Pomalý počítač

[fwefw]

Ahoj, mohl by někdo zkontrolovat log. Díky
FRST se mi nepodařilo updatovat.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-02-2017 (ATTENTION: ====> FRSTversion is 646 days old and could be outdated)
Ran by Administrator (administrator) on PC-280019 (22-11-2018 21:24:34)
Running from C:\Documents and Settings\Administrator\Plocha
Loaded Profiles: Administrator (Available Profiles: Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Devguru Co., Ltd.) C:\WINDOWS\system32\dgdersvc.exe
(Teruten) C:\WINDOWS\system32\FsUsbExService.Exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\WINDOWS\system32\PnkBstrA.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
(Wondershare) C:\Program Files\Wondershare\WAF\2.4.3.236\WsAppService.exe
(Wondershare) C:\Program Files\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
() C:\Program Files\ASUS\AI Remote\AiRc.exe
(ASUSTek COMPUTER INC.) C:\Program Files\ASUS\AI Remote\AiRemote.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16132608 2007-04-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Ai Remote Help] => C:\Program Files\ASUS\AI Remote\AiRc.exe [3346432 2007-09-04] ()
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-11-09] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-04] (AVAST Software)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2011-11-10] (ATI Technologies Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [KiesTrayAgent] => [X]
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [AmitiAntivirus] => C:\Program Files\NETGATE\Amiti Antivirus\AmitiAv.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [uTorrent] => C:\Documents and Settings\Administrator\Data aplikací\uTorrent\utorrent.exe [899416 2013-11-11] (BitTorrent Inc.)
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [AvastBrowserIsDefault] => "C:\Program Files\AVAST Software\Browser\Application\AvastBrowserProtector.exe" --force-protect
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Policies\system: [HideLegacyLogonScripts] 0
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Policies\system: [HideLogoffScripts] 0
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Policies\system: [RunLogonScriptSync] 1
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Policies\system: [RunStartupScriptSync] 1
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Policies\system: [HideStartupScripts] 0
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {325a9cd2-2ff4-11e8-98cd-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {370c22f7-329f-11e8-98ce-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {370c22fe-329f-11e8-98ce-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {4326dd24-2fee-11e8-98cc-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {4326dd2e-2fee-11e8-98cc-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {4f9e9fb2-8047-11e8-98f4-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-04] (AVAST Software)
Startup: C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2008-10-31]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\AutorunsDisabled [2015-11-16] ()
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{4B98EB7C-F79C-49B0-BECF-3C0747268979}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{AC9813D5-DF15-4FAA-B664-456CB4301559}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{B0EA1164-9F1F-4C3B-B131-D3D0AD8EC5AA}: [DhcpNameServer] 213.46.172.37 213.46.172.36 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1957994488-1450960922-725345543-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1957994488-1450960922-725345543-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10270__181023
URLSearchHook: HKU\S-1-5-21-1957994488-1450960922-725345543-500 -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\S-1-5-21-1957994488-1450960922-725345543-500 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-1957994488-1450960922-725345543-500 -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL =
SearchScopes: HKU\S-1-5-21-1957994488-1450960922-725345543-500 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10270__181023&q={searchTerms}
BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll [2008-02-29] (BitComet)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13] (Safer-Networking Ltd.)
Toolbar: HKU\S-1-5-21-1957994488-1450960922-725345543-500 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2011-12-19] (Společnost Microsoft)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default [2018-11-22]
FF NewTab: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10270__181023
FF DefaultSearchEngine: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> Ad-Aware SecureSearch
FF SelectedSearchEngine: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> Ad-Aware SecureSearch
FF Homepage: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10270__181023
FF NetworkProxy: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> ftp", "14.101.41.162"
FF NetworkProxy: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> ftp_port", 8000
FF NetworkProxy: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> gopher", "14.101.41.162"
FF NetworkProxy: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> gopher_port", 8000
FF NetworkProxy: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> http", "14.101.41.162"
FF NetworkProxy: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> http_port", 8000
FF NetworkProxy: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> socks", "14.101.41.162"
FF NetworkProxy: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> socks_port", 8000
FF NetworkProxy: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> ssl", "14.101.41.162"
FF NetworkProxy: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> ssl_port", 8000
FF NetworkProxy: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> type", 0
FF Extension: (Adblock Plus Pop-up Addon) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-28]
FF Extension: (Best Proxy Switcher) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\bestproxyswitcher@bestproxyswitcher.com.xpi [2017-07-09]
FF Extension: (Video Downloader professional) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\ffext_basicvideoext@startpage24.xpi [2017-10-29]
FF Extension: (YouTube™ Flash® Player) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2017-08-11]
FF Extension: (YouTube ALL HTML5) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\jid1-qj0w91o64N7Eeg@jetpack.xpi [2017-08-29]
FF Extension: (Avast SafePrice
Comparison, deals, coupons) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\sp@avast.com.xpi [2018-11-16]
FF Extension: (SQLite Manager) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2016-04-28]
FF Extension: (Avast Online Security) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\wrc@avast.com.xpi [2018-11-05]
FF Extension: (Switch for YouTube) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\{1d080ce7-4fa3-4bcb-8d4c-7bbb9c2e91e6}.xpi [2018-06-27]
FF Extension: (All-in-One Gestures) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055} [2016-04-28]
FF Extension: (Complete YouTube Saver) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\{AF445D67-154C-4c69-A17B-7F392BCC36A3} [2018-06-01]
FF Extension: (Cookies Manager+) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2017-07-23]
FF SearchPlugin: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\searchplugins\securesearch.xml [2018-10-23]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-03] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_31_0_0_153.dll [2018-11-20] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2009-01-16] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2012-10-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=8 -> C:\Program Files\Google\Update\1.2.183.13\npGoogleOneClick8.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1957994488-1450960922-725345543-500: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\1.3.21.68\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1957994488-1450960922-725345543-500: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\1.3.21.68\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1957994488-1450960922-725345543-500: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR Profile: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default [2018-11-22]
CHR Extension: (Prezentace) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-05]
CHR Extension: (Dokumenty) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-05]
CHR Extension: (Disk Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-05]
CHR Extension: (YouTube) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-05]
CHR Extension: (Avast Online Security (BETA)) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2018-11-20]
CHR Extension: (Avast SafePrice
Srovnání, výhodné nabídky, kupóny) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-11-20]
CHR Extension: (Tabulky) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-05]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-16]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-05]
CHR HKLM\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-11-20] (Adobe Systems Incorporated) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6800144 2018-11-04] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-11-04] (AVAST Software)
R2 dgdersvc; C:\WINDOWS\system32\dgdersvc.exe [95568 2010-10-25] (Devguru Co., Ltd.)
R2 FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [217088 2010-10-26] (Teruten) [File not signed]
S2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [154432 2018-04-20] () [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S4 NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2009-11-12] ()
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75136 2011-07-21] ()
R2 SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [95528 2008-10-31] (Sunbelt Software, Inc.)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 SPF4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [1365288 2008-10-31] (Sunbelt Software, Inc.)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.236\WsAppService.exe [482304 2018-01-26] (Wondershare) [File not signed]
R2 WsDrvInst; C:\Program Files\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120096 2018-01-16] (Wondershare)
S2 avast; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]
S2 WiseBootAssistant; E:\Wise Care 365\BootTime.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [12664 2006-10-18] ()
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [167648 2018-11-04] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriverx.sys [188952 2018-11-04] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidshx.sys [165552 2018-11-04] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblogx.sys [284424 2018-11-04] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbunivx.sys [58072 2018-11-04] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [139008 2018-11-04] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [42912 2018-11-04] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [40864 2018-11-04] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [135368 2018-11-04] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [70928 2018-11-04] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [72968 2018-11-04] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [784728 2018-11-04] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [397136 2018-11-04] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\System32\drivers\aswStmXP.sys [146752 2018-11-04] (AVAST Software)
S3 aswTap; C:\WINDOWS\System32\DRIVERS\aswTap.sys [35144 2016-03-16] (The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [310880 2018-11-04] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [101392 2011-03-30] (Advanced Micro Devices)
R0 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [20616 2008-07-31] (IVT Corporation.)
S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.sys [27672 2007-09-07] (EnTech Taiwan)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\DRIVERS\ew_usbccgpfilter.sys [15360 2018-04-20] (Huawei Technologies Co., Ltd.)
R3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36640 2010-10-25] () [File not signed]
S3 gdrv; C:\WINDOWS\gdrv.sys [17488 2011-08-24] (Windows (R) 2000 DDK provider)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 HdAudAddService; C:\WINDOWS\System32\drivers\AtiHdAud.sys [84992 2006-12-28] (ATI Research Inc.) [File not signed]
S3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [26248 2008-07-02] (IVT Corporation.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R0 mv61xx; C:\WINDOWS\System32\DRIVERS\mv61xx.sys [137728 2007-05-25] (Marvell Semiconductor, Inc.)
S3 rtl8029; C:\WINDOWS\System32\DRIVERS\RTL8029.SYS [19017 2001-08-17] (Realtek Semiconductor Corporation)
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
R1 SbFw; C:\WINDOWS\System32\drivers\SbFw.sys [270888 2008-10-31] (Sunbelt Software, Inc.)
R3 SBFWIMCL; C:\WINDOWS\System32\DRIVERS\sbfwim.sys [65576 2008-06-21] (Sunbelt Software, Inc.)
R1 sbhips; C:\WINDOWS\system32\drivers\sbhips.sys [66600 2008-06-21] (Sunbelt Software, Inc.)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R2 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5504 2009-11-12] () [File not signed]
R3 WmBEnum; C:\WINDOWS\System32\drivers\WmBEnum.sys [10144 2004-04-14] (Logitech Inc.)
S3 WmFilter; C:\WINDOWS\System32\drivers\WmFilter.sys [21280 2004-04-14] (Logitech Inc.)
S3 WmHidLo; C:\WINDOWS\System32\drivers\WmHidLo.sys [14432 2004-04-14] (Logitech Inc.)
S3 WmVirHid; C:\WINDOWS\System32\drivers\WmVirHid.sys [5600 2004-04-14] (Logitech Inc.)
R3 WmXlCore; C:\WINDOWS\System32\drivers\WmXlCore.sys [44064 2004-04-14] (Logitech Inc.)
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [X]
S3 GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS [X]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2018-04-20] (Huawei Technologies Co., Ltd.)
S4 IntelIde; no ImagePath
S3 MSICDSetup; \??\F:\CDriver.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S0 sptd; System32\Drivers\sptd.sys [X]
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
S4 yukonwxp; system32\DRIVERS\yk51x86.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-22 21:24 - 2018-11-22 21:25 - 00027032 _____ C:\Documents and Settings\Administrator\Plocha\FRST.txt
2018-11-22 17:35 - 2018-11-22 17:35 - 00065536 _____ C:\WINDOWS\Minidump\Mini112218-02.dmp
2018-11-22 06:53 - 2018-11-22 06:53 - 00065536 _____ C:\WINDOWS\Minidump\Mini112218-01.dmp
2018-11-21 23:04 - 2018-11-21 23:04 - 00065536 _____ C:\WINDOWS\Minidump\Mini112118-02.dmp
2018-11-21 07:09 - 2018-11-22 11:10 - 00032434 _____ C:\WINDOWS\SchedLgU.Txt
2018-11-21 07:09 - 2018-11-21 07:09 - 00065536 _____ C:\WINDOWS\Minidump\Mini112118-01.dmp
2018-11-20 21:11 - 2018-11-20 21:11 - 00065536 _____ C:\WINDOWS\Minidump\Mini112018-01.dmp
2018-11-09 05:01 - 2018-11-09 05:01 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\GRETECH
2018-11-09 05:00 - 2018-11-09 05:00 - 00000862 _____ C:\Documents and Settings\Administrator\Nabídka Start\GOM Player.lnk
2018-11-09 05:00 - 2018-11-09 05:00 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\GOM Player
2018-11-09 04:40 - 2018-11-09 04:40 - 00000989 _____ C:\Documents and Settings\Administrator\Plocha\BS.Player FREE.lnk
2018-11-09 04:40 - 2018-11-09 04:40 - 00000989 _____ C:\Documents and Settings\Administrator\Nabídka Start\BS.Player FREE.lnk
2018-11-09 04:40 - 2018-11-09 04:40 - 00000000 ____D C:\Documents and Settings\Administrator\Nabídka Start\Programy\BS.Player
2018-11-09 04:37 - 2018-11-09 04:47 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\BSplayer
2018-11-07 18:04 - 2018-11-07 18:04 - 00065536 _____ C:\WINDOWS\Minidump\Mini110718-02.dmp
2018-11-07 06:32 - 2018-11-07 06:32 - 00065536 _____ C:\WINDOWS\Minidump\Mini110718-01.dmp
2018-11-04 14:28 - 2018-11-04 14:23 - 00040864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2018-11-04 14:24 - 2018-11-04 14:23 - 00323288 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-22 21:25 - 2008-05-12 15:33 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp
2018-11-22 21:24 - 2008-04-01 11:26 - 00000000 ____D C:\Documents and Settings\Administrator\Plocha
2018-11-22 21:23 - 2017-02-14 18:21 - 00000000 ____D C:\FRST
2018-11-22 21:10 - 2017-05-30 00:31 - 00000914 ____C C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2018-11-22 21:06 - 2018-06-22 08:01 - 00000992 _____ C:\WINDOWS\Tasks\AvastUpdateTaskMachineUA.job
2018-11-22 20:43 - 2016-04-15 19:59 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2018-11-22 18:29 - 2017-04-05 03:36 - 00000358 ____H C:\WINDOWS\Tasks\Avast Emergency Update.job
2018-11-22 17:49 - 2014-07-31 22:55 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2018-11-22 17:45 - 2018-06-22 08:01 - 00000988 _____ C:\WINDOWS\Tasks\AvastUpdateTaskMachineCore.job
2018-11-22 17:45 - 2016-04-15 19:59 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d19748fcd1494e.job
2018-11-22 17:45 - 2016-03-13 21:53 - 00000620 ____C C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2018-11-22 17:45 - 2015-11-16 19:18 - 00000338 ____C C:\WINDOWS\Tasks\Wise Care 365.job
2018-11-22 17:45 - 2014-03-27 00:29 - 00000238 ____C C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2018-11-22 17:45 - 2001-10-25 13:00 - 00002206 ____C C:\WINDOWS\system32\wpa.dbl
2018-11-22 17:35 - 2018-04-24 14:09 - 00000330 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2018-11-22 17:35 - 2008-11-03 19:26 - 00000000 ____D C:\WINDOWS\Minidump
2018-11-22 17:35 - 2008-04-01 19:02 - 2146480128 _____ C:\WINDOWS\MEMORY.DMP
2018-11-22 17:35 - 2008-04-01 17:24 - 00000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2018-11-22 17:35 - 2008-04-01 11:35 - 00000000 __SHD C:\WINDOWS\CSC
2018-11-21 02:24 - 2008-05-23 14:30 - 00148593 ____C C:\WINDOWS\WININIT.INI
2018-11-21 00:30 - 2016-03-13 21:53 - 00000616 ____C C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2018-11-20 22:11 - 2018-03-14 01:10 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job
2018-11-20 22:11 - 2017-05-30 00:31 - 00842240 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2018-11-20 22:11 - 2017-05-30 00:31 - 00175104 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2018-11-20 22:10 - 2008-04-01 17:18 - 00000000 ____D C:\WINDOWS\system32\Macromed
2018-11-20 04:43 - 2008-04-01 11:26 - 00000000 ___HD C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2018-11-19 20:49 - 2014-09-01 22:02 - 00000000 ____D C:\Documents and Settings\Administrator\Plocha\Ariana Grande
2018-11-19 19:00 - 2015-11-16 19:18 - 00000318 ____C C:\WINDOWS\Tasks\Wise Turbo Checker.job
2018-11-19 10:17 - 2011-04-15 11:56 - 00000000 ____D C:\Documents and Settings\Administrator\Plocha\m
2018-11-09 05:13 - 2009-01-18 19:56 - 01925662 _____ C:\Documents and Settings\Administrator\Dokumenty\2.wmv
2018-11-09 05:01 - 2008-04-01 11:26 - 00000000 __RHD C:\Documents and Settings\Administrator\Data aplikací
2018-11-09 05:00 - 2011-02-02 00:21 - 00000000 ____D C:\Program Files\GRETECH
2018-11-09 05:00 - 2008-04-01 19:08 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2018-11-09 05:00 - 2008-04-01 11:26 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start
2018-11-09 04:40 - 2008-04-01 11:26 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy
2018-11-09 04:37 - 2008-04-08 22:13 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\BSplayer PRO
2018-11-08 14:59 - 2014-03-27 00:29 - 00000232 ____C C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2018-11-05 23:39 - 2016-09-03 23:55 - 00000000 _____ C:\Documents and Settings\Administrator\last.dump
2018-11-04 14:33 - 2008-04-01 19:02 - 00000000 ___HD C:\WINDOWS\inf
2018-11-04 14:23 - 2017-11-21 10:30 - 00167648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-11-04 14:23 - 2016-03-16 18:28 - 00397136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-11-04 14:23 - 2016-03-16 18:28 - 00310880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-11-04 14:23 - 2016-03-16 18:28 - 00146752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2018-11-04 14:23 - 2016-03-16 18:28 - 00135368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-11-04 14:23 - 2016-03-16 18:28 - 00072968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-11-04 14:23 - 2016-03-16 18:28 - 00070928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2018-11-04 14:23 - 2016-03-16 18:28 - 00042912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-11-04 14:22 - 2018-01-06 20:32 - 00139008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-11-04 14:22 - 2017-04-05 03:35 - 00284424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblogx.sys
2018-11-04 14:22 - 2017-04-05 03:35 - 00188952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriverx.sys
2018-11-04 14:22 - 2017-04-05 03:35 - 00165552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidshx.sys
2018-11-04 14:22 - 2017-04-05 03:35 - 00058072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbunivx.sys
2018-11-04 14:22 - 2016-03-16 18:28 - 00784728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-11-01 00:30 - 2016-03-13 21:53 - 00000446 ____C C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
2018-10-30 13:11 - 2008-12-18 17:47 - 00000000 ____D C:\Documents and Settings\Administrator\Data aplikací\XnView
2018-10-30 12:15 - 2008-04-01 19:08 - 01022040 ____C C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-30 12:15 - 2001-10-25 13:00 - 00429460 ____C C:\WINDOWS\system32\perfh005.dat
2018-10-30 12:15 - 2001-10-25 13:00 - 00078488 ____C C:\WINDOWS\system32\perfc005.dat
2018-10-30 12:10 - 2008-04-01 14:06 - 00524288 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2018-10-23 11:14 - 2008-04-13 22:03 - 00000000 ____D C:\Program Files\Lavasoft
2018-10-23 11:14 - 2008-04-13 22:03 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2018-10-23 11:10 - 2008-04-01 19:06 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2018-10-23 11:06 - 2008-04-01 19:05 - 00000000 ____D C:\Documents and Settings\All Users

