﻿Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Doma (administrator) on PC on 05-04-2015 10:34:30
Running from C:\Documents and Settings\Doma\Plocha
Loaded Profiles: Doma (Available profiles: Doma)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgemcx.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgui.exe
() C:\Program Files\Gigabyte\EasySaver\essvr.exe
(HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
() C:\Program Files\AVG SafeGuard toolbar\vprot.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
() C:\Documents and Settings\Doma\Data aplikací\SpeedTray\speedtray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [18084864 2009-01-13] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [57344 2008-06-19] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2013\avgui.exe [4411952 2014-11-04] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [HPDJ Taskbar Utility] => C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe [188416 2003-05-16] (HP)
HKLM\...\Run: [vProt] => C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2503704 2015-03-05] ()
Winlogon\Notify\avgrsstarter: C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\WgaLogon: WgaLogon.dll [X]
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-1482476501-573735546-1606980848-1004\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1482476501-573735546-1606980848-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-1482476501-573735546-1606980848-1004\...\Run: [Xvid] => C:\Program Files\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-1482476501-573735546-1606980848-1004\...\Run: [SpeedTray] => C:\Documents and Settings\Doma\Data aplikací\SpeedTray\speedtray.exe [725518 2015-01-07] ()
HKU\S-1-5-21-1482476501-573735546-1606980848-1004\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-1482476501-573735546-1606980848-1004\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_12_0_0_70_ActiveX.exe [841096 2014-02-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-1482476501-573735546-1606980848-1004\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-1482476501-573735546-1606980848-1004\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-1482476501-573735546-1606980848-1004\...\MountPoints2: {40c76a40-f69b-11e1-afb8-806d6172696f} - F:\setup.exe
HKU\S-1-5-21-1482476501-573735546-1606980848-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssmyst.scr [18944 2008-04-14] (Microsoft Corporation)
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
Startup: C:\Documents and Settings\Doma\Nabídka Start\Programy\Po spuštění\Harry Potter and the Goblet of Fire (2005) 1080p BluRay x264 Dual Audio [English 5.1 + Hindi 2.0] - TBI.lnk
ShortcutTarget: Harry Potter and the Goblet of Fire (2005) 1080p BluRay x264 Dual Audio [English 5.1 + Hindi 2.0] - TBI.lnk -> C:\Documents and Settings\All Users\Data aplikací\{034da674-a0d8-b53b-034d-da674a0d99d2}\Harry Potter and the Goblet of Fire (2005) 1080p BluRay x264 Dual Audio [English 5.1 + Hindi 2.0] - TBI.exe (No File)
Startup: C:\Documents and Settings\Doma\Nabídka Start\Programy\Po spuštění\Jane Eyre avi.lnk
ShortcutTarget: Jane Eyre avi.lnk -> C:\Documents and Settings\All Users\Data aplikací\{dfc539a9-f529-6651-dfc5-539a9f52e6a7}\Jane Eyre avi.exe (No File)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1482476501-573735546-1606980848-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={7FFB462D-BA90-4DE3-89C8-D93B2B8C2CA9}&mid=0d4864af7171456186708d0c4f098bf9-d3f5169404cc9dc32862080b6340c5b0c2ed2114&lang=en&ds=AVG&coid=avgtbavg&cmpid=0215tb&pr=fr&d=2014-04-20 18:15:17&v=18.3.0.885&pid=safeguard&sg=&sap=hp
HKU\S-1-5-21-1482476501-573735546-1606980848-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: [S-1-5-21-1482476501-573735546-1606980848-1004] ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKU\S-1-5-21-1482476501-573735546-1606980848-1004 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-1482476501-573735546-1606980848-1004 - MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files\Family Toolbar\tbhelper.dll ()
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {BE28C22E-F666-424d-B5FD-125C4AFEE34E} URL = http://search.myheritage.com?orig=ds&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1482476501-573735546-1606980848-1004 -> DefaultScope {81B69B28-4182-4DC2-886E-F97FCE515EC2} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1482476501-573735546-1606980848-1004 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=18505
