Prosím o kontrolu logu RSIT

[bamal]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Radek at 2016-05-27 06:06:47
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 15 GB (5%) free of 286 GB
Total RAM: 2015 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:07:25, on 27.5.2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\SQ931STI.EXE
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\WINDOWS\system32\wscript.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\BlueStacks\HD-LogRotatorService.exe
C:\Program Files\BlueStacks\HD-UpdaterService.exe
C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\WINDOWS\System32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Radek\Plocha\RSIT.exe
C:\Program Files\trend micro\Radek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 81.104.191.252:21320
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {d6451db9-67e1-4ca3-bfba-4d77fface17f} - (no file)
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SQ931STI] C:\WINDOWS\SQ931STI.EXE
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [tmpA63E] wscript.exe //B "C:\DOCUME~1\Radek\LOCALS~1\Temp\tmpA63E.tmp.wsf"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [tmpA63E] wscript.exe //B "C:\DOCUME~1\Radek\LOCALS~1\Temp\tmpA63E.tmp.wsf"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Obsah aplikace OneNote.onetoc2
O4 - Startup: tmpA63E.tmp.wsf
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab3.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-UpdaterService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 7481 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\SafeZone scheduled Autoupdate 1459588872.job - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\6eignc34.default-1364510204218

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\components\
flashplayer.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
np_gp.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-01 678656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d6451db9-67e1-4ca3-bfba-4d77fface17f}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-04-01 7139256]
"SQ931STI"=C:\WINDOWS\SQ931STI.EXE [2007-01-24 151552]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2016-05-06 5565960]
"tmpA63E"=wscript.exe //B C:\DOCUME~1\Radek\LOCALS~1\Temp\tmpA63E.tmp.wsf []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"tmpA63E"=wscript.exe //B C:\DOCUME~1\Radek\LOCALS~1\Temp\tmpA63E.tmp.wsf []

C:\Documents and Settings\Radek\Nabídka Start\Programy\Po spuštění
Obsah aplikace OneNote.onetoc2
tmpA63E.tmp.wsf

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Games\Zoo Tycoon 2 Trial Version\zt2demoretail.exe"="C:\Program Files\Microsoft Games\Zoo Tycoon 2 Trial Version\zt2demoretail.exe:*:Enabled:Zoo Tycoon 2 Demo Executable"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"D:\Moje, jenom moje\Facemoods.exe"="D:\Moje, jenom moje\Facemoods.exe:*:Enabled:InstallCore™"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"D:\Moje, jenom moje\Hry\terraria-1.0.6\terraria 1.0.6\terraria\TerrariaServer.exe"="D:\Moje, jenom moje\Hry\terraria-1.0.6\terraria 1.0.6\terraria\TerrariaServer.exe:*:Disabled:Terraria"
"D:\Moje, jenom moje\Hry\Terraria 1.1.2\TerrariaServer.exe"="D:\Moje, jenom moje\Hry\Terraria 1.1.2\TerrariaServer.exe:*:Enabled:Terraria"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Riot Games\League of Legends\air\LolClient.exe"="C:\Riot Games\League of Legends\air\LolClient.exe:*:Enabled:League of Legends Lobby"
"C:\Riot Games\League of Legends\game\League of Legends.exe"="C:\Riot Games\League of Legends\game\League of Legends.exe:*:Enabled:League of Legends Game Client"
"C:\Riot Games\League of Legends\lol.launcher.exe"="C:\Riot Games\League of Legends\lol.launcher.exe:*:Enabled:League of Legends Launcher"
"C:\Program Files\Ubisoft\Heroes 3 Complete\HEROES3.EXE"="C:\Program Files\Ubisoft\Heroes 3 Complete\HEROES3.EXE:*:Enabled:Heroes of Might and Magic® III"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Documents and Settings\Radek\Data aplikací\GameRanger\GameRanger\GameRanger.exe"="C:\Documents and Settings\Radek\Data aplikací\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger"
"C:\Program Files\Spyware Terminator\SpywareTerminator.exe"="C:\Program Files\Spyware Terminator\SpywareTerminator.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\Metin2\metin2client.bin"="C:\Program Files\Metin2\metin2client.bin:*:Enabled:Metin2Client"
"C:\Documents and Settings\Radek\Local Settings\Data aplikací\DirectDownloader\directdownloader.exe"="C:\Documents and Settings\Radek\Local Settings\Data aplikací\DirectDownloader\directdownloader.exe:*:Enabled:DirectDownloader"
"C:\Documents and Settings\Radek\Local Settings\Temp\incredibar_installer.exe"="C:\Documents and Settings\Radek\Local Settings\Temp\incredibar_installer.exe:*:Enabled:IncrediBar Installer"
"C:\Program Files\Counter-Strike 1.6 Standalone\launcher.exe"="C:\Program Files\Counter-Strike 1.6 Standalone\launcher.exe:*:Enabled:Creted by Martin.cz"
"C:\Totalcmd\TOTALCMD.EXE"="C:\Totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe"="C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe:*:Enabled:Zoo Tycoon 2 Executable"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\PCDApp\dgen.exe"="C:\Program Files\PCDApp\dgen.exe:*:Enabled:MProxy"
"C:\Program Files\PCDApp\cudaminer.exe"="C:\Program Files\PCDApp\cudaminer.exe:*:Enabled:NProxy"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Documents and Settings\Radek\Data aplikací\uTorrent\utorrent.exe"="C:\Documents and Settings\Radek\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\bin\steamwebhelper.exe"="C:\Program Files\Steam\bin\steamwebhelper.exe:*:Enabled:Steam Web Helper"
"C:\Program Files\Java\jre1.8.0_25\bin\java.exe"="C:\Program Files\Java\jre1.8.0_25\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Steam\steamapps\common\Terraria\Terraria.exe"="C:\Program Files\Steam\steamapps\common\Terraria\Terraria.exe:*:Enabled:Terraria"
"C:\Program Files\Steam\steamapps\common\Terraria\TerrariaServer.exe"="C:\Program Files\Steam\steamapps\common\Terraria\TerrariaServer.exe:*:Enabled:Terraria"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=l3codecp.acm
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux8"=wdmaud.drv
"vidc.iv50"=ir50_32.dll
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"VIDC.FPS1"=frapsvid.dll
"VIDC.FFDS"=ff_vfw.dll
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux9"=wdmaud.drv

======File associations======

.scr - open - "%1" /S "%3"