==================== Files in the root of some directories =======

2016-03-16 18:35 - 2016-03-16 18:35 - 49070080 ____C () C:\Program Files\GUT8A2.tmp
2010-04-16 21:15 - 2010-04-16 21:08 - 0000368 ____C () C:\Program Files\YoutubeProtectionRemover.js
2010-12-13 12:56 - 2010-12-13 12:56 - 0000019 ____C () C:\Documents and Settings\Administrator\Data aplikací\ClipExtractor-UpdatePerformed.txt
2010-12-13 12:59 - 2011-01-01 01:15 - 0000616 _____ () C:\Documents and Settings\Administrator\Data aplikací\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml
2016-03-30 19:53 - 2016-03-30 19:53 - 0000276 _____ () C:\Documents and Settings\Administrator\Data aplikací\Safer-Networking.log
2008-04-07 10:50 - 2018-01-22 01:10 - 0069120 _____ () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-06-30 00:28 - 2010-06-30 00:28 - 0000302 _____ () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DelUnist.bat
2017-08-15 21:29 - 2017-08-15 21:29 - 0000889 _____ () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\recently-used.xbel

Files to move or delete:
====================
C:\Documents and Settings\Administrator\klient.exe
C:\Documents and Settings\Administrator\Piskvorky2000.bat


Some files in TEMP:
====================
2016-03-30 19:53 - 2016-04-22 19:49 - 0000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp\avgnt.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

[Rudy]

Zdravím!
V prvé řadě stáhněte nový FRST, spusťte a dejte log. Tento je už téměř 2roky prošlý.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-02-2017 (ATTENTION: ====> FRSTversion is 646 days old and could be outdated)

[fwefw]

