Prosím pěkně o kontrolu logu Vyřešeno

[Phoe]

Vypadává mi připojení k internetu, a to trojím způsobem (pokaždé jen na chvíli a sám zase naskočí)
1. Na ikoně připojení se objeví křížek v červeném poli
2. na téže ikoně se objeví oranžový trojúhelník
3. na téže ikoně se neobjeví nic - to přibylo teď jako novinka.


Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 22:04:24, on 10. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)

FIREFOX: 39.0.3 (x86 cs)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
C:\Users\HP\Downloads\Desktop\HijackThis.exe
C:\Users\HP\TRANSLAT překladač A-Č\WDICT32.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [VMonitorVMUVC] "C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_AF07ADB424B82216064A05A2CAB71EA4] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://apps.driversupport.com
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13408 bytes

[Reklama]

[jaro3]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

[Phoe]

Děkuji za podporu.
U obou programů byly nějaké nálezy, ale nemazala jsem nic.



# AdwCleaner v4.208 - Log vytvoøen 11/08/2015 v 11:16:49
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-08-01.1 [Server]
# Operaèní system : Windows 8.1 (x64)
# Uživatelské jméno : HP - PC
# Spuštìno z : C:\Users\HP\Downloads\Desktop\AdwCleaner.exe
# Nastavení : Sken

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Nalezeno : C:\Program Files (x86)\oTweak
Složka Nalezeno : C:\ProgramData\apn
Složka Nalezeno : C:\ProgramData\PC Drivers HeadQuarters
Složka Nalezeno : C:\Users\HP\AppData\Local\DriverToolkit
Složka Nalezeno : C:\Users\HP\AppData\Local\PC_Drivers_Headquarters
Složka Nalezeno : C:\Users\HP\AppData\Local\pdfforge
Složka Nalezeno : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pxbc6iv3.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Složka Nalezeno : C:\Users\HP\AppData\Roaming\OpenCandy
Složka Nalezeno : C:\Users\HP\AppData\Roaming\Solvusoft
Soubor Nalezeno : C:\WINDOWS\System32\roboot64.exe

***** [ Naplánované úlohy ] *****

Úloha Nalezeno : Driver Detective-RTMRules
Úloha Nalezeno : Driver Detective-RTMScan
Úloha Nalezeno : Driver Detective-RTMScanRunOnce
Úloha Nalezeno : Driver Detective-RTMUpdater

***** [ Zástupci ] *****


***** [ Registry ] *****

Klíè Nalezeno : HKCU\Software\Conduit
Klíè Nalezeno : HKCU\Software\DriverSupport
Klíè Nalezeno : HKCU\Software\DriverToolkit
Klíè Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Klíè Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Klíè Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Klíè Nalezeno : HKCU\Software\oTweak
Klíè Nalezeno : [x64] HKCU\Software\Conduit
Klíè Nalezeno : [x64] HKCU\Software\DriverSupport
Klíè Nalezeno : [x64] HKCU\Software\DriverToolkit
Klíè Nalezeno : [x64] HKCU\Software\oTweak
Klíè Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Klíè Nalezeno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíè Nalezeno : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíè Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Klíè Nalezeno : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Klíè Nalezeno : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíè Nalezeno : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíè Nalezeno : [x64] HKLM\SOFTWARE\DriverSupport
Klíè Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}

***** [ Prohlížeèe ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v39.0.3 (x86 cs)


-\\ Google Chrome v44.0.2403.130

[C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Nalezeno [Homepage] : hxxp://www.seznam.cz/?clid=13014","homepage_is_newtabpage":true,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"7FD3DDBB48DF369AEA982AF52C2D4F2BEDE421AD5269F0559DBEB52B71A75C62"},"default_search_provider":{"keyword":"CFDFCF437C6F4A6D99719AB41BAC7C679EFCA1350C0FB777D8FD5335092A8AF8","name":"4730637360C9AC82236470B5844E2E5E75804ADD6CF78B12716A4C86D2E02292","search_url":"482CC94C0CFF07FFF5E2733053DE27F1294D3B091981E36E6E84470B006D2474"},"default_search_provider_data":{"template_url_data":"2E2CB8792738E268828B76F61C42084B18FF33431B486F57C42ACF1FE13CC40A"},"extensions":{"settings":{"aapocclcgogkmnckokdopfmhonfmgoek":"1EA86FC0339954151824B8734E66D90AE1E96506037C8417F19855A688C9CA28","ahfgeienlihckogmohjhadlkjgocpleb":"D62D903FD807944DCE5906DDE694CD815E6F7AF304CF7A99C4D8A40803BDC986","aohghmighlieiainnegkcijnfilokake":"9CC303E5DB3A81B0827AEAC27C9A06F64BF792CF05348635E0045C73EB5DBD52","apdfllckaahabafndbhieahigkjlhalf":"96F86D2709A72A2B11DCF76FFCE8BDBF3D6E5886C41CFBCB856D4972A162CD50","bepbmhgboaologfdajaanbcjmnhjmhfn":"BC6BE54E89CD8E788467C9818EC4A9052968AAE45C5B97424817CE8CCFC3E017","blpcfgokakmgnkcojhhkbfbldkacnbeo":"DA45EFC3935556B0775542D4922BB28EC1ADA42F8756E3CF50E8408E769EB875","cfhdojbkjhnklbpkdaibdccddilifddb":"E6CAC9E0AE8AB5C85FF73061859481605C4D6FFEE351B7D96FC58571286853DA","coobgpohoikkiipiblmjeljniedjpjpf":"D507D6788C9437A6B05C212D3BA404C62BA2FDEAC0B628ED6AB730693515893E","eemcgdkfndhakfknompkggombfjjjeno":"D199B5FFFE9C88A19DFF983B6FF7C5A39DB0B00608B49A2EBC7A0DBDD952BB5F","ennkphjdgehloodpbhlhldgbnhmacadg":"B6F5AB263BE55151EE5E5E443B40623D9DE62FDE1AFD214625666BF22EDEF681","felcaaldnbdncclmgdcncolpebgiejap":"4A55FD417DC580F8029F71CB5192ED0D76C7FEFF0A11CB42A3ADA454F8A2F23E","gfdkimpbcpahaombhbimeihdjnejgicl":"FBAAD42BAD49C1638030AA86E3BF87F3EB38105103284F07B83DE03A7C33DFEE","gighmmpiobklfepjocnamgkkbiglidom":"BF32F08B1F9CC8A9A6FB9412935E7831DEADA767678121B7FC92E56F2970D17A","kmendfapggjehodndflmmgagdbamhnfd":"445EB7854F562E7F4C9D89C0C5CDAF43EFCE8BA6F8D341765108869AF92FF661","lifbcibllhkdhoafpjfnlhfpfgnpldfl":"81B25A234B2D0AE6D73BA8E5174DD0D66162CE18FC01DB806CE02F6DF7F9670D","mfehgcgbbipciphmccgaenjidiccnmng":"3EAAF18086BB7994944327DD11BA75C275A27983A3D6091CEC3AE9A388FCEF79","mfffpogegjflfpflabcdkioaeobkgjik":"D23209BC87AE2AF5085EAF6F01D3EF2E030B46458A42F7BA8A8883B8910D3BF0","mgndgikekgjfcpckkfioiadnlibdjbkf":"656B86D4A852738052EF99BB8ED807237EFCADEBBD6877FCA1F65ADA7803D25F","mhjfbmdgcfjbbpaeojofohoefgiehjai":"71233FEA5CDAC7739DDE81B459A958FBE798BCD909EEFBF818D25B03A11A2F6A","neajdppkdcdipfabeoofebfddakdcjhd":"C28DF89C877E0E68B15897694E287448472491153B4E180C9F4518AFB95F9CE6","nkeimhogjdpnpccoofpliimaahmaaome":"690075AD6CE3EB881A93A36A85E339D2E220BA25B2B380DE585B2AFC39FD85E2","nmmhkkegccagdldgiimedpiccmgmieda":"3D5526C0F8715284D20E907FF37373E7091FC56DADBD2C5758E8387FFBC7A3A5","olfeabkoenfaoljndfecamgilllcpiak":"A63D7ACB3A786325C2FE02B33D632104A4294498DA9BEF14B5525A2EEFAD5C35","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"6C4DB381FEF7179DF3E06CC6C2B7DC294DBFB632B7D16966A4F35637E9211D8E","pjkljhegncpnkpknbcohdijeoejaedia":"B601E8C4A90F4B75857195F701089DCD2D4C9A658954EE0B8EBB87414CA5B8CF"}},"google":{"services":{"account_id":"E33175E60EBA4F286CA087CBB64186881C86E7565E3A734FF934A23701B90D95","last_username":"32153A3703F6396CA7B5B52F13E77A08CEAFAA68C27D34803599DCE6C544E622","username":"30B4FF79D5426E6BE36058FA98E1416EA9C01BAB46586003575D1A74479CF930"}},"homepage":"530BD6916A2CD18DA559296CB4F8EBE92FEAF7A5B97D8026C42063CBAD0D7B86","homepage_is_newtabpage":"FD9897B953778DE0E08DCDF4867360A19C43A034A00B70D12DDDC0ADD8445967","pinned_tabs":"7D933722FBE629E04041AAF8FBB2323AA654579F27CF08E8F819312BD38D23EC","prefs":{"preference_reset_time":"2312C75B99FA3FB8D9591A2A9C5E19B0C09F7A0D6C49ED9E1C47F9FC45D48156"},"profile":{"reset_prompt_memento":"569566585E6A8167F03B41E470C7DD481BD7D9A3B7B6A75ACB6D92D64BD84B77"},"safebrowsing":{"incidents_sent":"DAE42EE514E86B46ACF348072C9A5F80DD4E51219AE8C412A49AA53CB6A53A05"},"search_provider_overrides":"ADC3F9D2B1BFD2EFD4D7092777795F6B4BF206B206F497C0BDBBEDBD0F7A7358","session":{"restore_on_startup":"77C6FF2461FAF981599D5940B06A19CB63A78DEA3DE43444ABF4B2A8E67C9965","startup_urls":"927C2963E06D4DDB0E269EF2F96F761B58B4358E7E7F180D81E6BDE921677FB9"},"software_reporter":{"prompt_reason":"00BFA1C56B07E3BCEE22EB1577FCCC081B24545B44E0BCC3D13017C862943797","prompt_seed":"7515E85EB7F978BBD88EFD2D1DA7D4DD40129097CC5089060AE30FE5FC762B45","prompt_version":"5D4188F4CEE7E0CFE8E96223AADC8F715936792B01487158A97E5461D42DEF89"},"sync":{"remaining_rollback_tries":"36B4F9092C8EF06E9731524796323A4FD1E590576231FFE6DA89D401151B8C3F"}},"super_mac":"F1C5732EE0A9ADC5873DF48F4612A948FFA1266AD2568E97429A247AA75D45D7"},"session":{"restore_on_startup":1,"startup_urls":["hxxp://www.search.ask.com/?tpid=ATU4-V7C&o=APN11391&pf=V7&trgb=CR&p2=%5EBAY%5EYYYYYY%5EYY%5ECZ&gct=hp&apn_ptnrs=%5EBAY&apn_dtid=%5EYYYYYY%5EYY%5ECZ&apn_dbr=cr_34.0.1847.116&apn_uid=D5153F98-6E6F-42D2-BE57-8EEA073AEBAF&itbv=12.10.6.5029&doi=2014-04-17&psv=
[C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Nalezeno [Startup_URLs] : 927C2963E06D4DDB0E269EF2F96F761B58B4358E7E7F180D81E6BDE921677FB9"},"software_reporter":{"prompt_reason":"00BFA1C56B07E3BCEE22EB1577FCCC081B24545B44E0BCC3D13017C862943797","prompt_seed":"7515E85EB7F978BBD88EFD2D1DA7D4DD40129097CC5089060AE30FE5FC762B45","prompt_version":"5D4188F4CEE7E0CFE8E96223AADC8F715936792B01487158A97E5461D42DEF89"},"sync":{"remaining_rollback_tries":"36B4F9092C8EF06E9731524796323A4FD1E590576231FFE6DA89D401151B8C3F"}},"super_mac":"F1C5732EE0A9ADC5873DF48F4612A948FFA1266AD2568E97429A247AA75D45D7"},"session":{"restore_on_startup":1,"startup_urls":["hxxp://www.search.ask.com/?tpid=ATU4-V7C&o=APN11391&pf=V7&trgb=CR&p2=%5EBAY%5EYYYYYY%5EYY%5ECZ&gct=hp&apn_ptnrs=%5EBAY&apn_dtid=%5EYYYYYY%5EYY%5ECZ&apn_dbr=cr_34.0.1847.116&apn_uid=D5153F98-6E6F-42D2-BE57-8EEA073AEBAF&itbv=12.10.6.5029&doi=2014-04-17&psv=

*************************

AdwCleaner[R0].txt - [9035 bytù] - [11/08/2015 11:16:49]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9093 bytù] #########



Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 11. 8. 2015
Čas skenování: 11:32
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.11.04
Databáze rootkitů: v2015.08.06.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: HP

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 384696
Uplynulý čas: 18 min, 52 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 3
PUP.Optional.OpenCandy, C:\Users\HP\AppData\Roaming\OpenCandy, , [e8a846c1dab1ba7c249803ded13121df],
PUP.Optional.OpenCandy, C:\Users\HP\AppData\Roaming\OpenCandy\32FAFB69811040F18D3413183F3D6A2A, , [e8a846c1dab1ba7c249803ded13121df],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, , [a6ea8483a7e49a9cc3278b852dd6817f],

Soubory: 2
PUP.Optional.OutBrowse, C:\Users\HP\Downloads\Nepotvrzeno 478768.crdownload, , [d6ba4bbce4a7ad893ef6ea8762a01be5],
PUP.Optional.OpenCandy, C:\Users\HP\AppData\Roaming\OpenCandy\32FAFB69811040F18D3413183F3D6A2A\AVG-PC-TuneUp2015_CS_2200604.exe, , [e8a846c1dab1ba7c249803ded13121df],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[memphisto]

V Mbam i Adw nech vše smazat a dodej logy po smazání

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

[Phoe]

