-10-06 05:23 - 00000000 ____D () C:\Program Files\Allin1Convert_8h
2014-11-27 08:22 - 2014-10-06 05:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2014-11-27 08:22 - 2014-10-06 05:18 - 00000000 ____D () C:\Program Files\GreenTree Applications
2014-11-27 08:22 - 2011-11-28 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-27 08:22 - 2011-09-22 19:43 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Winamp
2014-11-27 08:22 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\system32\wfp
2014-11-27 08:22 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\registration
2014-11-27 06:13 - 2012-04-09 16:13 - 11654144 ___SH () C:\Users\Marketa\Desktop\Thumbs.db
2014-11-27 06:01 - 2014-08-11 11:01 - 00000000 ____D () C:\Users\Marketa\Desktop\MŠ Rybička
2014-11-23 14:33 - 2011-09-14 10:28 - 00787800 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2014-11-23 07:26 - 2009-09-20 08:18 - 00000000 ____D () C:\ProgramData\PDFC
2014-11-22 22:11 - 2011-09-14 10:39 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\uTorrent
2014-11-22 11:48 - 2014-06-16 20:07 - 00000000 ____D () C:\Users\Marketa\Desktop\RQMONEY
2014-11-21 09:46 - 2014-07-21 21:18 - 00000918 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job
2014-11-21 08:27 - 2014-05-06 04:00 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-21 06:40 - 2012-04-02 04:04 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-11-21 06:40 - 2011-09-26 19:32 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-21 06:40 - 2011-09-14 18:14 - 00000000 ____D () C:\Users\Marketa\AppData\Local\Adobe
2014-11-21 06:26 - 2014-05-11 09:52 - 00000000 ____D () C:\Program Files\Opera
2014-11-21 06:22 - 2011-09-14 10:28 - 00423784 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-11-20 17:57 - 2011-09-20 12:11 - 00000000 ____D () C:\Users\Marketa\Desktop\Herzánka
2014-11-20 14:39 - 2014-04-25 19:17 - 00024184 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-11-20 14:39 - 2013-12-26 15:31 - 00091496 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2014-11-20 14:39 - 2013-03-01 23:39 - 00206248 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-11-20 14:39 - 2013-03-01 23:39 - 00049944 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-11-20 14:39 - 2012-02-25 22:34 - 00081768 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-11-20 14:39 - 2011-09-14 10:28 - 00070384 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-11-17 21:20 - 2013-09-13 18:59 - 00000000 ____D () C:\windows\rescache
2014-11-17 15:20 - 2009-07-14 05:52 - 00000000 ____D () C:\windows\twain_32
2014-11-17 15:20 - 2009-07-14 03:04 - 00000513 _____ () C:\windows\win.ini
2014-11-17 11:24 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\Microsoft.NET
2014-11-15 17:13 - 2009-07-14 05:33 - 03815864 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-15 17:10 - 2014-05-07 05:16 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-11-15 08:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-11-13 16:05 - 2009-09-20 08:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-13 16:01 - 2013-08-05 08:25 - 00000000 ____D () C:\windows\system32\MRT
2014-11-13 15:56 - 2011-09-16 05:32 - 100445232 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-11-12 15:31 - 2013-11-05 23:47 - 00000058 _____ () C:\Users\Marketa\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2014-11-10 06:10 - 2013-11-12 07:16 - 00000000 ____D () C:\Users\Marketa\Desktop\Háčkování a pletení návody
2014-11-08 19:58 - 2009-07-14 05:53 - 00032634 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-11-07 10:34 - 2011-09-23 16:30 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\BatteryBar
2014-11-04 14:30 - 2011-09-23 16:07 - 00229000 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-11-04 06:59 - 2013-05-06 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-02 17:12 - 2009-07-14 05:52 - 00000000 ____D () C:\windows\system32\FxsTmp
Some content of TEMP:
====================
C:\Users\Marketa\AppData\Local\Temp\BatteryBarSetup-3.6.4.exe
C:\Users\Marketa\AppData\Local\Temp\ochelper.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Marketa\Desktop" je 64675 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\accrdsub
"C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\acevents
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTibMounterMonitor
c:\program files\common files\acronis\tibmounter\tibmountermonitor.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\actSessionUI32.exe
"C:\Program Files\ActivityMon Software\ActivityMon\actSessionUI32.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANT Agent
c:\program files\garmin\ant agent\ant agent.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cobian Backup 11 interface
"C:\Program Files\Cobian Backup 11\cbInterface.exe" -service [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS
rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp
"C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileBroadband
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCPluginUpdater
"C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Slu�ba Acronis Scheduler2
c:\program files\common files\acronis\schedule2\schedhlp.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX
C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP
C:\Program Files\Analog Devices\Core\smax4pnp.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe
c:\program files\acronis\trueimagehome\trueimagemonitor.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia
"C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk
C:\PROGRA~1\WinZip\WZQKPICK.EXE [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\Marketa\AppData\Roaming\Dropbox\bin\Dropbox.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2010.lnk
C:\PROGRA~1\MICROS~2\Office14\ONENOTEM.EXE
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
Ran by Marketa (administrator) on MARKETA-PC on 28-11-2014 17:00:34
Running from C:\Users\Marketa\Desktop
Loaded Profile: Marketa (Available profiles: Marketa)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
(Roman Svihalek, ActivityMon Software) C:\Program Files\ActivityMon Software\ActivityMon\svchost.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(CobianSoft, Luis Cobian) C:\Program Files\Cobian Backup 11\cbVSCService11.exe
(Luis Cobian, CobianSoft) C:\Program Files\Cobian Backup 11\cbService.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Bioscrypt Inc.) C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
() C:\Program Files\ActivityMon Software\ActivityMon\rundll32.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
() C:\Program Files\ActivityMon Software\ActivityMon\actSessionUI32.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Vladimír Kraus, Czech Republic) G:\Trefik12\Trefik12.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Opera Software) C:\Program Files\Opera\26.0.1656.24\opera.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(forum.viry.cz) C:\Users\Marketa\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-21] (AVAST Software)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [90624 2013-04-11] ()
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200 2014-04-23] (Garmin Ltd or its subsidiaries)
AppInit_DLLs: C:\PROGRA~1\HEWLET~1\IAM\Bin\APSHook.dll => C:\Program Files\Hewlett-Packard\IAM\Bin\APSHook.dll [89872 2009-07-23] (Bioscrypt Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-730507215-887370363-3937766701-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
URLSearchHook: HKU\S-1-5-21-730507215-887370363-3937766701-1001 - (No Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll ()
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-730507215-887370363-3937766701-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: No Name -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Credential Manager for HP ProtectTools -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
BHO: No Name -> {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} -> No File
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - No Name - {cd1a63ba-a08c-431b-9a34-f240aadc728d} - No File
Toolbar: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> No Name - {CD1A63BA-A08C-431B-9A34-F240AADC728D} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl-esd.sun.com/update/1.7.0/ ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.1.1
Tcpip\..\Interfaces\{080FA4BF-28B2-4E7A-A306-E06364A2E9F9}: [NameServer] 217.77.165.81 217.77.161.131
Tcpip\..\Interfaces\{58A95CB5-18F8-4B18-929F-C7A966324B11}: [NameServer] 217.77.165.81 217.77.161.131
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Allin1Convert_8h.com/Plugin -> C:\Program Files\Allin1Convert_8h\bar\1.bin\NP8hStub.dll No File
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin: @real.com/nppl3260;version=15.0.0.198 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.0.198 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=15.0.0.198 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-03]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-09-14]
FF HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Profile: C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Peněženka Google) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-20]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [207400 2009-06-03] (ActivIdentity)
R2 ActivityMon2; C:\Program Files\ActivityMon Software\ActivityMon\svchost.exe [80568 2012-10-18] (Roman Svihalek, ActivityMon Software)
R2 ASBroker; C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [192784 2009-07-23] (Bioscrypt Inc.)
R2 ASChannel; C:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll [150288 2009-07-23] (Bioscrypt Inc.)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1201400 2009-07-29] (AuthenTec, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-20] (AVAST Software)
R2 cbVSCService11; C:\Program Files\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
R2 CobianBackup11; C:\Program Files\Cobian Backup 11\cbService.exe [1131008 2012-12-05] (Luis Cobian, CobianSoft) [File not signed]
S2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [436056 2014-04-23] (Garmin Ltd or its subsidiaries)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-09] (Hewlett-Packard) [File not signed]
S3 HP ProtectTools Service; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [45056 2009-07-30] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HpFkCryptService; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [256544 2009-07-29] (McAfee, Inc.)
S3 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S3 PasswordBox; C:\Program Files\PasswordBox\pbbtnService.exe [67584 2013-11-01] (PasswordBox, Inc.) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-06-18] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 Správce výběru OS; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2011-12-12] ()
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 VmbService; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [9216 2011-07-14] (Vodafone) [File not signed]
S2 yksvc; C:\windows\System32\yk62x86.dll [364544 2009-09-28] (Marvell)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 5U876UVC; C:\windows\System32\DRIVERS\5U876.sys [118656 2009-06-30] (Ricoh co.,Ltd.)
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2014-11-20] ()
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [70384 2014-11-20] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81768 2014-11-20] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49944 2014-11-20] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [787800 2014-11-23] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [423784 2014-11-21] (AVAST Software)
S2 aswStm; C:\windows\system32\drivers\aswStm.sys [91496 2014-11-20] (AVAST Software)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [206248 2014-11-20] ()
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [232512 2011-10-07] (DT Soft Ltd)
S3 FsUsbExDisk; C:\windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [File not signed]
S3 grmnusb; C:\windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
S3 huawei_cdcacm; C:\windows\System32\DRIVERS\ew_jucdcacm.sys [89856 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\windows\System32\DRIVERS\ew_juextctrl.sys [26624 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\windows\System32\DRIVERS\ew_juwwanecm.sys [182272 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-10-16] (Malwarebytes Corporation)
S3 MfeAVFK; C:\windows\System32\drivers\MfeAVFK.sys [79816 2009-05-16] (McAfee, Inc.)