Oprava

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21.11.2018
Ran by Administrator (administrator) on PC-280019 (22-11-2018 22:15:53)
Running from C:\Documents and Settings\Administrator\Plocha
Loaded Profiles: Administrator (Available Profiles: Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Devguru Co., Ltd.) C:\WINDOWS\system32\dgdersvc.exe
(Teruten) C:\WINDOWS\system32\FsUsbExService.Exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\WINDOWS\system32\PnkBstrA.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
(Wondershare) C:\Program Files\Wondershare\WAF\2.4.3.236\WsAppService.exe
(Wondershare) C:\Program Files\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
() C:\Program Files\ASUS\AI Remote\AiRc.exe
(ASUSTek COMPUTER INC.) C:\Program Files\ASUS\AI Remote\AiRemote.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16132608 2007-04-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Ai Remote Help] => C:\Program Files\ASUS\AI Remote\AiRc.exe [3346432 2007-09-04] ()
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-11-09] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-04] (AVAST Software)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2011-11-10] (ATI Technologies Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [KiesTrayAgent] => [X]
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [AmitiAntivirus] => C:\Program Files\NETGATE\Amiti Antivirus\AmitiAv.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [uTorrent] => C:\Documents and Settings\Administrator\Data aplikací\uTorrent\utorrent.exe [899416 2013-11-11] (BitTorrent Inc.)
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [AvastBrowserIsDefault] => "C:\Program Files\AVAST Software\Browser\Application\AvastBrowserProtector.exe" --force-protect
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Policies\system: [HideLegacyLogonScripts] 0
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Policies\system: [HideLogoffScripts] 0
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Policies\system: [RunLogonScriptSync] 1
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Policies\system: [RunStartupScriptSync] 1
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Policies\system: [HideStartupScripts] 0
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {325a9cd2-2ff4-11e8-98cd-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {370c22f7-329f-11e8-98ce-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {370c22fe-329f-11e8-98ce-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {4326dd24-2fee-11e8-98cc-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {4326dd2e-2fee-11e8-98cc-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {4f9e9fb2-8047-11e8-98f4-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
Startup: C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2008-10-31]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\AutorunsDisabled [2015-11-16] ()
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{4B98EB7C-F79C-49B0-BECF-3C0747268979}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{AC9813D5-DF15-4FAA-B664-456CB4301559}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{B0EA1164-9F1F-4C3B-B131-D3D0AD8EC5AA}: [DhcpNameServer] 213.46.172.37 213.46.172.36 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1957994488-1450960922-725345543-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10270__181023
URLSearchHook: HKU\S-1-5-21-1957994488-1450960922-725345543-500 -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\S-1-5-21-1957994488-1450960922-725345543-500 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-1957994488-1450960922-725345543-500 -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL =
SearchScopes: HKU\S-1-5-21-1957994488-1450960922-725345543-500 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10270__181023&q={searchTerms}
BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll [2008-02-29] (BitComet)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13] (Safer-Networking Ltd.)
Toolbar: HKU\S-1-5-21-1957994488-1450960922-725345543-500 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2011-12-19] (Společnost Microsoft)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default [2018-11-22]
FF Homepage: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10270__181023
FF NewTab: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10270__181023
FF NetworkProxy: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> ftp", "14.101.41.162"
FF Extension: (Adblock Plus Pop-up Addon) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-28] [Legacy]
FF Extension: (Best Proxy Switcher) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\bestproxyswitcher@bestproxyswitcher.com.xpi [2017-07-09] [Legacy]
FF Extension: (Video Downloader professional) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\ffext_basicvideoext@startpage24.xpi [2017-10-29]
FF Extension: (YouTube™ Flash® Player) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2017-08-11]
FF Extension: (YouTube ALL HTML5) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\jid1-qj0w91o64N7Eeg@jetpack.xpi [2017-08-29] [Legacy]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\sp@avast.com.xpi [2018-11-16]
FF Extension: (SQLite Manager) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2016-04-28] [Legacy]
FF Extension: (Avast Online Security) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\wrc@avast.com.xpi [2018-11-05]
FF Extension: (Switch for YouTube) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\{1d080ce7-4fa3-4bcb-8d4c-7bbb9c2e91e6}.xpi [2018-06-27]
FF Extension: (All-in-One Gestures) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055} [2016-04-28] [Legacy]
FF Extension: (Complete YouTube Saver) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\{AF445D67-154C-4c69-A17B-7F392BCC36A3} [2018-06-01] [Legacy]
FF Extension: (Cookies Manager+) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2017-07-23] [Legacy]
FF SearchPlugin: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\searchplugins\securesearch.xml [2018-10-23]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-03] [Legacy] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_31_0_0_153.dll [2018-11-20] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2009-01-16] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2012-10-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=8 -> C:\Program Files\Google\Update\1.2.183.13\npGoogleOneClick8.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1957994488-1450960922-725345543-500: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\1.3.21.68\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1957994488-1450960922-725345543-500: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\1.3.21.68\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1957994488-1450960922-725345543-500: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR Profile: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default [2018-11-22]
CHR Extension: (Prezentace) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-05]
CHR Extension: (Dokumenty) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-05]
CHR Extension: (Disk Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-05]
CHR Extension: (YouTube) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-05]
CHR Extension: (Avast Online Security (BETA)) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2018-11-20]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-11-20]
CHR Extension: (Tabulky) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-05]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-16]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-05]
CHR HKLM\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-11-20] (Adobe Systems Incorporated) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6800144 2018-11-04] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-11-04] (AVAST Software)
R2 dgdersvc; C:\WINDOWS\system32\dgdersvc.exe [95568 2010-10-25] (Devguru Co., Ltd.)
R2 FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [217088 2010-10-26] (Teruten) [File not signed]
S2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [154432 2018-04-20] () [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S4 NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2009-11-12] ()
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75136 2011-07-21] ()
R2 SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [95528 2008-10-31] (Sunbelt Software, Inc.)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 SPF4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [1365288 2008-10-31] (Sunbelt Software, Inc.)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.236\WsAppService.exe [482304 2018-01-26] (Wondershare) [File not signed]
R2 WsDrvInst; C:\Program Files\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120096 2018-01-16] (Wondershare)
S2 avast; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]
S2 WiseBootAssistant; E:\Wise Care 365\BootTime.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [12664 2006-10-18] ()
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [167648 2018-11-04] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriverx.sys [188952 2018-11-04] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidshx.sys [165552 2018-11-04] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblogx.sys [284424 2018-11-04] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbunivx.sys [58072 2018-11-04] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [139008 2018-11-04] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [42912 2018-11-04] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [40864 2018-11-04] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [135368 2018-11-04] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [70928 2018-11-04] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [72968 2018-11-04] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [784728 2018-11-04] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [397136 2018-11-04] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\System32\drivers\aswStmXP.sys [146752 2018-11-04] (AVAST Software)
S3 aswTap; C:\WINDOWS\System32\DRIVERS\aswTap.sys [35144 2016-03-16] (The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [310880 2018-11-04] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [101392 2011-03-30] (Advanced Micro Devices)
R0 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [20616 2008-07-31] (IVT Corporation.)
S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.sys [27672 2007-09-07] (EnTech Taiwan)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\DRIVERS\ew_usbccgpfilter.sys [15360 2018-04-20] (Huawei Technologies Co., Ltd.)
R3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36640 2010-10-25] () [File not signed]
S3 gdrv; C:\WINDOWS\gdrv.sys [17488 2011-08-24] (Windows (R) 2000 DDK provider)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 HdAudAddService; C:\WINDOWS\System32\drivers\AtiHdAud.sys [84992 2006-12-28] (ATI Research Inc.) [File not signed]
S3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [26248 2008-07-02] (IVT Corporation.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R0 mv61xx; C:\WINDOWS\System32\DRIVERS\mv61xx.sys [137728 2007-05-25] (Marvell Semiconductor, Inc.)
S3 rtl8029; C:\WINDOWS\System32\DRIVERS\RTL8029.SYS [19017 2001-08-17] (Realtek Semiconductor Corporation)
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
R1 SbFw; C:\WINDOWS\System32\drivers\SbFw.sys [270888 2008-10-31] (Sunbelt Software, Inc.)
R3 SBFWIMCL; C:\WINDOWS\System32\DRIVERS\sbfwim.sys [65576 2008-06-21] (Sunbelt Software, Inc.)
R1 sbhips; C:\WINDOWS\system32\drivers\sbhips.sys [66600 2008-06-21] (Sunbelt Software, Inc.)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R2 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5504 2009-11-12] () [File not signed]
R3 WmBEnum; C:\WINDOWS\System32\drivers\WmBEnum.sys [10144 2004-04-14] (Logitech Inc.)
S3 WmFilter; C:\WINDOWS\System32\drivers\WmFilter.sys [21280 2004-04-14] (Logitech Inc.)
S3 WmHidLo; C:\WINDOWS\System32\drivers\WmHidLo.sys [14432 2004-04-14] (Logitech Inc.)
S3 WmVirHid; C:\WINDOWS\System32\drivers\WmVirHid.sys [5600 2004-04-14] (Logitech Inc.)
R3 WmXlCore; C:\WINDOWS\System32\drivers\WmXlCore.sys [44064 2004-04-14] (Logitech Inc.)
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [X]
S3 GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS [X]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2018-04-20] (Huawei Technologies Co., Ltd.)
S4 IntelIde; no ImagePath
S3 MSICDSetup; \??\F:\CDriver.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S0 sptd; System32\Drivers\sptd.sys [X]
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
S4 yukonwxp; system32\DRIVERS\yk51x86.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-22 22:14 - 2018-11-22 22:15 - 001775616 _____ (Farbar) C:\Documents and Settings\Administrator\Plocha\FRST.exe
2018-11-22 21:35 - 2018-11-22 21:36 - 001775616 _____ (Farbar) C:\Documents and Settings\Administrator\Plocha\FRST(1).exe
2018-11-22 21:26 - 2018-11-22 21:30 - 000063786 _____ C:\Documents and Settings\Administrator\Plocha\Addition.txt
2018-11-22 21:24 - 2018-11-22 22:17 - 000025293 _____ C:\Documents and Settings\Administrator\Plocha\FRST.txt
2018-11-22 17:35 - 2018-11-22 17:35 - 000065536 _____ C:\WINDOWS\Minidump\Mini112218-02.dmp
2018-11-22 06:53 - 2018-11-22 06:53 - 000065536 _____ C:\WINDOWS\Minidump\Mini112218-01.dmp
2018-11-21 23:04 - 2018-11-21 23:04 - 000065536 _____ C:\WINDOWS\Minidump\Mini112118-02.dmp
2018-11-21 07:09 - 2018-11-22 11:10 - 000032434 _____ C:\WINDOWS\SchedLgU.Txt
2018-11-21 07:09 - 2018-11-21 07:09 - 000065536 _____ C:\WINDOWS\Minidump\Mini112118-01.dmp
2018-11-20 21:11 - 2018-11-20 21:11 - 000065536 _____ C:\WINDOWS\Minidump\Mini112018-01.dmp
2018-11-09 05:01 - 2018-11-09 05:01 - 000000000 ____D C:\Documents and Settings\Administrator\Data aplikací\GRETECH
2018-11-09 05:00 - 2018-11-09 05:00 - 000000862 _____ C:\Documents and Settings\Administrator\Nabídka Start\GOM Player.lnk
2018-11-09 05:00 - 2018-11-09 05:00 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\GOM Player
2018-11-09 04:40 - 2018-11-09 04:40 - 000000989 _____ C:\Documents and Settings\Administrator\Plocha\BS.Player FREE.lnk
2018-11-09 04:40 - 2018-11-09 04:40 - 000000989 _____ C:\Documents and Settings\Administrator\Nabídka Start\BS.Player FREE.lnk
2018-11-09 04:40 - 2018-11-09 04:40 - 000000000 ____D C:\Documents and Settings\Administrator\Nabídka Start\Programy\BS.Player
2018-11-09 04:37 - 2018-11-09 04:47 - 000000000 ____D C:\Documents and Settings\Administrator\Data aplikací\BSplayer
2018-11-07 18:04 - 2018-11-07 18:04 - 000065536 _____ C:\WINDOWS\Minidump\Mini110718-02.dmp
2018-11-07 06:32 - 2018-11-07 06:32 - 000065536 _____ C:\WINDOWS\Minidump\Mini110718-01.dmp
2018-11-04 14:28 - 2018-11-04 14:23 - 000040864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2018-11-04 14:24 - 2018-11-04 14:23 - 000323288 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-22 22:17 - 2008-05-12 15:33 - 000000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp
2018-11-22 22:15 - 2017-02-14 18:21 - 000000000 ____D C:\FRST
2018-11-22 22:15 - 2008-04-01 11:26 - 000000000 ____D C:\Documents and Settings\Administrator\Plocha
2018-11-22 22:10 - 2017-05-30 00:31 - 000000914 ____C C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2018-11-22 22:06 - 2018-06-22 08:01 - 000000992 _____ C:\WINDOWS\Tasks\AvastUpdateTaskMachineUA.job
2018-11-22 21:43 - 2016-04-15 19:59 - 000000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2018-11-22 18:29 - 2017-04-05 03:36 - 000000358 ____H C:\WINDOWS\Tasks\Avast Emergency Update.job
2018-11-22 17:49 - 2014-07-31 22:55 - 000000000 ____D C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2018-11-22 17:45 - 2018-06-22 08:01 - 000000988 _____ C:\WINDOWS\Tasks\AvastUpdateTaskMachineCore.job
2018-11-22 17:45 - 2016-04-15 19:59 - 000000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d19748fcd1494e.job
2018-11-22 17:45 - 2016-03-13 21:53 - 000000620 ____C C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2018-11-22 17:45 - 2015-11-16 19:18 - 000000338 ____C C:\WINDOWS\Tasks\Wise Care 365.job
2018-11-22 17:45 - 2014-03-27 00:29 - 000000238 ____C C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2018-11-22 17:45 - 2001-10-25 13:00 - 000002206 ____C C:\WINDOWS\system32\wpa.dbl
2018-11-22 17:35 - 2018-04-24 14:09 - 000000330 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2018-11-22 17:35 - 2008-11-03 19:26 - 000000000 ____D C:\WINDOWS\Minidump
2018-11-22 17:35 - 2008-04-01 19:02 - 2146480128 _____ C:\WINDOWS\MEMORY.DMP
2018-11-22 17:35 - 2008-04-01 17:24 - 000000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2018-11-22 17:35 - 2008-04-01 11:35 - 000000000 __SHD C:\WINDOWS\CSC
2018-11-21 02:24 - 2008-05-23 14:30 - 000148593 ____C C:\WINDOWS\WININIT.INI
2018-11-21 00:30 - 2016-03-13 21:53 - 000000616 ____C C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2018-11-20 22:11 - 2018-03-14 01:10 - 000000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job
2018-11-20 22:11 - 2017-05-30 00:31 - 000842240 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2018-11-20 22:11 - 2017-05-30 00:31 - 000175104 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2018-11-20 22:10 - 2008-04-01 17:18 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-11-20 04:43 - 2008-04-01 11:26 - 000000000 ___HD C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2018-11-19 20:49 - 2014-09-01 22:02 - 000000000 ____D C:\Documents and Settings\Administrator\Plocha\Ariana Grande
2018-11-19 19:00 - 2015-11-16 19:18 - 000000318 ____C C:\WINDOWS\Tasks\Wise Turbo Checker.job
2018-11-19 10:17 - 2011-04-15 11:56 - 000000000 ____D C:\Documents and Settings\Administrator\Plocha\m
2018-11-09 05:13 - 2009-01-18 19:56 - 001925662 _____ C:\Documents and Settings\Administrator\Dokumenty\2.wmv
2018-11-09 05:01 - 2008-04-01 11:26 - 000000000 __RHD C:\Documents and Settings\Administrator\Data aplikací
2018-11-09 05:00 - 2011-02-02 00:21 - 000000000 ____D C:\Program Files\GRETECH
2018-11-09 05:00 - 2008-04-01 19:08 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2018-11-09 05:00 - 2008-04-01 11:26 - 000000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start
2018-11-09 04:40 - 2008-04-01 11:26 - 000000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy
2018-11-09 04:37 - 2008-04-08 22:13 - 000000000 ____D C:\Documents and Settings\Administrator\Data aplikací\BSplayer PRO
2018-11-08 14:59 - 2014-03-27 00:29 - 000000232 ____C C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2018-11-05 23:39 - 2016-09-03 23:55 - 000000000 _____ C:\Documents and Settings\Administrator\last.dump
2018-11-04 14:33 - 2008-04-01 19:02 - 000000000 ___HD C:\WINDOWS\inf
2018-11-04 14:23 - 2017-11-21 10:30 - 000167648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-11-04 14:23 - 2016-03-16 18:28 - 000397136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-11-04 14:23 - 2016-03-16 18:28 - 000310880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-11-04 14:23 - 2016-03-16 18:28 - 000146752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2018-11-04 14:23 - 2016-03-16 18:28 - 000135368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-11-04 14:23 - 2016-03-16 18:28 - 000072968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-11-04 14:23 - 2016-03-16 18:28 - 000070928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2018-11-04 14:23 - 2016-03-16 18:28 - 000042912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-11-04 14:22 - 2018-01-06 20:32 - 000139008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-11-04 14:22 - 2017-04-05 03:35 - 000284424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblogx.sys
2018-11-04 14:22 - 2017-04-05 03:35 - 000188952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriverx.sys
2018-11-04 14:22 - 2017-04-05 03:35 - 000165552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidshx.sys
2018-11-04 14:22 - 2017-04-05 03:35 - 000058072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbunivx.sys
2018-11-04 14:22 - 2016-03-16 18:28 - 000784728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-11-01 00:30 - 2016-03-13 21:53 - 000000446 ____C C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
2018-10-30 13:11 - 2008-12-18 17:47 - 000000000 ____D C:\Documents and Settings\Administrator\Data aplikací\XnView
2018-10-30 12:15 - 2008-04-01 19:08 - 001022040 ____C C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-30 12:15 - 2001-10-25 13:00 - 000429460 ____C C:\WINDOWS\system32\perfh005.dat
2018-10-30 12:15 - 2001-10-25 13:00 - 000078488 ____C C:\WINDOWS\system32\perfc005.dat
2018-10-30 12:10 - 2008-04-01 14:06 - 000524288 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2018-10-23 11:14 - 2008-04-13 22:03 - 000000000 ____D C:\Program Files\Lavasoft
2018-10-23 11:14 - 2008-04-13 22:03 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2018-10-23 11:10 - 2008-04-01 19:06 - 000000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2018-10-23 11:06 - 2008-04-01 19:05 - 000000000 ____D C:\Documents and Settings\All Users