======List of files/folders created in the last 1 month======

2016-05-27 06:06:47 ----D---- C:\rsit
2016-05-27 06:06:47 ----D---- C:\Program Files\trend micro
2016-05-25 00:12:26 ----HD---- C:\WINDOWS\system32\GroupPolicy
2016-05-21 21:50:29 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-14 09:46:54 ----D---- C:\Program Files\LogMeIn Hamachi
2016-05-13 12:27:43 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2016-05-27 06:06:54 ----D---- C:\WINDOWS\Prefetch
2016-05-27 06:06:47 ----D---- C:\Program Files
2016-05-27 05:54:20 ----D---- C:\WINDOWS\Temp
2016-05-26 06:32:56 ----A---- C:\WINDOWS\SchedLgU.Txt
2016-05-25 00:12:26 ----D---- C:\WINDOWS\system32
2016-05-24 21:39:48 ----D---- C:\Documents and Settings\Radek\Data aplikací\vlc
2016-05-21 21:50:41 ----D---- C:\WINDOWS
2016-05-14 10:23:29 ----D---- C:\WINDOWS\Debug
2016-05-14 09:47:52 ----SHD---- C:\WINDOWS\Installer
2016-05-14 09:47:52 ----SHD---- C:\Config.Msi
2016-05-14 09:47:22 ----D---- C:\WINDOWS\system32\CatRoot2
2016-05-14 09:41:19 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-05-12 23:21:52 ----D---- C:\WINDOWS\system32\MRT
2016-05-12 23:05:40 ----A---- C:\WINDOWS\system32\MRT.exe
2016-05-12 20:42:10 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2016-05-12 20:42:04 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2016-05-12 20:39:11 ----SD---- C:\WINDOWS\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-04-01 58776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-04-01 221240]
R0 nvata;nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [2006-06-28 105088]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2008-08-18 145952]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2014-08-08 320120]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2006-06-19 43008]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-04-01 35096]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2016-04-01 64272]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-04-01 816304]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-04-01 447848]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-04-01 32792]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-04-01 91168]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2014-04-19 279712]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-14 88192]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2014-04-19 25888]
R3 aswStmXP;Avast StreamFilter Driver; C:\WINDOWS\system32\drivers\aswStmXP.sys [2016-04-01 171608]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2015-04-14 243128]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-08-01 4356608]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\System32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2013-02-08 12648960]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-07-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-07-11 20480]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 a9ow2mps;a9ow2mps; C:\WINDOWS\system32\drivers\a9ow2mps.sys []
S3 AF9035HB;AF9035 Hybrid Device; C:\WINDOWS\System32\Drivers\AF9035HB.sys [2010-05-15 863616]
S3 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2016-04-01 67088]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys []
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 PAC7311;VGA SoC PC-Camer@; C:\WINDOWS\system32\DRIVERS\PA707UCM.SYS [2005-07-08 143232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SQ931;USB 2.0 Video Camera; C:\WINDOWS\System32\Drivers\Capt931a.sys [2007-03-27 519040]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-04-01 237096]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [2015-08-19 413304]
R2 BstHdUpdaterSvc;BlueStacks Updater Service; C:\Program Files\BlueStacks\HD-UpdaterService.exe [2015-08-19 839288]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2016-05-06 1898504]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2016-05-06 405424]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2006-04-14 28933976]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-12-31 247152]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2012-03-27 482992]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-10-07 163908]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-12 269504]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files\BlueStacks\HD-Service.exe [2015-08-19 437880]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-02-21 553288]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-05-13 146888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2006-04-14 240416]

-----------------EOF-----------------

[JaRon]

ahoj,
- odinstaluj STerminator
- vycisti PC s MBAM v1.75

[fjodorek]

Díky za rychlou odpověď, ale moje malá sestra zapomněla dodat, že má taky problém se tvořením zástupců na flash disku.

[JaRon]

v pohode
vykonaj uvedene kroky

[bamal]

Děkuju moc za radu a co s tim mam dělat teď?




Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2016.05.30.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Radek :: RADEK-YQTGSRBB1 [administrátor]

30.5.2016 11:35:13
MBAM-log-2016-05-30 (14-36-49).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 522940
Uplynulý čas: 2 hodin, 57 minut, 38 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 5
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FF103732-4528-4322-AA8B-F7849AB7776B} (PUP.Optional.BestToolBars) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.Optional.InstallCore) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd (PUP.Optional.Amonetize) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd.1 (PUP.Optional.Amonetize) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Google\Chrome\Extensions\gjajpkikblccgefaibcafkfbanllpefi (PUP.Optional.7Go) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 3
C:\Documents and Settings\Radek\Data aplikací\7go (PUP.Optional.7Go) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Radek\Data aplikací\41 (PUP.Optional.Amonetize) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic (PUP.Optional.SurfTastic) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 18
C:\Dokumenty\Downloads\The Sims 2\The Sims 2 - Free Time\EA_Keygen.exe (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
C:\Downloads\Downloads do The Sims 4\Nová složka\The Sims 4\[R.G. Mechanics] The Sims 4\setup.exe (PUP.Optional.InstallCore) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{982FE633-8E38-42AA-85E5-16249B3C638F}\RP58\A0266281.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{982FE633-8E38-42AA-85E5-16249B3C638F}\RP59\A0266302.dll (PUP.Optional.BabSolution) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{982FE633-8E38-42AA-85E5-16249B3C638F}\RP59\A0266552.exe (PUP.Optional.Sambreel) -> Nebyla provedena žádná instrukce.
D:\Moje, jenom moje\Programy\DarkWave-Studio-3.5.6.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
D:\Moje, jenom moje\Programy\DTLite4413-0173.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
D:\Moje, jenom moje\Programy\keygen.exe (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
D:\System Volume Information\_restore{982FE633-8E38-42AA-85E5-16249B3C638F}\RP59\A0266561.exe (PUP.Optional.SofTonic) -> Nebyla provedena žádná instrukce.
D:\System Volume Information\_restore{982FE633-8E38-42AA-85E5-16249B3C638F}\RP59\A0266562.exe (PUP.Optional.Conduit) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Radek\Data aplikací\7go\7go.crx (PUP.Optional.7Go) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Radek\Data aplikací\7go\icon.ico (PUP.Optional.7Go) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Radek\Data aplikací\41\Updater.xml (PUP.Optional.Amonetize) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Radek\Data aplikací\41\status.cfg (PUP.Optional.Amonetize) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Radek\Data aplikací\speedanalysis.ico (PUP.Optional.SpeedAnalysis2) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\7za.exe (PUP.Optional.SurfTastic) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\Surftastic.ico (PUP.Optional.SurfTastic) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\Thumbs.db (PUP.Optional.SurfTastic) -> Nebyla provedena žádná instrukce.

(konec)

[JaRon]

vsetko najdene nechaj zmazat v MBAM
RESTART PC
vloz log FRST - zajtra pozriem

[bamal]

Ahoj,
díky.

FrstLauncher mi z tohohle odkazu http://vyosek.ic.cz/pro_usery/FRSTLauncher.exe
nejde stáhnout ani po vypnutí antiviru a firewall. Jde to stáhnout ještě někde jinde?