S3 MfeBOPK; C:\windows\System32\drivers\MfeBOPK.sys [35272 2009-05-16] (McAfee, Inc.)
R1 mfehidk; C:\windows\System32\drivers\mfehidk.sys [214024 2009-05-16] (McAfee, Inc.)
S3 MfeRKDK; C:\windows\System32\drivers\MfeRKDK.sys [34248 2009-05-16] (McAfee, Inc.)
R1 mfetdik; C:\windows\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)
S3 NETw1v32; C:\windows\System32\DRIVERS\NETw1v32.sys [5958656 2009-07-21] (Intel Corporation)
R2 npf; C:\windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
R1 RsvLock; C:\windows\system32\Drivers\RsvLock.sys [12528 2009-07-29] (SafeBoot International)
R0 SafeBoot; C:\windows\system32\Drivers\SafeBoot.sys [109216 2009-07-29] () [File not signed]
R0 SbAlg; C:\windows\system32\Drivers\SbAlg.sys [51408 2009-07-29] (SafeBoot N.V.)
R0 SbFsLock; C:\windows\system32\Drivers\SbFsLock.sys [12960 2009-07-29] (SafeBoot International)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [436792 2012-06-05] () [File not signed]
S3 ss_bbus; C:\windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S1 A2DDA; \??\G:\RUN\a2ddax86.sys [X]
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 cleanhlp; \??\G:\Run\cleanhlp32.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-28 17:00 - 2014-11-28 17:02 - 00021197 _____ () C:\Users\Marketa\Desktop\FRST.txt
2014-11-28 16:59 - 2014-11-28 17:00 - 01109504 _____ (Farbar) C:\Users\Marketa\Desktop\FRST.exe
2014-11-28 16:59 - 2014-11-28 16:59 - 00112640 _____ (forum.viry.cz) C:\Users\Marketa\Desktop\FRSTLauncher.exe
2014-11-27 08:28 - 2014-11-27 08:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-27 08:27 - 2014-11-20 14:39 - 00291352 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-11-27 08:23 - 2014-11-27 08:23 - 317786463 _____ () C:\windows\MEMORY.DMP
2014-11-27 08:23 - 2014-11-27 08:23 - 00143896 _____ () C:\windows\Minidump\112714-23431-01.dmp
2014-11-26 23:00 - 2014-11-26 23:02 - 00000000 ____D () C:\Users\Marketa\Desktop\Estas Tonne - Discography (320kbps)
2014-11-26 23:00 - 2014-11-26 23:02 - 00000000 ____D () C:\Users\Marketa\Desktop\Dan Barta
2014-11-26 22:22 - 2014-11-26 22:27 - 00000000 ____D () C:\AdwCleaner
2014-11-26 22:22 - 2014-11-26 22:22 - 02148864 _____ () C:\Users\Marketa\Desktop\adwcleaner_4.102.exe
2014-11-26 22:04 - 2014-11-28 17:01 - 00000000 ____D () C:\FRST
2014-11-26 04:03 - 2014-11-26 04:03 - 00000197 _____ () C:\windows\system32\2014-11-26-03-03-56.076-AvastVBoxSVC.exe-3696.log
2014-11-25 19:01 - 2014-11-25 19:01 - 00000197 _____ () C:\windows\system32\2014-11-25-18-01-40.053-AvastVBoxSVC.exe-5844.log
2014-11-25 05:37 - 2014-11-25 05:37 - 00000197 _____ () C:\windows\system32\2014-11-25-04-37-05.068-AvastVBoxSVC.exe-3924.log
2014-11-24 14:25 - 2014-11-24 14:25 - 00000197 _____ () C:\windows\system32\2014-11-24-13-25-23.052-AvastVBoxSVC.exe-3772.log
2014-11-24 11:34 - 2014-11-24 11:34 - 00000197 _____ () C:\windows\system32\2014-11-24-10-34-09.010-AvastVBoxSVC.exe-4052.log
2014-11-24 06:32 - 2014-11-24 06:32 - 00000197 _____ () C:\windows\system32\2014-11-24-05-32-40.088-AvastVBoxSVC.exe-4064.log
2014-11-23 14:32 - 2014-11-23 14:32 - 00000197 _____ () C:\windows\system32\2014-11-23-13-32-45.090-AvastVBoxSVC.exe-3972.log
2014-11-23 10:16 - 2014-11-23 10:16 - 00000197 _____ () C:\windows\system32\2014-11-23-09-16-02.042-AvastVBoxSVC.exe-3904.log
2014-11-23 08:15 - 2014-11-23 08:15 - 00000197 _____ () C:\windows\system32\2014-11-23-07-15-31.054-AvastVBoxSVC.exe-4076.log
2014-11-23 07:27 - 2014-11-23 07:27 - 00000197 _____ () C:\windows\system32\2014-11-23-06-27-25.058-AvastVBoxSVC.exe-3836.log
2014-11-22 20:18 - 2014-11-22 20:18 - 00000197 _____ () C:\windows\system32\2014-11-22-19-18-53.031-AvastVBoxSVC.exe-4028.log
2014-11-22 11:37 - 2014-11-22 11:37 - 00000197 _____ () C:\windows\system32\2014-11-22-10-37-07.045-AvastVBoxSVC.exe-3968.log
2014-11-21 16:01 - 2014-11-21 16:01 - 00000197 _____ () C:\windows\system32\2014-11-21-15-01-01.004-AvastVBoxSVC.exe-3776.log
2014-11-21 15:18 - 2014-11-21 15:18 - 00000197 _____ () C:\windows\system32\2014-11-21-14-18-04.056-AvastVBoxSVC.exe-2784.log
2014-11-21 14:35 - 2014-11-21 14:35 - 00000197 _____ () C:\windows\system32\2014-11-21-13-35-58.038-AvastVBoxSVC.exe-4064.log
2014-11-21 13:12 - 2014-11-21 13:12 - 00000197 _____ () C:\windows\system32\2014-11-21-12-12-37.053-AvastVBoxSVC.exe-3724.log
2014-11-21 08:30 - 2014-11-21 08:30 - 00000197 _____ () C:\windows\system32\2014-11-21-07-30-33.013-AvastVBoxSVC.exe-3336.log
2014-11-21 06:56 - 2014-11-21 06:56 - 00020132 _____ () C:\Users\Marketa\Downloads\Bloodbath.-.Grand.Morbid.Funeral.(Limited.Edition).(2014).torrent
2014-11-21 06:55 - 2014-11-21 06:55 - 00022534 _____ () C:\Users\Marketa\Downloads\King.Diamond.-.Dreams.of.Horror.(2014).torrent
2014-11-21 06:55 - 2014-11-21 06:55 - 00019363 _____ () C:\Users\Marketa\Downloads\Primordial.-.Where.Greater.Men.Have.Fallen.(2014).torrent
2014-11-21 06:54 - 2014-11-21 06:54 - 00014490 _____ () C:\Users\Marketa\Downloads\Avatarium.-.Moonhorse.[EP].(2013).torrent
2014-11-21 06:53 - 2014-11-21 06:53 - 00018889 _____ () C:\Users\Marketa\Downloads\Avatarium.-.Avatarium.(2013).torrent
2014-11-21 06:40 - 2014-11-21 06:40 - 00000247 _____ () C:\windows\system32\2014-11-21-05-40-53.091-aswFe.exe-5436.log
2014-11-21 06:32 - 2014-11-21 06:32 - 00000197 _____ () C:\windows\system32\2014-11-21-05-32-35.062-AvastVBoxSVC.exe-5696.log
2014-11-21 06:22 - 2014-11-21 06:22 - 00000000 ____D () C:\windows\system32\vbox
2014-11-20 14:39 - 2014-11-27 08:28 - 00002005 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-20 14:39 - 2014-11-20 14:39 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-11-19 10:48 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-11-19 10:47 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-18 22:33 - 2014-11-18 22:33 - 00000000 ____D () C:\Users\Marketa\Desktop\Malované počasí
2014-11-18 09:56 - 2014-11-22 22:09 - 1714787004 _____ () C:\Users\Marketa\Downloads\Sleepy Hollow S02E08 Heartless (1920x1080) [Phr0stY].mkv
2014-11-18 09:54 - 2014-11-18 09:54 - 00046609 _____ () C:\Users\Marketa\Downloads\Sleepy.Hollow.S02E08.Heartless.1080p.WEB-DL.DD5.1.H.264-BS.srt
2014-11-18 07:32 - 2014-11-18 07:55 - 00000000 ____D () C:\Users\Marketa\Downloads\Sleepy.Hollow.S02E07.Deliverance.1080p.WEB-DL.DD5.1.H.264-BS[rarbg]
2014-11-18 07:30 - 2014-11-18 07:43 - 00000000 ____D () C:\Users\Marketa\Downloads\Sleepy.Hollow.S02E06.And.the.Abyss.Gazes.Back.1080p.WEB-DL.DD5.1.H.264-BS[rarbg]
2014-11-18 07:30 - 2014-11-18 07:30 - 00043723 _____ () C:\Users\Marketa\Downloads\Sleepy.Hollow.S02E07.Deliverance.1080p.WEB-DL.DD5.1.H.264-BS.srt
2014-11-18 07:29 - 2014-11-18 07:29 - 00048575 _____ () C:\Users\Marketa\Downloads\Sleepy.Hollow.S02E06.And.the.Abyss.Gazes.Back.1080p.WEB-DL.DD5.1.H.264-BS.srt
2014-11-17 18:37 - 2014-11-17 18:42 - 00000000 ____D () C:\Users\Marketa\Desktop\Frajeřinky
2014-11-15 09:05 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-11-15 09:05 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-11-15 09:05 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-11-15 09:05 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-11-15 09:05 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-11-15 09:05 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-11-15 09:05 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-11-15 09:05 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-11-15 09:05 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-11-15 09:05 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-11-15 09:05 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-11-15 09:05 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-11-15 09:05 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-11-15 09:05 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-11-15 09:05 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-11-15 09:05 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2014-11-15 09:04 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-11-15 09:04 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-11-15 09:04 - 2014-11-06 04:28 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-11-15 09:04 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-11-15 09:04 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-11-15 09:04 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-11-15 09:04 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-11-15 09:04 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-11-15 09:04 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-11-15 09:04 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-11-15 09:04 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-11-15 09:04 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-11-15 09:04 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-11-15 09:04 - 2014-11-06 03:59 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-11-15 09:04 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-11-15 09:04 - 2014-11-06 03:51 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-15 09:04 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-11-15 09:04 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-15 09:04 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-11-15 09:04 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-11-15 09:04 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-11-15 09:04 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-11-15 09:04 - 2014-11-06 03:22 - 00683008 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-11-15 09:04 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-11-15 09:04 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-11-15 09:04 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-11-15 09:04 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-11-15 09:04 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-11-15 09:04 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-11-15 09:04 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-11-15 09:04 - 2014-11-05 18:50 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-11-15 09:04 - 2014-11-05 18:50 - 00203776 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-11-15 09:04 - 2014-11-05 18:47 - 00302592 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-11-15 09:04 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-11-13 15:52 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-11-13 15:52 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-11-13 15:52 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-11-13 15:52 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-11-13 15:52 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-11-13 15:52 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-11-12 17:26 - 2014-11-12 17:26 - 00000000 __SHD () C:\Users\Marketa\AppData\Local\EmieBrowserModeList