==================== Files in the root of some directories =======

2008-04-18 11:22 - 2008-04-18 11:22 - 001658368 _____ (Zaparit.cz) C:\Documents and Settings\Administrator\klient.exe
2009-10-25 18:56 - 1997-01-01 00:49 - 000000036 ____C () C:\Documents and Settings\Administrator\Piskvorky2000.bat
2016-03-16 18:35 - 2016-03-16 18:35 - 049070080 ____C () C:\Program Files\GUT8A2.tmp
2010-04-16 21:15 - 2010-04-16 21:08 - 000000368 ____C () C:\Program Files\YoutubeProtectionRemover.js
2010-12-13 12:56 - 2010-12-13 12:56 - 000000019 ____C () C:\Documents and Settings\Administrator\Data aplikací\ClipExtractor-UpdatePerformed.txt
2010-12-13 12:59 - 2011-01-01 01:15 - 000000616 _____ () C:\Documents and Settings\Administrator\Data aplikací\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml
2016-03-30 19:53 - 2016-03-30 19:53 - 000000276 _____ () C:\Documents and Settings\Administrator\Data aplikací\Safer-Networking.log
2008-04-07 10:50 - 2018-01-22 01:10 - 000069120 _____ () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-06-30 00:28 - 2010-06-30 00:28 - 000000302 _____ () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DelUnist.bat
2017-08-15 21:29 - 2017-08-15 21:29 - 000000889 _____ () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\recently-used.xbel

Some files in TEMP:
====================
2016-03-30 19:53 - 2016-04-22 19:49 - 000000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp\avgnt.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

[Rudy]

Teď spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[fwefw]

# AdwCleaner v6.047 - Log vytvořen 23/11/2018 v 18:33:54
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-05-19.1 [Místní]
# Operační systém : Microsoft Windows XP Service Pack 3 (X86)
# Uživatelské jméno : Administrator - PC-280019
# Spuštěno z : C:\Documents and Settings\Administrator\Plocha\adwcleaner.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKLM\SOFTWARE\Classes\Software.OneClickProcessLauncherMachine
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Software.OneClickProcessLauncherMachine.1.0
[-] Klíč smazán: HKU\S-1-5-21-1957994488-1450960922-725345543-500\Software\Conduit
[-] Klíč smazán: HKU\S-1-5-21-1957994488-1450960922-725345543-500\Software\Lavasoft\Web Companion
[#] Klíč smazán po restartu: HKCU\Software\Conduit
[#] Klíč smazán po restartu: HKCU\Software\Lavasoft\Web Companion
[-] Klíč smazán: HKLM\SOFTWARE\Conduit
[-] Klíč smazán: HKLM\SOFTWARE\Lavasoft\Web Companion
[-] Data obnovena: HKU\S-1-5-21-1957994488-1450960922-725345543-500\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Klíč smazán: HKU\S-1-5-21-1957994488-1450960922-725345543-500\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
[-] Hodnota smazána: HKU\S-1-5-21-1957994488-1450960922-725345543-500\Software\Microsoft\Windows\CurrentVersion\Run [Web Companion]
[#] Hodnota smazána po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Web Companion]
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2372 Bajty] - [14/02/2017 20:37:58]
C:\AdwCleaner\AdwCleaner[C2].txt - [1796 Bajty] - [16/03/2017 00:38:01]
C:\AdwCleaner\AdwCleaner[C3].txt - [2418 Bajty] - [23/11/2018 18:33:54]
C:\AdwCleaner\AdwCleaner[S10].txt - [2291 Bajty] - [15/05/2017 19:37:05]
C:\AdwCleaner\AdwCleaner[S11].txt - [2365 Bajty] - [30/06/2017 00:13:47]
C:\AdwCleaner\AdwCleaner[S12].txt - [2474 Bajty] - [23/08/2017 22:52:02]
C:\AdwCleaner\AdwCleaner[S13].txt - [3937 Bajty] - [23/11/2018 18:32:46]
C:\AdwCleaner\AdwCleaner[S14].txt - [698 Bajty] - [19/01/2016 23:16:43]
C:\AdwCleaner\AdwCleaner[S1].txt - [697 Bajty] - [04/02/2016 03:17:01]
C:\AdwCleaner\AdwCleaner[S2].txt - [697 Bajty] - [10/02/2016 01:57:41]
C:\AdwCleaner\AdwCleaner[S3].txt - [697 Bajty] - [13/02/2016 23:02:42]
C:\AdwCleaner\AdwCleaner[S4].txt - [696 Bajty] - [25/02/2016 21:41:22]
C:\AdwCleaner\AdwCleaner[S5].txt - [1163 Bajty] - [27/02/2016 19:33:42]
C:\AdwCleaner\AdwCleaner[S6].txt - [1235 Bajty] - [11/03/2016 03:24:49]
C:\AdwCleaner\AdwCleaner[S7].txt - [1308 Bajty] - [11/03/2016 14:47:54]
C:\AdwCleaner\AdwCleaner[S8].txt - [2576 Bajty] - [14/02/2017 20:37:25]
C:\AdwCleaner\AdwCleaner[S9].txt - [2143 Bajty] - [16/03/2017 00:36:34]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [3513 Bajty] ##########

[Rudy]

Dejte nový log FRST.

[fwefw]

