﻿Additional scan result of Farbar Recovery Scan Tool (x86) Version:23-11-2015
Ran by Dodo (2015-11-25 10:00:32)
Running from C:\Documents and Settings\Dodo\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) (2015-06-01 19:38:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-854245398-1677128483-842925246-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-854245398-1677128483-842925246-1003 - Limited - Enabled)
Dodo (S-1-5-21-854245398-1677128483-842925246-1004 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Dodo
Guest (S-1-5-21-854245398-1677128483-842925246-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-854245398-1677128483-842925246-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-854245398-1677128483-842925246-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Free Firewall Firewall (Disabled) {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Acer Crystal Eye Webcam 2.0.7 (HKLM\...\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}) (Version: 2.0.7 - SuYin)
Acer Crystal Eye Webcam 2.0.7 (Version: 2.0.7 - SuYin) Hidden
AdAwareUpdater (Version: 11.8.586.8535 - Lavasoft) Hidden
Adobe Acrobat Reader 3.01 (HKLM\...\Adobe Acrobat Reader 3.01) (Version:  - )
Adobe After Effects CS4 (HKLM\...\Adobe_3dcb365ab9e01871fb8c6f27b0ea079) (Version: 9 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Bridge 1.0 (HKLM\...\{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}) (Version: 1.0.1.1 - Adobe Systems)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM\...\Adobe_4977c84bcdc298c444ccfbdcccb660d) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Atheros WLAN Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Avidemux 2.6 (32-bit) (HKLM\...\Avidemux 2.6) (Version: 2.6.6.8941 - )
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Broadcom Driver Installation Program (HKLM\...\{153F839F-0A63-41D8-890F-7324C0E13743}) (Version: 5.60.18.9 - Broadcom)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Citrix Online Launcher (HKLM\...\{678753E6-E526-4AE5-A144-00240772543A}) (Version: 1.0.393 - Citrix)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 3.66.10.0 - Conexant)
CorelDRAW Graphics Suite 12 (HKLM\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.536 - Corel Corporation)
EMCO Remote Connection Analyzer (HKLM\...\EMCO Remote Connection Analyzer_is1) (Version:  - Emco Software Ltd.)
EPUB File Reader (HKLM\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version:  - epubfilereader.com)
f.lux (HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\Flux) (Version:  - )
FileZilla Client 3.5.1 (HKLM\...\FileZilla Client) (Version: 3.5.1 - FileZilla Project)
GOM Audio (HKLM\...\GomAudio) (Version: 2.0.7.0873 - Gretech Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
GoToMeeting 7.4.2.3880 (HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\GoToMeeting) (Version: 7.4.2.3880 - CitrixOnline)
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version:  - EFD Software)
Heroku Toolbelt 3.39.5 (HKLM\...\Heroku Toolbelt_is1) (Version: 3.39.5 - Heroku, Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.10.5420 - Intel Corporation)
IPVanish (HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\80030f8e66f1b450) (Version: 1.3.1.31 - IPVanish.com)
Klient pro správu práv Microsoft Windows Rights Management Services s aktualizací Service Pack 2 (Version: 5.2.70 - Microsoft) Hidden
Klient Správy přístupových práv v systému Windows SP2, zpětná kompatibilita (Version: 5.2.70 - Microsoft) Hidden
Loaris Trojan Remover 1.3.7.5 (HKLM\...\{29988DC6-9C4A-49B2-AC86-5C380B29ADB9}_is1) (Version:  - Loaris, Inc.)