2014-11-12 16:27 - 2014-11-15 08:39 - 00000000 ____D () C:\Users\Marketa\Downloads\Dawn.of.the.Planet.of.the.Apes.2014-PLYNOW
2014-11-08 18:14 - 2014-11-08 18:15 - 00000000 ____D () C:\Users\Marketa\Downloads\A.Walk.Among.the.Tombstones.2014.WEBRip.x264.AAC
2014-11-04 08:36 - 2014-11-04 08:43 - 00000000 ____D () C:\Users\Marketa\Downloads\HIRAX
2014-10-30 15:03 - 2014-10-30 16:07 - 00000000 ____D () C:\Users\Marketa\Downloads\Dárce The Giver
2014-10-30 14:57 - 2014-10-30 14:57 - 00000000 ____D () C:\Users\Marketa\Downloads\VA - Relaxing Classical Piano (2014)
2014-10-29 05:38 - 2014-10-29 05:38 - 01055936 _____ (Adobe) C:\Users\Marketa\Downloads\install_flashplayer15x32axau_gtba_chra_dy_aaa_aih.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-28 17:02 - 2013-01-28 22:49 - 00000000 ____D () C:\ProgramData\ActivityMon
2014-11-28 16:55 - 2013-07-26 20:31 - 01386269 _____ () C:\windows\WindowsUpdate.log
2014-11-28 16:54 - 2009-09-20 08:17 - 00006432 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-28 16:54 - 2009-07-14 05:34 - 00022688 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-28 16:54 - 2009-07-14 05:34 - 00022688 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-28 16:50 - 2014-06-17 00:47 - 00000940 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-28 16:47 - 2014-06-17 00:47 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-28 16:46 - 2014-10-03 04:37 - 00021114 _____ () C:\windows\setupact.log
2014-11-28 16:46 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-28 12:40 - 2014-07-21 21:18 - 00000970 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job
2014-11-28 12:36 - 2011-09-15 19:00 - 00000052 _____ () C:\windows\system32\DOErrors.log
2014-11-28 12:34 - 2011-09-20 12:54 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\HpUpdate
2014-11-27 16:57 - 2014-10-07 04:36 - 00008406 _____ () C:\windows\PFRO.log
2014-11-27 08:23 - 2012-03-17 07:21 - 00000000 ____D () C:\windows\Minidump
2014-11-27 08:23 - 2011-09-12 15:27 - 00000000 ____D () C:\Users\Marketa
2014-11-27 08:22 - 2014-10-06 05:28 - 00000000 ____D () C:\Users\Marketa\AppData\Local\Allin1Convert_8h
2014-11-27 08:22 - 2014-10-06 05:23 - 00000000 ____D () C:\Program Files\Allin1Convert_8h
2014-11-27 08:22 - 2014-10-06 05:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2014-11-27 08:22 - 2014-10-06 05:18 - 00000000 ____D () C:\Program Files\GreenTree Applications
2014-11-27 08:22 - 2011-11-28 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-27 08:22 - 2011-09-22 19:43 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Winamp
2014-11-27 08:22 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\system32\wfp
2014-11-27 08:22 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\registration
2014-11-27 06:13 - 2012-04-09 16:13 - 11654144 ___SH () C:\Users\Marketa\Desktop\Thumbs.db
2014-11-27 06:01 - 2014-08-11 11:01 - 00000000 ____D () C:\Users\Marketa\Desktop\MŠ Rybička
2014-11-23 14:33 - 2011-09-14 10:28 - 00787800 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2014-11-23 07:26 - 2009-09-20 08:18 - 00000000 ____D () C:\ProgramData\PDFC
2014-11-22 22:11 - 2011-09-14 10:39 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\uTorrent
2014-11-22 11:48 - 2014-06-16 20:07 - 00000000 ____D () C:\Users\Marketa\Desktop\RQMONEY
2014-11-21 09:46 - 2014-07-21 21:18 - 00000918 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job
2014-11-21 08:27 - 2014-05-06 04:00 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-21 06:40 - 2012-04-02 04:04 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-11-21 06:40 - 2011-09-26 19:32 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-21 06:40 - 2011-09-14 18:14 - 00000000 ____D () C:\Users\Marketa\AppData\Local\Adobe
2014-11-21 06:26 - 2014-05-11 09:52 - 00000000 ____D () C:\Program Files\Opera
2014-11-21 06:22 - 2011-09-14 10:28 - 00423784 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-11-20 17:57 - 2011-09-20 12:11 - 00000000 ____D () C:\Users\Marketa\Desktop\Herzánka
2014-11-20 14:39 - 2014-04-25 19:17 - 00024184 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-11-20 14:39 - 2013-12-26 15:31 - 00091496 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2014-11-20 14:39 - 2013-03-01 23:39 - 00206248 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-11-20 14:39 - 2013-03-01 23:39 - 00049944 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-11-20 14:39 - 2012-02-25 22:34 - 00081768 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-11-20 14:39 - 2011-09-14 10:28 - 00070384 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-11-17 21:20 - 2013-09-13 18:59 - 00000000 ____D () C:\windows\rescache
2014-11-17 15:20 - 2009-07-14 05:52 - 00000000 ____D () C:\windows\twain_32
2014-11-17 15:20 - 2009-07-14 03:04 - 00000513 _____ () C:\windows\win.ini
2014-11-17 11:24 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\Microsoft.NET
2014-11-15 17:13 - 2009-07-14 05:33 - 03815864 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-15 17:10 - 2014-05-07 05:16 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-11-15 08:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-11-13 16:05 - 2009-09-20 08:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-13 16:01 - 2013-08-05 08:25 - 00000000 ____D () C:\windows\system32\MRT
2014-11-13 15:56 - 2011-09-16 05:32 - 100445232 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-11-12 15:31 - 2013-11-05 23:47 - 00000058 _____ () C:\Users\Marketa\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2014-11-10 06:10 - 2013-11-12 07:16 - 00000000 ____D () C:\Users\Marketa\Desktop\Háčkování a pletení návody
2014-11-08 19:58 - 2009-07-14 05:53 - 00032634 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-11-07 10:34 - 2011-09-23 16:30 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\BatteryBar
2014-11-04 14:30 - 2011-09-23 16:07 - 00229000 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-11-04 06:59 - 2013-05-06 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-02 17:12 - 2009-07-14 05:52 - 00000000 ____D () C:\windows\system32\FxsTmp
Some content of TEMP:
====================
C:\Users\Marketa\AppData\Local\Temp\BatteryBarSetup-3.6.4.exe
C:\Users\Marketa\AppData\Local\Temp\ochelper.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Marketa\Desktop" je 64675 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\accrdsub
"C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\acevents
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTibMounterMonitor
c:\program files\common files\acronis\tibmounter\tibmountermonitor.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\actSessionUI32.exe
"C:\Program Files\ActivityMon Software\ActivityMon\actSessionUI32.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANT Agent
c:\program files\garmin\ant agent\ant agent.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cobian Backup 11 interface
"C:\Program Files\Cobian Backup 11\cbInterface.exe" -service [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS
rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp
"C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileBroadband
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCPluginUpdater
"C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Slu�ba Acronis Scheduler2
c:\program files\common files\acronis\schedule2\schedhlp.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX
C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP
C:\Program Files\Analog Devices\Core\smax4pnp.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe
c:\program files\acronis\trueimagehome\trueimagemonitor.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia
"C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk
C:\PROGRA~1\WinZip\WZQKPICK.EXE [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\Marketa\AppData\Roaming\Dropbox\bin\Dropbox.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2010.lnk
C:\PROGRA~1\MICROS~2\Office14\ONENOTEM.EXE
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
-
Rudy
- Site Admin
- Příspěvky: 119556
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu logu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
URLSearchHook: HKU\S-1-5-21-730507215-887370363-3937766701-1001 - (No Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll ()
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-730507215-887370363-3937766701-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
BHO: No Name -> {a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
C:\Program Files\Google\Google Toolbar
BHO: No Name -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> No File
BHO: No Name -> {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} -> No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - No Name - {cd1a63ba-a08c-431b-9a34-f240aadc728d} - No File
Toolbar: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> No Name - {CD1A63BA-A08C-431B-9A34-F240AADC728D} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
S1 A2DDA; \??\G:\RUN\a2ddax86.sys [X]
S3 cleanhlp; \??\G:\Run\cleanhlp32.sys [X]
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job
C:\Users\Marketa\AppData\Local\Temp
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu logu
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 26-11-2014 01
Ran by Marketa at 2014-11-28 17:45:20 Run:1
Running from C:\Users\Marketa\Desktop
Loaded Profile: Marketa (Available profiles: Marketa)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
URLSearchHook: HKU\S-1-5-21-730507215-887370363-3937766701-1001 - (No Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll ()
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-730507215-887370363-3937766701-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
BHO: No Name -> {a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
C:\Program Files\Google\Google Toolbar
BHO: No Name -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> No File
BHO: No Name -> {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} -> No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - No Name - {cd1a63ba-a08c-431b-9a34-f240aadc728d} - No File
Toolbar: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> No Name - {CD1A63BA-A08C-431B-9A34-F240AADC728D} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
S1 A2DDA; \??\G:\RUN\a2ddax86.sys [X]
S3 cleanhlp; \??\G:\Run\cleanhlp32.sys [X]
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job
C:\Users\Marketa\AppData\Local\Temp
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
End
*****************
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => Key deleted successfully.
"HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => Key deleted successfully.
"HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => Key deleted successfully.
"HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => Key deleted successfully.
"HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
HKU\S-1-5-21-730507215-887370363-3937766701-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} => value deleted successfully.
"HKCR\CLSID\{5bcf818d-78c8-41b8-ba89-65c5fdac4fc4}" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-730507215-887370363-3937766701-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}" => Key deleted successfully.
"HKCR\CLSID\{75b4241f-171e-44a3-bf44-23613b6e3e03}" => Key not found.
"HKU\S-1-5-21-730507215-887370363-3937766701-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}" => Key deleted successfully.
"HKCR\CLSID\{75b4241f-171e-44a3-bf44-23613b6e3e03}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797}" => Key deleted successfully.
"HKCR\CLSID\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
C:\Program Files\Google\Google Toolbar => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}" => Key deleted successfully.
"HKCR\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}" => Key deleted successfully.
"HKCR\CLSID\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{cd1a63ba-a08c-431b-9a34-f240aadc728d} => value deleted successfully.
"HKCR\CLSID\{cd1a63ba-a08c-431b-9a34-f240aadc728d}" => Key not found.
HKU\S-1-5-21-730507215-887370363-3937766701-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CD1A63BA-A08C-431B-9A34-F240AADC728D} => value deleted successfully.
"HKCR\CLSID\{CD1A63BA-A08C-431B-9A34-F240AADC728D}" => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key Deleted successfully.
A2DDA => Service deleted successfully.
cleanhlp => Service deleted successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job => Moved successfully.
"C:\Users\Marketa\AppData\Local\Temp" directory move:
C:\Users\Marketa\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\adwcleaner.db => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\BatteryBarSetup-3.6.4.exe => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\chrome_installer.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera24.0.1558.64opera_autoupdate.download.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera24.0.1558.64opera_autoupdate.metrics.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera25.0.1614.50opera_autoupdate.download.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera25.0.1614.50opera_autoupdate.metrics.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera25.0.1614.63opera_autoupdate.download.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera25.0.1614.63opera_autoupdate.metrics.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera25.0.1614.68opera_autoupdate.download.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera25.0.1614.68opera_autoupdate.metrics.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera25.0.1614.71opera_autoupdate.download.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera25.0.1614.71opera_autoupdate.metrics.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera26.0.1656.24opera_autoupdate.download.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera26.0.1656.24opera_autoupdate.metrics.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR10B3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1180.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR120B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1228.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR123B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1245.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1286.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR12AB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR12E5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1371.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR140D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR155A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1582.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR15A2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR15E2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR17A8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1801.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1814.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1838.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1876.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR191B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR194A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1976.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1988.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR19B9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR19EA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1A79.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1B20.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1B8F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1BAD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1BD1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1BF8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1C06.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1C4F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1C58.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1CD3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1D5F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1D8E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1DAE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1DC3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1E3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1E3F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1E7B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1EB6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1F0B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1F91.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1FA3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1FCF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR201.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2043.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2063.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR208C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR20C0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR20C4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR20EA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2107.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2166.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR21A9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR21E2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2230.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR22A1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR22CD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR231.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2386.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR23B5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR23D5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR254B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR259A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR25E7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2684.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2723.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2740.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR27A3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR27B0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR27EA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2800.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR289A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2922.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2986.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR299F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2A1D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2A2B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2C0E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2C1D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2C4E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2CD1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2D1A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2D37.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2D5C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2D68.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2E0C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2EDE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2F0D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2FF4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3120.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3126.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR314D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3152.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR31B9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR31C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR322B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR339E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR33AC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR33B0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR33B9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR342B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR342C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR343A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3479.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR352D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR35CF.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR368B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR36AA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3717.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3840.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR38DB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3949.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR39E5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR39F0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR39F4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3A24.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3A30.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3A76.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3A90.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3ACE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3AD4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3ADF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3B79.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3BD7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3BD9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3BEA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3C36.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3C64.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3CE0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3D05.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3D1F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3DDA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3DF1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3E08.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3E66.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3E66.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3E7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3E95.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3F42.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3FD2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3FED.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4088.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4145.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4161.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4183.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4193.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR41B0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4200.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR423F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR424C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR425.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4254.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR425F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR42A6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR42AB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR42CA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR42CD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR42E9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4327.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4328.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4365.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR43D2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR43E2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR43F9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4411.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4430.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR463.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4662.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR473F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR47C8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4817.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4836.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4836.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4930.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR494F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4965.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4980.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR49EB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4A14.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4AE2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4AE5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4AF4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4B61.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4B81.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4CA8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4D16.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4D27.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4D7A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4DA2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4E1F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4E9C.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4ED2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4EFB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4F12.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4F2E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4F76.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4FE7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR50E1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5113.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5135.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR514A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5162.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR516D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5188.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5215.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5325.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR536C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5502.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5503.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5504.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5523.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5541.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR555F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR55BE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5602.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5612.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR56E5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR56E8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR56F5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5753.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5793.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR583.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR583D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR588B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR58E9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5979.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR597C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR59A3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR59C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR59C3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR59DE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5A40.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5A4F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5A74.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5AC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5ADB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5B21.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5B88.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5B89.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5C10.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5C7C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5C81.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5CC3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5D4B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5D4C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5D7A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5D9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5EA3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5F11.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5F12.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5F2F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5F3D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5FAD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6039.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6058.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6067.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR60A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6104.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR61CF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR621C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR623B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR628A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR628F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR62B8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR62C8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR62D7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR62F7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR62FA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6392.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR641E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR646F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6492.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR64D2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR64DA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR64E8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR650C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR653E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR65B4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR65E6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR65F4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6642.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR667.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6759.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6796.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR679E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR67F6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6863.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR68A1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR68C0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR68D0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6992.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR69F3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6B4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6B41.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6B52.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6B6F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6C3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6C78.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6D43.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6E0E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6EAA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6F31.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6F36.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6F65.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR704F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR70EC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR70FA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR711F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7139.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR71D5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7234.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7261.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR732C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7446.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR748A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR74D0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7510.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR757E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR75F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR767B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR767C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR76BD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR76D4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR770.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7732.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7752.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR78CA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR78D8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7973.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR79B7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR79E0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7A6D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7ABD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7AE1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7B0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7B1D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7BA4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7BA5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7BE5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7C7F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7C80.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7CDC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7CE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7D0D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7D51.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7D5C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7DA1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7DB7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7DC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7E63.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7EC3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7F3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7FBC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7FEB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7FFC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8059.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR807A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8160.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8172.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR81CF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR81EB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR82A6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR82C6.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR82C6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR82F7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR832A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8352.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8361.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8362.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8362.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8385.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR83EE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR845E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR85B4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR869F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR86BC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR86C4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR870A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR870C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR878.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8787.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR87FC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8832.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8844.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8861.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8913.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR89C8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR89F2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8A7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8AA5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8AE6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8B1F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8CD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8D02.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8D35.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8D41.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8DB4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8DD1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8E41.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8EA7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8F56.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8F5A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8FF0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR900E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR903D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR90B1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR90BC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR91B8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR91D3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9221.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9232.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9265.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR926D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR926F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9285.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9321.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR932A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9338.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9378.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9433.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9436.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR94B0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR94B6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR95D8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR96E1.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR96E1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR96F1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9740.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR979D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR97DD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR97EB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9829.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9924.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9975.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR997D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9990.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR99A0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR99DC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR99EA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR99F3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9A5B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9B38.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9B64.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9B84.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9BA1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9BC2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9BCD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9BD3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9BF7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9C30.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9C5E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9CF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9D38.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9E33.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9F1C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9FF8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA025.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA069.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA0E0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA12E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA134.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA16E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA1AB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA1DE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA2C4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA2F8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA31F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA321.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA3D8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA3DF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA409.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA40C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA4BB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA4C6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA535.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA559.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA569.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA5A1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA5B5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA5DF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA610.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA68F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA6BA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA708.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA7D5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA812.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA851.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA860.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA8E0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA8EB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA929.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA9D5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA9E5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAA16.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAA2C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAAA0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAACF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAB4B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAB5B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAB9D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRABD8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRABDF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRABF2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAC08.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAC45.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAD9B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAE0D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAE19.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAE2B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAE68.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAF2A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAF61.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAF91.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAFAF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAFE4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB01C.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB01C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB08B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB116.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB174.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB1B1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB1E1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB1E3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB1EF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB206.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB20F.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB20F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB226.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB25F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB309.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB3B4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB431.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB433.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB46.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB460.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB47B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB480.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB498.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB4AF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB4EB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB4FD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB50C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB54D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB605.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB6DA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB7CB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB827.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB848.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB86.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB885.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB8D7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB8D9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB988.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB9BD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBA59.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBA78.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBA7A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBAA7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBB00.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBB92.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBBC1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBC0D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBC3F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBC42.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBC43.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBC7C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBCC9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBDF4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBE9E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBEAC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBEBC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBFC5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC003.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC053.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC0B7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC0EF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC10D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC1A9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC1CB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC1F8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC236.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC245.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC26.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC27.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC283.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC284.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC2A3.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC2A3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC336.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC35E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC38E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC3F0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC41A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC43A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC4F3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC505.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC56C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC5EE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC5FC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC604.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC63C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC64B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC67B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC6AA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC6D7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC725.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC766.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC773.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC779.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC822.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC922.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC9D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC9F9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCA02.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCA50.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCA50.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCA7F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCA8E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCAF1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCB4B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCB5A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCB9A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCBC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCBF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCBF5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCC02.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCC78.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCC79.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCCCF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCCEF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCD4C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCE17.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCE26.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCED3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD02B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD0BC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD1A3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD22D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD23F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD2BA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD2C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD306.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD309.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD364.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD364.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD374.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD3B7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD3D2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD408.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD427.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD47E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD4AC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD51C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD52B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD538.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD558.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD55B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD568.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD56B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD5A6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD5EE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD672.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD693.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD700.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD73C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD75A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD7C3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD7FE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD873.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD901.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD94E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD956.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD9BE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD9EB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDB29.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDBBE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDBF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDC41.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDC5A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDC98.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDCB7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDCD6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDCDE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDD07.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDD5A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDD63.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDD91.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDE57.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDE7C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDE8B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDE9B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDED9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDEDF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDF49.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDF6A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE00.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE021.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE056.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE063.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE070.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE072.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE08E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE09D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE102.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE12D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE1E4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE252.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE2CF.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE45.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE476.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE502.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE52.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE55E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE57E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE58C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE5B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE5DB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE5DC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE60D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE62B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE678.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE687.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE68D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE6CB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE703.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE704.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE704.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE71.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE81.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE926.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE985.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE9C2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE9C9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE9E1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE9FB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREA3F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREAC2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREB2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREBDA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREC49.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREC52.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREC8F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRECDE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREDBA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREDC7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREE4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREE55.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREE66.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREE86.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREEE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREF16.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREFE9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF056.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF076.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF095.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF131.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF1CD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF1F2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF212.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF26B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF286.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF288.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF2CC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF2D7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF2DD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF2ED.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF354.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF375.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF393.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF393.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF3A2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF3F0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF4A7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF4C9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF4E8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF565.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF598.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF5B3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF604.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF60E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF69D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF6FB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF70C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF71A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF759.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF862.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF876.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF890.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF8BF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF8F6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF9A9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF9DA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFA55.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFA6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFA64.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFAA.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFAC3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFB03.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFB9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFB90.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFBC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFBCD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFC0A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFC29.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFC2B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFC4E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFC58.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFCD5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFCFF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFD29.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFDB4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFDCF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFE46.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFE7B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFE89.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFED7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFF50.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFF64.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\DMID92E.tmp => Moved successfully.