[cernohous13]

Ahoj, dej jen logy z FRST - http://www.bleepingcomputer.com/downloa ... scan-tool/

[bamal]

Aha, děkuju.
Takže vkládam FRST.txt a Addition


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:29-05-2016 02
Ran by Radek (administrator) on RADEK-YQTGSRBB1 (30-05-2016 18:27:53)
Running from C:\Documents and Settings\Radek\Plocha
Loaded Profiles: Radek (Available Profiles: Radek)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Motive Communications, Inc.) C:\Program Files\Common Files\Motive\McciCMService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\WINDOWS\SQ931STI.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
() C:\WINDOWS\system32\PAStiSvc.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-04-01] (AVAST Software)
HKLM\...\Run: [SQ931STI] => C:\WINDOWS\SQ931STI.EXE [151552 2007-01-24] ()
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-05-06] (LogMeIn Inc.)
HKLM\...\Run: [tmpA63E] => wscript.exe //B "C:\DOCUME~1\Radek\LOCALS~1\Temp\tmpA63E.tmp.wsf" <===== ATTENTION
HKU\S-1-5-21-1482476501-746137067-839522115-1003\...\Run: [tmpA63E] => wscript.exe //B "C:\DOCUME~1\Radek\LOCALS~1\Temp\tmpA63E.tmp.wsf" <===== ATTENTION
HKU\S-1-5-21-1482476501-746137067-839522115-1003\...\MountPoints2: {1602e5c3-bdca-11e5-ab3b-0019663be1a0} - H:\Lenovo_Suite.exe
HKU\S-1-5-21-1482476501-746137067-839522115-1003\...\MountPoints2: {a694d1c3-d18e-11e5-8d06-0019663be1a0} - H:\Lenovo_Suite.exe
HKU\S-1-5-21-1482476501-746137067-839522115-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\ETICIM~1.SCR [966393 2009-05-31] (Grooveware Multimedia)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-04-01] (AVAST Software)
Startup: C:\Documents and Settings\Radek\Nabídka Start\Programy\Po spuštění\Obsah aplikace OneNote.onetoc2 [2012-09-04] ()
Startup: C:\Documents and Settings\Radek\Nabídka Start\Programy\Po spuštění\tmpA63E.tmp.wsf [2016-02-03] ()
GroupPolicyScripts\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1482476501-746137067-839522115-1003] => 81.104.191.252:21320
AutoConfigURL: [S-1-5-21-1482476501-746137067-839522115-1003] => 81.104.191.252:21320
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{92F3FF6F-8BB2-45F1-96C5-1839AEFD306C}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1482476501-746137067-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-1482476501-746137067-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-1482476501-746137067-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
URLSearchHook: HKU\S-1-5-21-1482476501-746137067-839522115-1003 -> Default = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
URLSearchHook: HKU\S-1-5-21-1482476501-746137067-839522115-1003 - (No Name) - {95289393-33EA-4F8D-B952-483415B9C955} - No File
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1482476501-746137067-839522115-1003 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1482476501-746137067-839522115-1003 -> {03EB17CE-D188-4D25-8AF0-CA5DD8AC2383} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... {startPage}
SearchScopes: HKU\S-1-5-21-1482476501-746137067-839522115-1003 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-01] (AVAST Software)
BHO: No Name -> {d6451db9-67e1-4ca3-bfba-4d77fface17f} -> No File
Toolbar: HKU\S-1-5-21-1482476501-746137067-839522115-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll [2008-04-14] (Společnost Microsoft)
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} hxxp://www.nvidia.com/content/DriverDownload/s ... eqlab3.cab
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/n ... rtScan.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\6eignc34.default-1364510204218
FF Homepage: www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-07] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-03-01] (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1482476501-746137067-839522115-1003: @tools.google.com/Google Update;version=8 -> C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Update\1.2.183.39\npGoogleOneClick8.dll [No File]
FF Plugin HKU\S-1-5-21-1482476501-746137067-839522115-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Radek\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-01] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1482476501-746137067-839522115-1003: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-03-01] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2010-05-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2010-05-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2010-05-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2009-11-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2010-05-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2010-05-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2010-05-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np_gp.dll [2009-09-03] (NOS Microsystems Ltd.)
FF Extension: Google Analytics Opt-out Browser Add-on - C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\6eignc34.default-1364510204218\extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2016-02-13]
FF Extension: Adblock Plus - C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\6eignc34.default-1364510204218\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-01] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-04-02]
FF HKU\S-1-5-21-1482476501-746137067-839522115-1003\...\Firefox\Extensions: [firefox@skins.com] - C:\Program Files\Skinovacek\firefox@skins.com => not found
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2014-02-20]