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21.11.2018
Ran by Administrator (23-11-2018 19:44:08)
Running from C:\Documents and Settings\Administrator\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) (2008-04-01 16:21:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1957994488-1450960922-725345543-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Guest (S-1-5-21-1957994488-1450960922-725345543-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-1957994488-1450960922-725345543-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1957994488-1450960922-725345543-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {7591db91-41f0-48a3-b128-1a293fd8233d}
AS: Spy Emergency (Disabled - Up to date) {82117492-906E-4b02-A33A-84D42A2DD907}
FW: Sunbelt Personal Firewall (Disabled) {82B1150E-9B37-49FC-83EB-D52197D900D0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abylon READER 10.00.2 (HKLM\...\abylonprotectionmanagerreader_is1) (Version: 10.00.2 - abylonsoft)
Acrobat.com (HKLM\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 31 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Adobe Shockwave Player 11 (HKLM\...\Adobe Shockwave Player) (Version: 11 - Adobe Systems, Inc.)
AI Remote (HKLM\...\{0AFF134D-A6B4-4669-9573-36665FFD1F50}) (Version: 1.00.21 - )
AIMP (HKLM\...\AIMP) (Version: v4.00.1680, 22.12.2015 - AIMP DevTeam)
AIMP2 (HKLM\...\AIMP2) (Version: - AIMP DevTeam)
Aktualizace systému Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Aktualizace zabezpečení aplikace Windows Media Player (KB2378111) (HKLM\...\KB2378111_WM9) (Version: - Microsoft Corporation) Hidden
Aktualizace zabezpečení aplikace Windows Media Player (KB2834904) (HKLM\...\KB2834904_WM11) (Version: - Microsoft Corporation)
Aktualizace zabezpečení aplikace Windows Media Player (KB2834904-v2) (HKLM\...\KB2834904-v2_WM11) (Version: - Microsoft Corporation)
Aktualizace zabezpečení aplikace Windows Media Player (KB952069) (HKLM\...\KB952069_WM9) (Version: - Microsoft Corporation) Hidden
Aktualizace zabezpečení aplikace Windows Media Player (KB954155) (HKLM\...\KB954155_WM9) (Version: - Microsoft Corporation) Hidden
Aktualizace zabezpečení aplikace Windows Media Player (KB968816) (HKLM\...\KB968816_WM9) (Version: - Microsoft Corporation) Hidden
Aktualizace zabezpečení aplikace Windows Media Player (KB973540) (HKLM\...\KB973540_WM9) (Version: - Microsoft Corporation) Hidden
Aktualizace zabezpečení aplikace Windows Media Player (KB975558) (HKLM\...\KB975558_WM8) (Version: - Microsoft Corporation) Hidden
Aktualizace zabezpečení aplikace Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version: - Microsoft Corporation) Hidden
Aktualizace zabezpečení aplikace Windows Media Player (KB979402) (HKLM\...\KB979402_WM9) (Version: - Microsoft Corporation) Hidden
Aktualizace zabezpečení aplikace Windows Media Player 11 (KB954154) (HKLM\...\KB954154_WM11) (Version: - Microsoft Corporation)
Aktualizace zabezpečení aplikace Windows Media Player 6.4 (KB925398) (HKLM\...\KB925398_WMP64) (Version: - Microsoft Corporation)
Aktualizace zabezpečení aplikace Windows Media Player 9 (KB936782) (HKLM\...\KB936782_WMP9) (Version: - Microsoft Corporation) Hidden
Aktualizace zabezpečení pro Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version: - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2647516) (HKLM\...\KB2647516-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2675157) (HKLM\...\KB2675157-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2079403) (HKLM\...\KB2079403) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2121546) (HKLM\...\KB2121546) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2160329) (HKLM\...\KB2160329) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2183461) (HKLM\...\KB2183461) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2259922) (HKLM\...\KB2259922) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2279986) (HKLM\...\KB2279986) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2286198) (HKLM\...\KB2286198) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2296199) (HKLM\...\KB2296199) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2360131) (HKLM\...\KB2360131) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2412687) (HKLM\...\KB2412687) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2416400) (HKLM\...\KB2416400) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2436673) (HKLM\...\KB2436673) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2476490) (HKLM\...\KB2476490) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2476687) (HKLM\...\KB2476687) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2479628) (HKLM\...\KB2479628) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2482017) (HKLM\...\KB2482017) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2485376) (HKLM\...\KB2485376) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2497640) (HKLM\...\KB2497640) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows XP (KB2503658) (HKLM\...\KB2503658) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2503665) (HKLM\...\KB2503665) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2506223) (HKLM\...\KB2506223) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2507618) (HKLM\...\KB2507618) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2508272) (HKLM\...\KB2508272) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2510581) (HKLM\...\KB2510581) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows XP (KB2511455) (HKLM\...\KB2511455) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2524375) (HKLM\...\KB2524375) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2530548) (HKLM\...\KB2530548) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2536276) (HKLM\...\KB2536276) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2544521) (HKLM\...\KB2544521) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows XP (KB2544893) (HKLM\...\KB2544893) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2555917) (HKLM\...\KB2555917) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2559049) (HKLM\...\KB2559049) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows XP (KB2562937) (HKLM\...\KB2562937) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2567053) (HKLM\...\KB2567053) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2567680) (HKLM\...\KB2567680) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2570222) (HKLM\...\KB2570222) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2584146) (HKLM\...\KB2584146) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2585542) (HKLM\...\KB2585542) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2586448) (HKLM\...\KB2586448) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2598479) (HKLM\...\KB2598479) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2618444) (HKLM\...\KB2618444) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows XP (KB2618451) (HKLM\...\KB2618451) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2619339) (HKLM\...\KB2619339) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2620712) (HKLM\...\KB2620712) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2621440) (HKLM\...\KB2621440) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2624667) (HKLM\...\KB2624667) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2631813) (HKLM\...\KB2631813) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2633171) (HKLM\...\KB2633171) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2639417) (HKLM\...\KB2639417) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2641653) (HKLM\...\KB2641653) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2646524) (HKLM\...\KB2646524) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2647516) (HKLM\...\KB2647516) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows XP (KB2647518) (HKLM\...\KB2647518) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2653956) (HKLM\...\KB2653956) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2655992) (HKLM\...\KB2655992) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2659262) (HKLM\...\KB2659262) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2660465) (HKLM\...\KB2660465) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2661637) (HKLM\...\KB2661637) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2676562) (HKLM\...\KB2676562) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2685939) (HKLM\...\KB2685939) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2691442) (HKLM\...\KB2691442) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2695962) (HKLM\...\KB2695962) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2705219) (HKLM\...\KB2705219) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2707511) (HKLM\...\KB2707511) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2709162) (HKLM\...\KB2709162) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2712808) (HKLM\...\KB2712808) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2718523) (HKLM\...\KB2718523) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2723135) (HKLM\...\KB2723135) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2724197) (HKLM\...\KB2724197) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2727528) (HKLM\...\KB2727528) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2731847) (HKLM\...\KB2731847) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2753842) (HKLM\...\KB2753842) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2753842-v2) (HKLM\...\KB2753842-v2) (Version: 2 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2757638) (HKLM\...\KB2757638) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2758857) (HKLM\...\KB2758857) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2761226) (HKLM\...\KB2761226) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2770660) (HKLM\...\KB2770660) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2778344) (HKLM\...\KB2778344) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2779030) (HKLM\...\KB2779030) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2799494) (HKLM\...\KB2799494) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2808735) (HKLM\...\KB2808735) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2813170) (HKLM\...\KB2813170) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2813345) (HKLM\...\KB2813345) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2820197) (HKLM\...\KB2820197) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2829361) (HKLM\...\KB2829361) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2839229) (HKLM\...\KB2839229) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2845187) (HKLM\...\KB2845187) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2849470) (HKLM\...\KB2849470) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2850851) (HKLM\...\KB2850851) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2862152) (HKLM\...\KB2862152) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2868626) (HKLM\...\KB2868626) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2876315) (HKLM\...\KB2876315) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2876331) (HKLM\...\KB2876331) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2883150) (HKLM\...\KB2883150) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2893984) (HKLM\...\KB2893984) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2900986) (HKLM\...\KB2900986) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2922229) (HKLM\...\KB2922229) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB938464-v2) (HKLM\...\KB938464-v2) (Version: 2 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
AMD Catalyst Install Manager (HKLM\...\{190601AF-7BE4-046E-CEBF-14EE74434250}) (Version: 3.0.855.0 - Advanced Micro Devices, Inc.)
Audacity 2.1.2 (HKLM\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
Avidemux 2.5 (HKLM\...\Avidemux 2.5) (Version: 2.5.4.6714 - )
AxCrypt (Remove Only) (HKLM\...\AxCrypt) (Version: - Axon Data)
BitComet 1.00 (HKLM\...\BitComet) (Version: 1.00 - ~RnySmile~)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.73.1083 - AB Team, d.o.o.)
Call of Duty 4 Multiplayer Backup 0.9.2 (HKLM\...\Call of Duty 4 Multiplayer Backup_is1) (Version: - NohponeX)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM\...\{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch (HKLM\...\{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}) (Version: 1.3 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch (HKLM\...\InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}) (Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (HKLM\...\{3BD633E0-4BF8-4499-9149-88F0767D449C}) (Version: 1.4 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (HKLM\...\InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}) (Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch (HKLM\...\InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}) (Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch (HKLM\...\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}) (Version: 1.5 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM\...\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM\...\{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: 1.7 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: - ) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2560 - CDBurnerXP)
Cryptext (Remove Only) (HKLM\...\CryptextNT4) (Version: - )
Daum PotPlayer 1.5.28025 (HKLM\...\PotPlayer) (Version: - )
easyHDR BASIC 2 (HKLM\...\easyHDR_BASIC_2) (Version: 2.13.3 - SIMPARTEK - Bartlomiej Okonek)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
EVEREST Ultimate Edition v4.50 (HKLM\...\EVEREST Ultimate Edition_is1) (Version: 4.50 - Lavalys, Inc.)
Evolution GT Demo (HKLM\...\{454A1AC4-7DCE-4669-9349-3B9E21D14F8D}) (Version: 1.00.0000 - )
FastStone Capture 6.1 (HKLM\...\FastStone Capture) (Version: 6.1 - FastStone Soft)
FastStone Image Viewer 5.8 (HKLM\...\FastStone Image Viewer) (Version: 5.8 - FastStone Soft)
ffdshow [rev 1909] [2008-03-20] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
Filzip 3.0 (HKLM\...\Filzip 3.0.0.0_is1) (Version: 3.0.0 - Philipp Engel)
FLV to MP3 v1.00 (HKLM\...\FLV to MP3_is1) (Version: 1.00 - videoslurp.com)
FormatFactory 3.00 (HKLM\...\FormatFactory) (Version: 3.00 - Free Time)
Fraps (HKLM\...\Fraps) (Version: - )
Free MP3 Cutter 1.01 (HKLM\...\{847E0734-4457-4B48-BF49-998D1CF2CFA1}_is1) (Version: - PolySoft Solutions)
GIF Movie Gear 4.2 (HKLM\...\GIF Movie Gear_is1) (Version: - gamani productions)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
GOM Player (HKLM\...\GOM Player) (Version: 2.1.43.5119 - Gretech Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
HijackThis 2.0.2 (HKLM\...\HijackThis) (Version: 2.0.2 - TrendMicro)
HiSuite (HKLM\...\Hi Suite) (Version: 8.0.1.300 - Huawei Technologies Co.,Ltd)
iWisoft Free Video Converter 1.2 (HKLM\...\iWisoft Free Video Converter_is1) (Version: 1.2 - www.easy-video-converter.com)
Kies (HKLM\...\{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}) (Version: 1.5.3 - Název společnosti:) Hidden
Kies (HKLM\...\InstallShield_{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}) (Version: 1.5.3 - Název společnosti:)
LightScribe 1.8.15.1 (HKLM\...\{B395BC1D-CC06-425E-9049-4CD985EFF004}) (Version: 1.8.15.1 - hxxp://www.lightscribe.com) Hidden
Lightsmark 2007 (HKLM\...\{4BCAF301-6F25-4BEF-A2F0-416D7F30AEB1}) (Version: 1.3 - Stepan Hrbek)
Logitech Gaming Software (HKLM\...\{B9242864-2841-4ADE-86E0-8F90F91B04DD}) (Version: 4.40 - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WinUsb 1.0 (HKLM\...\winusb0100) (Version: - Microsoft Corporation)
Microsoft WinUsb 2.0 (HKLM\...\winusb0200) (Version: - Microsoft Corporation)
Mihov Picture Downloader 1.4 (remove only) (HKLM\...\Mihov Picture Downloader) (Version: - )
Mount&Blade (HKLM\...\Mount&Blade) (Version: - )
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 52.9.0 ESR (x86 cs) (HKLM\...\Mozilla Firefox 52.9.0 ESR (x86 cs)) (Version: 52.9.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.9.0.6746 - Mozilla)
MP4 to MP3 Converter 3 (HKLM\...\MP4 to MP3 Converter 3) (Version: 3.1.23.0209b - MP4Converter)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.4 - F.J. Wechselberger)
OpenAL (HKLM\...\OpenAL) (Version: - )
Oprava Hotfix systému Windows XP (KB2158563) (HKLM\...\KB2158563) (Version: 1 - Microsoft Corporation)
Oprava Hotfix systému Windows XP (KB2443685) (HKLM\...\KB2443685) (Version: 1 - Microsoft Corporation)
Oprava Hotfix systému Windows XP (KB2570791) (HKLM\...\KB2570791) (Version: 1 - Microsoft Corporation)
Oprava Hotfix systému Windows XP (KB2633952) (HKLM\...\KB2633952) (Version: 1 - Microsoft Corporation)
Oprava Hotfix systému Windows XP (KB2756822) (HKLM\...\KB2756822) (Version: 1 - Microsoft Corporation)
Oprava Hotfix systému Windows XP (KB2779562) (HKLM\...\KB2779562) (Version: 1 - Microsoft Corporation)
Oprava Hotfix systému Windows XP (KB942288-v3) (HKLM\...\KB942288-v3) (Version: 3 - Microsoft Corporation)
Oprava Hotfix systému Windows XP (KB970653-v3) (HKLM\...\KB970653-v3) (Version: 3 - Microsoft Corporation)
Oprava Hotfix systému Windows XP (KB976098-v2) (HKLM\...\KB976098-v2) (Version: 2 - Microsoft Corporation)
Pdf995 (HKLM\...\Pdf995) (Version: - )
PDF-XChange Editor (HKLM\...\{8e791856-6baa-4a9f-a97e-cf9a670758dc}) (Version: 5.5.315.0 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (HKLM\...\{9132D4DD-EC53-4021-A9B3-173333E3EE5A}) (Version: 5.5.315.0 - Tracker Software Products (Canada) Ltd.) Hidden
Photo Effects Studio 3.15 (HKLM\...\{A97C9A80-DD35-48DF-8D57-308B2DE116E2}_is1) (Version: - AMS Software)
RajcePhotoDownloader (HKLM\...\RajcePhotoDownloader_is1) (Version: verze - Rajce.net)
RarZilla Free Unrar (HKLM\...\RarZilla Free Unrar) (Version: 7 - Philipp Winterberg)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5404 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1600.0 - SAMSUNG Electronics Co., Ltd.)
Seznam Software (HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\SeznamInstall) (Version: - Seznam.cz)
SpaceMonger 2.1.1 (HKLM\...\SpaceMonger) (Version: 2.1.1 - Sixty-Five)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.)
Subtitle Workshop 2.51 (HKLM\...\SubtitleWorkshop) (Version: - )
Sunbelt Personal Firewall (HKLM\...\{82B1150E-9B37-49FC-83EB-D52197D900D0}) (Version: 4.6.1861.0 - Sunbelt Software)
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: - )
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.0 - TrueCrypt Foundation)
Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VideoLAN VLC media player 0.8.6f (HKLM\...\VLC media player) (Version: 0.8.6f - VideoLAN Team)
WebFldrs XP (HKLM\...\{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
WhoCrashed 5.52 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
Winamp (HKLM\...\Winamp) (Version: 5.61 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031517 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
XnView 1.95.4 (HKLM\...\XnView_is1) (Version: 1.95.4 - Gougelet Pierre-e)
ZoneAlarm Free Firewall (HKLM\...\ZoneAlarm Free Firewall) (Version: 14.1.048.000 - Check Point)
Zoner GIF Animator 5 (HKLM\...\{2EE90F26-20B3-4423-81DE-E57E5D2E4FEF}) (Version: 5.0.3000.2 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1957994488-1450960922-725345543-500_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1957994488-1450960922-725345543-500_Classes\CLSID\{3100A299-7D18-481A-B24A-23BDEFB424B8}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\1.3.21.68\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1957994488-1450960922-725345543-500_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\1.3.21.68\psuser.dll (Google Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-04] (AVAST Software)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2015-12-27] (AIMP DevTeam)
ContextMenuHandlers1: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2015-12-27] (AIMP DevTeam)
ContextMenuHandlers1: [AmitiAntivirus] -> {1763C0A7-C7BF-4a16-9A20-8207A5D6A00F} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-04] (AVAST Software)
ContextMenuHandlers1: [axcrypt.File] -> {088985B8-012F-47D1-BDE1-3D16609EB8C7} => C:\Program Files\Axon Data\AxCrypt\1.6.4.4\ShellExt.dll [2008-05-14] (Axantum Software AB)
ContextMenuHandlers1: [Cryptext] -> {990a81a0-b289-11cf-a800-00a0c903a2a6} => C:\WINDOWS\system32\ShellExt\Cryptext.dll [2001-11-03] ()
ContextMenuHandlers1: [FilZip] -> {B28C18DB-6816-4F31-9630-397683E3C2C3} => C:\Program Files\FilZip\fzshext.dll [2003-07-09] (Philipp Engel)
ContextMenuHandlers1: [ISOpenMenuHandler] -> {B92FD3C8-F5A5-4F3E-B299-D24A69E7EC41} => -> No File
ContextMenuHandlers1: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll [2012-11-13] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2007-09-20] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-04] (AVAST Software)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-04] ()
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2015-12-27] (AIMP DevTeam)
ContextMenuHandlers4: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2015-12-27] (AIMP DevTeam)
ContextMenuHandlers4: [AmitiAntivirus] -> {1763C0A7-C7BF-4a16-9A20-8207A5D6A00F} => -> No File
ContextMenuHandlers4: [Cryptext] -> {990a81a0-b289-11cf-a800-00a0c903a2a6} => C:\WINDOWS\system32\ShellExt\Cryptext.dll [2001-11-03] ()
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2007-09-20] ()
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2011-11-09] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AmitiAntivirus] -> {1763C0A7-C7BF-4a16-9A20-8207A5D6A00F} => -> No File
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-04] (AVAST Software)
ContextMenuHandlers6: [axcrypt.File] -> {088985B8-012F-47D1-BDE1-3D16609EB8C7} => C:\Program Files\Axon Data\AxCrypt\1.6.4.4\ShellExt.dll [2008-05-14] (Axantum Software AB)
ContextMenuHandlers6: [Cryptext] -> {990a81a0-b289-11cf-a800-00a0c903a2a6} => C:\WINDOWS\system32\ShellExt\Cryptext.dll [2001-11-03] ()
ContextMenuHandlers6: [FilZip] -> {B28C18DB-6816-4F31-9630-397683E3C2C3} => C:\Program Files\FilZip\fzshext.dll [2003-07-09] (Philipp Engel)
ContextMenuHandlers6: [ISOpenMenuHandler] -> {B92FD3C8-F5A5-4F3E-B299-D24A69E7EC41} => -> No File
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll [2012-11-13] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-04] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2007-09-20] ()

==================== Scheduled Tasks=============================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Avast Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: C:\WINDOWS\Tasks\AvastUpdateTaskMachineCore.job => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: C:\WINDOWS\Tasks\AvastUpdateTaskMachineUA.job => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: C:\WINDOWS\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe
Task: C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d19748fcd1494e.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\WINDOWS\Tasks\Wise Care 365.job => E:\Wise Care 365\WiseTray.exe
Task: C:\WINDOWS\Tasks\Wise Turbo Checker.job => E:\Wise Care 365\WiseTurbo.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:MSFT_UCScenarioControl.Name=\"Microsoft WMI Updating Consumer Scenario Control\"",Filter="\\.\root\subscription:__EventFilter.Name=\"Microsoft WMI Updating Consumer Scenario Control\":
WMI:subscription\__EventFilter->Microsoft WMI Updating Consumer Scenario Control:

Shortcut: C:\Documents and Settings\Administrator\Okolní síť\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co
Shortcut: C:\Documents and Settings\All Users\Nabídka Start\Programy\Software995\Software995.com.lnk -> hxxp://www.software995.co
Shortcut: C:\Documents and Settings\All Users\Nabídka Start\Programy\Axon Data\AxCrypt\Report a problem.lnk -> hxxp://sourceforge.net/tracker/?group_id=40359&atid=42779

==================== Loaded Modules (Whitelisted) ==============

2018-11-04 14:22 - 2018-11-04 14:22 - 000872664 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-11-04 14:23 - 2018-11-04 14:23 - 000598232 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-04 14:22 - 2018-11-04 14:22 - 000496856 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-11-04 14:22 - 2018-11-04 14:22 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-11-04 14:22 - 2018-11-04 14:22 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-11-23 18:45 - 2018-11-23 18:45 - 005736080 _____ () C:\Program Files\AVAST Software\Avast\defs\18112304\algo.dll
2012-05-06 11:20 - 2012-05-06 11:20 - 003449856 _____ () C:\Program Files\FreeTime\FormatFactory\FFModules\Filters\ffdshow\ffdshow.ax
2008-04-01 12:06 - 2007-09-04 13:47 - 003346432 _____ () C:\Program Files\ASUS\AI Remote\AiRc.exe
2008-04-01 12:06 - 2007-08-16 21:40 - 000208896 _____ () C:\Program Files\ASUS\AI Remote\AiNap.dll
2008-04-09 23:42 - 2011-07-21 18:56 - 000075136 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2016-03-13 21:53 - 2012-11-13 14:06 - 000108960 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-03-13 21:53 - 2012-11-13 14:06 - 000416160 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2016-03-13 21:53 - 2012-11-13 14:06 - 000158624 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-03-13 21:53 - 2012-08-23 09:38 - 000574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2016-03-13 21:53 - 2012-11-13 14:06 - 000528288 _____ () C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2016-06-30 05:35 - 2016-06-30 05:35 - 048936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2007-01-22 10:22 - 2007-01-22 10:22 - 000859648 _____ () C:\Program Files\Sunbelt Software\Personal Firewall\PocoFoundation.dll
2007-01-22 10:22 - 2007-01-22 10:22 - 000470016 _____ () C:\Program Files\Sunbelt Software\Personal Firewall\PocoXml.dll
2007-01-22 10:22 - 2007-01-22 10:22 - 000018432 _____ () C:\Program Files\Sunbelt Software\Personal Firewall\PocoExt.dll
2006-02-14 14:35 - 2006-02-14 14:35 - 000827392 _____ () C:\Program Files\Sunbelt Software\Personal Firewall\LibEay32.dll
2006-02-14 14:36 - 2006-02-14 14:36 - 000155648 _____ () C:\Program Files\Sunbelt Software\Personal Firewall\SSLeay32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF [1002]
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:430C6D84 [256]
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9 [150]
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2 [115]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.

IE trusted site: HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2001-10-25 13:00 - 2017-07-12 10:43 - 000450571 ___RC C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 15463 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1957994488-1450960922-725345543-500\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Administrator\Data aplikací\FastStone\FSIV\FSViewerWallPaper.bmp
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName3 -> C:\WINDOWS\system32\ipconf.tsp (Microsoft Corporation)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName4 -> C:\WINDOWS\system32\h323.tsp (Microsoft Corporation)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\AuthorizedApplications: [C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe] => Enabled:PotPlayer
DomainProfile\AuthorizedApplications: [C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe] => Enabled:True Vector
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\sessmgr.exe] => Disabled:@xpsp2res.dll,-22019
StandardProfile\AuthorizedApplications: [C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe] => Enabled:Call of Duty(R) 4 - Modern Warfare(TM)
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE] => Enabled:Microsoft Office OneNote
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\muzapp.exe] => Enabled:MUZ AOD APP player
StandardProfile\AuthorizedApplications: [C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe] => Enabled:PotPlayer
StandardProfile\AuthorizedApplications: [C:\Program Files\Opera\opera.exe] => Enabled:Opera Internet Browser
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Administrator\Data aplikací\uTorrent\utorrent.exe] => Enabled:µTorrent
StandardProfile\AuthorizedApplications: [C:\Program Files\Winamp\winamp.exe] => Enabled:Winamp
StandardProfile\AuthorizedApplications: [C:\Program Files\Maxthon3\Bin\MxUp.exe] => Enabled:MxUp
StandardProfile\AuthorizedApplications: [C:\Program Files\Maxthon3\Bin\Maxthon.exe] => Enabled:Maxthon
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
StandardProfile\AuthorizedApplications: [C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe] => Enabled:True Vector
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\AuthorizedApplications: [C:\Program Files\CCleaner\CCUpdate.exe] => Enabled:CCleaner Update
StandardProfile\AuthorizedApplications: [C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe] => Enabled:Avast Emergency Update
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [8668:TCP] => Enabled:BitComet 8668 TCP
StandardProfile\GloballyOpenPorts: [8668:UDP] => Enabled:BitComet 8668 UDP
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008

==================== Restore Points =========================

20-11-2018 15:18:21 Kontrolní bod systému
21-11-2018 23:32:11 Kontrolní bod systému
23-11-2018 00:25:25 Kontrolní bod systému

==================== Faulty Device Manager Devices =============

Name: Síťový adaptér Ethernet
Description: Síťový adaptér Ethernet
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/30/2018 12:10:26 PM) (Source: LightScribeService) (EventID: 5) (User: )
Description: Data for previous error event.

Error: (10/13/2018 10:08:19 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab> se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error: (10/13/2018 10:08:19 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab> se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error: (09/20/2018 12:35:33 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab> se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error: (09/20/2018 12:35:32 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab> se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error: (09/20/2018 12:35:32 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab> se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error: (09/15/2018 11:26:39 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab> se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error: (09/15/2018 11:26:39 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab> se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


System errors:
=============
Error: (11/23/2018 06:41:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HuaweiHiSuiteService.exe byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/23/2018 06:37:21 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sptd

Error: (11/23/2018 06:37:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Wise Boot Assistant neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.

Error: (11/23/2018 06:37:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Spy Emergency Health Check neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/23/2018 06:37:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Spybot-S&D 2 Security Center Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (11/23/2018 06:37:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Vypršel časový limit (30000 milisekund) čekání na připojení služby Spybot-S&D 2 Security Center Service.

Error: (11/23/2018 06:37:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba %1!s! Update (avast) neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.

Error: (11/23/2018 06:34:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Sunbelt Personal Firewall 4 byla neočekávaně ukončena. Tento stav nastal již 1krát.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 36%
Total physical RAM: 2047.04 MB
Available physical RAM: 1297.44 MB
Total Virtual: 2404.47 MB
Available Virtual: 1713.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:1.91 GB) NTFS ==>[drive with boot components (Windows XP)]