# AdwCleaner v4.208 - Log vytvoøen 11/08/2015 v 13:22:48
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-08-01.1 [Server]
# Operaèní system : Windows 8.1 (x64)
# Uživatelské jméno : HP - PC
# Spuštìno z : C:\Users\HP\Downloads\Desktop\DG poèítaèe\HijackThis\AdwCleaner.exe
# Nastavení : Èištìní

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\apn
Složka Smazáno : C:\ProgramData\PC Drivers HeadQuarters
Složka Smazáno : C:\Program Files (x86)\oTweak
Složka Smazáno : C:\Users\HP\AppData\Local\pdfforge
Složka Smazáno : C:\Users\HP\AppData\Local\DriverToolkit
Složka Smazáno : C:\Users\HP\AppData\Local\PC_Drivers_Headquarters
Složka Smazáno : C:\Users\HP\AppData\Roaming\Solvusoft
Složka Smazáno : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pxbc6iv3.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Soubor Smazáno : C:\WINDOWS\System32\roboot64.exe

***** [ Naplánované úlohy ] *****

Úloha Smazáno : Driver Detective-RTMRules
Úloha Smazáno : Driver Detective-RTMScan
Úloha Smazáno : Driver Detective-RTMScanRunOnce
Úloha Smazáno : Driver Detective-RTMUpdater

***** [ Zástupci ] *****


***** [ Registry ] *****

Klíè Smazáno : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Klíè Smazáno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíè Smazáno : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíè Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Klíè Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Klíè Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Klíè Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Klíè Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Klíè Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíè Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíè Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Klíè Smazáno : HKCU\Software\Conduit
Klíè Smazáno : HKCU\Software\DriverSupport
Klíè Smazáno : HKCU\Software\oTweak
Klíè Smazáno : HKCU\Software\DriverToolkit
Klíè Smazáno : [x64] HKLM\SOFTWARE\DriverSupport

***** [ Prohlížeèe ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v39.0.3 (x86 cs)


-\\ Google Chrome v44.0.2403.130

[C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] :
[C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Startup_URLs] : 927C2963E06D4DDB0E269EF2F96F761B58B4358E7E7F180D81E6BDE921677FB9"},"software_reporter":{"prompt_reason":"00BFA1C56B07E3BCEE22EB1577FCCC081B24545B44E0BCC3D13017C862943797","prompt_seed":"7515E85EB7F978BBD88EFD2D1DA7D4DD40129097CC5089060AE30FE5FC762B45","prompt_version":"5D4188F4CEE7E0CFE8E96223AADC8F715936792B01487158A97E5461D42DEF89"},"sync":{"remaining_rollback_tries":"36B4F9092C8EF06E9731524796323A4FD1E590576231FFE6DA89D401151B8C3F"}},"super_mac":"65CCF75687D8273C538AEE86FA0C473EA6D3E38FFEB5406A4917851EBB4DC91F"},"session":{"restore_on_startup":1,"startup_urls":["hxxp://www.search.ask.com/?tpid=ATU4-V7C&o=APN11391&pf=V7&trgb=CR&p2=%5EBAY%5EYYYYYY%5EYY%5ECZ&gct=hp&apn_ptnrs=%5EBAY&apn_dtid=%5EYYYYYY%5EYY%5ECZ&apn_dbr=cr_34.0.1847.116&apn_uid=D5153F98-6E6F-42D2-BE57-8EEA073AEBAF&itbv=12.10.6.5029&doi=2014-04-17&psv=

*************************

AdwCleaner[R0].txt - [9207 bytù] - [11/08/2015 11:16:49]
AdwCleaner[R1].txt - [9288 bytù] - [11/08/2015 12:32:48]
AdwCleaner[R2].txt - [9289 bytù] - [11/08/2015 13:21:50]
AdwCleaner[S0].txt - [3957 bytù] - [11/08/2015 13:22:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4015 bytù] ##########


Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 11. 8. 2015
Čas skenování: 12:57
Protokol: malwarebytes log.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.11.05
Databáze rootkitů: v2015.08.06.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: HP

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 384318
Uplynulý čas: 15 min, 30 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)


R o g u e K i l l e r V 1 0 . 9 . 4 . 0 ( x 6 4 ) [ J u l 3 0 2 0 1 5 ] b y A d l i c e S o f t w a r e

m a i l : h t t p : / / w w w . a d l i c e . c o m / c o n t a c t /

F e e d b a c k : h t t p : / / f o r u m . a d l i c e . c o m

W e b o v á s t r á n k a : h t t p : / / w w w . a d l i c e . c o m / s o f t w a r e s / r o g u e k i l l e r /

B l o g : h t t p : / / w w w . a d l i c e . c o m



O p e r a
n í s y s t é m : W i n d o w s 8 . 1 ( 6 . 3 . 9 2 0 0 ) 6 4 b i t s v e r s i o n

S p u a t n o : N o r m á l n í r e ~ i m

U ~ i v a t e l : H P [ P r á v a s p r á v c e ]

S t a r t e d f r o m : C : \ U s e r s \ H P \ D o w n l o a d s \ D e s k t o p \ R o g u e K i l l e r X 6 4 . e x e

M ó d : P r o h l e d a t - - D a t u m : 0 8 / 1 1 / 2 0 1 5 1 4 : 0 0 : 1 8



¤ ¤ ¤ P r o c e s y : 0 ¤ ¤ ¤



¤ ¤ ¤ R e g i s t r y : 9 ¤ ¤ ¤

[ S u s p i c i o u s . P a t h ] ( X 8 6 ) H K E Y _ L O C A L _ M A C H I N E \ S o f t w a r e \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n | V M o n i t o r V M U V C : " C : \ P r o g r a m F i l e s ( x 8 6 ) \ V i m i c r o C o r p o r a t i o n \ V M U V C \ V M o n i t o r . e x e " V M U V C [ - ] [ - ] - > N a l e z e n o

[ P U M . H o m e P a g e ] ( X 6 4 ) H K E Y _ L O C A L _ M A C H I N E \ S o f t w a r e \ M i c r o s o f t \ I n t e r n e t E x p l o r e r \ M a i n | S t a r t P a g e : h t t p : / / w w w . b i n g . c o m ? p c = H P D T D F J S - > N a l e z e n o

[ P U M . H o m e P a g e ] ( X 6 4 ) H K E Y _ L O C A L _ M A C H I N E \ S o f t w a r e \ M i c r o s o f t \ I n t e r n e t E x p l o r e r \ M a i n | D e f a u l t _ P a g e _ U R L : h t t p : / / w w w . b i n g . c o m ? p c = H P D T D F J S - > N a l e z e n o

[ P U M . H o m e P a g e ] ( X 6 4 ) H K E Y _ U S E R S \ S - 1 - 5 - 2 1 - 1 7 0 2 7 8 1 8 6 9 - 1 1 8 1 9 8 5 8 0 5 - 5 7 4 1 1 4 5 3 1 - 1 0 0 1 \ S o f t w a r e \ M i c r o s o f t \ I n t e r n e t E x p l o r e r \ M a i n | D e f a u l t _ P a g e _ U R L : h t t p : / / w w w . b i n g . c o m ? p c = H P D T D F J S - > N a l e z e n o

[ P U M . H o m e P a g e ] ( X 8 6 ) H K E Y _ U S E R S \ S - 1 - 5 - 2 1 - 1 7 0 2 7 8 1 8 6 9 - 1 1 8 1 9 8 5 8 0 5 - 5 7 4 1 1 4 5 3 1 - 1 0 0 1 \ S o f t w a r e \ M i c r o s o f t \ I n t e r n e t E x p l o r e r \ M a i n | D e f a u l t _ P a g e _ U R L : h t t p : / / w w w . b i n g . c o m ? p c = H P D T D F J S - > N a l e z e n o

[ P U M . D n s ] ( X 6 4 ) H K E Y _ L O C A L _ M A C H I N E \ S y s t e m \ C u r r e n t C o n t r o l S e t \ S e r v i c e s \ T c p i p \ P a r a m e t e r s | D h c p N a m e S e r v e r : 2 1 3 . 4 6 . 1 7 2 . 3 6 2 1 3 . 4 6 . 1 7 2 . 3 7 ( [ C Z E C H R E P U B L I C ( C Z ) ] [ - ] ) - > N a l e z e n o

[ P U M . D n s ] ( X 6 4 ) H K E Y _ L O C A L _ M A C H I N E \ S y s t e m \ C o n t r o l S e t 0 0 1 \ S e r v i c e s \ T c p i p \ P a r a m e t e r s | D h c p N a m e S e r v e r : 2 1 3 . 4 6 . 1 7 2 . 3 6 2 1 3 . 4 6 . 1 7 2 . 3 7 ( [ C Z E C H R E P U B L I C ( C Z ) ] [ - ] ) - > N a l e z e n o

[ P U M . D n s ] ( X 6 4 ) H K E Y _ L O C A L _ M A C H I N E \ S y s t e m \ C u r r e n t C o n t r o l S e t \ S e r v i c e s \ T c p i p \ P a r a m e t e r s \ I n t e r f a c e s \ { 8 D 1 2 C F C 4 - 4 8 5 A - 4 5 F 1 - 9 7 E E - 0 5 9 4 8 5 3 5 5 E 1 6 } | D h c p N a m e S e r v e r : 2 1 3 . 4 6 . 1 7 2 . 3 6 2 1 3 . 4 6 . 1 7 2 . 3 7 ( [ C Z E C H R E P U B L I C ( C Z ) ] [ - ] ) - > N a l e z e n o

[ P U M . D n s ] ( X 6 4 ) H K E Y _ L O C A L _ M A C H I N E \ S y s t e m \ C o n t r o l S e t 0 0 1 \ S e r v i c e s \ T c p i p \ P a r a m e t e r s \ I n t e r f a c e s \ { 8 D 1 2 C F C 4 - 4 8 5 A - 4 5 F 1 - 9 7 E E - 0 5 9 4 8 5 3 5 5 E 1 6 } | D h c p N a m e S e r v e r : 2 1 3 . 4 6 . 1 7 2 . 3 6 2 1 3 . 4 6 . 1 7 2 . 3 7 ( [ C Z E C H R E P U B L I C ( C Z ) ] [ - ] ) - > N a l e z e n o



¤ ¤ ¤ Ú l o h y : 0 ¤ ¤ ¤



¤ ¤ ¤ S o u b o r y : 0 ¤ ¤ ¤



¤ ¤ ¤ S o u b o r H O S T S : 0 ¤ ¤ ¤



¤ ¤ ¤ A n t i r o o t k i t : 0 ( D r i v e r : N a h r á n ) ¤ ¤ ¤



¤ ¤ ¤ W e b o v é p r o h l í ~ e
e : 1 ¤ ¤ ¤

[ P U P ] [ F I R E F X : A d d o n ] p x b c 6 i v 3 . d e f a u l t : S e z n a m l i ? t i ? k a [ { e a 6 1 4 4 0 0 - e 9 1 8 - 4 7 4 1 - 9 a 9 7 - 7 a 9 7 2 f f 7 c 3 0 b } ] - > N a l e z e n o



¤ ¤ ¤ K o n t r o l a M B R : ¤ ¤ ¤

+ + + + + P h y s i c a l D r i v e 0 : T O S H I B A D T 0 1 A C A 0 5 0 + + + + +

- - - U s e r - - -

[ M B R ] 6 f 2 1 e c e 9 a 2 6 0 e 1 a 6 a f d 8 b b f a 2 5 1 d a d b c

[ B S P ] f 9 6 0 b 2 4 9 0 2 7 4 a 6 7 f b d 9 6 c d 8 0 9 3 4 e 3 d 8 7 : E m p t y | V T . U n k n o w n M B R C o d e

P a r t i t i o n t a b l e :

0 - [ S Y S T E M ] [ M A N - M O U N T ] B a s i c d a t a p a r t i t i o n | O f f s e t ( s e c t o r s ) : 2 0 4 8 | S i z e : 1 0 2 3 M B

1 - [ M A N - M O U N T ] E F I s y s t e m p a r t i t i o n | O f f s e t ( s e c t o r s ) : 2 0 9 7 1 5 2 | S i z e : 3 6 0 M B

2 - [ M A N - M O U N T ] M i c r o s o f t r e s e r v e d p a r t i t i o n | O f f s e t ( s e c t o r s ) : 2 8 3 4 4 3 2 | S i z e : 1 2 8 M B

3 - B a s i c d a t a p a r t i t i o n | O f f s e t ( s e c t o r s ) : 3 0 9 6 5 7 6 | S i z e : 4 6 4 1 4 9 M B

4 - [ S Y S T E M ] [ M A N - M O U N T ] | O f f s e t ( s e c t o r s ) : 9 5 3 6 7 3 7 2 8 | S i z e : 4 5 1 M B

5 - [ S Y S T E M ] B a s i c d a t a p a r t i t i o n | O f f s e t ( s e c t o r s ) : 9 5 4 5 9 7 3 7 6 | S i z e : 1 0 8 2 3 M B

U s e r = L L 1 . . . O K

U s e r = L L 2 . . . O K



+ + + + + P h y s i c a l D r i v e 1 : G e n e r i c F l a s h D i s k U S B D e v i c e + + + + +

- - - U s e r - - -

[ M B R ] 5 f f 2 7 4 8 3 1 d b 5 1 4 0 e c d e b f d 9 d b 7 a e 7 d 9 8

[ B S P ] 0 d 8 8 c 3 d f 4 3 f d 4 8 4 a e 2 8 7 0 3 c 4 a c f 4 c a 4 a : U n k n o w n | V T . U n k n o w n M B R C o d e

P a r t i t i o n t a b l e :

0 - [ A C T I V E ] F A T 3 2 ( 0 x b ) [ V I S I B L E ] O f f s e t ( s e c t o r s ) : 2 0 4 8 | S i z e : 7 8 0 0 M B

U s e r = L L 1 . . . O K

E r r o r r e a d i n g L L 2 M B R ! ( [ 3 2 ] P o ? a d a v e k n e n í p o d p o r o v á n . )



+ + + + + P h y s i c a l D r i v e 2 : W D M y B o o k U S B D e v i c e + + + + +

- - - U s e r - - -

[ M B R ] 3 1 7 3 4 1 6 9 d d f 9 5 f 3 6 c 2 2 8 3 2 e e d 7 d d 0 0 d 4

[ B S P ] 0 a a 7 b 4 7 1 2 6 4 5 7 2 4 2 a e 6 7 e a 7 9 1 b 4 9 5 8 5 d : W i n d o w s X P M B R C o d e