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://147.33.74.135/knihy/uid_isbn-978-80-7080-672-2/cast-chemicke-identifikatory.html
CHR Profile: C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-01]
CHR Extension: (Transparent Grey ) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\becaimlgpcocbcmpceoonkmdmglhacnf [2013-11-25]
CHR Extension: (YouTube) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (AdBlock) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-30]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Profile: C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 2
CHR Extension: (Docs) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-25]
CHR Extension: (Google Drive) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-25]
CHR Extension: (YouTube) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-25]
CHR Extension: (Google Search) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-25]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-25]
CHR Extension: (Gmail) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-25]
CHR Profile: C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 3
CHR Extension: (Prezentace Google) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-14]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-14]
CHR Extension: (Disk Google) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-14]
CHR Extension: (YouTube) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-14]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-14]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-14]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-15]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-14]
CHR Extension: (Gmail) - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-14]
CHR HKLM\...\Chrome\Extension: [eiboplnkbalkhooafhmpjankjoajolei] - C:\Program Files\Skinovacek\chrome@skins.com\chrome@skins.com.crx <not found>
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-01]
StartMenuInternet: chrome.exe - C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-04-01] (AVAST Software)
S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [437880 2015-08-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [413304 2015-08-19] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [839288 2015-08-19] (BlueStack Systems, Inc.)
S3 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [48368 2009-09-03] (NOS Microsystems Ltd.)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1898504 2016-05-06] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [405424 2016-05-06] (LogMeIn, Inc.)
R2 McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [303104 2007-10-15] (Motive Communications, Inc.) [File not signed]
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2008-12-31] ()
R2 STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [53248 2005-01-14] () [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AF9035HB; C:\WINDOWS\System32\Drivers\AF9035HB.sys [863616 2010-05-15] (ITE Technologies )
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2006-06-19] (Advanced Micro Devices)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [32792 2016-04-01] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [35096 2016-04-01] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [91168 2016-04-01] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [64272 2016-04-01] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [58776 2016-04-01] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [816304 2016-04-01] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [447848 2016-04-01] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [171608 2016-04-01] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [67088 2016-04-01] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [221240 2016-04-01] (AVAST Software)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [279712 2014-04-19] ()
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [132216 2015-08-19] (BlueStack Systems)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2015-04-14] (Disc Soft Ltd)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
R3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 irsir; C:\WINDOWS\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [25888 2014-04-19] ()
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-18] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R0 nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [105088 2006-06-28] (NVIDIA Corporation)
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [57856 2006-07-11] (NVIDIA Corporation)
R0 nvgts; C:\WINDOWS\System32\DRIVERS\nvgts.sys [145952 2008-08-18] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [20480 2006-07-11] (NVIDIA Corporation)
S3 PAC7311; C:\WINDOWS\System32\DRIVERS\PA707UCM.SYS [143232 2005-07-08] (PixArt Imaging Inc.) [File not signed]
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [320120 2014-08-08] (Duplex Secure Ltd.)
S3 SQ931; C:\WINDOWS\System32\Drivers\Capt931a.sys [519040 2007-03-27] () [File not signed]
U3 awkal5bz; C:\WINDOWS\system32\Drivers\awkal5bz.sys [0 ] (NVIDIA Corporation) <==== ATTENTION (zero byte File/Folder)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [X]
S4 IntelIde; no ImagePath
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-30 18:27 - 2016-05-30 18:28 - 00023617 _____ C:\Documents and Settings\Radek\Plocha\FRST.txt
2016-05-30 18:27 - 2016-05-30 18:27 - 00000000 ____D C:\FRST
2016-05-30 18:10 - 2016-05-30 18:10 - 00110960 _____ C:\Documents and Settings\Radek\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2016-05-30 18:02 - 2016-05-30 18:03 - 03697768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-30 17:43 - 2016-05-30 17:43 - 01734656 _____ (Farbar) C:\Documents and Settings\Radek\Plocha\FRST.exe
2016-05-30 11:32 - 2016-05-30 11:32 - 00000000 ____D C:\Documents and Settings\Radek\Data aplikací\Malwarebytes
2016-05-30 11:31 - 2016-05-30 11:31 - 00000784 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2016-05-30 11:31 - 2016-05-30 11:31 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2016-05-30 11:31 - 2016-05-30 11:31 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2016-05-30 11:31 - 2016-05-30 11:31 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2016-05-30 11:31 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2016-05-30 11:30 - 2016-05-30 11:30 - 00000000 ____D C:\Documents and Settings\Radek\Plocha\čištění pc
2016-05-27 06:06 - 2016-05-27 06:07 - 00000000 ____D C:\rsit
2016-05-27 06:06 - 2016-05-27 06:07 - 00000000 ____D C:\Program Files\trend micro
2016-05-27 06:06 - 2016-05-27 06:06 - 01107968 _____ C:\Documents and Settings\Radek\Plocha\RSIT.exe
2016-05-25 08:38 - 2016-05-25 08:38 - 00040015 _____ C:\Documents and Settings\Radek\Plocha\Malkusova_Kooperativa_KO8_5056505709_AK_160524_233422.pdf
2016-05-25 00:17 - 2016-05-25 00:17 - 00000452 __RSH C:\Documents and Settings\All Users\ntuser.pol
2016-05-25 00:12 - 2016-05-25 00:12 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-05-20 07:48 - 2016-05-20 07:48 - 00134387 _____ C:\Documents and Settings\Radek\Plocha\kacenky z vidne.pdf
2016-05-20 07:47 - 2016-05-20 07:47 - 00133958 _____ C:\Documents and Settings\Radek\Plocha\bara z vidne.pdf
2016-05-14 09:46 - 2016-05-14 09:46 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2016-05-14 09:46 - 2016-05-14 09:46 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\LogMeIn Hamachi
2016-05-13 12:27 - 2016-05-13 20:19 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-30 18:28 - 2008-12-17 14:50 - 00000000 ____D C:\Documents and Settings\Radek\Local Settings\Temp
2016-05-30 18:27 - 2008-12-17 14:50 - 00000000 ____D C:\Documents and Settings\Radek\Plocha
2016-05-30 18:10 - 2008-12-17 14:50 - 00000000 ___HD C:\Documents and Settings\Radek\Local Settings\Data aplikací
2016-05-30 18:09 - 2015-12-27 20:32 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2016-05-30 18:03 - 2015-05-15 11:01 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-30 18:03 - 2012-02-24 22:40 - 00000000 ____D C:\Documents and Settings\Radek\Local Settings\Data aplikací\LogMeIn Hamachi
2016-05-30 18:03 - 2012-02-24 22:40 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\LogMeIn Hamachi
2016-05-30 18:02 - 2008-12-17 14:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-30 18:01 - 2008-12-17 14:50 - 00000178 ___SH C:\Documents and Settings\Radek\ntuser.ini
2016-05-30 18:01 - 2008-12-17 14:44 - 00032578 _____ C:\WINDOWS\SchedLgU.Txt
2016-05-30 17:51 - 2008-12-17 14:50 - 00000000 ____D C:\Documents and Settings\Radek
2016-05-30 17:44 - 2015-05-15 11:01 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-30 17:42 - 2015-08-16 08:53 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-30 15:57 - 2008-12-17 14:44 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Temp
2016-05-30 15:56 - 2008-12-17 13:55 - 00000000 ____D C:\WINDOWS\security
2016-05-30 15:54 - 2008-12-17 14:50 - 00000000 __RHD C:\Documents and Settings\Radek\Data aplikací
2016-05-30 11:31 - 2008-12-17 13:59 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2016-05-30 11:31 - 2008-12-17 13:59 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2016-05-30 11:31 - 2008-12-17 13:59 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2016-05-30 11:21 - 2001-10-25 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-05-25 00:17 - 2008-12-17 13:59 - 00000000 ____D C:\Documents and Settings\All Users
2016-05-24 22:32 - 2008-12-17 14:50 - 00000000 ___RD C:\Documents and Settings\Radek\Nabídka Start\Programy\Po spuštění
2016-05-24 21:39 - 2010-11-14 10:48 - 00000000 ____D C:\Documents and Settings\Radek\Data aplikací\vlc
2016-05-14 09:46 - 2016-04-24 19:11 - 00000685 _____ C:\Documents and Settings\All Users\Plocha\LogMeIn Hamachi.lnk
2016-05-14 09:41 - 2012-04-28 08:13 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-05-12 23:21 - 2013-07-30 07:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-12 23:05 - 2008-12-17 16:26 - 136686448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-12 20:42 - 2016-04-21 10:42 - 05995712 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2016-05-12 20:42 - 2012-05-24 16:45 - 00797376 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-05-12 20:42 - 2011-08-20 20:32 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-05-04 13:35 - 2012-02-29 19:55 - 00026176 ____H (LogMeIn, Inc.) C:\WINDOWS\system32\hamachi.sys