SearchScopes: HKU\S-1-5-21-1482476501-573735546-1606980848-1004 -> {81B69B28-4182-4DC2-886E-F97FCE515EC2} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1482476501-573735546-1606980848-1004 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={7FFB462D-BA90-4DE3-89C8-D93B2B8C2CA9}&mid=0d4864af7171456186708d0c4f098bf9-d3f5169404cc9dc32862080b6340c5b0c2ed2114&lang=en&ds=AVG&coid=avgtbavg&cmpid=0215tb&pr=fr&d=2014-04-20 18:15:17&v=18.3.0.879&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1482476501-573735546-1606980848-1004 -> {BE28C22E-F666-424d-B5FD-125C4AFEE34E} URL = http://search.myheritage.com?orig=ds&q={searchTerms}
BHO: MHTBPos00 Class -> {0C37B053-FD68-456a-82E1-D788EE342E6F} -> C:\Program Files\Family Toolbar\tbcore3.dll [2009-05-07] ()
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30] (Adobe Systems Incorporated)
BHO: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG SafeGuard toolbar\18.3.0.885\AVG SafeGuard toolbar_toolbar.dll [2015-03-05] (AVG Secure Search)
BHO: CMySite Class -> {D62EC836-BF1E-4CAC-81BE-FB9179835D8E} -> C:\Program Files\Family Toolbar\mhxpcomi.dll [2010-02-18] ()
Toolbar: HKLM - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} -  No File
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.3.0.885\AVG SafeGuard toolbar_toolbar.dll [2015-03-05] (AVG Secure Search)
Toolbar: HKU\S-1-5-21-1482476501-573735546-1606980848-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-1482476501-573735546-1606980848-1004 -> No Name - {A057A204-BACC-4D26-9990-79A187E2698E} -  No File
Toolbar: HKU\S-1-5-21-1482476501-573735546-1606980848-1004 -> No Name - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} -  No File
Toolbar: HKU\S-1-5-21-1482476501-573735546-1606980848-1004 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll [2009-12-04] (AVG Technologies CZ, s.r.o.)
Handler: mhtb - {669A2A3A-F19C-452D-800D-1240299756C1} - C:\Program Files\Family Toolbar\mhxpcomi.dll [2010-02-18] ()
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll [2015-02-26] (AVG Secure Search)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.1.1.1 10.1.1.2

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Doma\Data aplikací\Mozilla\Firefox\Profiles\g9c1b6ib.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: https://www.seznam.cz/
FF Keyword.URL: 
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll [2014-02-21] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.3.0\\npsitesafety.dll No File
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-16] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-07-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1482476501-573735546-1606980848-1004: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Doma\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-03] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2003-07-15] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-07-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2008-02-07] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2008-02-07] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2008-02-07] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2008-02-07] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2008-02-07] (Apple Inc.)
FF SearchPlugin: C:\Documents and Settings\Doma\Data aplikací\Mozilla\Firefox\Profiles\g9c1b6ib.default\searchplugins\avg-secure-search.xml [2015-02-26]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml [2015-03-05]
FF Extension: RandomPriCe - C:\Documents and Settings\Doma\Data aplikací\Mozilla\Firefox\Profiles\g9c1b6ib.default\Extensions\9xk@vA.org [2015-03-27]
FF Extension: ffChromeHelper - C:\Program Files\Mozilla Firefox\distribution\bundles\{0B9484DB9C63F20A4CE04F62AFE4A89D} [2015-03-23]
FF HKLM\...\Firefox\Extensions: [{3f963a5b-e555-4543-90e2-c3908898db71}] - C:\Program Files\AVG\AVG8\Firefox
FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG8\Firefox [2009-12-04]
FF HKLM\...\Firefox\Extensions: [{1d5287d1-8a92-0001-1f31-1cec198018d8}] - C:\Program Files\AVG\AVG8\ToolbarFF
FF Extension: AVG Security Toolbar - C:\Program Files\AVG\AVG8\ToolbarFF [2009-12-04]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-12-04]
FF HKLM\...\Firefox\Extensions: [ext@VideoPlayerV3beta3071.net] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta3071\ff