Malwarebytes Anti-Malware verze 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 Czech Language Pack (HKLM\...\{5E65E94D-69F2-4850-9E93-6459C53A0F50}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY (HKLM\...\{A2C9CD1B-2551-3AED-B244-6698FB929FA6}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY (HKLM\...\{546C143E-68DC-314D-97BC-1E454E3BA429}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - csy (HKLM\...\{DD73CA82-EA82-38AA-863D-9A24A018DC96}) (Version: 3.5.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}) (Version: 3.5.30729 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0 - Microsoft Corporation) Hidden
Opera Stable 25.0.1614.50 (HKLM\...\Opera 25.0.1614.50) (Version: 25.0.1614.50 - Opera Software ASA)
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (Version: 5.0 - Adobe Systems Incorporated) Hidden
Pixel Bender Toolkit (Version: 1.0 - Adobe Systems Incorporated) Hidden
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.13.18 - Qualcomm Atheros Communications Inc.)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ralink RT2860 Wireless LAN Card (HKLM\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.0.7.0 - Ralink)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30102 - Realtek Semiconductor Corp.)
Skype™ 7.4 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Suite Shared Configuration CS4 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 12.2.4.1 - Synaptics Incorporated)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.51a - Ghisler Software GmbH)
UmmyVideoDownloader (HKLM\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.5.0.0 - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebCam (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.54.010 - Sonix)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.66  - Nullsoft, Inc)
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XMind 6 (v3.5.1) (HKLM\...\XMind_is1) (Version: 3.5.1.201411201906 - XMind Ltd.)
XML Paper Specification Shared Components Language Pack 1.0 (Version:  - Microsoft Corporation) Hidden
ZoneAlarm Firewall (Version: 12.0.118.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM\...\ZoneAlarm Free Firewall) (Version: 12.0.118.000 - Check Point)
ZoneAlarm Security (Version: 12.0.118.000 - Check Point Software Technologies Ltd.) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-854245398-1677128483-842925246-1004_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\3880\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2008-04-14 12:00 - 2015-11-12 02:15 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-854245398-1677128483-842925246-1004.job => C:\Program Files\Citrix\GoToMeeting\3880\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-854245398-1677128483-842925246-1004.job => C:\Program Files\Citrix\GoToMeeting\3880\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2011-08-28 22:19 - 2011-08-28 22:19 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2014-03-26 21:45 - 2013-12-04 21:23 - 00348160 _____ () C:\Program Files\WinRAR\rarlng.dll
2015-04-30 09:13 - 2011-01-13 09:04 - 00030080 _____ () C:\WINDOWS\snuvcdsm.exe
2008-04-14 12:00 - 2008-04-14 12:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2014-04-11 01:20 - 2014-02-10 12:44 - 04592128 _____ () C:\Documents and Settings\Dodo\Local Settings\Data aplikací\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-11 01:20 - 2014-02-10 12:44 - 00112128 _____ () C:\Documents and Settings\Dodo\Local Settings\Data aplikací\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2015-11-25 09:28 - 2015-11-25 09:27 - 00165888 _____ () C:\Documents and Settings\Dodo\Plocha\T-Cleaner.exe
2015-11-16 17:55 - 2015-11-16 17:55 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-854245398-1677128483-842925246-1004\...\100sexlinks.com -> 100sexlinks.com

There are 4787 more sites.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-854245398-1677128483-842925246-1004\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Dodo\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
DNS Servers: 68.105.28.11 - 68.105.29.11
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\AuthorizedApplications: [C:\Program Files\Winamp\winamp.exe] => Enabled:Winamp
StandardProfile\AuthorizedApplications: [C:\Program Files\Bonjour\mDNSResponder.exe] => Enabled:Bonjour
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE] => Enabled:Microsoft Office Outlook
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe] => Enabled:WebKit
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Dodo\Data aplikací\uTorrent\uTorrent.exe] => Enabled:µTorrent
StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype
StandardProfile\AuthorizedApplications: [C:\totalcmd\TOTALCMD.EXE] => Enabled:Total Commander 32 bit
StandardProfile\AuthorizedApplications: [C:\Program Files\Winamp\winamp.exe] => Enabled:Winamp

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz
Percentage of memory in use: 73%
Total physical RAM: 3000.85 MB
Available physical RAM: 783.61 MB
Total Virtual: 4887.23 MB
Available Virtual: 2440.3 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.65 GB) (Free:21.03 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive f: (D) (Fixed) (Total:200.43 GB) (Free:13.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 07960796)
Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200.4 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================