==================== Files in the root of some directories =======

2013-08-07 20:18 - 2014-01-03 22:10 - 0000132 _____ () C:\Documents and Settings\Radek\Data aplikací\Adobe BMP Format CS5 Prefs
2011-11-26 19:50 - 2011-11-26 19:52 - 0000132 _____ () C:\Documents and Settings\Radek\Data aplikací\Adobe GIF Format CS5 Prefs
2011-11-26 19:57 - 2011-11-26 20:25 - 0001456 _____ () C:\Documents and Settings\Radek\Local Settings\Data aplikací\Adobe Save for Web 12.0 Prefs
2008-12-26 15:54 - 2016-03-06 14:39 - 0024576 _____ () C:\Documents and Settings\Radek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-03-29 21:40 - 2013-03-29 21:40 - 0003072 _____ () C:\Documents and Settings\Radek\Local Settings\Data aplikací\file__0.localstorage
2011-10-09 15:03 - 2011-10-09 15:03 - 0000000 _____ () C:\Documents and Settings\Radek\Local Settings\Data aplikací\{7293C134-81BB-4D1C-9162-6EDCF47DF90C}
2015-03-25 20:04 - 2015-03-25 20:04 - 0000000 _____ () C:\Documents and Settings\Radek\Local Settings\Data aplikací\{BE81593C-ECBA-4E25-AAC0-B9B86E0EA730}

Some files in TEMP:
====================
C:\Documents and Settings\Radek\Local Settings\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================