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\Documents and Settings\All Users\Data aplikací\AVG SafeGuard toolbar\FireFoxExt\18.3.0.885
FF Extension: AVG SafeGuard toolbar - C:\Documents and Settings\All Users\Data aplikací\AVG SafeGuard toolbar\FireFoxExt\18.3.0.885 [2015-03-05]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://mysearch.avg.com?cid={7FFB462D-BA90-4DE3-89C8-D93B2B8C2CA9}&mid=0d4864af7171456186708d0c4f098bf9-d3f5169404cc9dc32862080b6340c5b0c2ed2114&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-20 18:15:17&v=18.0.5.292&pid=safeguard&sg=&sap=hp
CHR StartupUrls: Default -> "hxxp://mysearch.avg.com?cid={7FFB462D-BA90-4DE3-89C8-D93B2B8C2CA9}&mid=0d4864af7171456186708d0c4f098bf9-d3f5169404cc9dc32862080b6340c5b0c2ed2114&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-20 18:15:17&v=18.0.5.292&pid=safeguard&sg=&sap=hp"
CHR DefaultSearchKeyword: Default -> mysearch.avg.com
CHR DefaultSearchURL: Default -> https://mysearch.avg.com/search?cid={7FFB462D-BA90-4DE3-89C8-D93B2B8C2CA9}&mid=0d4864af7171456186708d0c4f098bf9-d3f5169404cc9dc32862080b6340c5b0c2ed2114&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-20 18:15:17&v=18.1.9.799&pid=safeguard&sg=&sap=dsp&q={searchTerms}
CHR DefaultNewTabURL: Default -> https://mysearch.avg.com/chroment?espv=2&cid={7FFB462D-BA90-4DE3-89C8-D93B2B8C2CA9}&mid=0d4864af7171456186708d0c4f098bf9-d3f5169404cc9dc32862080b6340c5b0c2ed2114&lang=en&ds=AVG&pr=fr&d=2014-04-20 18:15:17&v=18.1.9.799&pid=safeguard&sg=
CHR DefaultSuggestURL: Default -> http://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Documents and Settings\Doma\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Push to BlackBerry) - C:\Documents and Settings\Doma\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lggpkfohfakgnphjamgjohdojpfnkhii [2015-03-27]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Doma\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-08]
CHR HKLM\...\Chrome\Extension: [jhodhgjnadanaeegedlchibmgpankkkb] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta3071\ch\VideoPlayerV3beta3071.crx [Not Found]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4942384 2014-10-17] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 bca22949; c:\Program Files\TrimInstance\TrimInstance.dll [1626112 2015-03-20] () [File not signed]
R2 ES lite Service; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [68136 2008-12-24] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [583640 2010-08-05] (PC Tools)
R2 vToolbarUpdater18.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe [1802776 2015-02-26] (AVG Secure Search)
S2 SafetyNutManager2; C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\WINDOWS\System32\Drivers\fxxandroidusb.sys [25728 2011-03-22] (Google Inc)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [208184 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [60216 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [22328 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 AvgLdx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [171320 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 AvgMfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [96568 2013-07-01] (AVG Technologies CZ, s.r.o.)
R1 AvgTdiX; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [182072 2014-04-15] (AVG Technologies CZ, s.r.o.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [377648 2014-07-08] (Symantec Corporation)
R3 gdrv; C:\WINDOWS\gdrv.sys [16608 2015-04-04] (Windows (R) 2000 DDK provider)
R1 PQNTDrv; C:\WINDOWS\system32\Drivers\PQNTDrv.sys [4228 2002-09-16] (PowerQuest Corporation) [File not signed]
R1 prodrv06; C:\WINDOWS\System32\drivers\prodrv06.sys [54368 2004-09-03] (Protection Technology) [File not signed]
R0 prohlp02; C:\WINDOWS\System32\drivers\prohlp02.sys [115680 2004-09-03] (Protection Technology) [File not signed]
R0 prosync1; C:\WINDOWS\System32\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology) [File not signed]
S3 qcusbser; C:\WINDOWS\System32\DRIVERS\FXX\qcusbser.sys [103424 2011-03-22] (QUALCOMM Incorporated)
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [163644 2015-02-21] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R0 sfhlp01; C:\WINDOWS\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [477240 2012-09-04] (Duplex Secure Ltd.)