P a r t i t i o n t a b l e :

0 - [ A C T I V E ] N T F S ( 0 x 7 ) [ V I S I B L E ] O f f s e t ( s e c t o r s ) : 6 3 | S i z e : 4 7 6 9 3 7 M B [ W i n d o w s X P B o o t s t r a p | W i n d o w s X P B o o t l o a d e r ]

U s e r = L L 1 . . . O K

E r r o r r e a d i n g L L 2 M B R ! ( [ 3 2 ] P o ? a d a v e k n e n í p o d p o r o v á n . )



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.5 (08.05.2015:1)
OS: Windows 8.1 x64
Ran by HP on £t 11. 08. 2015 at 14:07:52,09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Driver Booster Scan
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Driver Booster SkipUAC (HP)
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Driver Booster Update
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Driver Detective
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\DriverToolkit Autorun
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Uninstaller_SkipUac_HP
Successfully deleted: [Task] C:\WINDOWS\Tasks\DriverToolkit Autorun.job
Successfully deleted: [Task] C:\WINDOWS\Tasks\Uninstaller_SkipUac_HP.job



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_AF07ADB424B82216064A05A2CAB71EA4



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{36F93C00-0AD8-449D-AF2F-3EF07B391CB8}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\driver booster 2
Successfully deleted: [Folder] C:\ProgramData\productdata
Successfully deleted: [Folder] C:\Users\HP\AppData\Roaming\iobit\driver booster
Successfully deleted: [Folder] C:\Users\HP\AppData\Roaming\media freeware
Successfully deleted: [Folder] C:\Users\HP\AppData\Roaming\productdata



~~~ FireFox

Successfully deleted: [Folder] C:\Users\HP\AppData\Roaming\mozilla\firefox\profiles\pxbc6iv3.default\extensions\iobitascsurfingprotection@iobit.com
Successfully deleted the following from C:\Users\HP\AppData\Roaming\mozilla\firefox\profiles\pxbc6iv3.default\prefs.js

user_pref(extensions.xpiState, {\app-profile\:{\iobitascsurfingprotection@iobit.com\:{\d\:\C:\\\\Users\\\\HP\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\



~~~ Chrome

Successfully deleted: [Folder] C:\Users\HP\Appdata\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak

[C:\Users\HP\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\HP\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
olfeabkoenfaoljndfecamgilllcpiak

[C:\Users\HP\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\HP\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
olfeabkoenfaoljndfecamgilllcpiak
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on £t 11. 08. 2015 at 14:10:18,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by HP on £t 11. 08. 2015 at 14:16:09,28.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\HP\Downloads\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

11. 8. 2015 14:18:03 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Conceptworld deleted successfully
C:\PROGRA~2\eBookConverter deleted successfully
C:\PROGRA~2\Softland deleted successfully
C:\PROGRA~2\COMMON~1\Sony Shared deleted successfully
C:\Program Files\Common Files\Sony Shared deleted successfully
C:\PROGRA~3\eBook Converter deleted successfully
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully
C:\Users\HP\AppData\Roaming\7 Sticky Notes deleted successfully
C:\Users\HP\AppData\Roaming\Conceptworld deleted successfully
C:\Users\HP\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\HP\AppData\Local\EmieSiteList deleted successfully
C:\Users\HP\AppData\Local\EmieUserList deleted successfully
C:\Users\HP\AppData\Local\GHISLER deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1702781869-1181985805-574114531-1001\Software\Microsoft\Internet Explorer\SearchScopes\{35C30F29-B23D-4D2C-980F-2559E9FE74D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{35C30F29-B23D-4D2C-980F-2559E9FE74D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{35C30F29-B23D-4D2C-980F-2559E9FE74D7} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1702781869-1181985805-574114531-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-21-1702781869-1181985805-574114531-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\pdf_architect_2_conv@pdfarchitect.org deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pxbc6iv3.default\prefs.js:

Added to C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pxbc6iv3.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Conceptworld not found
C:\PROGRA~2\eBookConverter not found
C:\PROGRA~2\Softland not found
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found
C:\Users\HP\AppData\Roaming\calibre deleted
C:\Users\HP\AppData\Roaming\VimeoDownloaderSettings.ini deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\HP\Downloads\bsplayer269-1079 (1).exe deleted
C:\Users\HP\Downloads\bsplayer269-1079 (2).exe deleted
C:\Users\HP\Downloads\bsplayer269-1079.exe deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\Users\HP\iobituninstaller.exe deleted
"C:\PROGRA~2\IObit Uninstaller\UninstallMenuRight.dll" deleted
"C:\PROGRA~2\IObit Uninstaller" not deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pxbc6iv3.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pxbc6iv3.default
- Download YouTube Videos as MP4 - %ProfilePath%\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pxbc6iv3.default
FD82108FD60B63010325D9AF6F00AF99 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll - Shockwave Flash


==== Chromium Look ======================

Google Chrome Version: 44.0.2403.130

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[01. 05. 2015 11:17]

AdBlock - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Seznam Lištička - Rychlá volba - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak

==== Chromium Startpages ======================

C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Preferences
X80HK+a8JralQBxqquD146jdNAeD/5nwzZ6WWTESuDJ5rsG+6XD0hLbcfQh6/5wJFMOa41PPQ9RL8Hz/3owIDAQAB","manifest_version":2,"minimum_chrome_version":"17","name":"Seznam Lištička - Rychlá volba","options_page":"core/chrome/content/settings/chrome.html#speeddial","permissions":["tabs","management","cookies","bookmarks","history","http://*/*","https://*/*","notifications","unlimitedStorage"],"update_url":"https://clients2.google.com/service/update2/crx","version":"1.7.7"},"path":"olfeabkoenfaoljndfecamgilllcpiak\\1.7.7_0","preferences":{},"regular_only_preferences":{},"state":0,"was_installed_by_default":false,"was_installed_by_oem":false},"pafkbggdmjlpgkdkcbjmhmfcdpncadgh":{"active_permissions":{"api":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate"],"explicit_host":["*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/*","https://*.googleusercontent.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["alarms.onAlarm","gcm.onMessage","identity.onSignInChanged","notifications.onButtonClicked","notifications.onClicked","notifications.onClosed","notifications.onPermissionLevelChanged","notifications.onShowSettings","runtime.onInstalled","runtime.onStartup","runtime.onSuspend","storage.onChanged"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13083766028153697","location":5,"manifest":{"background":{"persistent":false,"scripts":["utility.js","cards.js","background.js"]},"description":"Integrates Google Now into Chrome.","icons":{"128":"images/icon128.png","16":"images/icon16.png","48":"images/icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/gcm","https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleapis.com/gcm/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\44.0.2403.130\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false}}},"google":{"services":{"account_id":"jstudnicna@gmail.com","last_username":"jstudnicna@gmail.com"}},"homepage":"http://www.seznam.cz/?clid=13014","homepage_is_newtabpage":true,"pinned_tabs":[],"prefs":{"preference_reset_time":"13083768671050557"},"protection":{"macs":{"browser":{"show_home_button":"7FD3DDBB48DF369AEA982AF52C2D4F2BEDE421AD5269F0559DBEB52B71A75C62"},"default_search_provider":{"keyword":"CFDFCF437C6F4A6D99719AB41BAC7C679EFCA1350C0FB777D8FD5335092A8AF8","name":"4730637360C9AC82236470B5844E2E5E75804ADD6CF78B12716A4C86D2E02292","search_url":"482CC94C0CFF07FFF5E2733053DE27F1294D3B091981E36E6E84470B006D2474"},"default_search_provider_data":{"template_url_data":"818C3B9373F10C72C8FE9E0E4D857C2D7770C7B7C2F3749EFAC1DD7684C6462E"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"2A5DF432CBC54C6D8A9F4565EC26CB744D906093CF864FBA6C87834F87B2C2E4","bepbmhgboaologfdajaanbcjmnhjmhfn":"BC6BE54E89CD8E788467C9818EC4A9052968AAE45C5B97424817CE8CCFC3E017","cfhdojbkjhnklbpkdaibdccddilifddb":"D626FB81F12F4E4352CF874E5C99D01882F42EA805A54753169804F1448221E1","eemcgdkfndhakfknompkggombfjjjeno":"BB0CDC1F8178DD075EAB47C4FB678BC2B3234025323CEA75FD675917E4834F79","ennkphjdgehloodpbhlhldgbnhmacadg":"F2748B3642FC3EF4B713AFE2659AD404315F73872353BACE5E0D0A63082635D5","gfdkimpbcpahaombhbimeihdjnejgicl":"5A1A7770914447DECDE7686087A1D5E5A901A875A832FD955DE0CD83383CAF30","gighmmpiobklfepjocnamgkkbiglidom":"AD902D68430F2284C06D0076A7C650DED9BD700C4EF614E168F2D045E4E7F367","kmendfapggjehodndflmmgagdbamhnfd":"5F7DBFAA33B6735162B3EBC67CDB2219532EFBCF816AD0DAB519D953089CC590","lifbcibllhkdhoafpjfnlhfpfgnpldfl":"0EFB2073433ADF16395E44890FE40B696BDF504BD24723F44C98D5C94A452BCD","mfehgcgbbipciphmccgaenjidiccnmng":"9F7A5FF2C7A81C1FCE424B703F108BB2D66F170DA527FBE5A42D8A56BC796B0F","mfffpogegjflfpflabcdkioaeobkgjik":"5A742A3A92970970977B8A89C65BA42E609DB548860574E1FF59C32197FC08C1","mgndgikekgjfcpckkfioiadnlibdjbkf":"DF8CF7CC64E2E869873481B037A28BEDDCE3A239C8D3FF89D8B5AF4CB3D12269","mhjfbmdgcfjbbpaeojofohoefgiehjai":"F97D013313D9D14A6438D49C5A03C86495D8B485335333C02E95D487D2130EAA","neajdppkdcdipfabeoofebfddakdcjhd":"E9517980D40864CEF897BC67000A6FD848AE05A02DB69E88764AF97F04189A49","nkeimhogjdpnpccoofpliimaahmaaome":"93DC8A5268DBF81D12673EE874D7C73938B91B97A16B561CA48269ADF2CA7D08","nmmhkkegccagdldgiimedpiccmgmieda":"354D66BF64EC526A4CC34518CCB176D7AF0BAE30CD3CD159F644248F4399CC4C","olfeabkoenfaoljndfecamgilllcpiak":"601F45F82EADB8984629D2807FADE0C241F096C4264D60B1FDB5E854BF7646DE","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"8F2E59D1322209B055602689A12B02DA4C973E36D60BFC4C1E52ECB6DCD270DD"}},"google":{"services":{"account_id":"E33175E60EBA4F286CA087CBB64186881C86E7565E3A734FF934A23701B90D95","last_username":"32153A3703F6396CA7B5B52F13E77A08CEAFAA68C27D34803599DCE6C544E622","username":"30B4FF79D5426E6BE36058FA98E1416EA9C01BAB46586003575D1A74479CF930"}},"homepage":"530BD6916A2CD18DA559296CB4F8EBE92FEAF7A5B97D8026C42063CBAD0D7B86","homepage_is_newtabpage":"FD9897B953778DE0E08DCDF4867360A19C43A034A00B70D12DDDC0ADD8445967","pinned_tabs":"7D933722FBE629E04041AAF8FBB2323AA654579F27CF08E8F819312BD38D23EC","prefs":{"preference_reset_time":"05B158AF40D1E1EAD38744E1B7E79492896AD6159FB54A0A3F5A47D8DFAFE3F6"},"profile":{"reset_prompt_memento":"569566585E6A8167F03B41E470C7DD481BD7D9A3B7B6A75ACB6D92D64BD84B77"},"safebrowsing":{"incidents_sent":"DAE42EE514E86B46ACF348072C9A5F80DD4E51219AE8C412A49AA53CB6A53A05"},"search_provider_overrides":"ADC3F9D2B1BFD2EFD4D7092777795F6B4BF206B206F497C0BDBBEDBD0F7A7358","session":{"restore_on_startup":"77C6FF2461FAF981599D5940B06A19CB63A78DEA3DE43444ABF4B2A8E67C9965","startup_urls":"927C2963E06D4DDB0E269EF2F96F761B58B4358E7E7F180D81E6BDE921677FB9"},"software_reporter":{"prompt_reason":"00BFA1C56B07E3BCEE22EB1577FCCC081B24545B44E0BCC3D13017C862943797","prompt_seed":"7515E85EB7F978BBD88EFD2D1DA7D4DD40129097CC5089060AE30FE5FC762B45","prompt_version":"5D4188F4CEE7E0CFE8E96223AADC8F715936792B01487158A97E5461D42DEF89"},"sync":{"remaining_rollback_tries":"36B4F9092C8EF06E9731524796323A4FD1E590576231FFE6DA89D401151B8C3F"}},"super_mac":"CDEF11E51E42F38EDC7D5817CB7CC541EF7FFCAEF34A4CFACA11FC2E8B01D9CA"},"session":{"restore_on_startup":1,"startup_urls":["http://www.search.ask.com/?tpid=ATU4-V7C&o=APN11391&pf=V7&trgb=CR&p2=%5EBAY%5EYYYYYY%5EYY%5ECZ&gct=hp&apn_ptnrs=%5EBAY&apn_dtid=%5EYYYYYY%5EYY%5ECZ&apn_dbr=cr_34.0.1847.116&apn_uid=D5153F98-6E6F-42D2-BE57-8EEA073AEBAF&itbv=12.10.6.5029&doi=2014-04-17&psv=","http://www.search.ask.com/?tpid=FFV7-SAT&o=APN11590&pf=V7&trgb=CR&p2=%5EBJ5%5EYYYYYY%5EYY%5ECZ&gct=hp&apn_ptnrs=%5EBJ5&apn_dtid=%5EYYYYYY%5EYY%5ECZ&apn_dbr=cr_34.0.1847.116&apn_uid=561B43A3-680E-4029-898C-540C19609473&itbv=12.10.3.4847&doi=2014-04-17&psv=","http://www.search.ask.com/?tpid=ATU4-V7C&o=APN11391&pf=V7&trgb=CR&p2=%5EBAY%5Eaaa080%5EYY%5ECZ&gct=hp&apn_ptnrs=%5EBAY&apn_dtid=%5Eaaa080%5EYY%5ECZ&apn_dbr=cr_35.0.1916.153&apn_uid=FC8DB3F3-6B64-4211-9223-C2108DC9072B&itbv=12.15.0.151&doi=2014-06-25&psv=&pt=tb"]},"sync":{"remaining_rollback_tries":0}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.cz/"
"Default_Page_URL"="http://www.bing.com?pc=HPDTDFJS"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="https://www.google.cz/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{04AABE12-CA05-4842-BC6D-F39C3615A177} Slovn¡k EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13014"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{342B4757-68CF-40A6-8C17-8F22B69DDE53} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_13014"
{39507285-9F0B-4322-B057-19E5D6DE4CB2} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13014"
{4F41A42E-13E0-41BF-9BA6-6A0E3FF8178A} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13014"
{5C3C2A9B-2CE6-4A40-BCB7-8FA05B60E7CD} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13014"
{684C3CEF-BEA8-4AB8-84AC-76DFE8ACC5A1} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_13014"
{7A46BE94-F5DB-41F9-A25D-AF43CBEBEB33} Slovn¡k CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13014"
{C58029CF-5C1C-477D-B689-2D3B6B010E61} Zbo§¡.cz Url="http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_13014"

==== Reset Google Chrome ======================

C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.bad was reset successfully
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\HP\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\HP\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=97 folders=27 96924814 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\HP\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\HP\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\IObit Uninstaller" not found
"C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on £t 11. 08. 2015 at 14:33:39,05 ======================

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:

- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[Phoe]

RogueKiller jsem spustila, smazala co bylo třeba, níže dávám zprávu.
FRST se mi nepodařilo spustit, Avira to nechce dovolit, tvrdí, že FRST obsahuje virus. Mám Aviru na tu chvíli vypnout?