Additional scan result of Farbar Recovery Scan Tool (x86) Version:29-05-2016 02
Ran by Radek (2016-05-30 18:29:05)
Running from C:\Documents and Settings\Radek\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) (2008-12-17 12:22:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1482476501-746137067-839522115-500 - Administrator - Enabled)
ASPNET (S-1-5-21-1482476501-746137067-839522115-1007 - Limited - Enabled)
Guest (S-1-5-21-1482476501-746137067-839522115-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-1482476501-746137067-839522115-1000 - Limited - Disabled)
Radek (S-1-5-21-1482476501-746137067-839522115-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Radek
SUPPORT_388945a0 (S-1-5-21-1482476501-746137067-839522115-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat 5.0 (HKLM\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.44 - NOS Microsystems Ltd.)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Aktualizace systému Windows Internet Explorer 7 (KB976749) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace systému Windows Internet Explorer 7 (KB980182) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace systému Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB2183461) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB2360131) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB2416400) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB2482017) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB2497640) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB2530548) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB2544521) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB2559049) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB2586448) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB2618444) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB2647516) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB938127-v2) (Version: 2 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB958215) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB960714) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB961260) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB963027) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB969897) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB972260) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB974455) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB976325) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB978207) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB982381) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2647516) (HKLM\...\KB2647516-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2675157) (HKLM\...\KB2675157-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
AMR Converter Pro (HKLM\...\AMR Converter Pro) (Version: - Mystik Media)
AMR Converter Pro (Version: 4.0 - Mystik Media) Hidden
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Automatic Remasterer v 1.7 (HKLM\...\Automatic Remasterer_is1) (Version: - Daniel Benes - STARSOFT)
Avast Free Antivirus (HKLM\...\avast) (Version: 11.1.2253 - AVAST Software)
Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) (HKLM\...\3FA1705966809259F916AF817C59B4F389F4572C) (Version: 05/27/2006 1.3.2.0 - Advanced Micro Devices)
BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.10.0.4321 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM\...\{473E82D7-79E2-43DF-8FA0-025407C93191}) (Version: 0.10.0.4321 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Book-Maker (HKLM\...\ArtD - Grafický atelier Černý_Book-Maker) (Version: - )
Business Contact Manager pro aplikaci Outlook 2007 (HKLM\...\Business Contact Manager pro aplikaci Outlook 2007) (Version: 3.0.5828.0 - Microsoft Corporation)
Business Contact Manager pro aplikaci Outlook 2007 (Version: 3.0.5828.0 - Microsoft Corporation) Hidden
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: - )
Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version: - )
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.18 - Piriform)
Codec Pack - All In 1 6.0.3.0 (HKLM\...\Cool's_Codec_pack_4.12) (Version: - )
Corel Graphics - Windows Shell Extension (HKLM\...\_{B92076C0-C5FE-4DB1-AA8D-855430CDF098}) (Version: 16.0.0.707 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.0.707 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - EN (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (HKLM\...\_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}) (Version: 16.0.0.707 - Corel Corporation)
CorelDRAW Graphics Suite X6 (Version: 16.0 - Corel Corporation) Hidden
CPUMon (HKLM\...\CPUMon) (Version: - )
Crazy Drake (HKLM\...\CrazyDrake) (Version: - )
CrazyFactory (HKLM\...\{78A25D80-43A1-11D5-B4C9-00D0B7C8B1FE}) (Version: 1.00.000 - )
CyberLink PhotoNow (HKLM\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.4020 - CyberLink Corp.)
CyberPower Audio Editing Lab 15.1.2 (HKLM\...\CyberPower Audio Editing Lab_is1) (Version: - CyberPower Development Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007 (HKLM\...\{90120000-00B2-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
Elite Proxy Switcher 1.23 (HKLM\...\Elite Proxy Switcher_is1) (Version: - hxxp://www.didsoft.com)
ffdshow v1.2.4422 [2012-04-09] (HKLM\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Fish Fillets 2 (HKLM\...\Fish Fillets 2) (Version: 1.0.0.0 - ALTAR Games)
FormatFactory 2.20 (HKLM\...\FormatFactory) (Version: 2.20 - Free Time)
Fraps (remove only) (HKLM\...\Fraps) (Version: - )
Game Launcher version 3.2.1.7 (HKLM\...\{31D22D10-7FD2-401B-8AEA-D20A1A9A440E}_is1) (Version: 3.2.1.7 - Eikester)
GIMP 2.6.7 (HKLM\...\WinGimp-2.0_is1) (Version: - )
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Chrome (HKU\S-1-5-21-1482476501-746137067-839522115-1003\...\Google Chrome) (Version: 10.0.648.151 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
Harry Potter and the Prisoner of Azkaban(TM) (HKLM\...\{A4CBCF09-0C7E-40AA-0080-34B8A5CFE7FA}) (Version: - )
Harry Potter TM (HKLM\...\{3F50AF3B-8997-4916-0095-99D63DDB785A}) (Version: - )
Heroes of Might and Magic III Complete (HKLM\...\InstallShield_{EDFB64A7-5BFD-4137-943D-5663149A15F5}) (Version: 1.00.0000 - CD Projekt)
Heroes of Might and Magic III Complete (Version: 1.00.0000 - CD Projekt) Hidden
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
League of Legends (HKLM\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.428 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.428 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware verze 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 cs) (HKLM\...\Mozilla Firefox 46.0.1 (x86 cs)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (HKLM\...\{AEB9948B-4FF2-47C9-990E-47014492A0FE}) (Version: 6.00.3883.8 - Microsoft Corporation)
Nero 6 Enterprise Edition (HKLM\...\Nero - Burning Rom!UninstallKey) (Version: - )
NOD32 FiX v1.5 (HKLM\...\{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1) (Version: - )
Nový Robinson (HKLM\...\Nový Robinson) (Version: - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
NVIDIA PhysX (HKLM\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
O2 Internet Konfigurator (HKLM\...\O2 Internet Konfigurator) (Version: - )
OpenOffice.org 2.4 (HKLM\...\{C2ED62F4-4F0B-44DF-B630-DD02FD7E8C60}) (Version: 2.4.9310 - OpenOffice.org)
OpenOffice.org 3.0 (HKLM\...\{564D0000-547B-4ED8-8070-85286CC8C9BF}) (Version: 3.0.9379 - OpenOffice.org)
Opera 12.14 (HKLM\...\Opera 12.14.1738) (Version: 12.14.1738 - Opera Software ASA)
Origin (HKLM\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.6 - Pando Networks Inc.)
PC VGA Camer@ (HKLM\...\InstallShield_{C48ECCB6-A2E1-4B4D-A5ED-EFA6C9B30517}) (Version: 1.0.1.46AX - Název společnosti:)
PC VGA Camer@ (Version: 1.0.1.46AX - Název společnosti:) Hidden
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
ProfiCAD 7.6.4 (HKLM\...\ProfiCAD_is1) (Version: - )
PSPad editor (HKLM\...\PSPad editor_is1) (Version: 4.5.7.2450 - Jan Fiala)
QuickTime (HKLM\...\{F958CA02-BB40-4007-894B-258729456EE4}) (Version: 7.55.90.70 - Apple Inc.)
rajče verze 58 sestavení 211 (HKLM\...\rajče.net_is1) (Version: - rajče.net)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5283 - Realtek Semiconductor Corp.)
Recepty doma (HKLM\...\Recepty doma_is1) (Version: - Martin Roubec)
Registrace uživatele zařízení Canon MP250 series (HKLM\...\Registrace uživatele zařízení Canon MP250 series) (Version: - )
Sada Compatibility Pack pro systém Office 2007 (HKLM\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6021.5000 - Microsoft Corporation)
SafeZone Stable 1.48.2066.44 (Version: 1.48.2066.44 - Avast Software) Hidden
Sims2Pack Clean Installer (HKLM\...\Sims2Pack Clean Installer) (Version: - )
Skype™ 7.12 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Součásti připojení sady Microsoft Office Small Business (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SubQuest (HKLM\...\SubQuest) (Version: - )
Sudoku solver (HKLM\...\ST6UNST #1) (Version: - )
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version: - )
Šetřič Cimrman 1 (HKLM\...\Šetřič Cimrman 1) (Version: - )
tAPI version 1.2.4.1 r15 (HKLM\...\{6D47E78A-A9FE-41B8-A5C6-8A6A04FB8F71}_is1) (Version: 1.2.4.1 r15 - tAPI Development Team)
Teleport Pro (HKLM\...\Teleport Pro) (Version: 1.64 - Tennyson Maxwell Information Systems, Inc.)
Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic)
Terraria v1.2.0.2 cracked-KEBAB (HKLM\...\{A1264D7F-CEF6-4033-8F9D-3E27392E3627}) (Version: 1.2.0.2 - KEBAB)
The Sims 2 (HKLM\...\{8AB8D458-939E-403F-0097-9BA1C1F013D5}) (Version: - )
The Sims 2 Body Shop (HKLM\...\{438BC259-E54C-4392-008E-2808B9C251CA}) (Version: - )
The Sims 2 Glamour Life Stuff (HKLM\...\{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}) (Version: - )
The Sims 2 Nightlife (HKLM\...\{F7529650-B9DB-481B-0089-A2AC3C2821C1}) (Version: - )
The Sims 2 Open For Business (HKLM\...\{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}) (Version: - )
The Sims 2 Pets (HKLM\...\{4817189D-1785-4627-A33C-39FD90919300}) (Version: - )
The Sims 2 University (HKLM\...\{01521746-02A6-4A72-00BD-A285DF6B80C6}) (Version: - )
The Sims 4 (HKLM\...\The Sims 4_R.G. Mechanics_is1) (Version: - R.G. Mechanics, ProZorg_tm)