Could not move "C:\Users\Marketa\AppData\Local\Temp\etilqs_T7Sy08jVzIrBENA" => Scheduled to move on reboot.
Could not move "C:\Users\Marketa\AppData\Local\Temp\etilqs_Tn15d4XUfGbr0yW" => Scheduled to move on reboot.
C:\Users\Marketa\AppData\Local\Temp\EULA.txt => Moved successfully.
Could not move "C:\Users\Marketa\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Marketa\AppData\Local\Temp\FXSTIFFDebugLogFile.txt => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\gomtemp.smi => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\HPSF_T000.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\HPSF_T001.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\HPSF_T002.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\HPSF_T003.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\HPSF_T004.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\HPSF_T005.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\HPSF_T006.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\HPSF_T007.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\HPSF_T008.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\modules00 => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\modules11 => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\ochelper.exe => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\opera_crashreporter.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\RedboxLog.txt => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\StructuredQuery.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trk22DC.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trk3D7D.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trk58C.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trk58FD.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trk5C15.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trk5DAC.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trk6655.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trk825E.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trkAF54.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trkB329.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trkBCDD.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trkC90B.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trkE060.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\wmplog00.sqm => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\wmsetup.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~974.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~BA79.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~CC72.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF085425D310BCC631.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF25A1988DF6BDA30C.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF2E7BB8121E5875D8.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF4208E55AE08182F0.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF5079851FB6D8E180.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF5742275B6F1B551D.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF5EA254D9D51FF67B.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF69CD22D8ABC6D8D5.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF6BF357123ED0E91F.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF7682CD102E5E2C91.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF7B63CB1D558DD47D.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF9697D9A2BB4F204B.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF98D708FFD28AA09B.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF9FC14E6F553AFE20.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DFA0159CAFE5D72A4A.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DFA68584708468BA9C.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DFBA44BDBB84272F9B.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DFD0F88BC7B5FC424F.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DFF5650427D95472E5.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DFFACCA0C3903DE2D5.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DFFF33B2FBA28102E5.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~E0EE.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\Word8.0\MSForms.exd => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\msohtmlclip1\01\clip_colorschememapping.xml => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\msohtmlclip1\01\clip_themedata.thmx => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\Low\dat9334.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\Low\dat944E.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\Low\datAB9A.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\Low\JavaDeployReg.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\Low\npGarmin\4.0.4.0 Internal\Garmin Communicator Plugin Worker.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\Low\npGarmin\4.0.4.0 Internal\Garmin Communicator Plugin.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\ImageDebug\AutoPosToneMap.txt => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\avastBCLTMP\opera\default\Web Data => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\avastBCLTMP\default\Web Data => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\avastBCLTMP\chrome\Default\Web Data => Moved successfully.
Could not move "C:\Users\Marketa\AppData\Local\Temp" directory. => Scheduled to move on reboot.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched => Error: No automatic fix found for this entry.
C:\Program Files\Common Files\Java\Java Update\jusched.exe => Moved successfully.
Ran by Marketa at 2014-11-28 17:45:20 Run:1
Running from C:\Users\Marketa\Desktop
Loaded Profile: Marketa (Available profiles: Marketa)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
URLSearchHook: HKU\S-1-5-21-730507215-887370363-3937766701-1001 - (No Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll ()
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-730507215-887370363-3937766701-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
BHO: No Name -> {a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
C:\Program Files\Google\Google Toolbar
BHO: No Name -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> No File
BHO: No Name -> {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} -> No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - No Name - {cd1a63ba-a08c-431b-9a34-f240aadc728d} - No File
Toolbar: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> No Name - {CD1A63BA-A08C-431B-9A34-F240AADC728D} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
S1 A2DDA; \??\G:\RUN\a2ddax86.sys [X]
S3 cleanhlp; \??\G:\Run\cleanhlp32.sys [X]
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job
C:\Users\Marketa\AppData\Local\Temp
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
End
*****************
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => Key deleted successfully.
"HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => Key deleted successfully.
"HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => Key deleted successfully.
"HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => Key deleted successfully.
"HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
HKU\S-1-5-21-730507215-887370363-3937766701-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} => value deleted successfully.
"HKCR\CLSID\{5bcf818d-78c8-41b8-ba89-65c5fdac4fc4}" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-730507215-887370363-3937766701-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}" => Key deleted successfully.
"HKCR\CLSID\{75b4241f-171e-44a3-bf44-23613b6e3e03}" => Key not found.
"HKU\S-1-5-21-730507215-887370363-3937766701-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}" => Key deleted successfully.
"HKCR\CLSID\{75b4241f-171e-44a3-bf44-23613b6e3e03}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797}" => Key deleted successfully.
"HKCR\CLSID\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
C:\Program Files\Google\Google Toolbar => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}" => Key deleted successfully.
"HKCR\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}" => Key deleted successfully.
"HKCR\CLSID\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{cd1a63ba-a08c-431b-9a34-f240aadc728d} => value deleted successfully.
"HKCR\CLSID\{cd1a63ba-a08c-431b-9a34-f240aadc728d}" => Key not found.
HKU\S-1-5-21-730507215-887370363-3937766701-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CD1A63BA-A08C-431B-9A34-F240AADC728D} => value deleted successfully.
"HKCR\CLSID\{CD1A63BA-A08C-431B-9A34-F240AADC728D}" => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key Deleted successfully.
A2DDA => Service deleted successfully.
cleanhlp => Service deleted successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job => Moved successfully.