U3 ap19rj3q; C:\WINDOWS\system32\Drivers\ap19rj3q.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S4 IntelIde; No ImagePath
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-05 10:34 - 2015-04-05 10:35 - 00021990 _____ () C:\Documents and Settings\Doma\Plocha\FRST.txt
2015-04-05 10:34 - 2015-04-05 10:34 - 00000000 ____D () C:\FRST
2015-04-05 10:29 - 2015-04-05 10:29 - 00112640 _____ () C:\Documents and Settings\Doma\Plocha\FRSTLauncher.exe
2015-04-05 10:28 - 2015-04-05 10:28 - 01135104 _____ (Farbar) C:\Documents and Settings\Doma\Plocha\FRST.exe
2015-03-27 12:14 - 2015-03-27 12:14 - 00000000 ____D () C:\Program Files\Push to BlackBerry
2015-03-27 12:13 - 2015-03-27 12:14 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\5422762606948833779
2015-03-27 12:13 - 2015-03-27 12:13 - 00000000 ____D () C:\Program Files\RandomPriCe
2015-03-27 12:13 - 2015-03-27 12:13 - 00000000 ____D () C:\Program Files\DiscouNtExtenSoi
2015-03-27 12:13 - 2015-03-27 12:13 - 00000000 ____D () C:\Program Files\CiheapMe
2015-03-25 16:42 - 2015-04-04 20:53 - 00000020 _____ () C:\Documents and Settings\Doma\Data aplikací\appdataFr3.bin
2015-03-25 09:54 - 2015-03-25 09:54 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Browser AdBlocker
2015-03-23 14:22 - 2015-03-23 14:23 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-20 17:14 - 2015-03-21 21:05 - 00000000 ____D () C:\Program Files\SalaePluss
2015-03-20 17:14 - 2015-03-20 17:14 - 00000000 ____D () C:\Program Files\TrimInstance
2015-03-20 17:12 - 2015-03-21 20:03 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\{dfc539a9-f529-6651-dfc5-539a9f52e6a7}
2015-03-17 14:00 - 2015-03-17 14:00 - 00000000 ____D () C:\Documents and Settings\Doma\Local Settings\Data aplikací\Skype
2015-03-17 13:57 - 2015-03-17 13:57 - 00001896 _____ () C:\Documents and Settings\All Users\Plocha\Skype.lnk
2015-03-17 13:57 - 2015-03-17 13:57 - 00000000 ____D () C:\Program Files\Common Files\Skype
2015-03-17 13:57 - 2015-03-17 13:57 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-05 10:35 - 2009-12-04 18:23 - 00000000 ____D () C:\Documents and Settings\Doma\Local Settings\Temp
2015-04-05 10:34 - 2009-12-04 18:23 - 00000000 ____D () C:\Documents and Settings\Doma\Plocha
2015-04-05 10:02 - 2014-02-22 17:56 - 00000000 ____D () C:\Documents and Settings\Doma\Dokumenty\WORD
2015-04-05 09:59 - 2012-11-29 20:19 - 00000000 ____D () C:\Documents and Settings\Doma\Dokumenty\Stažené soubory
2015-04-05 09:53 - 2009-12-04 18:23 - 00000000 ____D () C:\Documents and Settings\Doma
2015-04-05 09:49 - 2014-04-21 09:33 - 00001870 _____ () C:\sc-cleaner.txt
2015-04-05 09:41 - 2013-03-13 19:15 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\MFAData
2015-04-05 09:38 - 2014-04-05 22:45 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-04 18:07 - 2015-02-20 17:57 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2015-04-04 18:02 - 2012-04-07 17:35 - 00000159 ____N () C:\WINDOWS\wiadebug.log
2015-04-04 18:02 - 2012-04-07 17:35 - 00000048 ____N () C:\WINDOWS\wiaservc.log
2015-04-04 18:02 - 2009-11-23 23:44 - 00000125 _____ () C:\service.log
2015-04-04 18:02 - 2009-11-23 23:43 - 00016608 _____ (Windows (R) 2000 DDK provider) C:\WINDOWS\gdrv.sys
2015-04-04 18:01 - 2014-04-05 22:45 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-04 18:01 - 2014-03-10 10:35 - 00000220 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-04-04 18:01 - 2009-11-24 17:52 - 00208040 _____ () C:\WINDOWS\system32\nvapps.xml
2015-04-04 18:01 - 2009-11-23 23:41 - 00032136 ____N () C:\WINDOWS\SchedLgU.Txt
2015-04-04 18:01 - 2009-11-23 23:41 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-04 16:45 - 2012-09-04 16:35 - 00000000 ____D () C:\Documents and Settings\Doma\Dokumenty\FIFA 12