The Sims™ 2 Apartment Life (HKLM\...\{B6F5B704-06D3-4687-90F3-6195304AD755}) (Version: - Electronic Arts)
The Sims™ 2 Bon Voyage (HKLM\...\{F248ADFA-64E0-4b03-8A83-059078BED6A0}) (Version: - Electronic Arts)
The Sims™ 2 Celebration! Stuff (HKLM\...\{EAA38532-7AD0-4f78-918A-4F4F02096ECE}) (Version: - )
The Sims™ 2 FreeTime (HKLM\...\{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}) (Version: - Electronic Arts)
The Sims™ 2 H&M® Fashion Stuff (HKLM\...\{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}) (Version: - )
The Sims™ 2 IKEA® Home Stuff (HKLM\...\{6E17F9751-F056-4335-B718-8AF1B1092AFB}) (Version: - Electronic Arts)
The Sims™ 2 Kitchen & Bath Interior Design Stuff (HKLM\...\{6522C636-B04C-4333-9BEB-9E0C0B6350D6}) (Version: - Electronic Arts)
The Sims™ 2 Seasons (HKLM\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version: - )
The Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.615 - Electronic Arts)
The Witcher Enhanced Edition (HKLM\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red)
Thief - Deadly Shadows (HKLM\...\{FC123EEA-330A-4685-911C-95B8F5E9DE68}) (Version: 1.0 - )
Thief Gold (remove only) (HKLM\...\Thief Gold) (Version: - )
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: - )
Unity Web Player (HKU\S-1-5-21-1482476501-746137067-839522115-1003\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
USB 2.0 Video Camera (HKLM\...\{236E24F2-D767-406B-B2F0-892D3A0DEA4A}) (Version: 0.1.0114.05 - Service & Quality Technology)
verze 1.5 (HKLM\...\Český Thief Gold_is1) (Version: - Norbert "Norbik" Navrátil)
Video Grabber (HKLM\...\{65C3253A-E984-4769-BC33-CBC8F059C408}) (Version: 1.00.0000 - dexatek)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031517 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Zkušební verze produktu Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Zkušební verze produktu Microsoft Office Small Business 2007 (HKLM\...\SMALLBUSINESSR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Zoo Tycoon 2 - Marine Mania (HKLM\...\InstallShield_{B406605B-45FE-4D8F-8250-1E77479583AE}) (Version: 1.00.0000 - Microsoft Game Studios)
Zoo Tycoon 2 - Marine Mania (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Zoo Tycoon Čeština 1.05 (HKU\S-1-5-21-1482476501-746137067-839522115-1003\...\Zoo Tycoon Čeština 1.05) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1482476501-746137067-839522115-1003_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CustomCLSID: HKU\S-1-5-21-1482476501-746137067-839522115-1003_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Documents and Settings\Radek\Local Settings\Data aplikací\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SafeZone scheduled Autoupdate 1459588872.job => C:\Program Files\AVAST Software\SZBrowser\launcher.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-05-14 06:28 - 2016-04-01 23:39 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-14 06:28 - 2016-04-01 23:39 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-05-30 11:12 - 2016-05-30 11:12 - 02982040 _____ () C:\Program Files\AVAST Software\Avast\defs\16053000\algo.dll
2016-04-15 22:12 - 2016-04-15 22:12 - 00509344 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2013-11-24 20:56 - 2016-04-01 23:39 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-18 21:26 - 2007-01-24 14:24 - 00151552 _____ () C:\WINDOWS\SQ931STI.EXE
2001-10-25 14:00 - 2008-04-14 09:51 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2011-12-25 18:06 - 2008-12-31 06:31 - 00247152 ____R () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2010-03-07 21:35 - 2005-01-14 10:32 - 00053248 _____ () C:\WINDOWS\System32\PAStiSvc.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Documents and Settings\Radek:gs5sys [3328]
AlternateDataStreams: C:\Documents and Settings\All Users\Šablony:gs5sys [3072]
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\desktop.ini:gs5sys [3328]
AlternateDataStreams: C:\Documents and Settings\Radek\Cookies:gs5sys [3328]
AlternateDataStreams: C:\Documents and Settings\Radek\Plocha:gs5sys [3328]
AlternateDataStreams: C:\Documents and Settings\Radek\Šablony:gs5sys [3328]
AlternateDataStreams: C:\Documents and Settings\Radek\Data aplikací\desktop.ini:gs5sys [3328]
AlternateDataStreams: C:\Documents and Settings\Radek\Local Settings\Data aplikací:gs5sys [3072]
AlternateDataStreams: C:\Documents and Settings\Radek\Local Settings\History:gs5sys [3072]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\scrfile\shell\open\command: "%1" /S "%3" <===== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2001-10-25 14:00 - 2010-05-13 18:53 - 00001204 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1482476501-746137067-839522115-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 10.0.0.138
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\AuthorizedApplications: [C:\Program Files\Pando Networks\Media Booster\PMB.exe] => Enabled:Pando Media Booster
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE] => Enabled:Microsoft Office OneNote
StandardProfile\AuthorizedApplications: [C:\Program Files\QIP\qip.exe] => Enabled:Quiet Internet Pager
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE] => Enabled:Microsoft Office Outlook
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Games\Zoo Tycoon 2 Trial Version\zt2demoretail.exe] => Enabled:Zoo Tycoon 2 Demo Executable
StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Plugin Manager\skypePM.exe] => Enabled:Skype Extras Manager
StandardProfile\AuthorizedApplications: [C:\Program Files\Electronic Arts\EADM\Core.exe] => Enabled:EA Download Manager
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Google Earth\plugin\geplugin.exe] => Enabled:Google Earth
StandardProfile\AuthorizedApplications: [C:\Program Files\Opera\opera.exe] => Enabled:Opera Internet Browser
StandardProfile\AuthorizedApplications: [D:\Moje, jenom moje\Facemoods.exe] => Enabled:InstallCore™
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Google Earth\client\googleearth.exe] => Enabled:Google Earth
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office12\GROOVE.EXE] => Enabled:Microsoft Office Groove
StandardProfile\AuthorizedApplications: [D:\Moje, jenom moje\Hry\terraria-1.0.6\terraria 1.0.6\terraria\TerrariaServer.exe] => Disabled:Terraria
StandardProfile\AuthorizedApplications: [D:\Moje, jenom moje\Hry\Terraria 1.1.2\TerrariaServer.exe] => Enabled:Terraria
StandardProfile\AuthorizedApplications: [C:\Program Files\Pando Networks\Media Booster\PMB.exe] => Enabled:Pando Media Booster
StandardProfile\AuthorizedApplications: [C:\Riot Games\League of Legends\air\LolClient.exe] => Enabled:League of Legends Lobby
StandardProfile\AuthorizedApplications: [C:\Riot Games\League of Legends\game\League of Legends.exe] => Enabled:League of Legends Game Client
StandardProfile\AuthorizedApplications: [C:\Riot Games\League of Legends\lol.launcher.exe] => Enabled:League of Legends Launcher
StandardProfile\AuthorizedApplications: [C:\Program Files\Ubisoft\Heroes 3 Complete\HEROES3.EXE] => Enabled:Heroes of Might and Magic® III
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\dplaysvr.exe] => Enabled:Microsoft DirectPlay Helper
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Radek\Data aplikací\GameRanger\GameRanger\GameRanger.exe] => Enabled:GameRanger
StandardProfile\AuthorizedApplications: [C:\Program Files\Metin2\metin2client.bin] => Enabled:Metin2Client
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Radek\Local Settings\Data aplikací\DirectDownloader\directdownloader.exe] => Enabled:DirectDownloader
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Radek\Local Settings\Temp\incredibar_installer.exe] => Enabled:IncrediBar Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\Counter-Strike 1.6 Standalone\launcher.exe] => Enabled:Creted by Martin.cz
StandardProfile\AuthorizedApplications: [C:\Totalcmd\TOTALCMD.EXE] => Enabled:Total Commander 32 bit international version, file manager replacement for Windows
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe] => Enabled:Zoo Tycoon 2 Executable
StandardProfile\AuthorizedApplications: [C:\Program Files\Bonjour\mDNSResponder.exe] => Enabled:Bonjour Service
StandardProfile\AuthorizedApplications: [C:\Program Files\iTunes\iTunes.exe] => Enabled:iTunes
StandardProfile\AuthorizedApplications: [C:\Program Files\PCDApp\dgen.exe] => Enabled:MProxy
StandardProfile\AuthorizedApplications: [C:\Program Files\PCDApp\cudaminer.exe] => Enabled:NProxy
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\muzapp.exe] => Enabled:MUZ AOD APP player
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Radek\Data aplikací\uTorrent\utorrent.exe] => Enabled:µTorrent
StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\Steam.exe] => Enabled:Steam
StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\bin\steamwebhelper.exe] => Enabled:Steam Web Helper
StandardProfile\AuthorizedApplications: [C:\Program Files\Java\jre1.8.0_25\bin\java.exe] => Enabled:Java(TM) Platform SE binary
StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\steamapps\common\Terraria\Terraria.exe] => Enabled:Terraria
StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\steamapps\common\Terraria\TerrariaServer.exe] => Enabled:Terraria
StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
DomainProfile\GloballyOpenPorts: [58692:TCP] => Enabled:Pando Media Booster
DomainProfile\GloballyOpenPorts: [58692:UDP] => Enabled:Pando Media Booster
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [58692:TCP] => Enabled:Pando Media Booster
StandardProfile\GloballyOpenPorts: [58692:UDP] => Enabled:Pando Media Booster
StandardProfile\GloballyOpenPorts: [8396:TCP] => Enabled:League of Legends Launcher
StandardProfile\GloballyOpenPorts: [8396:UDP] => Enabled:League of Legends Launcher
StandardProfile\GloballyOpenPorts: [8393:TCP] => Enabled:League of Legends Lobby
StandardProfile\GloballyOpenPorts: [8393:UDP] => Enabled:League of Legends Lobby
StandardProfile\GloballyOpenPorts: [8390:TCP] => Enabled:League of Legends Game Client
StandardProfile\GloballyOpenPorts: [8390:UDP] => Enabled:League of Legends Game Client
StandardProfile\GloballyOpenPorts: [6981:TCP] => Enabled:League of Legends Launcher
StandardProfile\GloballyOpenPorts: [6981:UDP] => Enabled:League of Legends Launcher