"C:\Users\Marketa\AppData\Local\Temp" directory move:
C:\Users\Marketa\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\adwcleaner.db => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\BatteryBarSetup-3.6.4.exe => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\chrome_installer.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera24.0.1558.64opera_autoupdate.download.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera24.0.1558.64opera_autoupdate.metrics.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera25.0.1614.50opera_autoupdate.download.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera25.0.1614.50opera_autoupdate.metrics.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera25.0.1614.63opera_autoupdate.download.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera25.0.1614.63opera_autoupdate.metrics.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera25.0.1614.68opera_autoupdate.download.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera25.0.1614.68opera_autoupdate.metrics.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera25.0.1614.71opera_autoupdate.download.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera25.0.1614.71opera_autoupdate.metrics.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera26.0.1656.24opera_autoupdate.download.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CProgram FilesOpera26.0.1656.24opera_autoupdate.metrics.lock => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR10B3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1180.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR120B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1228.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR123B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1245.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1286.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR12AB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR12E5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1371.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR140D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR155A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1582.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR15A2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR15E2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR17A8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1801.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1814.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1838.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1876.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR191B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR194A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1976.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1988.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR19B9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR19EA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1A79.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1B20.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1B8F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1BAD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1BD1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1BF8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1C06.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1C4F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1C58.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1CD3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1D5F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1D8E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1DAE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1DC3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1E3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1E3F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1E7B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1EB6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1F0B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1F91.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1FA3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR1FCF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR201.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2043.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2063.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR208C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR20C0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR20C4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR20EA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2107.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2166.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR21A9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR21E2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2230.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR22A1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR22CD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR231.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2386.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR23B5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR23D5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR254B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR259A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR25E7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2684.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2723.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2740.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR27A3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR27B0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR27EA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2800.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR289A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2922.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2986.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR299F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2A1D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2A2B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2C0E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2C1D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2C4E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2CD1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2D1A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2D37.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2D5C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2D68.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2E0C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2EDE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2F0D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR2FF4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3120.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3126.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR314D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3152.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR31B9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR31C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR322B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR339E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR33AC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR33B0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR33B9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR342B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR342C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR343A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3479.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR352D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR35CF.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR368B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR36AA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3717.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3840.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR38DB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3949.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR39E5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR39F0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR39F4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3A24.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3A30.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3A76.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3A90.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3ACE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3AD4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3ADF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3B79.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3BD7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3BD9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3BEA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3C36.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3C64.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3CE0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3D05.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3D1F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3DDA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3DF1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3E08.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3E66.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3E66.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3E7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3E95.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3F42.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3FD2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR3FED.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4088.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4145.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4161.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4183.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4193.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR41B0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4200.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR423F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR424C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR425.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4254.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR425F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR42A6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR42AB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR42CA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR42CD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR42E9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4327.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4328.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4365.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR43D2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR43E2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR43F9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4411.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4430.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR463.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4662.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR473F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR47C8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4817.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4836.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4836.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4930.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR494F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4965.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4980.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR49EB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4A14.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4AE2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4AE5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4AF4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4B61.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4B81.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4CA8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4D16.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4D27.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4D7A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4DA2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4E1F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4E9C.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4ED2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4EFB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4F12.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4F2E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4F76.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR4FE7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR50E1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5113.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5135.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR514A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5162.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR516D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5188.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5215.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5325.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR536C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5502.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5503.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5504.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5523.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5541.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR555F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR55BE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5602.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5612.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR56E5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR56E8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR56F5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5753.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5793.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR583.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR583D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR588B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR58E9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5979.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR597C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR59A3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR59C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR59C3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR59DE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5A40.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5A4F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5A74.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5AC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5ADB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5B21.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5B88.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5B89.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5C10.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5C7C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5C81.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5CC3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5D4B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5D4C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5D7A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5D9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5EA3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5F11.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5F12.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5F2F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5F3D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR5FAD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6039.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6058.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6067.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR60A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6104.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR61CF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR621C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR623B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR628A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR628F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR62B8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR62C8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR62D7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR62F7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR62FA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6392.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR641E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR646F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6492.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR64D2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR64DA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR64E8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR650C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR653E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR65B4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR65E6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR65F4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6642.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR667.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6759.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6796.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR679E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR67F6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6863.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR68A1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR68C0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR68D0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6992.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR69F3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6B4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6B41.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6B52.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6B6F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6C3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6C78.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6D43.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6E0E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6EAA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6F31.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6F36.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR6F65.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR704F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR70EC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR70FA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR711F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7139.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR71D5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7234.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7261.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR732C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7446.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR748A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR74D0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7510.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR757E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR75F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR767B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR767C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR76BD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR76D4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR770.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7732.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7752.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR78CA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR78D8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7973.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR79B7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR79E0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7A6D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7ABD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7AE1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7B0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7B1D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7BA4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7BA5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7BE5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7C7F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7C80.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7CDC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7CE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7D0D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7D51.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7D5C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7DA1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7DB7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7DC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7E63.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7EC3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7F3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7FBC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7FEB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR7FFC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8059.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR807A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8160.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8172.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR81CF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR81EB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR82A6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR82C6.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR82C6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR82F7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR832A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8352.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8361.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8362.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8362.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8385.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR83EE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR845E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR85B4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR869F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR86BC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR86C4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR870A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR870C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR878.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8787.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR87FC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8832.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8844.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8861.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8913.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR89C8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR89F2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8A7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8AA5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8AE6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8B1F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8CD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8D02.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8D35.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8D41.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8DB4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8DD1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8E41.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8EA7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8F56.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8F5A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR8FF0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR900E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR903D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR90B1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR90BC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR91B8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR91D3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9221.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9232.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9265.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR926D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR926F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9285.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9321.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR932A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9338.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9378.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9433.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9436.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR94B0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR94B6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR95D8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR96E1.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR96E1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR96F1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9740.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR979D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR97DD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR97EB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9829.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9924.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9975.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR997D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9990.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR99A0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR99DC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR99EA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR99F3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9A5B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9B38.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9B64.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9B84.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9BA1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9BC2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9BCD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9BD3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9BF7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9C30.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9C5E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9CF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9D38.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9E33.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9F1C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVR9FF8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA025.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA069.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA0E0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA12E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA134.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA16E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA1AB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA1DE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA2C4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA2F8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA31F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA321.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA3D8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA3DF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA409.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA40C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA4BB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA4C6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA535.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA559.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA569.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA5A1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA5B5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA5DF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA610.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA68F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA6BA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA708.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA7D5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA812.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA851.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA860.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA8E0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA8EB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA929.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA9D5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRA9E5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAA16.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAA2C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAAA0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAACF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAB4B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAB5B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAB9D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRABD8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRABDF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRABF2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAC08.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAC45.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAD9B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAE0D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAE19.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAE2B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAE68.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAF2A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAF61.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAF91.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAFAF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRAFE4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB01C.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB01C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB08B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB116.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB174.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB1B1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB1E1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB1E3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB1EF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB206.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB20F.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB20F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB226.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB25F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB309.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB3B4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB431.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB433.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB46.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB460.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB47B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB480.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB498.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB4AF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB4EB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB4FD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB50C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB54D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB605.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB6DA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB7CB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB827.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB848.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB86.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB885.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB8D7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB8D9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB988.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRB9BD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBA59.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBA78.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBA7A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBAA7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBB00.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBB92.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBBC1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBC0D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBC3F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBC42.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBC43.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBC7C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBCC9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBDF4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBE9E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBEAC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBEBC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRBFC5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC003.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC053.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC0B7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC0EF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC10D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC1A9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC1CB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC1F8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC236.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC245.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC26.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC27.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC283.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC284.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC2A3.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC2A3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC336.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC35E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC38E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC3F0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC41A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC43A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC4F3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC505.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC56C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC5EE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC5FC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC604.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC63C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC64B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC67B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC6AA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC6D7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC725.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC766.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC773.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC779.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC822.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC922.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC9D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRC9F9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCA02.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCA50.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCA50.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCA7F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCA8E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCAF1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCB4B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCB5A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCB9A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCBC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCBF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCBF5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCC02.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCC78.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCC79.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCCCF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCCEF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCD4C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCE17.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCE26.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRCED3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD02B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD0BC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD1A3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD22D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD23F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD2BA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD2C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD306.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD309.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD364.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD364.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD374.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD3B7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD3D2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD408.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD427.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD47E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD4AC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD51C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD52B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD538.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD558.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD55B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD568.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD56B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD5A6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD5EE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD672.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD693.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD700.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD73C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD75A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD7C3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD7FE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD873.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD901.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD94E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD956.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD9BE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRD9EB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDB29.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDBBE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDBF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDC41.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDC5A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDC98.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDCB7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDCD6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDCDE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDD07.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDD5A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDD63.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDD91.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDE57.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDE7C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDE8B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDE9B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDED9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDEDF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDF49.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRDF6A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE00.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE021.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE056.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE063.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE070.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE072.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE08E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE09D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE102.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE12D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE1E4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE252.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE2CF.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE45.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE476.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE502.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE52.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE55E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE57E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE58C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE5B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE5DB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE5DC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE60D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE62B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE678.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE687.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE68D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE6CB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE703.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE704.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE704.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE71.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE81.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE926.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE985.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE9C2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE9C9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE9E1.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRE9FB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREA3F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREAC2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREB2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREBDA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREC49.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREC52.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREC8F.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRECDE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREDBA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREDC7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREE4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREE55.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREE66.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREE86.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREEE.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREF16.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVREFE9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF056.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF076.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF095.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF131.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF1CD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF1F2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF212.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF26B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF286.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF288.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF2CC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF2D7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF2DD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF2ED.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF354.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF375.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF393.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF393.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF3A2.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF3F0.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF4A7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF4C9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF4E8.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF565.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF598.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF5B3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF604.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF60E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF69D.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF6FB.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF70C.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF71A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF759.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF862.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF876.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF890.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF8BF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF8F6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF9A9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRF9DA.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFA55.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFA6.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFA64.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFAA.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFAC3.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFB03.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFB9.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFB90.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFBC.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFBCD.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFC0A.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFC29.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFC2B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFC4E.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFC58.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFCD5.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFCFF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFD29.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFDB4.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFDCF.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFE46.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFE7B.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFE89.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFED7.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFF50.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\CVRFF64.tmp.cvr => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\DMID92E.tmp => Moved successfully.
Could not move "C:\Users\Marketa\AppData\Local\Temp\etilqs_T7Sy08jVzIrBENA" => Scheduled to move on reboot.
Could not move "C:\Users\Marketa\AppData\Local\Temp\etilqs_Tn15d4XUfGbr0yW" => Scheduled to move on reboot.
C:\Users\Marketa\AppData\Local\Temp\EULA.txt => Moved successfully.
Could not move "C:\Users\Marketa\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Marketa\AppData\Local\Temp\FXSTIFFDebugLogFile.txt => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\gomtemp.smi => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\HPSF_T000.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\HPSF_T001.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\HPSF_T002.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\HPSF_T003.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\HPSF_T004.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\HPSF_T005.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\HPSF_T006.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\HPSF_T007.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\HPSF_T008.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\modules00 => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\modules11 => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\ochelper.exe => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\opera_crashreporter.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\RedboxLog.txt => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\StructuredQuery.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trk22DC.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trk3D7D.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trk58C.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trk58FD.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trk5C15.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trk5DAC.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trk6655.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trk825E.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trkAF54.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trkB329.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trkBCDD.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trkC90B.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\trkE060.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\wmplog00.sqm => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\wmsetup.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~974.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~BA79.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~CC72.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF085425D310BCC631.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF25A1988DF6BDA30C.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF2E7BB8121E5875D8.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF4208E55AE08182F0.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF5079851FB6D8E180.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF5742275B6F1B551D.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF5EA254D9D51FF67B.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF69CD22D8ABC6D8D5.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF6BF357123ED0E91F.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF7682CD102E5E2C91.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF7B63CB1D558DD47D.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF9697D9A2BB4F204B.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF98D708FFD28AA09B.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DF9FC14E6F553AFE20.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DFA0159CAFE5D72A4A.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DFA68584708468BA9C.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DFBA44BDBB84272F9B.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DFD0F88BC7B5FC424F.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DFF5650427D95472E5.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DFFACCA0C3903DE2D5.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~DFFF33B2FBA28102E5.TMP => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\~E0EE.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\Word8.0\MSForms.exd => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\msohtmlclip1\01\clip_colorschememapping.xml => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\msohtmlclip1\01\clip_themedata.thmx => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\Low\dat9334.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\Low\dat944E.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\Low\datAB9A.tmp => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\Low\JavaDeployReg.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\Low\npGarmin\4.0.4.0 Internal\Garmin Communicator Plugin Worker.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\Low\npGarmin\4.0.4.0 Internal\Garmin Communicator Plugin.log => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\ImageDebug\AutoPosToneMap.txt => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\avastBCLTMP\opera\default\Web Data => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\avastBCLTMP\default\Web Data => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\avastBCLTMP\chrome\Default\Web Data => Moved successfully.