R o g u e K i l l e r V 1 0 . 9 . 4 . 0 ( x 6 4 ) [ J u l 3 0 2 0 1 5 ] b y A d l i c e S o f t w a r e

m a i l : h t t p : / / w w w . a d l i c e . c o m / c o n t a c t /

F e e d b a c k : h t t p : / / f o r u m . a d l i c e . c o m

W e b o v á s t r á n k a : h t t p : / / w w w . a d l i c e . c o m / s o f t w a r e s / r o g u e k i l l e r /

B l o g : h t t p : / / w w w . a d l i c e . c o m



O p e r a
n í s y s t é m : W i n d o w s 8 . 1 ( 6 . 3 . 9 2 0 0 ) 6 4 b i t s v e r s i o n

S p u a t n o : N o r m á l n í r e ~ i m

U ~ i v a t e l : H P [ P r á v a s p r á v c e ]

S t a r t e d f r o m : C : \ U s e r s \ H P \ D o w n l o a d s \ D e s k t o p \ H i j a c k T h i s \ R o g u e K i l l e r X 6 4 . e x e

M ó d : S m a z a t - - D a t u m : 0 8 / 1 1 / 2 0 1 5 1 7 : 3 0 : 4 9



¤ ¤ ¤ P r o c e s y : 0 ¤ ¤ ¤



¤ ¤ ¤ R e g i s t r y : 7 ¤ ¤ ¤

[ S u s p i c i o u s . P a t h ] ( X 8 6 ) H K E Y _ L O C A L _ M A C H I N E \ S o f t w a r e \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n | V M o n i t o r V M U V C : " C : \ P r o g r a m F i l e s ( x 8 6 ) \ V i m i c r o C o r p o r a t i o n \ V M U V C \ V M o n i t o r . e x e " V M U V C [ - ] [ - ] - > E R R O R [ 0 ]

[ P U M . H o m e P a g e ] ( X 6 4 ) H K E Y _ L O C A L _ M A C H I N E \ S o f t w a r e \ M i c r o s o f t \ I n t e r n e t E x p l o r e r \ M a i n | S t a r t P a g e : h t t p : / / g o . m i c r o s o f t . c o m / f w l i n k / p / ? L i n k I d = 2 5 5 1 4 1 - > N a h r a z e n o ( h t t p : / / g o . m i c r o s o f t . c o m / f w l i n k / p / ? L i n k I d = 2 5 5 1 4 1 )

[ P U M . H o m e P a g e ] ( X 6 4 ) H K E Y _ L O C A L _ M A C H I N E \ S o f t w a r e \ M i c r o s o f t \ I n t e r n e t E x p l o r e r \ M a i n | D e f a u l t _ P a g e _ U R L : h t t p : / / w w w . m i c r o s o f t . c o m / i s a p i / r e d i r . d l l ? p r d = i e & p v e r = 6 & a r = m s n h o m e - > N a h r a z e n o ( h t t p : / / w w w . m i c r o s o f t . c o m / i s a p i / r e d i r . d l l ? p r d = i e & p v e r = 6 & a r = m s n h o m e )

[ P U M . D n s ] ( X 6 4 ) H K E Y _ L O C A L _ M A C H I N E \ S y s t e m \ C u r r e n t C o n t r o l S e t \ S e r v i c e s \ T c p i p \ P a r a m e t e r s | D h c p N a m e S e r v e r : ( [ C Z E C H R E P U B L I C ( C Z ) ] [ - ] ) - > N a h r a z e n o ( )

[ P U M . D n s ] ( X 6 4 ) H K E Y _ L O C A L _ M A C H I N E \ S y s t e m \ C o n t r o l S e t 0 0 1 \ S e r v i c e s \ T c p i p \ P a r a m e t e r s | D h c p N a m e S e r v e r : ( [ C Z E C H R E P U B L I C ( C Z ) ] [ - ] ) - > N a h r a z e n o ( )

[ P U M . D n s ] ( X 6 4 ) H K E Y _ L O C A L _ M A C H I N E \ S y s t e m \ C u r r e n t C o n t r o l S e t \ S e r v i c e s \ T c p i p \ P a r a m e t e r s \ I n t e r f a c e s \ { 8 D 1 2 C F C 4 - 4 8 5 A - 4 5 F 1 - 9 7 E E - 0 5 9 4 8 5 3 5 5 E 1 6 } | D h c p N a m e S e r v e r : ( [ C Z E C H R E P U B L I C ( C Z ) ] [ - ] ) - > N a h r a z e n o ( )

[ P U M . D n s ] ( X 6 4 ) H K E Y _ L O C A L _ M A C H I N E \ S y s t e m \ C o n t r o l S e t 0 0 1 \ S e r v i c e s \ T c p i p \ P a r a m e t e r s \ I n t e r f a c e s \ { 8 D 1 2 C F C 4 - 4 8 5 A - 4 5 F 1 - 9 7 E E - 0 5 9 4 8 5 3 5 5 E 1 6 } | D h c p N a m e S e r v e r : ( [ C Z E C H R E P U B L I C ( C Z ) ] [ - ] ) - > N a h r a z e n o ( )



¤ ¤ ¤ Ú l o h y : 0 ¤ ¤ ¤



¤ ¤ ¤ S o u b o r y : 0 ¤ ¤ ¤



¤ ¤ ¤ S o u b o r H O S T S : 1 ¤ ¤ ¤

[ C : \ W i n d o w s \ S y s t e m 3 2 \ d r i v e r s \ e t c \ h o s t s ] 1 2 7 . 0 . 0 . 1 l o c a l h o s t E R R O R [ 5 ]



¤ ¤ ¤ A n t i r o o t k i t : 0 ( D r i v e r : N a h r á n ) ¤ ¤ ¤



¤ ¤ ¤ W e b o v é p r o h l í ~ e
e : 4 ¤ ¤ ¤

[ F I R E F X : A d d o n ] p x b c 6 i v 3 . d e f a u l t : D o w n l o a d Y o u T u b e V i d e o s a s M P 4 [ { b 9 b f a f 1 c - a 6 3 f - 4 7 c d - 8 b 9 a - 2 9 5 2 6 c e d 9 0 6 0 } ] - > S m a z á n o

[ P U P ] [ F I R E F X : A d d o n ] p x b c 6 i v 3 . d e f a u l t : S e z n a m l i ? t i ? k a [ { e a 6 1 4 4 0 0 - e 9 1 8 - 4 7 4 1 - 9 a 9 7 - 7 a 9 7 2 f f 7 c 3 0 b } ] - > S m a z á n o

[ F I R E F X : A d d o n ] p x b c 6 i v 3 . d e f a u l t : A d v a n c e d S y s t e m C a r e S u r f i n g P r o t e c t i o n [ i o b i t a s c s u r f i n g p r o t e c t i o n @ i o b i t . c o m ] - > S m a z á n o

[ F I R E F X : A d d o n ] p x b c 6 i v 3 . d e f a u l t : S k y p e C l i c k t o C a l l [ { 8 2 A F 8 D C A - 6 D E 9 - 4 0 5 D - B D 5 E - 4 3 5 2 5 B D A D 3 8 A } ] - > S m a z á n o



¤ ¤ ¤ K o n t r o l a M B R : ¤ ¤ ¤

+ + + + + P h y s i c a l D r i v e 0 : T O S H I B A D T 0 1 A C A 0 5 0 + + + + +

- - - U s e r - - -

[ M B R ] 6 f 2 1 e c e 9 a 2 6 0 e 1 a 6 a f d 8 b b f a 2 5 1 d a d b c

[ B S P ] f 9 6 0 b 2 4 9 0 2 7 4 a 6 7 f b d 9 6 c d 8 0 9 3 4 e 3 d 8 7 : E m p t y | V T . U n k n o w n M B R C o d e

P a r t i t i o n t a b l e :

0 - [ S Y S T E M ] [ M A N - M O U N T ] B a s i c d a t a p a r t i t i o n | O f f s e t ( s e c t o r s ) : 2 0 4 8 | S i z e : 1 0 2 3 M B

1 - [ M A N - M O U N T ] E F I s y s t e m p a r t i t i o n | O f f s e t ( s e c t o r s ) : 2 0 9 7 1 5 2 | S i z e : 3 6 0 M B

2 - [ M A N - M O U N T ] M i c r o s o f t r e s e r v e d p a r t i t i o n | O f f s e t ( s e c t o r s ) : 2 8 3 4 4 3 2 | S i z e : 1 2 8 M B

3 - B a s i c d a t a p a r t i t i o n | O f f s e t ( s e c t o r s ) : 3 0 9 6 5 7 6 | S i z e : 4 6 4 1 4 9 M B

4 - [ S Y S T E M ] [ M A N - M O U N T ] | O f f s e t ( s e c t o r s ) : 9 5 3 6 7 3 7 2 8 | S i z e : 4 5 1 M B

5 - [ S Y S T E M ] B a s i c d a t a p a r t i t i o n | O f f s e t ( s e c t o r s ) : 9 5 4 5 9 7 3 7 6 | S i z e : 1 0 8 2 3 M B

U s e r = L L 1 . . . O K

U s e r = L L 2 . . . O K

[jaro3]

antivir vypni. Jaký máš router?

[Phoe]

Můj router je Technicolor TC7200.
Vešel se sem jen jeden log, druhý posílám extra.




Additional scan result of Farbar Recovery Scan Tool (x64) Version:11-08-2015
Ran by HP (2015-08-11 19:44:17)
Running from C:\Users\HP\Downloads\Desktop\HijackThis
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1702781869-1181985805-574114531-500 - Administrator - Disabled)
Guest (S-1-5-21-1702781869-1181985805-574114531-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1702781869-1181985805-574114531-1005 - Limited - Enabled)
HP (S-1-5-21-1702781869-1181985805-574114531-1001 - Administrator - Enabled) => C:\Users\HP

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================


(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe InDesign 2.0 CE (HKLM-x32\...\Adobe InDesign 2.0 CE) (Version: 2.0 CE - Adobe Systems, Inc.)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{0DEB2EEB-BE9A-44B1-9D90-183250B61785}) (Version: 20.13.3317.03143 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.13.3317.03143 - Alcor Micro Corp.) Hidden
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avira (HKLM-x32\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
Balabolka (HKLM-x32\...\Balabolka) (Version: 2.7.0.545 - Ilya Morozov)
Balíček ovladače systému Windows - Hewlett-Packard Image (12/28/2006 8.0.0.0) (HKLM\...\4C806F98217A7FD4E853F458FF399F052625F21C) (Version: 12/28/2006 8.0.0.0 - Hewlett-Packard)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.)
Bullzip PDF Printer 10.8.0.2282 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.8.0.2282 - Bullzip)
calibre 64bit (HKLM\...\{1A645F80-97F2-424B-AED0-9DBF6B835C6D}) (Version: 2.17.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6522 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.2921 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1.3007 - CyberLink Corp.)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Free Spider Solitaire v5.0 (HKLM-x32\...\Free Spider_is1) (Version: - TreeCardGames)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.1 - Ellora Assets Corporation)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\HPConnectedMusic) (Version: 1.1 (build 128) hp - Meridian Audio Ltd)
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6668.4491 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{C88F84E5-AE23-44BD-922C-2ABEACACAF7A}) (Version: 7.2.23.56 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
Infovox Desktop 2.2 (HKLM-x32\...\{52C32940-C538-40CF-8DE9-B91090F49938}) (Version: 2.20.0003 - Acapela Group)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.0.0.49 - IObit)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Malwarebytes Anti-Malware verze 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Mozilla Firefox 39.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 cs)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
Nebeský kalendář (HKLM-x32\...\Nebeský kalendář) (Version: - Zdeněk Pazdera - Wendys)
Nebeský kalendář (x32 Version: 3.0.0 - Zdeněk Pazdera - Wendys) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
ProFact 4.0 (HKLM-x32\...\ProFact 4.0_is1) (Version: - eXmind)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.30153 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7432 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.6208 - CyberLink Corp.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Spell Checker (Czech) (HKLM-x32\...\{DED7B9D4-F754-4C58-9341-98E9ED625A24}) (Version: 1.00.0000 - Sergey Kutasov, Ilya Morozov)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Vimicro UVC USB2.0 PC Camera (HKLM-x32\...\{71A51A91-E7D3-11DB-A386-005056C00008}) (Version: 2010.03.02 - Vimicro Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1702781869-1181985805-574114531-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