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 97BE5B6A)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[fwefw]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21.11.2018
Ran by Administrator (administrator) on PC-280019 (23-11-2018 19:42:24)
Running from C:\Documents and Settings\Administrator\Plocha
Loaded Profiles: Administrator (Available Profiles: Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
() C:\Program Files\ASUS\AI Remote\AiRc.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Devguru Co., Ltd.) C:\WINDOWS\system32\dgdersvc.exe
(Teruten) C:\WINDOWS\system32\FsUsbExService.Exe
(ASUSTek COMPUTER INC.) C:\Program Files\ASUS\AI Remote\AiRemote.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\WINDOWS\system32\PnkBstrA.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
(Wondershare) C:\Program Files\Wondershare\WAF\2.4.3.236\WsAppService.exe
(Wondershare) C:\Program Files\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Sunbelt Software, Inc.) C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16132608 2007-04-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Ai Remote Help] => C:\Program Files\ASUS\AI Remote\AiRc.exe [3346432 2007-09-04] ()
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-11-09] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-04] (AVAST Software)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2011-11-10] (ATI Technologies Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [KiesTrayAgent] => [X]
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [AmitiAntivirus] => C:\Program Files\NETGATE\Amiti Antivirus\AmitiAv.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [uTorrent] => C:\Documents and Settings\Administrator\Data aplikací\uTorrent\utorrent.exe [899416 2013-11-11] (BitTorrent Inc.)
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [AvastBrowserIsDefault] => "C:\Program Files\AVAST Software\Browser\Application\AvastBrowserProtector.exe" --force-protect
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Policies\system: [HideLegacyLogonScripts] 0
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Policies\system: [HideLogoffScripts] 0
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Policies\system: [RunLogonScriptSync] 1
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Policies\system: [RunStartupScriptSync] 1
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Policies\system: [HideStartupScripts] 0
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {325a9cd2-2ff4-11e8-98cd-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {370c22f7-329f-11e8-98ce-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {370c22fe-329f-11e8-98ce-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {4326dd24-2fee-11e8-98cc-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {4326dd2e-2fee-11e8-98cc-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {4f9e9fb2-8047-11e8-98f4-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
Startup: C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2008-10-31]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\AutorunsDisabled [2015-11-16] ()
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{4B98EB7C-F79C-49B0-BECF-3C0747268979}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{AC9813D5-DF15-4FAA-B664-456CB4301559}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{B0EA1164-9F1F-4C3B-B131-D3D0AD8EC5AA}: [DhcpNameServer] 213.46.172.37 213.46.172.36 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1957994488-1450960922-725345543-500\Software\Microsoft\Internet Explorer\Main,Start Page =
URLSearchHook: HKU\S-1-5-21-1957994488-1450960922-725345543-500 -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\S-1-5-21-1957994488-1450960922-725345543-500 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-1957994488-1450960922-725345543-500 -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL =
BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll [2008-02-29] (BitComet)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13] (Safer-Networking Ltd.)
Toolbar: HKU\S-1-5-21-1957994488-1450960922-725345543-500 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2011-12-19] (Společnost Microsoft)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default [2018-11-23]
FF Homepage: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> hxxps://www.youtube.com/
FF NewTab: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10270__181023
FF NetworkProxy: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> ftp", "14.101.41.162"
FF Extension: (Adblock Plus Pop-up Addon) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-28] [Legacy]
FF Extension: (Best Proxy Switcher) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\bestproxyswitcher@bestproxyswitcher.com.xpi [2017-07-09] [Legacy]
FF Extension: (Video Downloader professional) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\ffext_basicvideoext@startpage24.xpi [2017-10-29]
FF Extension: (YouTube™ Flash® Player) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2017-08-11]
FF Extension: (YouTube ALL HTML5) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\jid1-qj0w91o64N7Eeg@jetpack.xpi [2017-08-29] [Legacy]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\sp@avast.com.xpi [2018-11-16]
FF Extension: (SQLite Manager) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2016-04-28] [Legacy]
FF Extension: (Avast Online Security) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\wrc@avast.com.xpi [2018-11-05]
FF Extension: (Switch for YouTube) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\{1d080ce7-4fa3-4bcb-8d4c-7bbb9c2e91e6}.xpi [2018-06-27]
FF Extension: (All-in-One Gestures) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055} [2016-04-28] [Legacy]
FF Extension: (Complete YouTube Saver) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\{AF445D67-154C-4c69-A17B-7F392BCC36A3} [2018-06-01] [Legacy]
FF Extension: (Cookies Manager+) - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2017-07-23] [Legacy]
FF SearchPlugin: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default\searchplugins\securesearch.xml [2018-10-23]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-03] [Legacy] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_31_0_0_153.dll [2018-11-20] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2009-01-16] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2012-10-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=8 -> C:\Program Files\Google\Update\1.2.183.13\npGoogleOneClick8.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1957994488-1450960922-725345543-500: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\1.3.21.68\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1957994488-1450960922-725345543-500: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\1.3.21.68\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1957994488-1450960922-725345543-500: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR Profile: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default [2018-11-22]
CHR Extension: (Prezentace) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-05]
CHR Extension: (Dokumenty) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-05]
CHR Extension: (Disk Google) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-05]
CHR Extension: (YouTube) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-05]
CHR Extension: (Avast Online Security (BETA)) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2018-11-20]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-11-20]
CHR Extension: (Tabulky) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-05]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-16]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-05]
CHR HKLM\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-11-20] (Adobe Systems Incorporated) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6800144 2018-11-04] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-11-04] (AVAST Software)
R2 dgdersvc; C:\WINDOWS\system32\dgdersvc.exe [95568 2010-10-25] (Devguru Co., Ltd.)
R2 FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [217088 2010-10-26] (Teruten) [File not signed]
S2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [154432 2018-04-20] () [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S4 NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2009-11-12] ()
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75136 2011-07-21] ()
R2 SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [95528 2008-10-31] (Sunbelt Software, Inc.)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 SPF4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [1365288 2008-10-31] (Sunbelt Software, Inc.)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.236\WsAppService.exe [482304 2018-01-26] (Wondershare) [File not signed]
R2 WsDrvInst; C:\Program Files\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120096 2018-01-16] (Wondershare)
S2 avast; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]
S2 WiseBootAssistant; E:\Wise Care 365\BootTime.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [12664 2006-10-18] ()
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [167648 2018-11-04] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriverx.sys [188952 2018-11-04] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidshx.sys [165552 2018-11-04] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblogx.sys [284424 2018-11-04] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbunivx.sys [58072 2018-11-04] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [139008 2018-11-04] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [42912 2018-11-04] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [40864 2018-11-04] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [135368 2018-11-04] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [70928 2018-11-04] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [72968 2018-11-04] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [784728 2018-11-04] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [397136 2018-11-04] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\System32\drivers\aswStmXP.sys [146752 2018-11-04] (AVAST Software)
S3 aswTap; C:\WINDOWS\System32\DRIVERS\aswTap.sys [35144 2016-03-16] (The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [310880 2018-11-04] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [101392 2011-03-30] (Advanced Micro Devices)
R0 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [20616 2008-07-31] (IVT Corporation.)
S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.sys [27672 2007-09-07] (EnTech Taiwan)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\DRIVERS\ew_usbccgpfilter.sys [15360 2018-04-20] (Huawei Technologies Co., Ltd.)
R3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36640 2010-10-25] () [File not signed]
S3 gdrv; C:\WINDOWS\gdrv.sys [17488 2011-08-24] (Windows (R) 2000 DDK provider)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 HdAudAddService; C:\WINDOWS\System32\drivers\AtiHdAud.sys [84992 2006-12-28] (ATI Research Inc.) [File not signed]
S3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [26248 2008-07-02] (IVT Corporation.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R0 mv61xx; C:\WINDOWS\System32\DRIVERS\mv61xx.sys [137728 2007-05-25] (Marvell Semiconductor, Inc.)
S3 rtl8029; C:\WINDOWS\System32\DRIVERS\RTL8029.SYS [19017 2001-08-17] (Realtek Semiconductor Corporation)
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
R1 SbFw; C:\WINDOWS\System32\drivers\SbFw.sys [270888 2008-10-31] (Sunbelt Software, Inc.)
R3 SBFWIMCL; C:\WINDOWS\System32\DRIVERS\sbfwim.sys [65576 2008-06-21] (Sunbelt Software, Inc.)
R1 sbhips; C:\WINDOWS\system32\drivers\sbhips.sys [66600 2008-06-21] (Sunbelt Software, Inc.)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R2 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5504 2009-11-12] () [File not signed]
R3 WmBEnum; C:\WINDOWS\System32\drivers\WmBEnum.sys [10144 2004-04-14] (Logitech Inc.)
S3 WmFilter; C:\WINDOWS\System32\drivers\WmFilter.sys [21280 2004-04-14] (Logitech Inc.)
S3 WmHidLo; C:\WINDOWS\System32\drivers\WmHidLo.sys [14432 2004-04-14] (Logitech Inc.)
S3 WmVirHid; C:\WINDOWS\System32\drivers\WmVirHid.sys [5600 2004-04-14] (Logitech Inc.)
R3 WmXlCore; C:\WINDOWS\System32\drivers\WmXlCore.sys [44064 2004-04-14] (Logitech Inc.)
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [X]
S3 GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS [X]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2018-04-20] (Huawei Technologies Co., Ltd.)
S4 IntelIde; no ImagePath
S3 MSICDSetup; \??\F:\CDriver.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S0 sptd; System32\Drivers\sptd.sys [X]
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
S4 yukonwxp; system32\DRIVERS\yk51x86.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-23 19:42 - 2018-11-23 19:43 - 000024371 _____ C:\Documents and Settings\Administrator\Plocha\FRST.txt
2018-11-23 18:25 - 2018-11-23 18:25 - 004110280 _____ C:\Documents and Settings\Administrator\Plocha\adwcleaner.exe
2018-11-22 22:14 - 2018-11-22 22:15 - 001775616 _____ (Farbar) C:\Documents and Settings\Administrator\Plocha\FRST.exe
2018-11-22 17:35 - 2018-11-22 17:35 - 000065536 _____ C:\WINDOWS\Minidump\Mini112218-02.dmp
2018-11-22 06:53 - 2018-11-22 06:53 - 000065536 _____ C:\WINDOWS\Minidump\Mini112218-01.dmp
2018-11-21 23:04 - 2018-11-21 23:04 - 000065536 _____ C:\WINDOWS\Minidump\Mini112118-02.dmp
2018-11-21 07:09 - 2018-11-23 18:34 - 000032624 _____ C:\WINDOWS\SchedLgU.Txt
2018-11-21 07:09 - 2018-11-21 07:09 - 000065536 _____ C:\WINDOWS\Minidump\Mini112118-01.dmp
2018-11-20 21:11 - 2018-11-20 21:11 - 000065536 _____ C:\WINDOWS\Minidump\Mini112018-01.dmp
2018-11-09 05:01 - 2018-11-09 05:01 - 000000000 ____D C:\Documents and Settings\Administrator\Data aplikací\GRETECH
2018-11-09 05:00 - 2018-11-09 05:00 - 000000862 _____ C:\Documents and Settings\Administrator\Nabídka Start\GOM Player.lnk
2018-11-09 05:00 - 2018-11-09 05:00 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\GOM Player
2018-11-09 04:40 - 2018-11-09 04:40 - 000000989 _____ C:\Documents and Settings\Administrator\Nabídka Start\BS.Player FREE.lnk
2018-11-09 04:40 - 2018-11-09 04:40 - 000000000 ____D C:\Documents and Settings\Administrator\Nabídka Start\Programy\BS.Player
2018-11-09 04:37 - 2018-11-09 04:47 - 000000000 ____D C:\Documents and Settings\Administrator\Data aplikací\BSplayer
2018-11-07 18:04 - 2018-11-07 18:04 - 000065536 _____ C:\WINDOWS\Minidump\Mini110718-02.dmp
2018-11-07 06:32 - 2018-11-07 06:32 - 000065536 _____ C:\WINDOWS\Minidump\Mini110718-01.dmp
2018-11-04 14:28 - 2018-11-04 14:23 - 000040864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2018-11-04 14:24 - 2018-11-04 14:23 - 000323288 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-23 19:43 - 2016-04-15 19:59 - 000000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2018-11-23 19:43 - 2008-05-12 15:33 - 000000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp
2018-11-23 19:42 - 2017-02-14 18:21 - 000000000 ____D C:\FRST
2018-11-23 19:42 - 2008-04-01 11:26 - 000000000 ____D C:\Documents and Settings\Administrator\Plocha
2018-11-23 19:10 - 2017-05-30 00:31 - 000000914 ____C C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2018-11-23 19:06 - 2018-06-22 08:01 - 000000992 _____ C:\WINDOWS\Tasks\AvastUpdateTaskMachineUA.job
2018-11-23 18:39 - 2014-07-31 22:55 - 000000000 ____D C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2018-11-23 18:38 - 2017-04-05 03:36 - 000000358 ____H C:\WINDOWS\Tasks\Avast Emergency Update.job
2018-11-23 18:37 - 2018-04-24 14:09 - 000000330 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2018-11-23 18:37 - 2001-10-25 13:00 - 000002206 ____C C:\WINDOWS\system32\wpa.dbl
2018-11-23 18:36 - 2018-06-22 08:01 - 000000988 _____ C:\WINDOWS\Tasks\AvastUpdateTaskMachineCore.job
2018-11-23 18:36 - 2016-04-15 19:59 - 000000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d19748fcd1494e.job
2018-11-23 18:36 - 2016-03-13 21:53 - 000000620 ____C C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2018-11-23 18:36 - 2015-11-16 19:18 - 000000338 ____C C:\WINDOWS\Tasks\Wise Care 365.job
2018-11-23 18:36 - 2014-03-27 00:29 - 000000238 ____C C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2018-11-23 18:36 - 2008-04-01 17:24 - 000000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2018-11-23 18:34 - 2013-01-25 02:12 - 000524288 _____ C:\WINDOWS\system32\config\SpybotSD.evt
2018-11-23 18:34 - 2008-04-01 14:06 - 000524288 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2018-11-23 18:34 - 2008-04-01 11:26 - 000000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2018-11-23 18:34 - 2008-04-01 11:26 - 000000000 ____D C:\Documents and Settings\Administrator
2018-11-23 18:33 - 2016-01-19 23:16 - 000000000 ____D C:\AdwCleaner
2018-11-23 18:16 - 2014-09-01 22:02 - 000000000 ____D C:\Documents and Settings\Administrator\Plocha\Brie Larson
2018-11-22 17:35 - 2008-11-03 19:26 - 000000000 ____D C:\WINDOWS\Minidump
2018-11-22 17:35 - 2008-04-01 19:02 - 2146480128 _____ C:\WINDOWS\MEMORY.DMP
2018-11-22 17:35 - 2008-04-01 11:35 - 000000000 __SHD C:\WINDOWS\CSC
2018-11-21 02:24 - 2008-05-23 14:30 - 000148593 ____C C:\WINDOWS\WININIT.INI
2018-11-21 00:30 - 2016-03-13 21:53 - 000000616 ____C C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2018-11-20 22:11 - 2018-03-14 01:10 - 000000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job
2018-11-20 22:11 - 2017-05-30 00:31 - 000842240 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2018-11-20 22:11 - 2017-05-30 00:31 - 000175104 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2018-11-20 22:10 - 2008-04-01 17:18 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-11-20 04:43 - 2008-04-01 11:26 - 000000000 ___HD C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2018-11-19 20:49 - 2014-09-01 22:02 - 000000000 ____D C:\Documents and Settings\Administrator\Plocha\Ariana Grande
2018-11-19 19:00 - 2015-11-16 19:18 - 000000318 ____C C:\WINDOWS\Tasks\Wise Turbo Checker.job
2018-11-19 10:17 - 2011-04-15 11:56 - 000000000 ____D C:\Documents and Settings\Administrator\Plocha\m
2018-11-09 05:13 - 2009-01-18 19:56 - 001925662 _____ C:\Documents and Settings\Administrator\Dokumenty\2.wmv
2018-11-09 05:01 - 2008-04-01 11:26 - 000000000 __RHD C:\Documents and Settings\Administrator\Data aplikací
2018-11-09 05:00 - 2011-02-02 00:21 - 000000000 ____D C:\Program Files\GRETECH
2018-11-09 05:00 - 2008-04-01 19:08 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2018-11-09 05:00 - 2008-04-01 11:26 - 000000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start
2018-11-09 04:40 - 2008-04-01 11:26 - 000000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy
2018-11-09 04:37 - 2008-04-08 22:13 - 000000000 ____D C:\Documents and Settings\Administrator\Data aplikací\BSplayer PRO
2018-11-08 14:59 - 2014-03-27 00:29 - 000000232 ____C C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2018-11-05 23:39 - 2016-09-03 23:55 - 000000000 _____ C:\Documents and Settings\Administrator\last.dump
2018-11-04 14:33 - 2008-04-01 19:02 - 000000000 ___HD C:\WINDOWS\inf
2018-11-04 14:23 - 2017-11-21 10:30 - 000167648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-11-04 14:23 - 2016-03-16 18:28 - 000397136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-11-04 14:23 - 2016-03-16 18:28 - 000310880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-11-04 14:23 - 2016-03-16 18:28 - 000146752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2018-11-04 14:23 - 2016-03-16 18:28 - 000135368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-11-04 14:23 - 2016-03-16 18:28 - 000072968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-11-04 14:23 - 2016-03-16 18:28 - 000070928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2018-11-04 14:23 - 2016-03-16 18:28 - 000042912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-11-04 14:22 - 2018-01-06 20:32 - 000139008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-11-04 14:22 - 2017-04-05 03:35 - 000284424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblogx.sys
2018-11-04 14:22 - 2017-04-05 03:35 - 000188952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriverx.sys
2018-11-04 14:22 - 2017-04-05 03:35 - 000165552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidshx.sys
2018-11-04 14:22 - 2017-04-05 03:35 - 000058072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbunivx.sys
2018-11-04 14:22 - 2016-03-16 18:28 - 000784728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-11-01 00:30 - 2016-03-13 21:53 - 000000446 ____C C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
2018-10-30 13:11 - 2008-12-18 17:47 - 000000000 ____D C:\Documents and Settings\Administrator\Data aplikací\XnView
2018-10-30 12:15 - 2008-04-01 19:08 - 001022040 ____C C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-30 12:15 - 2001-10-25 13:00 - 000429460 ____C C:\WINDOWS\system32\perfh005.dat
2018-10-30 12:15 - 2001-10-25 13:00 - 000078488 ____C C:\WINDOWS\system32\perfc005.dat