Could not move "C:\Users\Marketa\AppData\Local\Temp" directory. => Scheduled to move on reboot.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched => Error: No automatic fix found for this entry.
C:\Program Files\Common Files\Java\Java Update\jusched.exe => Moved successfully.
-
Rudy
- Site Admin
- Příspěvky: 119556
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu logu
Smazáno. PC by již měl být čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu logu
bohuzel Avast stále nachází Win32:Rootkit-gen[Rtk]
-
Rudy
- Site Admin
- Příspěvky: 119556
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu logu
Zkuste tuto utilitu:
Stáhněte Malwarebytes Anti-Rootkit http://www.malwarebytes.org/products/mbar/
Uložte nejlépe na Plochu a rozbalte
Spusťte kliknutím na mbar
Nyní postupně klikněte na Next a Update
Po dokončení update (aktualizace) databáze klikněte opět na Next
Nechte zaškrtnute všechny tři možnosti a kliněte na Scan čímž spustíte prohledavani PC
Po dokončeni skenu (cca 5 minutek) zkontrolujte, zda-li je u všech nalezů (samozrejme pokud budou) zatržítko
Tež zkontrolujte, jestli je zatržitko u Create Restore point
Nyní klikněte na CleanUp čímž nalezenou infekci odstraníme
PC bude restartován
Složka mbar by měla obsahovat log (a zřejmě se i sám otevře) mbar-log-rok-měsíc-den (hodina-minuta-sekunda).txt, ten mi sem dejte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu logu
nic nenaslo
-
Rudy
- Site Admin
- Příspěvky: 119556
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu logu
OK. Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu logu
ComboFix 14-12-01.01 - Marketa 02.12.2014 7:36.5.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3066.1893 [GMT 1:00]
Spuštěný z: c:\users\Marketa\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\test.txt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-02 do 2014-12-02 )))))))))))))))))))))))))))))))
.
.
2014-12-02 06:52 . 2014-12-02 06:52 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-12-02 06:52 . 2014-12-02 06:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-30 10:45 . 2014-11-30 11:49 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-11-30 10:45 . 2014-11-30 10:45 119000 ----a-w- c:\windows\system32\drivers\15550B66.sys
2014-11-27 07:27 . 2014-11-20 13:39 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-26 21:22 . 2014-11-26 21:27 -------- d-----w- C:\AdwCleaner
2014-11-26 21:04 . 2014-11-28 16:52 -------- d-----w- C:\FRST
2014-11-21 05:22 . 2014-11-21 05:22 -------- d-----w- c:\windows\system32\vbox
2014-11-20 13:39 . 2014-11-20 13:39 43152 ----a-w- c:\windows\avastSS.scr
2014-11-19 09:48 . 2014-11-11 02:44 186880 ----a-w- c:\windows\system32\pku2u.dll
2014-11-19 09:47 . 2014-11-11 02:44 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-11-15 08:04 . 2014-09-19 09:23 17408 ----a-w- c:\windows\system32\credssp.dll
2014-11-13 14:52 . 2014-10-25 01:32 67584 ----a-w- c:\windows\system32\packager.dll
2014-11-13 14:52 . 2014-10-14 01:46 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-11-13 14:52 . 2014-10-14 01:56 136632 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-11-13 14:52 . 2014-10-14 01:50 523776 ----a-w- c:\windows\system32\termsrv.dll
2014-11-13 14:52 . 2014-10-14 01:50 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-11-13 14:52 . 2014-10-14 01:47 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-11-12 16:26 . 2014-11-12 16:26 -------- d-sh--w- c:\users\Marketa\AppData\Local\EmieBrowserModeList
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-02 06:42 . 2014-11-30 22:25 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6B7ED102-9627-4CF5-96D5-A4588F329F52}\offreg.dll
2014-11-30 10:28 . 2014-06-30 09:21 79576 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-30 08:06 . 2014-06-30 09:21 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-30 05:19 . 2012-04-02 03:04 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-30 05:19 . 2011-09-26 18:32 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-23 13:33 . 2011-09-14 09:28 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-21 05:22 . 2011-09-14 09:28 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-20 13:39 . 2014-04-25 18:17 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-20 13:39 . 2013-12-26 14:31 91496 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-11-20 13:39 . 2013-03-01 22:39 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-20 13:39 . 2013-03-01 22:39 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-20 13:39 . 2011-09-14 09:28 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-20 13:39 . 2012-02-25 21:34 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-04 13:30 . 2011-09-23 15:07 229000 ------w- c:\windows\system32\MpSigStub.exe
2014-11-02 04:17 . 2014-11-28 15:54 8941456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6B7ED102-9627-4CF5-96D5-A4588F329F52}\mpengine.dll
2014-10-01 10:11 . 2014-06-30 09:21 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-01 10:11 . 2014-06-30 09:21 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-25 01:40 . 2014-10-01 00:03 519680 ----a-w- c:\windows\system32\qdvd.dll
2014-09-09 21:47 . 2014-09-24 04:05 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-04 05:04 . 2014-10-15 05:09 372736 ----a-w- c:\windows\system32\rastls.dll
2010-01-26 09:11 . 2011-10-07 17:16 444283 ------w- c:\program files\Common Files\WinPcapNmap.exe
2007-02-16 13:17 . 2007-02-16 13:17 3792183 ------w- c:\program files\face2face.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-20 13:38 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2013-04-11 90624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-04 98304]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-11-21 5226600]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-10-21 21720]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="c:\program files\Garmin\Express Tray\ExpressTray.exe" [2014-04-23 122200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\HEWLET~1\IAM\Bin\APSHook.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\Marketa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
path=c:\users\Marketa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\accrdsub]
2009-06-03 14:13 400936 ------w- c:\program files\ActivIdentity\ActivClient\accrdsub.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\acevents]
2009-06-03 14:16 153640 ------w- c:\program files\ActivIdentity\ActivClient\acevents.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\actSessionUI32.exe]
2012-10-18 20:00 59064 ------w- c:\program files\ActivityMon Software\ActivityMon\actSessionUI32.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2014-08-21 16:30 959176 ------w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANT Agent]
2013-02-15 16:23 14731776 ------w- c:\program files\Garmin\ANT Agent\ANT Agent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 19:28 59240 ------w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cobian Backup 11 interface]
2012-12-05 21:08 4407808 ------w- c:\program files\Cobian Backup 11\cbInterface.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS]
2009-07-23 09:05 24848 ------w- c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp]
2014-04-23 07:26 122200 ------w- c:\program files\Garmin\Express Tray\ExpressTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR]
2009-07-16 00:51 1668664 ------w- c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2009-08-25 17:57 186904 ------w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2009-06-17 19:13 2363392 ------w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileBroadband]
2011-07-14 13:45 279552 ------w- c:\program files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCPluginUpdater]
2014-10-21 20:02 21720 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR]
2009-07-30 11:28 354360 ------w- c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2009-07-27 22:49 288312 ------w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2014-01-17 14:24 421888 ------w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
2009-05-18 11:29 3866624 ------w- c:\program files\Analog Devices\SoundMAX\SoundMAX.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2009-05-18 21:28 1314816 ------w- c:\program files\Analog Devices\Core\smax4pnp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2010-06-04 00:17 1791272 ------w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
2011-04-12 01:11 5735369 ------w- c:\program files\Vidalia Bundle\Vidalia\vidalia.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant]
2009-07-23 18:04 498744 ------w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
R2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2011-07-12 102784]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [2011-07-12 11136]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2009-07-30 45056]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2011-07-12 89856]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [2011-07-12 26624]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [2011-07-12 182272]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-11-06 102912]
R3 NETw1v32;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw1v32.sys [2009-07-20 5958656]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 PasswordBox;PasswordBox;c:\program files\PasswordBox\pbbtnService.exe [2013-11-01 67584]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-13 1120752]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-17 1343400]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2013-11-08 86304]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-06-05 436792]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-11-23 787800]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-11-21 423784]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-07 232512]
S1 RsvLock;RsvLock; [x]
S2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 207400]
S2 ActivityMon2;ActivityMon;c:\program files\ActivityMon Software\ActivityMon\svchost.exe [2012-10-18 80568]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-04 176128]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-11-20 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-11-20 70384]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-11-20 91496]
S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\AtService.exe [2009-07-29 1201400]
S2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester;c:\program files\Cobian Backup 11\cbVSCService11.exe [2012-12-05 67584]
S2 CobianBackup11;Cobian Backup 11 Gravity;c:\program files\Cobian Backup 11\cbService.exe [2012-12-05 1131008]
S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-04-23 436056]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-07-29 256544]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 26168]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-01-27 50704]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2009-06-18 635416]
S3 5U876UVC;HP Webcam [2 MP series];c:\windows\system32\DRIVERS\5U876.sys [2009-06-30 12:01 118656]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2011-07-12 73344]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
Cognizance REG_MULTI_SZ ASBroker
Bioscrypt REG_MULTI_SZ ASChannel
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11 451872 ------w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-29 07:26 1087304 ----a-w- c:\program files\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 05:19]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = local
TCP: DhcpNameServer = 10.0.0.138 192.168.1.1
TCP: Interfaces\{080FA4BF-28B2-4E7A-A306-E06364A2E9F9}: NameServer = 217.77.165.81 217.77.161.131
TCP: Interfaces\{58A95CB5-18F8-4B18-929F-C7A966324B11}: NameServer = 217.77.165.81 217.77.161.131
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
MSConfigStartUp-AcronisTibMounterMonitor - c:\program files\common files\acronis\tibmounter\tibmountermonitor.exe
MSConfigStartUp-Služba Acronis Scheduler2 - c:\program files\common files\acronis\schedule2\schedhlp.exe
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Common Files\Java\Java Update\jusched.exe
MSConfigStartUp-TrueImageMonitor - c:\program files\acronis\trueimagehome\trueimagemonitor.exe
AddRemove-SEMC OMSI Module - c:\program files\Sony Ericsson\Update Engine\uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
Binary file temp00 matches
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(5316)
c:\program files\Hewlett-Packard\IAM\Bin\ItClient.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\AEADISRV.EXE
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\windows\system32\taskhost.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Hewlett-Packard\IAM\Bin\AsGHost.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\program files\ActivityMon Software\ActivityMon\rundll32.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
.