2015-04-04 14:29 - 2014-07-07 19:31 - 00000438 ____H () C:\WINDOWS\Tasks\Norton Security Scan for Doma.job
2015-04-04 13:55 - 2010-04-30 06:12 - 00000000 ____D () C:\Program Files\Filipova dobrodružství - Na stopě rodinným pokladům
2015-04-04 13:54 - 2001-10-25 12:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-04-03 17:22 - 2014-05-08 18:13 - 00000000 ____D () C:\Documents and Settings\Doma\Dokumenty\Bětka
2015-04-01 18:47 - 2014-03-24 20:38 - 00000523 _____ () C:\hpfr3420.xml
2015-04-01 17:43 - 2009-12-04 19:17 - 00002561 _____ () C:\Documents and Settings\Doma\Plocha\Microsoft Office Word 2003.lnk
2015-03-29 08:01 - 2014-10-07 09:59 - 00000226 _____ () C:\WINDOWS\Tasks\GPUP.job
2015-03-29 08:01 - 2009-12-04 18:23 - 00000000 __RHD () C:\Documents and Settings\Doma\Data aplikací
2015-03-29 07:59 - 2014-10-08 07:59 - 00073728 _____ () C:\WINDOWS\system32\tasks.dll
2015-03-29 06:59 - 2009-11-24 00:30 - 01087480 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-27 12:13 - 2009-11-24 00:28 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-03-25 11:15 - 2014-10-17 16:36 - 00000000 ____D () C:\Program Files\Steam
2015-03-25 09:13 - 2014-02-18 18:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-24 19:29 - 2010-05-09 16:04 - 00462336 ___SH () C:\Documents and Settings\Doma\Plocha\Thumbs.db
2015-03-22 00:11 - 2009-12-04 18:23 - 00000000 ___RD () C:\Documents and Settings\Doma\Nabídka Start\Programy
2015-03-21 22:27 - 2015-01-26 13:59 - 00000000 ____D () C:\Program Files\uinisales
2015-03-21 22:27 - 2015-01-23 18:24 - 00000000 ____D () C:\Program Files\uniSeales
2015-03-21 22:27 - 2015-01-23 18:24 - 00000000 ____D () C:\Program Files\uneiSAleus
2015-03-21 21:06 - 2009-12-04 18:23 - 00000000 ___HD () C:\Documents and Settings\Doma\Local Settings\Data aplikací
2015-03-21 20:02 - 2013-03-10 22:10 - 00000000 ____D () C:\Documents and Settings\Doma\Data aplikací\Skype
2015-03-20 17:12 - 2009-12-04 18:23 - 00000000 ___RD () C:\Documents and Settings\Doma\Nabídka Start\Programy\Po spuštění
2015-03-17 20:30 - 2011-09-05 13:17 - 00000000 ____D () C:\WINDOWS\Minidump
2015-03-17 14:00 - 2013-03-10 22:10 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Skype
2015-03-17 13:57 - 2013-03-10 22:10 - 00000000 ___RD () C:\Program Files\Skype
2015-03-17 13:57 - 2009-11-24 00:30 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-03-17 13:57 - 2009-11-24 00:30 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-03-17 13:51 - 2015-01-23 18:25 - 00000000 ____D () C:\Program Files\TransferBigFilescom Gmail Extension
2015-03-17 13:51 - 2015-01-23 18:24 - 00000000 ____D () C:\Program Files\youtubeadblocker
2015-03-15 21:03 - 2009-12-20 20:11 - 00097280 _____ () C:\Documents and Settings\Doma\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-08 16:00 - 2014-03-10 10:35 - 00000214 _____ () C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job

==================== Files in the root of some directories =======

2013-06-29 20:37 - 2014-06-02 19:29 - 0003750 _____ () C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
2014-03-24 20:29 - 2014-03-24 20:29 - 21063360 _____ (Hewlett Packard) C:\Program Files\tiskárna_3420-csy-win2k_xp.exe
2015-03-25 16:42 - 2015-04-04 20:53 - 0000020 _____ () C:\Documents and Settings\Doma\Data aplikací\appdataFr3.bin
2015-03-29 08:01 - 2015-03-29 08:01 - 0009662 _____ () C:\Documents and Settings\Doma\Data aplikací\em_64x64.ico
2009-12-20 20:11 - 2015-03-15 21:03 - 0097280 _____ () C:\Documents and Settings\Doma\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-12-13 10:36 - 2009-12-13 10:36 - 0000124 _____ () C:\Documents and Settings\Doma\Local Settings\Data aplikací\fusioncache.dat

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================