==================== Files in the root of some directories =======

2008-04-18 11:22 - 2008-04-18 11:22 - 001658368 _____ (Zaparit.cz) C:\Documents and Settings\Administrator\klient.exe
2009-10-25 18:56 - 1997-01-01 00:49 - 000000036 ____C () C:\Documents and Settings\Administrator\Piskvorky2000.bat
2016-03-16 18:35 - 2016-03-16 18:35 - 049070080 ____C () C:\Program Files\GUT8A2.tmp
2010-04-16 21:15 - 2010-04-16 21:08 - 000000368 ____C () C:\Program Files\YoutubeProtectionRemover.js
2010-12-13 12:56 - 2010-12-13 12:56 - 000000019 ____C () C:\Documents and Settings\Administrator\Data aplikací\ClipExtractor-UpdatePerformed.txt
2010-12-13 12:59 - 2011-01-01 01:15 - 000000616 _____ () C:\Documents and Settings\Administrator\Data aplikací\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml
2016-03-30 19:53 - 2016-03-30 19:53 - 000000276 _____ () C:\Documents and Settings\Administrator\Data aplikací\Safer-Networking.log
2008-04-07 10:50 - 2018-01-22 01:10 - 000069120 _____ () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-06-30 00:28 - 2010-06-30 00:28 - 000000302 _____ () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DelUnist.bat
2017-08-15 21:29 - 2017-08-15 21:29 - 000000889 _____ () C:\Documents and Settings\Administrator\Local Settings\Data aplikací\recently-used.xbel

Some files in TEMP:
====================
2016-03-30 19:53 - 2016-04-22 19:49 - 000000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp\avgnt.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [KiesTrayAgent] => [X]
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {325a9cd2-2ff4-11e8-98cd-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {370c22f7-329f-11e8-98ce-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {370c22fe-329f-11e8-98ce-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {4326dd24-2fee-11e8-98cc-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {4326dd2e-2fee-11e8-98cc-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {4f9e9fb2-8047-11e8-98f4-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-1957994488-1450960922-725345543-500 -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL =
FF NewTab: C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\gexif2zp.default -> hxxp://securedsearch.lavasoft.com/?pr=v ... 70__181023
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @tools.google.com/Google Update;version=8 -> C:\Program Files\Google\Update\1.2.183.13\npGoogleOneClick8.dll [No File]
FF Plugin HKU\S-1-5-21-1957994488-1450960922-725345543-500: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\1.3.21.68\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1957994488-1450960922-725345543-500: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\1.3.21.68\npGoogleUpdate3.dll [No File]
S4 IntelIde; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d19748fcd1494e.job
C:\Program Files\GUT8A2.tmp
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Documents and Settings\Administrator\Local Settings
ContextMenuHandlers1: [AmitiAntivirus] -> {1763C0A7-C7BF-4a16-9A20-8207A5D6A00F} => -> No File
ContextMenuHandlers1: [ISOpenMenuHandler] -> {B92FD3C8-F5A5-4F3E-B299-D24A69E7EC41} => -> No File
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers4: [AmitiAntivirus] -> {1763C0A7-C7BF-4a16-9A20-8207A5D6A00F} => -> No File
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers6: [AmitiAntivirus] -> {1763C0A7-C7BF-4a16-9A20-8207A5D6A00F} => -> No File
ContextMenuHandlers6: [ISOpenMenuHandler] -> {B92FD3C8-F5A5-4F3E-B299-D24A69E7EC41} => -> No File
ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d19748fcd1494e.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF [1002]
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:430C6D84 [256]
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9 [150]
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2 [115]

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[fwefw]

Fix result of Farbar Recovery Scan Tool (x86) Version: 21.11.2018
Ran by Administrator (23-11-2018 20:25:10) Run:1
Running from C:\Documents and Settings\Administrator\Plocha
Loaded Profiles: Administrator (Available Profiles: Administrator)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\Run: [KiesTrayAgent] => [X]
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {325a9cd2-2ff4-11e8-98cd-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {370c22f7-329f-11e8-98ce-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {370c22fe-329f-11e8-98ce-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {4326dd24-2fee-11e8-98cc-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {4326dd2e-2fee-11e8-98cc-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\...\MountPoints2: {4f9e9fb2-8047-11e8-98f4-0040f4b27cd5} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1957994488-1450960922-725345543-500\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-1957994488-1450960922-725345543-500 -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL =
FF NewTab: C:\Documents and Settings\Administrator\Data aplikac\Mozilla\Firefox\Profiles\gexif2zp.default -> hxxp://securedsearch.lavasoft.com/?pr=v ... 70__181023
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @tools.google.com/Google Update;version=8 -> C:\Program Files\Google\Update\1.2.183.13\npGoogleOneClick8.dll [No File]
FF Plugin HKU\S-1-5-21-1957994488-1450960922-725345543-500: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Administrator\Local Settings\Data aplikac\Google\Update\1.3.21.68\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1957994488-1450960922-725345543-500: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Administrator\Local Settings\Data aplikac\Google\Update\1.3.21.68\npGoogleUpdate3.dll [No File]
S4 IntelIde; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d19748fcd1494e.job
C:\Program Files\GUT8A2.tmp
C:\Documents and Settings\Administrator\Local Settings\Data aplikac\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Documents and Settings\Administrator\Local Settings
ContextMenuHandlers1: [AmitiAntivirus] -> {1763C0A7-C7BF-4a16-9A20-8207A5D6A00F} => -> No File
ContextMenuHandlers1: [ISOpenMenuHandler] -> {B92FD3C8-F5A5-4F3E-B299-D24A69E7EC41} => -> No File
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers4: [AmitiAntivirus] -> {1763C0A7-C7BF-4a16-9A20-8207A5D6A00F} => -> No File
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers6: [AmitiAntivirus] -> {1763C0A7-C7BF-4a16-9A20-8207A5D6A00F} => -> No File
ContextMenuHandlers6: [ISOpenMenuHandler] -> {B92FD3C8-F5A5-4F3E-B299-D24A69E7EC41} => -> No File
ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d19748fcd1494e.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikac\TEMP:05EE1EEF [1002]
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikac\TEMP:430C6D84 [256]
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikac\TEMP:CB0AACC9 [150]
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikac\TEMP:DFC5A2B2 [115]

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck" => removed successfully.
"HKU\S-1-5-21-1957994488-1450960922-725345543-500\Software\Microsoft\Windows\CurrentVersion\Run\\KiesTrayAgent" => removed successfully.
HKU\S-1-5-21-1957994488-1450960922-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{325a9cd2-2ff4-11e8-98cd-0040f4b27cd5} => removed successfully.
HKLM\Software\Classes\CLSID\{325a9cd2-2ff4-11e8-98cd-0040f4b27cd5} => not found
HKU\S-1-5-21-1957994488-1450960922-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{370c22f7-329f-11e8-98ce-0040f4b27cd5} => removed successfully.
HKLM\Software\Classes\CLSID\{370c22f7-329f-11e8-98ce-0040f4b27cd5} => not found
HKU\S-1-5-21-1957994488-1450960922-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{370c22fe-329f-11e8-98ce-0040f4b27cd5} => removed successfully.
HKLM\Software\Classes\CLSID\{370c22fe-329f-11e8-98ce-0040f4b27cd5} => not found
HKU\S-1-5-21-1957994488-1450960922-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4326dd24-2fee-11e8-98cc-0040f4b27cd5} => removed successfully.
HKLM\Software\Classes\CLSID\{4326dd24-2fee-11e8-98cc-0040f4b27cd5} => not found
HKU\S-1-5-21-1957994488-1450960922-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4326dd2e-2fee-11e8-98cc-0040f4b27cd5} => removed successfully.
HKLM\Software\Classes\CLSID\{4326dd2e-2fee-11e8-98cc-0040f4b27cd5} => not found
HKU\S-1-5-21-1957994488-1450960922-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f9e9fb2-8047-11e8-98f4-0040f4b27cd5} => removed successfully.
HKLM\Software\Classes\CLSID\{4f9e9fb2-8047-11e8-98f4-0040f4b27cd5} => not found
HKU\S-1-5-21-1957994488-1450960922-725345543-500\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-1957994488-1450960922-725345543-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e} => removed successfully.
HKLM\Software\Classes\CLSID\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e} => not found
FF NewTab: C:\Documents and Settings\Administrator\Data aplikac\Mozilla\Firefox\Profiles\gexif2zp.default -> hxxp://securedsearch.lavasoft.com/?pr=v ... 70__181023 => "C:\Documents and Settings\Administrator\Data aplikací\C:\Documents and Settings\Administrator\Data aplikac\Mozilla\Firefox\Profiles\gexif2zp.default\prefs.js" not found
"HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => removed successfully.
HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8 => removed successfully.
HKU\S-1-5-21-1957994488-1450960922-725345543-500\Software\MozillaPlugins\@tools.google.com/Google Update;version=3 => removed successfully.
"C:\Documents and Settings\Administrator\Local Settings\Data aplikac\Google\Update\1.3.21.68\npGoogleUpdate3.dll" => not found
HKU\S-1-5-21-1957994488-1450960922-725345543-500\Software\MozillaPlugins\@tools.google.com/Google Update;version=9 => removed successfully.
"C:\Documents and Settings\Administrator\Local Settings\Data aplikac\Google\Update\1.3.21.68\npGoogleUpdate3.dll" => not found
HKLM\System\CurrentControlSet\Services\IntelIde => removed successfully.
IntelIde => service removed successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d19748fcd1494e.job => moved successfully
C:\Program Files\GUT8A2.tmp => moved successfully
"C:\Documents and Settings\Administrator\Local Settings\Data aplikac\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini" => not found

"C:\Documents and Settings\Administrator\Local Settings" folder move:

Could not move "C:\Documents and Settings\Administrator\Local Settings" => Scheduled to move on reboot.

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\AmitiAntivirus => removed successfully.
HKLM\Software\Classes\CLSID\{1763C0A7-C7BF-4a16-9A20-8207A5D6A00F} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ISOpenMenuHandler => removed successfully.
HKLM\Software\Classes\CLSID\{B92FD3C8-F5A5-4F3E-B299-D24A69E7EC41} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SpyEmergency => removed successfully.
HKLM\Software\Classes\CLSID\{2E9FFF5C-4375-494d-951F-098BAA42239E} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\AmitiAntivirus => removed successfully.
HKLM\Software\Classes\CLSID\{1763C0A7-C7BF-4a16-9A20-8207A5D6A00F} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\SpyEmergency => removed successfully.
HKLM\Software\Classes\CLSID\{2E9FFF5C-4375-494d-951F-098BAA42239E} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\AmitiAntivirus => removed successfully.
HKLM\Software\Classes\CLSID\{1763C0A7-C7BF-4a16-9A20-8207A5D6A00F} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ISOpenMenuHandler => removed successfully.
HKLM\Software\Classes\CLSID\{B92FD3C8-F5A5-4F3E-B299-D24A69E7EC41} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SpyEmergency => removed successfully.
HKLM\Software\Classes\CLSID\{2E9FFF5C-4375-494d-951F-098BAA42239E} => not found
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d19748fcd1494e.job" => not found
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
"C:\Documents and Settings\All Users\Data aplikac\TEMP" => ":05EE1EEF" ADS not found.
"C:\Documents and Settings\All Users\Data aplikac\TEMP" => ":430C6D84" ADS not found.
"C:\Documents and Settings\All Users\Data aplikac\TEMP" => ":CB0AACC9" ADS not found.
"C:\Documents and Settings\All Users\Data aplikac\TEMP" => ":DFC5A2B2" ADS not found.

=========== EmptyTemp: ==========

BITS transfer queue => 11119 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 129595 B
Java, Flash, Steam htmlcache => 2253772 B
Windows/system/dllcache/drivers => 673 B
Edge => 0 B
Chrome => 260305149 B
Firefox => 539467033 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Documents and Settings => 0 B
Default User => 66164 B
All Users => 0 B
systemprofile => 475048942 B
LocalService => 11859775 B
NetworkService => 66164 B
Administrator => 389582296 B

RecycleBin => 0 B
EmptyTemp: => 1.6 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 23-11-2018 21:09:20)

"C:\Documents and Settings\Administrator\Local Settings" => Could not move.

==== End of Fixlog 21:09:57 ====

[fwefw]

Hlavně mně beží ve správci úloh pořád 2 firefoxi a když ten menší ukončím, tak za chvíli tam je zas a prohlížeč je pak neskutečně pomalý.

[Rudy]

Udělejte kompletní sken MBAM: http://www.oldapps.com/malwarebytes.php ... ytes=16147 a dejte log. Předem nic nemažte.

[fwefw]

Udělejte kompletní sken MBAM: http://www.oldapps.com/malwarebytes.php ... ytes=16147 a dejte log. Předem nic nemažte.

Mně to včera i dnes hlásí toto - Firefox nemůže navázat spojení se serverem download.oldapps.com.

[Rudy]

Divné, mně to funguje. Zkuste tedy sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Stáhněte, spusťte, nechte pracovat a po skončení akce smažte vše, co najde.

[fwefw]

Tak jsem zkusil stáhnout MBAM odjinud a šlo to, ale při instalaci to hlásilo Expression error 'Runtime Error' / External exception E06D7363.

Jinak Kapersky scan nic aktivního nenašel. Dvojitý firefox se ve správce zařízení se občas objevuje, těžko říct proč.

Díky za pomoc