**************************************************************************
.
Celkový čas: 2014-12-02 08:02:44 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-12-02 07:02
.
Před spuštěním: Volných bajtů: 111 336 017 920
Po spuštění: Volných bajtů: 111 298 936 832
.
- - End Of File - - EBAEB9A663D0813F7B2B239C99B97C17
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3066.1893 [GMT 1:00]
Spuštěný z: c:\users\Marketa\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\test.txt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-02 do 2014-12-02 )))))))))))))))))))))))))))))))
.
.
2014-12-02 06:52 . 2014-12-02 06:52 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-12-02 06:52 . 2014-12-02 06:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-30 10:45 . 2014-11-30 11:49 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-11-30 10:45 . 2014-11-30 10:45 119000 ----a-w- c:\windows\system32\drivers\15550B66.sys
2014-11-27 07:27 . 2014-11-20 13:39 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-26 21:22 . 2014-11-26 21:27 -------- d-----w- C:\AdwCleaner
2014-11-26 21:04 . 2014-11-28 16:52 -------- d-----w- C:\FRST
2014-11-21 05:22 . 2014-11-21 05:22 -------- d-----w- c:\windows\system32\vbox
2014-11-20 13:39 . 2014-11-20 13:39 43152 ----a-w- c:\windows\avastSS.scr
2014-11-19 09:48 . 2014-11-11 02:44 186880 ----a-w- c:\windows\system32\pku2u.dll
2014-11-19 09:47 . 2014-11-11 02:44 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-11-15 08:04 . 2014-09-19 09:23 17408 ----a-w- c:\windows\system32\credssp.dll
2014-11-13 14:52 . 2014-10-25 01:32 67584 ----a-w- c:\windows\system32\packager.dll
2014-11-13 14:52 . 2014-10-14 01:46 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-11-13 14:52 . 2014-10-14 01:56 136632 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-11-13 14:52 . 2014-10-14 01:50 523776 ----a-w- c:\windows\system32\termsrv.dll
2014-11-13 14:52 . 2014-10-14 01:50 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-11-13 14:52 . 2014-10-14 01:47 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-11-12 16:26 . 2014-11-12 16:26 -------- d-sh--w- c:\users\Marketa\AppData\Local\EmieBrowserModeList
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-02 06:42 . 2014-11-30 22:25 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6B7ED102-9627-4CF5-96D5-A4588F329F52}\offreg.dll
2014-11-30 10:28 . 2014-06-30 09:21 79576 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-30 08:06 . 2014-06-30 09:21 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-30 05:19 . 2012-04-02 03:04 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-30 05:19 . 2011-09-26 18:32 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-23 13:33 . 2011-09-14 09:28 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-21 05:22 . 2011-09-14 09:28 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-20 13:39 . 2014-04-25 18:17 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-20 13:39 . 2013-12-26 14:31 91496 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-11-20 13:39 . 2013-03-01 22:39 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-20 13:39 . 2013-03-01 22:39 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-20 13:39 . 2011-09-14 09:28 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-20 13:39 . 2012-02-25 21:34 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-04 13:30 . 2011-09-23 15:07 229000 ------w- c:\windows\system32\MpSigStub.exe
2014-11-02 04:17 . 2014-11-28 15:54 8941456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6B7ED102-9627-4CF5-96D5-A4588F329F52}\mpengine.dll
2014-10-01 10:11 . 2014-06-30 09:21 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-01 10:11 . 2014-06-30 09:21 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-25 01:40 . 2014-10-01 00:03 519680 ----a-w- c:\windows\system32\qdvd.dll
2014-09-09 21:47 . 2014-09-24 04:05 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-04 05:04 . 2014-10-15 05:09 372736 ----a-w- c:\windows\system32\rastls.dll
2010-01-26 09:11 . 2011-10-07 17:16 444283 ------w- c:\program files\Common Files\WinPcapNmap.exe
2007-02-16 13:17 . 2007-02-16 13:17 3792183 ------w- c:\program files\face2face.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-20 13:38 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2013-04-11 90624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-04 98304]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-11-21 5226600]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-10-21 21720]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="c:\program files\Garmin\Express Tray\ExpressTray.exe" [2014-04-23 122200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\HEWLET~1\IAM\Bin\APSHook.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\Marketa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
path=c:\users\Marketa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\accrdsub]
2009-06-03 14:13 400936 ------w- c:\program files\ActivIdentity\ActivClient\accrdsub.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\acevents]
2009-06-03 14:16 153640 ------w- c:\program files\ActivIdentity\ActivClient\acevents.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\actSessionUI32.exe]
2012-10-18 20:00 59064 ------w- c:\program files\ActivityMon Software\ActivityMon\actSessionUI32.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2014-08-21 16:30 959176 ------w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANT Agent]
2013-02-15 16:23 14731776 ------w- c:\program files\Garmin\ANT Agent\ANT Agent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 19:28 59240 ------w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cobian Backup 11 interface]
2012-12-05 21:08 4407808 ------w- c:\program files\Cobian Backup 11\cbInterface.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS]
2009-07-23 09:05 24848 ------w- c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp]
2014-04-23 07:26 122200 ------w- c:\program files\Garmin\Express Tray\ExpressTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR]
2009-07-16 00:51 1668664 ------w- c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2009-08-25 17:57 186904 ------w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2009-06-17 19:13 2363392 ------w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileBroadband]
2011-07-14 13:45 279552 ------w- c:\program files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCPluginUpdater]
2014-10-21 20:02 21720 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR]
2009-07-30 11:28 354360 ------w- c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2009-07-27 22:49 288312 ------w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2014-01-17 14:24 421888 ------w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
2009-05-18 11:29 3866624 ------w- c:\program files\Analog Devices\SoundMAX\SoundMAX.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2009-05-18 21:28 1314816 ------w- c:\program files\Analog Devices\Core\smax4pnp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2010-06-04 00:17 1791272 ------w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
2011-04-12 01:11 5735369 ------w- c:\program files\Vidalia Bundle\Vidalia\vidalia.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant]
2009-07-23 18:04 498744 ------w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
R2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2011-07-12 102784]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [2011-07-12 11136]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2009-07-30 45056]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2011-07-12 89856]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [2011-07-12 26624]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [2011-07-12 182272]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-11-06 102912]
R3 NETw1v32;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw1v32.sys [2009-07-20 5958656]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 PasswordBox;PasswordBox;c:\program files\PasswordBox\pbbtnService.exe [2013-11-01 67584]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-13 1120752]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-17 1343400]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2013-11-08 86304]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-06-05 436792]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-11-23 787800]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-11-21 423784]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-07 232512]
S1 RsvLock;RsvLock; [x]
S2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 207400]
S2 ActivityMon2;ActivityMon;c:\program files\ActivityMon Software\ActivityMon\svchost.exe [2012-10-18 80568]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-04 176128]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-11-20 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-11-20 70384]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-11-20 91496]
S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\AtService.exe [2009-07-29 1201400]
S2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester;c:\program files\Cobian Backup 11\cbVSCService11.exe [2012-12-05 67584]
S2 CobianBackup11;Cobian Backup 11 Gravity;c:\program files\Cobian Backup 11\cbService.exe [2012-12-05 1131008]
S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-04-23 436056]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-07-29 256544]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 26168]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-01-27 50704]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2009-06-18 635416]
S3 5U876UVC;HP Webcam [2 MP series];c:\windows\system32\DRIVERS\5U876.sys [2009-06-30 12:01 118656]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2011-07-12 73344]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
Cognizance REG_MULTI_SZ ASBroker
Bioscrypt REG_MULTI_SZ ASChannel
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11 451872 ------w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-29 07:26 1087304 ----a-w- c:\program files\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 05:19]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = local
TCP: DhcpNameServer = 10.0.0.138 192.168.1.1
TCP: Interfaces\{080FA4BF-28B2-4E7A-A306-E06364A2E9F9}: NameServer = 217.77.165.81 217.77.161.131
TCP: Interfaces\{58A95CB5-18F8-4B18-929F-C7A966324B11}: NameServer = 217.77.165.81 217.77.161.131
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
MSConfigStartUp-AcronisTibMounterMonitor - c:\program files\common files\acronis\tibmounter\tibmountermonitor.exe
MSConfigStartUp-Služba Acronis Scheduler2 - c:\program files\common files\acronis\schedule2\schedhlp.exe
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Common Files\Java\Java Update\jusched.exe
MSConfigStartUp-TrueImageMonitor - c:\program files\acronis\trueimagehome\trueimagemonitor.exe
AddRemove-SEMC OMSI Module - c:\program files\Sony Ericsson\Update Engine\uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
Binary file temp00 matches
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(5316)
c:\program files\Hewlett-Packard\IAM\Bin\ItClient.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\AEADISRV.EXE
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\windows\system32\taskhost.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Hewlett-Packard\IAM\Bin\AsGHost.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\program files\ActivityMon Software\ActivityMon\rundll32.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
.
**************************************************************************
.
Celkový čas: 2014-12-02 08:02:44 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-12-02 07:02
.
Před spuštěním: Volných bajtů: 111 336 017 920
Po spuštění: Volných bajtů: 111 298 936 832
.
- - End Of File - - EBAEB9A663D0813F7B2B239C99B97C17
A36C5E4F47E84449FF07ED3517B43A31
-
Rudy
- Site Admin
- Příspěvky: 119556
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu logu
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přtáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
Collect::
c:\windows\system32\drivers\15550B66.sys
c:\program files\face2face.exe
Driver::
SafeBoot
SbAlg
SbFsLock
15550B66
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?