08-08-2015 13:30:38 Installed PC Inspector File Recovery
10-08-2015 21:02:35 Zpravodajství ČT24 restore point
11-08-2015 14:17:34 zoek.exe restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-08-11 14:18 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1205B03F-8E6C-4AB1-9C8B-8B9BEDCE07FC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {3B75ED26-69AE-4632-A966-2B0155938020} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-16] (Google Inc.)
Task: {63A60967-8C95-4514-B19E-C02B29D989D6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-06-07] (Hewlett-Packard Company)
Task: {6989DACA-9307-4F25-9D31-A415C29E31B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-29] (Hewlett-Packard Company)
Task: {7FD708B9-C553-4D7D-84D5-DB40519BE8B0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-06-07] (Hewlett-Packard Company)
Task: {87FEC05D-2CE3-4745-9A99-C522F4A5A361} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {8DCF5261-40CF-4AEB-A3E1-860E4CF1E6CC} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
Task: {8DF94A8B-5598-4D9A-BE74-49BA98431C20} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-16] (Google Inc.)
Task: {8FCA7C1F-9F90-4420-B35F-EEA2E99D5CEC} - System32\Tasks\AutoKMS => C:\windows\AutoKMS\AutoKMS.exe [2014-11-16] ()
Task: {C0D22DB4-B9E9-4ECF-8052-04E0B99B1129} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-12] (CyberLink)
Task: {CC964F80-4A97-4163-B339-CAEAC8D944A0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {DF569A7C-DDDF-440F-A886-E915BAFA9892} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {F8651045-C7BE-4E87-A39A-C0D07D5B3726} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-03 22:22 - 2015-07-03 22:22 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-08-08 18:43 - 2015-08-08 18:42 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2014-11-06 15:50 - 2013-03-12 16:51 - 00626240 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-13 00:53 - 2013-03-13 00:53 - 00015424 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-11-06 15:46 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\driversupport.com -> hxxp://apps.driversupport.com
IE trusted site: HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\driversupport.com -> hxxps://apps.driversupport.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1702781869-1181985805-574114531-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HP\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_AF07ADB424B82216064A05A2CAB71EA4"
HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\StartupApproved\Run: => "NokiaSuite.exe"
HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\StartupApproved\Run: => "ct24crawl"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{5C43DAEE-D3E8-4045-BB91-0D3C4BA12E8B}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{577DFA8A-2324-4CA9-AC67-E7A1DFB76B90}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{4C9C3699-01BE-4882-96FE-F9B693A52DD4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DED153F0-A684-4B1B-B3C2-73D53257DE88}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FE69B5C7-D90C-431F-B8BF-AEE81169AE5A}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{63AC8CE9-85BB-4351-9929-6AE115CF7F36}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{CA1A277D-726B-4D88-BC09-000F695AAD6C}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{91304C9B-442D-4550-85AD-519B101F8C9F}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{50586E0B-2EBC-418A-9E47-371C869E963E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{8F001F7D-329C-4BE1-9063-38E1A1B7BABB}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{1AC99E31-A81B-4FE2-9F47-26908DD131DF}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{E2D9F329-D571-4883-857A-5CC9B5E2CF08}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{4D4AA75B-C753-4168-B1D7-932D9893BC55}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{AA402AA6-2A4F-4596-92F9-9B34E039E7E0}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{D6B0436C-2F2D-430F-A5D1-09DCC25CAE65}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{D9364F08-AF5B-40B8-A02C-67190581F7A9}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{B5529F99-08CB-46F2-AF91-9B70A7832969}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{73A5AAD4-E38E-4870-AFA7-6EC94BD8D1FF}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{63EAB1F3-391E-4849-A1EB-B95DF90B60A3}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{6EA9ECA3-0E27-46E6-9357-B25A58362FF2}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{F060896E-88F2-4D65-A210-8586536771E7}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{1D958F65-4354-40D1-B967-9DFB13A70D85}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{650ABBC3-A0A0-4BFB-B6E0-E4EC1FC79269}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{73C6CB8F-DBC3-473B-BA2F-8CF4012D261C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DB2F4052-BB62-4F9F-89A2-166113E895A6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AEE72441-5113-4CFD-9102-C5AC76D6F4EB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C095293D-2890-486A-A873-89A7E4FF1DB3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{9E880B2F-287D-4FAC-9DC5-4B638B6635F7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{26CA592B-2850-4E99-BD69-8D734F17A2D2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{C35F4EC8-4F21-4A31-B44A-22D3A10A3D91}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Block) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{4788D1A7-85ED-4FA3-BA9B-E972FCB3F2BF}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Block) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [{54DF584B-E03A-40E1-967D-11D70EBC4F78}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/11/2015 05:33:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/11/2015 05:33:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/11/2015 05:33:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/11/2015 02:45:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/11/2015 02:31:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/11/2015 01:22:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/11/2015 11:17:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.3.9600.17667, časové razítko: 0x54c6f7c2
Název chybujícího modulu: WLDAP32.dll, verze: 6.3.9600.17415, časové razítko: 0x54504330
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000155a
ID chybujícího procesu: 0x750
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Úplný název chybujícího balíčku: Explorer.EXE4
ID aplikace související s chybujícím balíčkem: Explorer.EXE5

Error: (08/10/2015 12:52:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/10/2015 12:52:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/10/2015 12:52:12 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (08/11/2015 05:33:30 PM) (Source: NetBT) (EventID: 4300) (User: )
Description: Ovladač nelze vytvořit.

Error: (08/11/2015 05:33:30 PM) (Source: NetBT) (EventID: 4300) (User: )
Description: Ovladač nelze vytvořit.

Error: (08/11/2015 05:33:12 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (08/11/2015 05:33:12 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4

Error: (08/11/2015 05:33:06 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4

Error: (08/11/2015 04:52:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (08/11/2015 02:44:56 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4

Error: (08/11/2015 02:44:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (08/11/2015 02:31:52 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (08/11/2015 02:31:47 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4


Microsoft Office:
=========================
Error: (08/11/2015 05:33:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/11/2015 05:33:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/11/2015 05:33:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/11/2015 02:45:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/11/2015 02:31:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/11/2015 01:22:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/11/2015 11:17:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1766754c6f7c2WLDAP32.dll6.3.9600.1741554504330c0000005000000000000155a75001d0d415dc54425cC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\WLDAP32.dllc53ccab1-4009-11e5-bef9-0c54a5183b3a

Error: (08/10/2015 12:52:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/10/2015 12:52:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/10/2015 12:52:12 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141


CodeIntegrity:
===================================
Date: 2015-08-03 03:44:09.431
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:44:07.909
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:44:05.715
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:44:04.068
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:44:00.194
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:39:35.501
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:39:32.039
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:39:30.204
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:37:47.012
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:37:45.810
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU G1620T @ 2.40GHz
Percentage of memory in use: 32%
Total physical RAM: 3966.72 MB
Available physical RAM: 2683.87 MB
Total Virtual: 5438.72 MB
Available Virtual: 3544.55 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:453.27 GB) (Free:239.5 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:10.57 GB) (Free:1.29 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: F9D1525B)

Partition: GPT.

==================== End of log ============================

[Phoe]

Můj router je Technicolor TC7200.
Vešel se sem jen jeden log, druhý posílám extra.




Additional scan result of Farbar Recovery Scan Tool (x64) Version:11-08-2015
Ran by HP (2015-08-11 19:44:17)
Running from C:\Users\HP\Downloads\Desktop\HijackThis
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1702781869-1181985805-574114531-500 - Administrator - Disabled)
Guest (S-1-5-21-1702781869-1181985805-574114531-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1702781869-1181985805-574114531-1005 - Limited - Enabled)
HP (S-1-5-21-1702781869-1181985805-574114531-1001 - Administrator - Enabled) => C:\Users\HP

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================


(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe InDesign 2.0 CE (HKLM-x32\...\Adobe InDesign 2.0 CE) (Version: 2.0 CE - Adobe Systems, Inc.)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{0DEB2EEB-BE9A-44B1-9D90-183250B61785}) (Version: 20.13.3317.03143 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.13.3317.03143 - Alcor Micro Corp.) Hidden
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avira (HKLM-x32\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
Balabolka (HKLM-x32\...\Balabolka) (Version: 2.7.0.545 - Ilya Morozov)
Balíček ovladače systému Windows - Hewlett-Packard Image (12/28/2006 8.0.0.0) (HKLM\...\4C806F98217A7FD4E853F458FF399F052625F21C) (Version: 12/28/2006 8.0.0.0 - Hewlett-Packard)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.)
Bullzip PDF Printer 10.8.0.2282 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.8.0.2282 - Bullzip)
calibre 64bit (HKLM\...\{1A645F80-97F2-424B-AED0-9DBF6B835C6D}) (Version: 2.17.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6522 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.2921 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1.3007 - CyberLink Corp.)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Free Spider Solitaire v5.0 (HKLM-x32\...\Free Spider_is1) (Version: - TreeCardGames)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.1 - Ellora Assets Corporation)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\HPConnectedMusic) (Version: 1.1 (build 128) hp - Meridian Audio Ltd)
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6668.4491 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{C88F84E5-AE23-44BD-922C-2ABEACACAF7A}) (Version: 7.2.23.56 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
Infovox Desktop 2.2 (HKLM-x32\...\{52C32940-C538-40CF-8DE9-B91090F49938}) (Version: 2.20.0003 - Acapela Group)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.0.0.49 - IObit)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Malwarebytes Anti-Malware verze 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Mozilla Firefox 39.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 cs)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
Nebeský kalendář (HKLM-x32\...\Nebeský kalendář) (Version: - Zdeněk Pazdera - Wendys)
Nebeský kalendář (x32 Version: 3.0.0 - Zdeněk Pazdera - Wendys) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
ProFact 4.0 (HKLM-x32\...\ProFact 4.0_is1) (Version: - eXmind)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.30153 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7432 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.6208 - CyberLink Corp.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Spell Checker (Czech) (HKLM-x32\...\{DED7B9D4-F754-4C58-9341-98E9ED625A24}) (Version: 1.00.0000 - Sergey Kutasov, Ilya Morozov)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Vimicro UVC USB2.0 PC Camera (HKLM-x32\...\{71A51A91-E7D3-11DB-A386-005056C00008}) (Version: 2010.03.02 - Vimicro Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1702781869-1181985805-574114531-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

08-08-2015 13:30:38 Installed PC Inspector File Recovery
10-08-2015 21:02:35 Zpravodajství ČT24 restore point
11-08-2015 14:17:34 zoek.exe restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-08-11 14:18 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1205B03F-8E6C-4AB1-9C8B-8B9BEDCE07FC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {3B75ED26-69AE-4632-A966-2B0155938020} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-16] (Google Inc.)
Task: {63A60967-8C95-4514-B19E-C02B29D989D6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-06-07] (Hewlett-Packard Company)
Task: {6989DACA-9307-4F25-9D31-A415C29E31B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-29] (Hewlett-Packard Company)
Task: {7FD708B9-C553-4D7D-84D5-DB40519BE8B0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-06-07] (Hewlett-Packard Company)
Task: {87FEC05D-2CE3-4745-9A99-C522F4A5A361} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {8DCF5261-40CF-4AEB-A3E1-860E4CF1E6CC} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
Task: {8DF94A8B-5598-4D9A-BE74-49BA98431C20} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-16] (Google Inc.)
Task: {8FCA7C1F-9F90-4420-B35F-EEA2E99D5CEC} - System32\Tasks\AutoKMS => C:\windows\AutoKMS\AutoKMS.exe [2014-11-16] ()
Task: {C0D22DB4-B9E9-4ECF-8052-04E0B99B1129} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-12] (CyberLink)
Task: {CC964F80-4A97-4163-B339-CAEAC8D944A0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {DF569A7C-DDDF-440F-A886-E915BAFA9892} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {F8651045-C7BE-4E87-A39A-C0D07D5B3726} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-03 22:22 - 2015-07-03 22:22 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-08-08 18:43 - 2015-08-08 18:42 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2014-11-06 15:50 - 2013-03-12 16:51 - 00626240 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-13 00:53 - 2013-03-13 00:53 - 00015424 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-11-06 15:46 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\driversupport.com -> hxxp://apps.driversupport.com
IE trusted site: HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\driversupport.com -> hxxps://apps.driversupport.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1702781869-1181985805-574114531-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HP\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_AF07ADB424B82216064A05A2CAB71EA4"
HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\StartupApproved\Run: => "NokiaSuite.exe"
HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\StartupApproved\Run: => "ct24crawl"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{5C43DAEE-D3E8-4045-BB91-0D3C4BA12E8B}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{577DFA8A-2324-4CA9-AC67-E7A1DFB76B90}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{4C9C3699-01BE-4882-96FE-F9B693A52DD4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DED153F0-A684-4B1B-B3C2-73D53257DE88}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FE69B5C7-D90C-431F-B8BF-AEE81169AE5A}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{63AC8CE9-85BB-4351-9929-6AE115CF7F36}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{CA1A277D-726B-4D88-BC09-000F695AAD6C}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{91304C9B-442D-4550-85AD-519B101F8C9F}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{50586E0B-2EBC-418A-9E47-371C869E963E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{8F001F7D-329C-4BE1-9063-38E1A1B7BABB}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{1AC99E31-A81B-4FE2-9F47-26908DD131DF}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{E2D9F329-D571-4883-857A-5CC9B5E2CF08}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{4D4AA75B-C753-4168-B1D7-932D9893BC55}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{AA402AA6-2A4F-4596-92F9-9B34E039E7E0}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{D6B0436C-2F2D-430F-A5D1-09DCC25CAE65}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{D9364F08-AF5B-40B8-A02C-67190581F7A9}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{B5529F99-08CB-46F2-AF91-9B70A7832969}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{73A5AAD4-E38E-4870-AFA7-6EC94BD8D1FF}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{63EAB1F3-391E-4849-A1EB-B95DF90B60A3}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{6EA9ECA3-0E27-46E6-9357-B25A58362FF2}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{F060896E-88F2-4D65-A210-8586536771E7}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{1D958F65-4354-40D1-B967-9DFB13A70D85}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{650ABBC3-A0A0-4BFB-B6E0-E4EC1FC79269}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{73C6CB8F-DBC3-473B-BA2F-8CF4012D261C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DB2F4052-BB62-4F9F-89A2-166113E895A6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AEE72441-5113-4CFD-9102-C5AC76D6F4EB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C095293D-2890-486A-A873-89A7E4FF1DB3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{9E880B2F-287D-4FAC-9DC5-4B638B6635F7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{26CA592B-2850-4E99-BD69-8D734F17A2D2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{C35F4EC8-4F21-4A31-B44A-22D3A10A3D91}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Block) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{4788D1A7-85ED-4FA3-BA9B-E972FCB3F2BF}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Block) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [{54DF584B-E03A-40E1-967D-11D70EBC4F78}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/11/2015 05:33:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/11/2015 05:33:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/11/2015 05:33:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/11/2015 02:45:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/11/2015 02:31:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/11/2015 01:22:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/11/2015 11:17:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.3.9600.17667, časové razítko: 0x54c6f7c2
Název chybujícího modulu: WLDAP32.dll, verze: 6.3.9600.17415, časové razítko: 0x54504330
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000155a
ID chybujícího procesu: 0x750
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Úplný název chybujícího balíčku: Explorer.EXE4
ID aplikace související s chybujícím balíčkem: Explorer.EXE5

Error: (08/10/2015 12:52:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/10/2015 12:52:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/10/2015 12:52:12 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (08/11/2015 05:33:30 PM) (Source: NetBT) (EventID: 4300) (User: )
Description: Ovladač nelze vytvořit.

Error: (08/11/2015 05:33:30 PM) (Source: NetBT) (EventID: 4300) (User: )
Description: Ovladač nelze vytvořit.

Error: (08/11/2015 05:33:12 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (08/11/2015 05:33:12 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4

Error: (08/11/2015 05:33:06 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4

Error: (08/11/2015 04:52:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (08/11/2015 02:44:56 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4

Error: (08/11/2015 02:44:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (08/11/2015 02:31:52 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (08/11/2015 02:31:47 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4


Microsoft Office:
=========================
Error: (08/11/2015 05:33:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/11/2015 05:33:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/11/2015 05:33:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/11/2015 02:45:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/11/2015 02:31:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/11/2015 01:22:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/11/2015 11:17:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1766754c6f7c2WLDAP32.dll6.3.9600.1741554504330c0000005000000000000155a75001d0d415dc54425cC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\WLDAP32.dllc53ccab1-4009-11e5-bef9-0c54a5183b3a

Error: (08/10/2015 12:52:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/10/2015 12:52:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/10/2015 12:52:12 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141


CodeIntegrity:
===================================
Date: 2015-08-03 03:44:09.431
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:44:07.909
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:44:05.715
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:44:04.068
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:44:00.194
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:39:35.501
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:39:32.039
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:39:30.204
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:37:47.012
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:37:45.810
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU G1620T @ 2.40GHz
Percentage of memory in use: 32%
Total physical RAM: 3966.72 MB
Available physical RAM: 2683.87 MB
Total Virtual: 5438.72 MB
Available Virtual: 3544.55 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:453.27 GB) (Free:239.5 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:10.57 GB) (Free:1.29 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: F9D1525B)

Partition: GPT.

==================== End of log ============================

[Phoe]

Můj router je Technicolor TC7200.
Vešel se sem jen jeden log, druhý posílám extra.




Additional scan result of Farbar Recovery Scan Tool (x64) Version:11-08-2015
Ran by HP (2015-08-11 19:44:17)
Running from C:\Users\HP\Downloads\Desktop\HijackThis
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1702781869-1181985805-574114531-500 - Administrator - Disabled)
Guest (S-1-5-21-1702781869-1181985805-574114531-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1702781869-1181985805-574114531-1005 - Limited - Enabled)
HP (S-1-5-21-1702781869-1181985805-574114531-1001 - Administrator - Enabled) => C:\Users\HP

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================


(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe InDesign 2.0 CE (HKLM-x32\...\Adobe InDesign 2.0 CE) (Version: 2.0 CE - Adobe Systems, Inc.)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{0DEB2EEB-BE9A-44B1-9D90-183250B61785}) (Version: 20.13.3317.03143 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.13.3317.03143 - Alcor Micro Corp.) Hidden
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avira (HKLM-x32\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
Balabolka (HKLM-x32\...\Balabolka) (Version: 2.7.0.545 - Ilya Morozov)
Balíček ovladače systému Windows - Hewlett-Packard Image (12/28/2006 8.0.0.0) (HKLM\...\4C806F98217A7FD4E853F458FF399F052625F21C) (Version: 12/28/2006 8.0.0.0 - Hewlett-Packard)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.)
Bullzip PDF Printer 10.8.0.2282 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.8.0.2282 - Bullzip)
calibre 64bit (HKLM\...\{1A645F80-97F2-424B-AED0-9DBF6B835C6D}) (Version: 2.17.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6522 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.2921 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1.3007 - CyberLink Corp.)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Free Spider Solitaire v5.0 (HKLM-x32\...\Free Spider_is1) (Version: - TreeCardGames)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.1 - Ellora Assets Corporation)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\HPConnectedMusic) (Version: 1.1 (build 128) hp - Meridian Audio Ltd)
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6668.4491 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{C88F84E5-AE23-44BD-922C-2ABEACACAF7A}) (Version: 7.2.23.56 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
Infovox Desktop 2.2 (HKLM-x32\...\{52C32940-C538-40CF-8DE9-B91090F49938}) (Version: 2.20.0003 - Acapela Group)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.0.0.49 - IObit)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Malwarebytes Anti-Malware verze 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Mozilla Firefox 39.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 cs)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
Nebeský kalendář (HKLM-x32\...\Nebeský kalendář) (Version: - Zdeněk Pazdera - Wendys)
Nebeský kalendář (x32 Version: 3.0.0 - Zdeněk Pazdera - Wendys) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
ProFact 4.0 (HKLM-x32\...\ProFact 4.0_is1) (Version: - eXmind)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.30153 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7432 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.6208 - CyberLink Corp.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Spell Checker (Czech) (HKLM-x32\...\{DED7B9D4-F754-4C58-9341-98E9ED625A24}) (Version: 1.00.0000 - Sergey Kutasov, Ilya Morozov)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Vimicro UVC USB2.0 PC Camera (HKLM-x32\...\{71A51A91-E7D3-11DB-A386-005056C00008}) (Version: 2010.03.02 - Vimicro Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1702781869-1181985805-574114531-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

08-08-2015 13:30:38 Installed PC Inspector File Recovery
10-08-2015 21:02:35 Zpravodajství ČT24 restore point
11-08-2015 14:17:34 zoek.exe restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-08-11 14:18 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1205B03F-8E6C-4AB1-9C8B-8B9BEDCE07FC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {3B75ED26-69AE-4632-A966-2B0155938020} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-16] (Google Inc.)
Task: {63A60967-8C95-4514-B19E-C02B29D989D6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-06-07] (Hewlett-Packard Company)
Task: {6989DACA-9307-4F25-9D31-A415C29E31B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-29] (Hewlett-Packard Company)
Task: {7FD708B9-C553-4D7D-84D5-DB40519BE8B0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-06-07] (Hewlett-Packard Company)
Task: {87FEC05D-2CE3-4745-9A99-C522F4A5A361} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {8DCF5261-40CF-4AEB-A3E1-860E4CF1E6CC} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
Task: {8DF94A8B-5598-4D9A-BE74-49BA98431C20} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-16] (Google Inc.)
Task: {8FCA7C1F-9F90-4420-B35F-EEA2E99D5CEC} - System32\Tasks\AutoKMS => C:\windows\AutoKMS\AutoKMS.exe [2014-11-16] ()
Task: {C0D22DB4-B9E9-4ECF-8052-04E0B99B1129} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-12] (CyberLink)
Task: {CC964F80-4A97-4163-B339-CAEAC8D944A0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {DF569A7C-DDDF-440F-A886-E915BAFA9892} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {F8651045-C7BE-4E87-A39A-C0D07D5B3726} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-03 22:22 - 2015-07-03 22:22 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-08-08 18:43 - 2015-08-08 18:42 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2014-11-06 15:50 - 2013-03-12 16:51 - 00626240 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-13 00:53 - 2013-03-13 00:53 - 00015424 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-11-06 15:46 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\driversupport.com -> hxxp://apps.driversupport.com
IE trusted site: HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\driversupport.com -> hxxps://apps.driversupport.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1702781869-1181985805-574114531-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HP\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_AF07ADB424B82216064A05A2CAB71EA4"
HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\StartupApproved\Run: => "NokiaSuite.exe"
HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\StartupApproved\Run: => "ct24crawl"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{5C43DAEE-D3E8-4045-BB91-0D3C4BA12E8B}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{577DFA8A-2324-4CA9-AC67-E7A1DFB76B90}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{4C9C3699-01BE-4882-96FE-F9B693A52DD4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DED153F0-A684-4B1B-B3C2-73D53257DE88}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FE69B5C7-D90C-431F-B8BF-AEE81169AE5A}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{63AC8CE9-85BB-4351-9929-6AE115CF7F36}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{CA1A277D-726B-4D88-BC09-000F695AAD6C}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{91304C9B-442D-4550-85AD-519B101F8C9F}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{50586E0B-2EBC-418A-9E47-371C869E963E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{8F001F7D-329C-4BE1-9063-38E1A1B7BABB}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{1AC99E31-A81B-4FE2-9F47-26908DD131DF}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{E2D9F329-D571-4883-857A-5CC9B5E2CF08}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{4D4AA75B-C753-4168-B1D7-932D9893BC55}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{AA402AA6-2A4F-4596-92F9-9B34E039E7E0}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{D6B0436C-2F2D-430F-A5D1-09DCC25CAE65}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{D9364F08-AF5B-40B8-A02C-67190581F7A9}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{B5529F99-08CB-46F2-AF91-9B70A7832969}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{73A5AAD4-E38E-4870-AFA7-6EC94BD8D1FF}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{63EAB1F3-391E-4849-A1EB-B95DF90B60A3}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{6EA9ECA3-0E27-46E6-9357-B25A58362FF2}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{F060896E-88F2-4D65-A210-8586536771E7}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{1D958F65-4354-40D1-B967-9DFB13A70D85}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{650ABBC3-A0A0-4BFB-B6E0-E4EC1FC79269}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{73C6CB8F-DBC3-473B-BA2F-8CF4012D261C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DB2F4052-BB62-4F9F-89A2-166113E895A6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AEE72441-5113-4CFD-9102-C5AC76D6F4EB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C095293D-2890-486A-A873-89A7E4FF1DB3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{9E880B2F-287D-4FAC-9DC5-4B638B6635F7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{26CA592B-2850-4E99-BD69-8D734F17A2D2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{C35F4EC8-4F21-4A31-B44A-22D3A10A3D91}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Block) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{4788D1A7-85ED-4FA3-BA9B-E972FCB3F2BF}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Block) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [{54DF584B-E03A-40E1-967D-11D70EBC4F78}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/11/2015 05:33:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/11/2015 05:33:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/11/2015 05:33:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/11/2015 02:45:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/11/2015 02:31:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/11/2015 01:22:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/11/2015 11:17:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.3.9600.17667, časové razítko: 0x54c6f7c2
Název chybujícího modulu: WLDAP32.dll, verze: 6.3.9600.17415, časové razítko: 0x54504330
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000155a
ID chybujícího procesu: 0x750
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Úplný název chybujícího balíčku: Explorer.EXE4
ID aplikace související s chybujícím balíčkem: Explorer.EXE5

Error: (08/10/2015 12:52:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/10/2015 12:52:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/10/2015 12:52:12 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (08/11/2015 05:33:30 PM) (Source: NetBT) (EventID: 4300) (User: )
Description: Ovladač nelze vytvořit.

Error: (08/11/2015 05:33:30 PM) (Source: NetBT) (EventID: 4300) (User: )
Description: Ovladač nelze vytvořit.

Error: (08/11/2015 05:33:12 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (08/11/2015 05:33:12 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4

Error: (08/11/2015 05:33:06 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4

Error: (08/11/2015 04:52:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (08/11/2015 02:44:56 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4

Error: (08/11/2015 02:44:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (08/11/2015 02:31:52 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (08/11/2015 02:31:47 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4


Microsoft Office:
=========================
Error: (08/11/2015 05:33:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/11/2015 05:33:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/11/2015 05:33:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/11/2015 02:45:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/11/2015 02:31:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/11/2015 01:22:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/11/2015 11:17:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1766754c6f7c2WLDAP32.dll6.3.9600.1741554504330c0000005000000000000155a75001d0d415dc54425cC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\WLDAP32.dllc53ccab1-4009-11e5-bef9-0c54a5183b3a

Error: (08/10/2015 12:52:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/10/2015 12:52:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (08/10/2015 12:52:12 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141


CodeIntegrity:
===================================
Date: 2015-08-03 03:44:09.431
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:44:07.909
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:44:05.715
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:44:04.068
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:44:00.194
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:39:35.501
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:39:32.039
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:39:30.204
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:37:47.012
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-03 03:37:45.810
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU G1620T @ 2.40GHz
Percentage of memory in use: 32%
Total physical RAM: 3966.72 MB
Available physical RAM: 2683.87 MB
Total Virtual: 5438.72 MB
Available Virtual: 3544.55 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:453.27 GB) (Free:239.5 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:10.57 GB) (Free:1.29 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: F9D1525B)

Partition: GPT.

==================== End of log ============================

[Phoe]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:11-08-2015
Ran by HP (administrator) on PC (11-08-2015 19:43:14)
Running from C:\Users\HP\Downloads\Desktop\HijackThis
Loaded Profiles: HP (Available Profiles: HP)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HotKeysCmds] => C:\windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\windows\system32\igfxpers.exe
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13874392 2015-01-12] (Realtek Semiconductor)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782008 2015-07-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-1702781869-1181985805-574114531-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2014-12-21]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1702781869-1181985805-574114531-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1702781869-1181985805-574114531-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1702781869-1181985805-574114531-1001 -> {04AABE12-CA05-4842-BC6D-F39C3615A177} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13014
SearchScopes: HKU\S-1-5-21-1702781869-1181985805-574114531-1001 -> {342B4757-68CF-40A6-8C17-8F22B69DDE53} URL = http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_13014
SearchScopes: HKU\S-1-5-21-1702781869-1181985805-574114531-1001 -> {39507285-9F0B-4322-B057-19E5D6DE4CB2} URL = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13014
SearchScopes: HKU\S-1-5-21-1702781869-1181985805-574114531-1001 -> {4F41A42E-13E0-41BF-9BA6-6A0E3FF8178A} URL = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13014
SearchScopes: HKU\S-1-5-21-1702781869-1181985805-574114531-1001 -> {5C3C2A9B-2CE6-4A40-BCB7-8FA05B60E7CD} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13014
SearchScopes: HKU\S-1-5-21-1702781869-1181985805-574114531-1001 -> {684C3CEF-BEA8-4AB8-84AC-76DFE8ACC5A1} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_13014
SearchScopes: HKU\S-1-5-21-1702781869-1181985805-574114531-1001 -> {7A46BE94-F5DB-41F9-A25D-AF43CBEBEB33} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13014
SearchScopes: HKU\S-1-5-21-1702781869-1181985805-574114531-1001 -> {C58029CF-5C1C-477D-B689-2D3B6B010E61} URL = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_13014
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-19] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-19] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{8D12CFC4-485A-45F1-97EE-059485355E16}: [DhcpNameServer] 213.46.172.36 213.46.172.37

FireFox:
========
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pxbc6iv3.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [No File]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF Extension: No Name - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pxbc6iv3.default\extensions\iobitascsurfingprotection@iobit.com [not found]

Chrome:
=======
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-11]
CHR Extension: (Google Docs) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-11]
CHR Extension: (Google Drive) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-11]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-11]
CHR Extension: (Google Search) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-11]
CHR Extension: (Google Sheets) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-11]
CHR Extension: (Skype Click to Call) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-08-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-16]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [887128 2015-07-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-07-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-07-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1213072 2015-07-15] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 CLHNServiceForPowerDVD12; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [89864 2013-06-10] (CyberLink Corp.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-06-10] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [294664 2013-06-10] (CyberLink)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-12-03] (Ellora Assets Corp.) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-06-07] (Hewlett-Packard Company) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-15] (Hewlett-Packard Company)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-27] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-08] (IObit)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [293080 2014-12-23] (Realtek Semiconductor)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2015-02-21] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137288 2015-07-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-07-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-07-15] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-07-15] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-15] (CyberLink)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-25] (REALiX(tm))
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R2 ntk_PowerDVD12; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [84168 2013-03-12] (Cyberlink Corp.)
R3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [202112 2010-11-12] (Vimicro Corporation)
R3 vvftUVC; C:\Windows\system32\drivers\vvftUVC.sys [303616 2008-07-01] (Vimicro Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-11 19:42 - 2015-08-11 19:43 - 00000000 ____D C:\FRST
2015-08-11 17:36 - 2015-08-11 17:36 - 02171392 _____ (Farbar) C:\Users\HP\Downloads\FRST64.exe
2015-08-11 17:36 - 2015-08-11 17:36 - 02171392 _____ (Farbar) C:\Users\HP\Downloads\FRST64 (1).exe
2015-08-11 14:34 - 2015-08-11 14:34 - 00000000 ____D C:\Users\HP\AppData\Roaming\ProductData
2015-08-11 14:31 - 2015-08-11 14:16 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-08-11 14:17 - 2015-08-11 14:33 - 00018502 _____ C:\zoek-results.log
2015-08-11 14:16 - 2015-08-11 14:32 - 00000000 ____D C:\zoek_backup
2015-08-11 14:14 - 2015-08-11 14:14 - 01308672 _____ C:\Users\HP\Downloads\zoek.exe
2015-08-11 14:10 - 2015-08-11 14:10 - 00003030 _____ C:\Users\HP\Desktop\JRT.txt
2015-08-11 14:04 - 2015-08-11 14:04 - 01797896 _____ (Malwarebytes Corporation) C:\Users\HP\Downloads\JRT (1).exe
2015-08-11 14:03 - 2015-08-11 14:03 - 01797896 _____ (Malwarebytes Corporation) C:\Users\HP\Downloads\JRT.exe
2015-08-11 13:44 - 2015-08-11 17:19 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-08-11 13:44 - 2015-08-11 14:04 - 00000000 ____D C:\ProgramData\RogueKiller
2015-08-11 13:40 - 2015-08-11 13:40 - 22653000 _____ C:\Users\HP\Downloads\RogueKillerX64.exe
2015-08-11 13:39 - 2015-08-11 13:39 - 18718280 _____ C:\Users\HP\Downloads\RogueKiller (1).exe
2015-08-11 13:38 - 2015-08-11 13:38 - 18718280 _____ C:\Users\HP\Downloads\RogueKiller.exe
2015-08-11 11:31 - 2015-08-11 12:57 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-11 11:30 - 2015-08-11 11:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-11 11:30 - 2015-08-11 11:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-11 11:30 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-08-11 11:30 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-08-11 11:30 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-08-11 11:28 - 2015-08-11 11:28 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\HP\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-11 11:16 - 2015-08-11 13:26 - 00000000 ____D C:\AdwCleaner
2015-08-11 11:14 - 2015-08-11 11:14 - 02248704 _____ C:\Users\HP\Downloads\AdwCleaner.exe
2015-08-11 11:14 - 2015-08-11 11:14 - 00000000 ____D C:\Users\HP\AppData\Local\Adobe
2015-08-11 10:59 - 2015-08-11 10:59 - 00050688 _____ (Atribune.org) C:\Users\HP\Downloads\ATF-Cleaner.exe
2015-08-10 21:51 - 2015-08-10 21:52 - 00388608 _____ (Trend Micro Inc.) C:\Users\HP\Downloads\HijackThis(1).exe
2015-08-08 22:38 - 2015-08-08 22:38 - 00931408 _____ (Google Inc.) C:\Users\HP\Downloads\ChromeSetup(2).exe
2015-08-08 22:28 - 2015-08-11 17:33 - 00006056 _____ C:\WINDOWS\PFRO.log
2015-08-08 22:28 - 2015-08-11 17:33 - 00000616 _____ C:\WINDOWS\setupact.log
2015-08-08 22:28 - 2015-08-08 22:28 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-08 21:41 - 2015-08-08 21:41 - 00001267 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2015-08-08 21:37 - 2015-08-08 21:37 - 09894176 _____ (IObit) C:\Users\HP\Downloads\iobituninstaller_beta.exe
2015-08-08 21:24 - 2015-08-08 21:24 - 00038108 _____ C:\Users\HP\Downloads\Czech (2).lng
2015-08-08 21:23 - 2015-08-08 21:24 - 15895328 _____ (IObit) C:\Users\HP\Downloads\iobituninstaller (6).exe
2015-08-08 21:01 - 2015-08-08 21:01 - 21757886 _____ C:\Users\HP\Downloads\iobituninstaller41 (6).exe
2015-08-08 21:01 - 2015-08-08 21:01 - 15895328 _____ (IObit) C:\Users\HP\Downloads\iobituninstaller (5).exe
2015-08-08 18:50 - 2015-08-08 18:50 - 21757886 _____ C:\Users\HP\Downloads\iobituninstaller41 (5).exe
2015-08-08 18:50 - 2015-08-08 18:50 - 21757886 _____ C:\Users\HP\Downloads\iobituninstaller41 (4).exe
2015-08-08 18:44 - 2015-08-08 18:44 - 21757886 _____ C:\Users\HP\Downloads\iobituninstaller41 (3).exe
2015-08-08 18:43 - 2015-08-08 18:45 - 00000000 ____D C:\ProgramData\IObit
2015-08-08 18:41 - 2015-08-08 18:41 - 15895328 _____ (IObit) C:\Users\HP\Downloads\iobituninstaller (4).exe
2015-08-08 18:40 - 2015-08-08 18:40 - 00038108 _____ C:\Users\HP\Downloads\Czech (1).lng
2015-08-08 18:37 - 2015-08-08 18:38 - 00038108 _____ C:\Users\HP\Downloads\Czech.lng
2015-08-08 18:22 - 2015-08-08 20:58 - 00000000 ____D C:\Program Files (x86)\IObit
2015-08-08 18:21 - 2015-08-08 18:21 - 21757886 _____ C:\Users\HP\Downloads\iobituninstaller41 (2).exe
2015-08-08 14:48 - 2015-08-08 19:51 - 00000000 ____D C:\Program Files\Recuva
2015-08-08 14:48 - 2015-08-08 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2015-08-08 14:47 - 2015-08-08 14:47 - 04426120 _____ (Piriform Ltd) C:\Users\HP\Downloads\rcsetup152.exe
2015-08-08 14:00 - 2015-08-08 14:00 - 21757886 _____ C:\Users\HP\Downloads\iobituninstaller41 (1).exe
2015-08-08 13:42 - 2015-08-08 13:42 - 21757886 _____ C:\Users\HP\Downloads\iobituninstaller41.exe
2015-08-08 13:28 - 2015-08-08 13:28 - 13032360 _____ C:\Users\HP\Downloads\pci_filerecovery.exe
2015-08-08 13:21 - 2015-08-08 13:21 - 00167773 _____ C:\Users\HP\Downloads\Restoration.zip
2015-08-08 13:18 - 2015-08-08 13:18 - 00710939 _____ (Erika a.s. ) C:\Users\HP\Downloads\crawl (1).exe
2015-08-08 13:12 - 2015-08-08 13:12 - 00000000 ____D C:\Users\HP\AppData\Roaming\ct24crawl
2015-08-08 13:07 - 2015-08-08 13:07 - 00710939 _____ (Erika a.s. ) C:\Users\HP\Downloads\crawl.exe
2015-08-08 09:30 - 2015-08-08 09:30 - 00000000 ____D C:\Users\HP\Documents\Fax
2015-08-07 15:35 - 2015-08-07 17:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-07 15:18 - 2015-08-07 15:18 - 00830544 _____ C:\Users\HP\Downloads\Kofola 0,5 l Fofola a tulipán.mp4
2015-08-07 07:42 - 2015-08-07 07:43 - 24397573 _____ C:\Users\HP\Downloads\aTubeCatcher (1).exe
2015-08-07 07:42 - 2015-08-07 07:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2015-08-07 07:42 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\WINDOWS\SysWOW64\fmcodec.DLL
2015-08-07 07:37 - 2015-08-07 07:37 - 24397573 _____ C:\Users\HP\Downloads\aTubeCatcher.exe
2015-08-07 07:35 - 2015-08-08 08:58 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-08-07 07:33 - 2015-08-07 07:33 - 01124072 _____ (Adobe Systems Incorporated) C:\Users\HP\Downloads\readerdc_cz_ha_install.exe
2015-08-07 00:04 - 2015-08-07 00:04 - 00000000 ____D C:\Users\HP\AppData\Roaming\Avira
2015-08-07 00:03 - 2015-08-07 00:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-08-07 00:03 - 2015-08-07 00:05 - 00000000 ____D C:\ProgramData\Avira
2015-08-07 00:03 - 2015-08-07 00:05 - 00000000 ____D C:\Program Files (x86)\Avira
2015-08-07 00:03 - 2015-07-15 08:37 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-08-07 00:03 - 2015-07-15 08:37 - 00137288 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-08-07 00:03 - 2015-07-15 08:37 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-08-07 00:03 - 2015-07-15 08:37 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-08-06 14:15 - 2015-08-11 19:09 - 01093960 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-06 11:37 - 2015-08-06 12:47 - 1067814912 _____ C:\Users\HP\Downloads\Dobyti-severniho-polu.avi
2015-08-04 23:26 - 2015-08-04 23:52 - 358868114 _____ C:\Users\HP\Downloads\BERENIKA-VÁLKOVÁ.mp4
2015-08-03 12:59 - 2015-08-03 13:08 - 107600544 _____ C:\Users\HP\Downloads\Hospoda-na-mýtince---Cimrman.wma
2015-08-03 03:41 - 2015-08-03 03:45 - 56198944 _____ C:\Users\HP\Downloads\Posel-z-Liptákova---Cimrman.wma
2015-08-01 03:34 - 2015-08-01 03:43 - 128711639 _____ C:\Users\HP\Downloads\Samuel-Noah-Kramer-HITÓRIE-ZAČÍNA-V-SUMERU.rar
2015-08-01 03:23 - 2015-08-01 03:25 - 37149460 _____ C:\Users\HP\Downloads\Bohumil-Vurm---3-knihy.zip
2015-08-01 00:18 - 2015-08-01 01:33 - 951726006 _____ C:\Users\HP\Downloads\Proč_muži_neposlouchají_a_ženy_neumí_číst_v_mapách_2007[1].CZ._PC.avi
2015-07-31 23:18 - 2015-07-31 23:38 - 262796074 _____ C:\Users\HP\Downloads\Vojtěch-Zamarovský---4-knihy.zip
2015-07-31 23:05 - 2015-08-08 23:14 - 00000000 ____D C:\Users\HP\Documents\60.leta hudba
2015-07-30 02:30 - 2015-07-30 02:30 - 00000000 ____D C:\Users\HP\Documents\Balabolka
2015-07-30 02:30 - 2015-07-30 02:30 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Balabolka
2015-07-30 02:30 - 2015-07-30 02:30 - 00000000 ____D C:\Users\HP\AppData\Roaming\Balabolka
2015-07-30 02:29 - 2015-07-30 02:30 - 00000000 ____D C:\Program Files (x86)\Balabolka
2015-07-30 02:26 - 2015-07-30 02:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acapela Group
2015-07-30 01:27 - 2015-07-30 01:54 - 354982021 _____ C:\Users\HP\Downloads\Balabolka-hezky-česky.zip
2015-07-30 00:17 - 2015-07-30 00:17 - 00000000 ____D C:\Users\Public\Documents\Acapela Group
2015-07-29 23:05 - 2015-07-30 02:26 - 00000000 ____D C:\Program Files (x86)\Acapela Group
2015-07-29 23:05 - 2015-07-30 00:15 - 00000000 ___HD C:\Infovox2.lic
2015-07-29 22:31 - 2015-07-29 22:52 - 291329017 _____ C:\Users\HP\Downloads\Balabolka-2.10-+hlas-Eliška-CZ+podrobny-navod-W8.rar
2015-07-29 22:00 - 2015-07-29 22:01 - 10526701 _____ C:\Users\HP\Downloads\balabolka (4).zip
2015-07-29 21:41 - 2015-07-29 21:41 - 00715398 _____ C:\Users\HP\Downloads\spell_Czech (2).zip
2015-07-29 21:28 - 2015-07-29 21:28 - 00715398 _____ C:\Users\HP\Downloads\spell_Czech (1).zip
2015-07-29 21:27 - 2015-07-29 21:27 - 00715398 _____ C:\Users\HP\Downloads\spell_Czech.zip
2015-07-29 21:18 - 2015-07-29 21:18 - 00000000 ____D C:\Users\HP\AppData\Roaming\Hunspell
2015-07-29 21:17 - 2015-07-29 21:17 - 00973924 _____ C:\Users\HP\Downloads\hunspell_Czech.zip
2015-07-29 21:13 - 2015-07-29 21:13 - 00219562 _____ C:\Users\HP\Downloads\czech.zip
2015-07-29 21:08 - 2015-07-29 21:08 - 10526701 _____ C:\Users\HP\Downloads\balabolka (3).zip
2015-07-29 21:07 - 2015-07-29 21:07 - 10557327 _____ C:\Users\HP\Downloads\balabolka (2).zip
2015-07-29 20:51 - 2015-07-29 20:52 - 10526701 _____ C:\Users\HP\Downloads\balabolka (1).zip
2015-07-29 20:37 - 2015-07-29 20:37 - 10557327 _____ C:\Users\HP\Downloads\balabolka.zip
2015-07-29 20:11 - 2015-07-29 20:12 - 138913270 _____ C:\Users\HP\Downloads\CITReader6 (1).exe
2015-07-29 20:01 - 2015-07-29 20:02 - 138913270 _____ C:\Users\HP\Downloads\CITReader6.exe
2015-07-28 15:45 - 2015-07-25 15:34 - 01084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-07-28 15:18 - 2015-07-28 15:18 - 10594387 _____ (Ilya Morozov) C:\Users\HP\Downloads\setup.exe
2015-07-27 14:50 - 2015-07-27 15:14 - 317646367 _____ C:\Users\HP\Downloads\Václav-Cílek---Tajemná-a-neznámá-podzemní-praha-(2001).mp4
2015-07-27 03:40 - 2015-07-27 03:40 - 73346838 _____ C:\Users\HP\Downloads\Refugee Resettlement and the Hijra to America-SD.mp4
2015-07-26 21:35 - 2015-07-26 21:35 - 17623761 _____ (Media Freeware) C:\Users\HP\Downloads\vimeodownloader_setup.exe
2015-07-26 21:32 - 2015-07-26 21:33 - 10841104 _____ C:\Users\HP\Downloads\vimeo_d_setup.exe
2015-07-26 11:27 - 2015-07-26 11:27 - 00000000 ___RD C:\Program Files\Centricity
2015-07-25 02:33 - 2015-07-25 03:07 - 383012128 _____ C:\Users\HP\Downloads\den-kdy-se-zastavila-zeme-cz-dab-keanu-reeves-'08'.avi
2015-07-25 02:18 - 2015-07-25 02:18 - 00019227 _____ C:\Users\HP\Downloads\Little-Buddha(0000103992).zip
2015-07-25 02:11 - 2015-07-25 02:11 - 00019222 _____ C:\Users\HP\Downloads\little-buddha.zip
2015-07-25 01:46 - 2015-07-25 02:22 - 539674610 _____ C:\Users\HP\Downloads\maly-buddha-cz-dab-keanu-reeves-'93'.avi
2015-07-25 00:40 - 2015-07-25 01:26 - 708345122 _____ C:\Users\HP\Downloads\Zlatý-klíček---Золотой-ключик-1939,-SK-tit.avi
2015-07-24 22:41 - 2015-07-25 00:29 - 1279144986 _____ C:\Users\HP\Downloads\Kamenný-kvítek---Каменный-цветок-1946,-CZ-tit (1).avi
2015-07-24 00:44 - 2015-07-24 00:44 - 00126520 _____ C:\Users\HP\Downloads\Chico-Xavier_cz_google.srt
2015-07-24 00:41 - 2015-07-24 00:41 - 00045116 _____ C:\Users\HP\Downloads\Kamenný-kvítek-(0000118470).srt
2015-07-23 23:23 - 2015-07-24 00:21 - 705148546 _____ C:\Users\HP\Downloads\Kamenný-kvítek---Каменный-цветок-1946,-CZ-tit.avi
2015-07-21 16:24 - 2015-07-21 16:24 - 00114183 _____ C:\Users\HP\Downloads\Chico-Xavier(0000185129) (1).srt
2015-07-21 15:33 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-07-21 15:33 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-07-21 15:33 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-07-21 15:33 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-07-17 14:35 - 2015-07-17 14:35 - 00203776 _____ C:\Users\HP\Downloads\konosprej.ppt
2015-07-15 12:52 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-07-15 12:52 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-07-15 12:52 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-07-15 12:52 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-07-15 12:52 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-07-15 12:52 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-07-15 12:52 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-07-15 12:52 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-07-15 12:52 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-07-15 12:52 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-07-15 12:52 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-07-15 12:52 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-07-15 12:52 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-07-15 12:52 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-07-15 12:52 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-07-15 12:52 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-07-15 12:52 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-07-15 12:52 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-07-15 12:52 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-07-15 12:52 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-07-15 12:52 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-07-15 12:52 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-07-15 12:52 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-07-15 12:52 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-07-15 12:52 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-07-15 12:52 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2015-07-15 12:52 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 12:52 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 12:52 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-07-15 12:52 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-07-15 12:52 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-07-15 12:52 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-07-15 12:52 - 2014-11-04 21:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-07-15 12:52 - 2014-11-04 21:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-07-15 12:52 - 2014-11-04 08:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-07-15 12:52 - 2014-11-04 08:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-07-15 12:52 - 2014-11-04 08:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-07-15 12:52 - 2014-11-04 08:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-07-15 12:51 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-07-15 12:51 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-07-15 12:51 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-07-15 12:51 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-07-15 12:51 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-07-15 12:51 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-07-15 12:51 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-07-15 12:51 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-07-15 12:51 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-07-15 12:51 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-07-15 12:51 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-07-15 12:51 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-07-15 12:51 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-07-15 12:51 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-07-15 12:51 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-07-15 12:51 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-07-15 12:51 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-07-15 12:51 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-07-15 12:51 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-07-15 12:51 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-07-15 12:51 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-07-15 12:51 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-07-15 12:49 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2015-07-15 12:49 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-07-15 12:49 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-07-15 12:49 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2015-07-15 12:49 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-07-15 12:49 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-07-15 12:49 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-07-15 12:49 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2015-07-15 12:49 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-07-15 12:49 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-07-15 12:49 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-07-15 12:49 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-07-15 12:49 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-07-15 12:49 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-07-15 12:49 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-07-15 12:49 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-07-15 12:49 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-07-15 12:49 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-07-15 12:49 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2015-07-15 12:49 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-07-15 12:49 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-07-15 12:49 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-07-15 12:49 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-07-15 12:49 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-07-15 12:49 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-07-15 12:49 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-07-15 12:49 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-07-15 12:49 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-07-15 12:49 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-07-15 12:49 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-07-15 12:49 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-07-15 12:49 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-07-15 12:49 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-07-15 12:49 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-07-15 12:49 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2015-07-15 12:49 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-07-15 12:49 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-07-15 12:49 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-07-15 12:49 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-07-15 12:49 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-07-15 12:49 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-07-15 12:49 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-07-15 12:49 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-07-15 12:49 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-07-15 12:49 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-07-15 12:49 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-07-15 12:49 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-07-15 12:49 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2015-07-15 12:45 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2015-07-15 12:40 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2015-07-15 12:40 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2015-07-15 12:40 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-07-15 12:40 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-07-15 12:40 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-07-15 12:40 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2015-07-15 12:40 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-07-15 12:40 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2015-07-15 12:40 - 2015-05-02 01:33 - 00410739 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-07-15 12:40 - 2015-04-28 15:13 - 00513480 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-07-15 12:40 - 2015-04-28 15:13 - 00513480 _____ C:\WINDOWS\system32\locale.nls
2015-07-15 12:40 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-07-15 12:40 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-07-15 03:42 - 2015-08-01 01:21 - 00000000 ____D C:\Users\HP\Documents\Fraktály pro plochu 4
2015-07-15 01:08 - 2015-07-15 14:44 - 00000000 ____D C:\Users\HP\Documents\Fraktály pro plochu 3 hdwpics.com
2015-07-15 01:01 - 2015-07-15 01:01 - 36411936 _____ (DVDVideoSoft Ltd. ) C:\Users\HP\Downloads\FreeYouTubeUploader.exe
2015-07-12 21:24 - 2015-07-12 21:25 - 23599360 _____ C:\Users\HP\Downloads\Kritický-klub-2013-10---Miloš-Doležal---Jako-bychom-dnes-zemřít-měli-[Janáček].rar

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-11 19:16 - 2014-11-17 16:50 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-11 19:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-11 18:46 - 2014-11-16 00:23 - 00000966 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-11 18:27 - 2015-03-04 21:05 - 00003934 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DD27F755-4B88-475B-9B55-7989E8F81637}
2015-08-11 18:06 - 2015-06-05 11:10 - 00000000 ____D C:\Users\HP\Documents\Soubory aplikace Outlook
2015-08-11 17:36 - 2014-11-16 20:27 - 00003510 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2015-08-11 17:34 - 2014-11-16 00:23 - 00000962 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-11 17:33 - 2014-11-17 21:05 - 00000000 ____D C:\Users\HP\AppData\Roaming\ClassicShell
2015-08-11 17:33 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-11 16:58 - 2014-11-15 23:59 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1702781869-1181985805-574114531-1001
2015-08-11 14:29 - 2015-02-21 03:27 - 00000000 ____D C:\Users\HP
2015-08-11 14:08 - 2014-11-18 03:50 - 00000000 ____D C:\Users\HP\AppData\Roaming\IObit
2015-08-11 13:29 - 2014-11-21 06:53 - 01934988 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-11 13:29 - 2014-11-21 06:10 - 00800964 _____ C:\WINDOWS\system32\perfh005.dat
2015-08-11 13:29 - 2014-11-21 06:10 - 00183494 _____ C:\WINDOWS\system32\perfc005.dat
2015-08-11 12:36 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-11 11:11 - 2014-11-19 03:01 - 00285184 ___SH C:\Users\HP\Downloads\Thumbs.db
2015-08-11 02:53 - 2014-11-17 16:17 - 00000000 ____D C:\Users\HP\AppData\Roaming\Skype
2015-08-10 21:06 - 2014-11-17 16:16 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-10 21:06 - 2014-11-17 16:16 - 00000000 ____D C:\ProgramData\Skype
2015-08-10 20:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-08 22:46 - 2014-11-23 21:36 - 00000000 ____D C:\Users\HP\Documents\ProFact 4.0. pracovní složka
2015-08-08 22:41 - 2014-11-16 00:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-08 22:22 - 2015-07-10 18:25 - 00000000 ___HD C:\$Windows.~BT
2015-08-08 22:14 - 2015-02-21 03:12 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-08 22:01 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-08 13:31 - 2014-11-06 15:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-07 17:03 - 2014-11-17 16:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-07 14:02 - 2014-11-07 05:35 - 00000000 ____D C:\Users\HP\AppData\Roaming\Adobe
2015-08-07 07:42 - 2015-01-06 19:05 - 00000049 _____ C:\WINDOWS\SysWOW64\ScrRecX.log
2015-08-07 07:42 - 2014-11-19 03:19 - 00000000 ____D C:\Program Files (x86)\DsNET Corp
2015-08-07 07:35 - 2014-12-25 06:04 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-08-07 07:34 - 2014-11-18 14:06 - 00000000 ____D C:\ProgramData\Adobe
2015-08-07 07:34 - 2014-11-18 14:06 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-08-07 07:29 - 2014-11-06 15:49 - 00000000 ____D C:\Program Files (x86)\CyberLink
2015-08-07 07:19 - 2015-06-04 17:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-08-07 07:09 - 2015-02-15 14:51 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-08-07 07:02 - 2014-11-16 00:23 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-05 15:23 - 2014-12-25 04:55 - 00000000 ____D C:\Users\HP\AppData\Roaming\Apple Computer
2015-07-31 23:06 - 2014-12-02 16:47 - 00000000 ____D C:\FFOutput
2015-07-30 02:26 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Speech
2015-07-28 16:59 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-07-28 13:25 - 2015-06-06 12:22 - 00002277 _____ C:\Users\HP\Downloads\readme.txt
2015-07-28 13:24 - 2015-06-06 12:22 - 00027275 _____ C:\Users\HP\Downloads\history.rus.txt
2015-07-28 13:23 - 2015-06-06 12:22 - 00025500 _____ C:\Users\HP\Downloads\history.eng.txt
2015-07-25 06:28 - 2015-04-04 15:32 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-07-23 21:48 - 2013-08-22 16:44 - 04979072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-07-18 13:36 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-07-16 20:08 - 2014-12-10 05:18 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-07-16 20:08 - 2014-11-21 14:14 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-07-16 20:08 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-07-16 20:08 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-07-16 20:08 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-07-16 14:42 - 2014-11-16 00:23 - 00003938 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 14:41 - 2014-11-16 00:23 - 00003702 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 19:45 - 2014-11-16 01:35 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-07-15 15:35 - 2015-06-05 10:06 - 00000000 ____D C:\Users\HP\Documents\Fraktály pro plochu 1
2015-07-15 15:10 - 2015-07-09 03:39 - 00000000 ____D C:\Users\HP\Documents\Fraktály pro plochu 2 wallpaperscraft.com
2015-07-15 13:16 - 2014-11-17 16:50 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-07-13 23:10 - 2015-03-12 19:50 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-07-13 23:10 - 2015-03-12 19:50 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-12 20:53 - 2015-04-04 15:32 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX

==================== Files in the root of some directories =======

2014-11-17 17:53 - 2014-11-17 22:28 - 0000030 _____ () C:\Users\HP\AppData\Roaming\Opusbext.dat
2015-06-01 07:57 - 2015-06-01 08:03 - 0000353 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\HP\AppData\Local\Temp\avgnt.exe
C:\Users\HP\AppData\Local\Temp\dllnt_dump.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-11 16:58

==================== End of log ============================