==================== Restore Points =========================

15-03-2016 15:28:47 Kontrolní bod systému
18-03-2016 00:41:43 Kontrolní bod systému
19-03-2016 20:03:35 Kontrolní bod systému
26-03-2016 01:21:41 Kontrolní bod systému
27-03-2016 18:05:12 Kontrolní bod systému
01-04-2016 23:43:28 Installed Windows XP Wdf01009.
17-04-2016 17:37:24 Kontrolní bod systému
03-04-2016 12:12:33 Kontrolní bod systému
08-04-2016 09:32:16 Kontrolní bod systému
09-04-2016 20:02:50 Kontrolní bod systému
10-04-2016 20:04:44 Kontrolní bod systému
11-04-2016 20:17:54 Kontrolní bod systému
12-04-2016 21:08:45 Kontrolní bod systému
13-04-2016 22:02:30 Kontrolní bod systému
15-04-2016 22:17:01 Software Distribution Service 3.0
21-04-2016 10:24:45 Kontrolní bod systému
24-04-2016 19:56:06 Kontrolní bod systému
25-04-2016 19:59:48 Kontrolní bod systému
29-04-2016 19:19:44 Kontrolní bod systému
01-05-2016 12:33:22 Kontrolní bod systému
12-05-2016 20:53:54 Kontrolní bod systému
12-05-2016 23:04:30 Software Distribution Service 3.0
14-05-2016 11:19:45 Kontrolní bod systému
15-05-2016 11:31:27 Kontrolní bod systému
19-05-2016 20:47:23 Kontrolní bod systému
20-05-2016 21:23:07 Kontrolní bod systému
21-05-2016 22:34:43 Kontrolní bod systému
22-05-2016 23:17:30 Kontrolní bod systému
24-05-2016 00:11:41 Kontrolní bod systému
25-05-2016 11:46:34 Kontrolní bod systému
27-05-2016 03:35:57 Kontrolní bod systému
30-05-2016 15:20:52 Kontrolní bod systému

==================== Faulty Device Manager Devices =============

Name: Myš Microsoft pro port PS/2
Description: Myš Microsoft pro port PS/2
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/18/2016 12:53:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace photoshop.exe, verze 12.0.0.0, chybující modul adobeswfl.dll, verze 2.0.0.7489, adresa chyby 0x00013db9.
Zpracování události, specifické pro médium ([photoshop.exe!ws!])


System errors:
=============
Error: (05/30/2016 03:57:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
nvata

Error: (05/30/2016 03:57:43 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{92F3FF6F-8BB2-45F1-96C5-1839AEFD306C}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (05/27/2016 04:10:09 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Zapůjčení adresy IP 10.0.0.139 pro síťovou kartu s adresou 0019663BE1A0 byla
serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error: (05/27/2016 02:53:33 AM) (Source: W32Time) (EventID: 34) (User: )
Description: Služba Systémový čas zjistila, že je nutné změnit
systémový čas o +276803 sekund. Služba Systémový čas nemění systémový
čas o více než +54000 sekund. Ověřte správnost času a časového pásma, a zda zdroj času time.windows.com (ntp.m|0x1|10.0.0.139:123->52.169.179.91:123) pracuje správně.

Error: (05/25/2016 08:30:51 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Zapůjčení adresy IP 10.0.0.140 pro síťovou kartu s adresou 0019663BE1A0 byla
serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error: (05/19/2016 08:19:51 PM) (Source: W32Time) (EventID: 29) (User: )
Description: Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není aktuálně k dispozici.
Po dobu 14 minut nebude proveden žádný pokus o kontaktování zdroje.
Klient NTP nemá k dispozici žádný zdroj času.

Error: (05/19/2016 08:19:51 PM) (Source: W32Time) (EventID: 17) (User: )
Description: Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně nakonfigurovaného partnera
time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí o vyhledání pomocí služby DNS
znovu za 15 minut.
Chyba: Došlo k pokusu o operaci se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error: (05/19/2016 08:19:33 PM) (Source: W32Time) (EventID: 29) (User: )
Description: Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není aktuálně k dispozici.
Po dobu 14 minut nebude proveden žádný pokus o kontaktování zdroje.
Klient NTP nemá k dispozici žádný zdroj času.

Error: (05/19/2016 08:19:33 PM) (Source: W32Time) (EventID: 17) (User: )
Description: Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně nakonfigurovaného partnera
time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí o vyhledání pomocí služby DNS
znovu za 15 minut.
Chyba: Došlo k pokusu o operaci se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error: (05/13/2016 07:22:06 AM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume1


==================== Memory info ===========================

Processor: AMD Athlon(tm) Processor LE-1640
Percentage of memory in use: 43%
Total physical RAM: 2015.23 MB
Available physical RAM: 1138.98 MB
Total Virtual: 3907.64 MB
Available Virtual: 3126.3 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:278.91 GB) (Free:14.35 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: (data) (Fixed) (Total:186.85 GB) (Free:23.42 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 7BB67BB6)
Partition 1: (Active) - (Size=278.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=186.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[JaRon]

Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start

HKLM\...\Run: [SQ931STI] => C:\WINDOWS\SQ931STI.EXE [151552 2007-01-24] ()
HKLM\...\Run: [tmpA63E] => wscript.exe //B "C:\DOCUME~1\Radek\LOCALS~1\Temp\tmpA63E.tmp.wsf" <===== ATTENTION
HKU\S-1-5-21-1482476501-746137067-839522115-1003\...\Run: [tmpA63E] => wscript.exe //B "C:\DOCUME~1\Radek\LOCALS~1\Temp\tmpA63E.tmp.wsf" <===== ATTENTION
Startup: C:\Documents and Settings\Radek\Nabídka Start\Programy\Po spuštění\tmpA63E.tmp.wsf [2016-02-03] ()
BHO: No Name -> {d6451db9-67e1-4ca3-bfba-4d77fface17f} -> No File



EmptyTemp:
Reboot:
End

•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt