VIRY.CZ

Ahoj, prosím o kontrolu logu.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenka at 2018-08-13 10:00:15
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 138 GB (23%) free of 610 GB
Total RAM: 3582 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:00:16, on 13.8.2018
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16708)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Avira\Launcher\Avira.Systray.exe
C:\Windows\system32\DllHost.exe
C:\Users\Lenka\Downloads\RSIT.exe
C:\Program Files\trend micro\Lenka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: GIGABYTE OC_GURU.lnk = C:\Program Files\GIGABYTE\GIGABYTE OC_GURU II\Launcher.exe
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (file missing)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate1ca5eefa774ed9c) (gupdate1ca5eefa774ed9c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files\Origin\OriginClientService.exe
O23 - Service: Printer Control - ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM - C:\Windows\system32\PrintCtrl.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7708 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "about:home"
prefs.js - "extensions.enabledItems" - "piclens@cooliris.com:1.12.2.44079, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3, {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18, {69D30031-F4A8-452a-A5B3-5D6787C3C5CF}:3.6, {c1dffba0-628e-11d9-9669-0800200c9a66}:3.6.3"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.134 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_30_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1216156.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdbplug.xpt
nppl3260.xpt
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class

C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\extensions\
piclens@cooliris.com
{20a82645-c095-46ed-80e3-08825760534b}
{7c231677-e4fb-44ac-80a5-c87fcb7c2be9}

C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\searchplugins\
yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-05-18 425680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-05-10 4468736]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2016-10-26 831576]
"Avira SystrayStartTrigger"=C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [2018-02-12 67040]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2012-05-18 296056]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-15 2398776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files\BlueStacks\HD-Agent.exe [2013-06-10 601928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files\Electronic Arts\EADM\Core.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jing]
C:\Program Files\TechSmith\Jing\Jing.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LG LinkAir]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PeerBlock]
C:\Program Files\PeerBlock\peerblock.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrintDisp]
C:\Windows\system32\PrintDisp.exe [2011-02-19 826368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Network Server.lnk]
C:\PROGRA~1\WIBUKEY\Server\WkSvMgr.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GIGABYTE OC_GURU.lnk - C:\Program Files\GIGABYTE\GIGABYTE OC_GURU II\Launcher.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"VIDC.FPS1"=frapsvid.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2018-08-13 09:54:59 ----D---- C:\Program Files\trend micro
2018-08-13 09:54:58 ----D---- C:\rsit
2018-08-12 18:41:09 ----D---- C:\Program Files\CPUID
2018-08-10 13:54:50 ----D---- C:\Users\Lenka\AppData\Roaming\NVIDIA
2018-07-26 16:43:36 ----A---- C:\Windows\system32\vulkaninfo.exe
2018-07-26 16:43:36 ----A---- C:\Windows\system32\vulkan-1.dll
2018-07-26 16:43:20 ----D---- C:\Program Files\VulkanRT
2018-07-26 16:43:14 ----D---- C:\ProgramData\NVIDIA
2018-07-26 16:42:41 ----A---- C:\Windows\system32\nvvsvc.exe
2018-07-26 16:42:41 ----A---- C:\Windows\system32\nvshext.dll
2018-07-26 16:42:41 ----A---- C:\Windows\system32\nv3dappshextr.dll
2018-07-26 16:42:41 ----A---- C:\Windows\system32\nv3dappshext.dll
2018-07-26 16:42:40 ----A---- C:\Windows\system32\nvsvcr.dll
2018-07-26 16:42:40 ----A---- C:\Windows\system32\nvsvc.dll
2018-07-26 16:42:40 ----A---- C:\Windows\system32\nvmctray.dll
2018-07-26 16:42:40 ----A---- C:\Windows\system32\nvcpl.dll
2018-07-26 16:42:11 ----A---- C:\Windows\system32\OpenCL.dll
2018-07-26 16:37:35 ----A---- C:\Windows\system32\nvwgf2um.dll
2018-07-26 16:37:35 ----A---- C:\Windows\system32\nvhdap32.dll
2018-07-26 16:37:35 ----A---- C:\Windows\system32\nvhdagenco3220103.dll
2018-07-26 16:37:35 ----A---- C:\Windows\system32\drivers\nvhda32v.sys
2018-07-26 16:37:34 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2018-07-26 16:37:34 ----A---- C:\Windows\system32\nvopencl.dll
2018-07-26 16:37:33 ----A---- C:\Windows\system32\nvoglv32.dll
2018-07-26 16:37:33 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2018-07-26 16:37:33 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2018-07-26 16:37:33 ----A---- C:\Windows\system32\nvdispgenco3236519.dll
2018-07-26 16:37:33 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2018-07-26 16:37:32 ----A---- C:\Windows\system32\nvdispco3236519.dll
2018-07-26 16:37:32 ----A---- C:\Windows\system32\nvd3dum.dll
2018-07-26 16:37:32 ----A---- C:\Windows\system32\nvcuvid.dll
2018-07-26 16:37:32 ----A---- C:\Windows\system32\nvcuda.dll
2018-07-26 16:37:29 ----A---- C:\Windows\system32\nvcompiler.dll
2018-07-26 16:37:29 ----A---- C:\Windows\system32\nvapi.dll
2018-07-26 16:32:29 ----D---- C:\NVIDIA
2018-07-26 16:00:51 ----D---- C:\ProgramData\Battle.net
2018-07-26 15:40:29 ----D---- C:\GvTemp
2018-07-26 15:36:02 ----ASH---- C:\hiberfil.sys
2018-07-26 15:20:17 ----D---- C:\Program Files\GIGABYTE

======List of files/folders modified in the last 1 month======

2018-08-13 10:00:15 ----D---- C:\Windows\Temp
2018-08-13 09:54:59 ----RD---- C:\Program Files
2018-08-13 09:13:32 ----D---- C:\Windows\system32\Tasks
2018-08-13 09:12:39 ----D---- C:\Program Files\CCleaner
2018-08-13 08:59:22 ----SHD---- C:\Windows\Installer
2018-08-13 08:58:47 ----SHD---- C:\System Volume Information
2018-08-13 08:37:52 ----D---- C:\ProgramData\Origin
2018-08-13 08:37:22 ----D---- C:\Users\Lenka\AppData\Roaming\vlc
2018-08-12 19:08:39 ----D---- C:\Windows\inf
2018-08-12 14:35:59 ----D---- C:\Windows
2018-08-12 11:54:33 ----D---- C:\Windows\System32
2018-08-12 11:54:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-08-10 14:37:27 ----D---- C:\Windows\SoftwareDistribution
2018-08-10 14:37:25 ----D---- C:\Windows\Minidump
2018-08-10 14:30:31 ----D---- C:\AdwCleaner
2018-08-05 11:32:23 ----D---- C:\Program Files\Mozilla Firefox
2018-08-04 18:04:37 ----D---- C:\Program Files\Google
2018-07-30 15:28:41 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2018-07-30 15:28:38 ----D---- C:\Windows\system32\Macromed
2018-07-26 16:44:38 ----D---- C:\Windows\system32\catroot
2018-07-26 16:43:57 ----D---- C:\Windows\system32\drivers
2018-07-26 16:43:17 ----D---- C:\temp
2018-07-26 16:43:14 ----HD---- C:\ProgramData
2018-07-26 16:42:38 ----D---- C:\Windows\Help
2018-07-26 16:42:38 ----D---- C:\Program Files\NVIDIA Corporation
2018-07-26 16:41:14 ----D---- C:\ProgramData\NVIDIA Corporation
2018-07-26 16:40:19 ----D---- C:\Windows\system32\catroot2
2018-07-26 15:21:37 ----HD---- C:\Program Files\InstallShield Installation Information
2018-07-17 00:02:15 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-10-29 320120]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-10-31 20624]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2016-10-26 140272]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-05-05 37896]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-12-10 243128]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2016-10-26 115600]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [2013-06-10 63816]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-05-10 1775712]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2016-05-10 170128]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2016-05-10 10720312]
R3 ROCKEYNT;Feitian ROCKEY4 Device Service; C:\Windows\system32\DRIVERS\Rockey4.sys [2012-02-11 26976]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2010-06-23 259176]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae.sys []
S2 MBAMChameleon;MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys []
S3 a4a3irau;a4a3irau; C:\Windows\system32\drivers\a4a3irau.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2007-08-20 27672]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2008-12-08 16608]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
S3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys []
S3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys []
S3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys []
S3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys []
S3 MBAMWebProtection;MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys []
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2016-10-26 470600]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2016-10-26 470600]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [2018-02-12 310096]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [2013-06-10 384840]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-06-15 931896]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-06-15 1881144]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-05-10 908344]
R2 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2009-10-28 65536]
R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2007-06-05 177704]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-12 772296]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [2016-10-26 970632]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2016-10-26 1253352]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files\BlueStacks\HD-Service.exe [2013-06-10 393032]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 gupdate1ca5eefa774ed9c;Služba Google Update (gupdate1ca5eefa774ed9c); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-30 335872]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-02-12 85096]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-02-11 1045328]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-13 194104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2018-04-13 174032]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2018-05-25 2167056]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

Ahoj

Upozornujem, ze Windows Vista uz nie je podporovany system.

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

Pokial posledna verzia AdwCleaneru nepojde spustit, tak pouzi tieto nastroje:

Stiahni AdwCleaner 6.046 (posledna verzia kompatibilna s WinXP): https://filehippo.com/download_adwcleaner/74895/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Scan (Skenovanie) a pockaj na dokoncenie
• Klikni na Clean (Cistenie) a potvrd kliknutim na OK
• AdwCleaner si vyziada restart PC, potvrd kliknutim na OK
• Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj

Stiahni Junkware Removal Tool (JRT): https://downloads.malwarebytes.com/file/JRT-EOL/

• Uloz na plochu a ukonci vsetky programy
• Spusti JRT ako spravca
• Stlac lubovolnu klavesu cim sa spusti cistenie
• Po dokonceni sa otvori log, jeho obsah sem skopiruj

upgrade systému plánuju v nejbližší době

# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-08-10.2
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-13-2018
# Duration: 00:00:40
# OS: Windows Vista (TM) Home Premium
# Scanned: 41771
# Detected: 6


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C63EC41A-4C53-4961-961D-76EF2BF5A8BC}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DRIVERTOOLKIT AUTORUN

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy Managera
PUP.Optional.Legacy Extutil
PUP.Optional.uTorrentTB pacgpkgadgmibnhpdidcnfafllnmeomc
PUP.Optional.uTorrentTB pacgpkgadgmibnhpdidcnfafllnmeomc

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1953 octets] - [10/08/2018 14:30:31]
AdwCleaner[C00].txt - [1991 octets] - [10/08/2018 14:31:18]
AdwCleaner[S01].txt - [25602 octets] - [13/08/2018 09:05:19]
AdwCleaner[C01].txt - [23085 octets] - [13/08/2018 09:06:08]
AdwCleaner[S02].txt - [1919 octets] - [13/08/2018 09:11:50]
AdwCleaner[C02].txt - [1993 octets] - [13/08/2018 09:13:32]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########

V AdwCleaneri je este potrebne odstranit najdene hrozby.

Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02.08.2018
Ran by Lenka (administrator) on NASPC (13-08-2018 20:29:44)
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka (Available Profiles: Lenka & Petra & TaĹĄka & TuÄŤka & Guest)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
() C:\Windows\System32\PSIService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avscan.exe
(forum.viry.cz) C:\Users\Lenka\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4468736 2007-05-10] (Realtek Semiconductor)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [831576 2016-10-26] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [67040 2018-02-12] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [296056 2012-05-18] (RealNetworks, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2018-07-26]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files\GIGABYTE\GIGABYTE OC_GURU II\Launcher.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\Users\TuÄŤka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk [2017-11-17]
ShortcutTarget: OpenOffice.org 3.0.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (SpoleÄŤnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 84.16.110.129 84.16.96.2
Tcpip\..\Interfaces\{D685CB04-1893-4C1C-8FE7-5080986A74B6}: [DhcpNameServer] 84.16.110.129 84.16.96.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-667600844-4042081094-1971980655-1003\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-05-18] (RealPlayer)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

FireFox:
========
FF DefaultProfile: 6dilfgky.default
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default [2018-08-13]
FF Homepage: Mozilla\Firefox\Profiles\6dilfgky.default -> about:home
FF Extension: (Flash Video Downloader) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\artur.dubovoy@gmail.com.xpi [2018-08-10]
FF Extension: (Cooliris) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\piclens@cooliris.com [2012-02-10] [Legacy] [not signed]
FF Extension: (Google Translator for Firefox) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\translator@zoli.bod.xpi [2017-08-31] [Legacy]
FF Extension: (Microsoft .NET Framework Assistant) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-07-17] [Legacy] [not signed]
FF Extension: (Stylish) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2017-08-31] [Legacy]
FF Extension: (Ultimate Finder) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [2014-10-16] [Legacy] [not signed]
FF Extension: (Adblock Plus) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-08-10]
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\kpmt7ry8.namozilu [2017-09-01]
FF Homepage: Mozilla\Firefox\Profiles\kpmt7ry8.namozilu -> about:home
FF NewTab: Mozilla\Firefox\Profiles\kpmt7ry8.namozilu -> about:newtab
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-06-15] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: (RealPlayer Browser Record Plugin) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2016-02-13] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-30] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2012-05-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll [2012-05-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-05-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-05-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2012-05-18] (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-667600844-4042081094-1971980655-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lenka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-667600844-4042081094-1971980655-1003: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-11-29] ()
FF Plugin HKU\S-1-5-21-667600844-4042081094-1971980655-1003: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default [2017-12-09]
CHR Extension: (Last.fm free music player) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbncpldmanoknoahidbgmkgobgmhnafh [2014-09-22]
CHR Extension: (AdBlock) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-24]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-07-01]
CHR Extension: (Peněženka Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-01]
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-08-26]
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 1 [2015-08-26]
CHR Extension: (Avira Browser Safety) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-12-11]
CHR Extension: (No Name) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-06-11]
CHR Extension: (Google Wallet) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-11]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-12-11]
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 2 [2015-08-26]
CHR Extension: (Avira Browser Safety) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-12-11]
CHR Extension: (No Name) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-06-12]
CHR Extension: (Google Wallet) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-11]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-12-11]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-06-16]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-07-30] (Adobe Systems Incorporated) [File not signed]
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [970632 2016-10-26] (Avira Operations GmbH & Co. KG) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [470600 2016-10-26] (Avira Operations GmbH & Co. KG) [File not signed]
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [470600 2016-10-26] (Avira Operations GmbH & Co. KG) [File not signed]
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1253352 2016-10-26] (Avira Operations GmbH & Co. KG) [File not signed]
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [310096 2018-02-12] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [393032 2013-06-10] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-10] (BlueStack Systems, Inc.)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1045328 2012-02-11] (Flexera Software, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [931896 2016-06-15] (NVIDIA Corporation)
S2 gupdate1ca5eefa774ed9c; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2167056 2018-05-25] (Electronic Arts)
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [65536 2009-10-28] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [File not signed]
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [20624 2012-10-31] (AVAST Software)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [115600 2016-10-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140272 2016-10-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [63816 2013-06-10] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-12-10] (Disc Soft Ltd)
S3 ENTECH; C:\Windows\system32\DRIVERS\ENTECH.sys [27672 2007-08-20] (EnTech Taiwan)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (SpoleÄŤnost Microsoft)
S3 gdrv; C:\Windows\gdrv.sys [16608 2008-12-08] (Windows (R) 2000 DDK provider)
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2005-02-11] (MCCI)
S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (SpoleÄŤnost Microsoft)
R3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [26976 2012-02-11] (Feitian Technologies Co., Ltd.)
S4 secdrv; C:\Windows\system32\Drivers\secdrv.sys [163644 2017-08-31] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-10-29] (Duplex Secure Ltd.)
U3 aaymuygo; C:\Windows\system32\Drivers\aaymuygo.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S1 ESProtectionDriver; \??\C:\Windows\system32\drivers\mbae.sys [X]
S3 LgBttPort; system32\DRIVERS\lgbtport.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbus.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmodem.sys [X]
S2 MBAMChameleon; \SystemRoot\system32\drivers\MBAMChameleon.sys [X]
S3 MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [X]
S3 MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\Users\Petra\Desktop\pája staví .. ... "
Error(1) reading file: "C:\Users\Petra\Desktop\pája staví .. "
2018-08-13 20:29 - 2018-08-13 20:30 - 000019277 _____ C:\Users\Lenka\Desktop\FRST.txt
2018-08-13 20:28 - 2018-08-13 20:28 - 000112640 _____ (forum.viry.cz) C:\Users\Lenka\Desktop\FRSTLauncher.exe
2018-08-13 20:24 - 2018-08-13 20:24 - 001773056 _____ (Farbar) C:\Users\Lenka\Desktop\FRST.exe
2018-08-13 20:09 - 2018-08-13 20:09 - 007417040 _____ (Malwarebytes) C:\Users\Lenka\Downloads\adwcleaner_7.2.2(1).exe
2018-08-13 09:54 - 2018-08-13 10:00 - 000000000 ____D C:\Program Files\trend micro
2018-08-13 09:54 - 2018-08-13 09:55 - 000000000 ____D C:\rsit
2018-08-13 09:54 - 2018-08-13 09:54 - 001107968 _____ C:\Users\Lenka\Downloads\RSIT.exe
2018-08-12 18:41 - 2018-08-12 18:41 - 000000857 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2018-08-12 18:41 - 2018-08-12 18:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2018-08-12 18:41 - 2018-08-12 18:41 - 000000000 ____D C:\Program Files\CPUID
2018-08-12 18:40 - 2018-08-12 18:40 - 001803392 _____ (CPUID, Inc. ) C:\Users\Lenka\Downloads\cpu-z_1.86-en.exe
2018-08-10 14:29 - 2018-08-10 14:29 - 007417040 _____ (Malwarebytes) C:\Users\Lenka\Downloads\adwcleaner_7.2.2.exe
2018-08-10 13:55 - 2018-08-13 16:40 - 000000000 ____D C:\Users\Lenka\AppData\Local\CrashDumps
2018-08-10 13:54 - 2018-08-10 13:54 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\NVIDIA
2018-08-10 13:52 - 2018-08-10 13:53 - 033411072 _____ C:\Users\Lenka\Downloads\EpicInstaller-7.14.2.msi
2018-08-04 18:04 - 2018-08-04 18:04 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2018-07-30 14:59 - 2018-08-05 11:26 - 000000000 ____D C:\Users\Petra\Documents\temp
2018-07-29 15:12 - 2018-07-29 15:12 - 000000000 ____D C:\Users\TuÄŤka\AppData\Local\CrashDumps
2018-07-29 11:05 - 2018-07-29 11:05 - 000000000 ____D C:\Users\TuÄŤka\AppData\Local\NVIDIA
2018-07-26 16:43 - 2018-07-26 16:43 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-26 16:43 - 2018-07-26 16:43 - 000000000 ____D C:\Program Files\VulkanRT
2018-07-26 16:43 - 2016-05-04 04:23 - 000129824 _____ C:\Windows\system32\vulkan-1.dll
2018-07-26 16:43 - 2016-05-04 04:22 - 000040224 _____ C:\Windows\system32\vulkaninfo.exe
2018-07-26 16:42 - 2016-05-10 05:46 - 000203320 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 003948480 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 002590656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 002563128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 000908344 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2018-07-26 16:42 - 2016-05-10 01:45 - 000436672 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 000381888 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 000083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 000068544 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-07-26 16:42 - 2016-05-06 15:48 - 006423191 _____ C:\Windows\system32\nvcoproc.bin
2018-07-26 16:37 - 2016-05-10 19:43 - 000926520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco3220103.dll
2018-07-26 16:37 - 2016-05-10 19:43 - 000170128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
2018-07-26 16:37 - 2016-05-10 19:43 - 000035984 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 037569080 _____ C:\Windows\system32\nvcompiler.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 025344960 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 017768992 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 017362992 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 016449424 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 014129544 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 010720312 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-07-26 16:37 - 2016-05-10 05:46 - 008674064 _____ C:\Windows\system32\nvptxJitCompiler.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 003286480 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 002810936 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 001068600 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3236519.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 000925752 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3236519.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 000571912 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 000379448 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 000031406 _____ C:\Windows\system32\nvinfo.pb
2018-07-26 16:37 - 2016-05-10 05:46 - 000000592 _____ C:\Windows\system32\nv-vk32.json
2018-07-26 16:32 - 2018-07-26 16:32 - 000000000 ____D C:\NVIDIA
2018-07-26 16:24 - 2018-07-26 16:29 - 282594864 _____ (NVIDIA Corporation) C:\Users\Lenka\Downloads\365.19-desktop-win8-win7-winvista-32bit-international-whql.exe
2018-07-26 16:14 - 2018-07-26 16:14 - 004703728 _____ (Blizzard Entertainment) C:\Users\Lenka\Downloads\Battle.net-Setup(3).exe
2018-07-26 16:11 - 2018-07-26 16:11 - 004703728 _____ (Blizzard Entertainment) C:\Users\Lenka\Downloads\Battle.net-Setup(2).exe
2018-07-26 16:01 - 2018-07-26 16:01 - 000000000 ____D C:\Users\Lenka\AppData\Local\Blizzard
2018-07-26 16:00 - 2018-07-26 16:01 - 000000000 ____D C:\ProgramData\Battle.net
2018-07-26 16:00 - 2018-07-26 16:00 - 004703728 _____ (Blizzard Entertainment) C:\Users\Lenka\Downloads\Battle.net-Setup(1).exe
2018-07-26 15:59 - 2018-07-26 16:00 - 004703728 _____ (Blizzard Entertainment) C:\Users\Lenka\Downloads\Battle.net-Setup.exe
2018-07-26 15:47 - 2018-07-26 15:47 - 000000000 ____D C:\Users\Lenka\AppData\Local\Nvidia Corporation
2018-07-26 15:40 - 2018-08-13 08:17 - 000000000 ____D C:\Users\Lenka\Documents\temp
2018-07-26 15:40 - 2018-07-26 15:40 - 000000000 ____D C:\GvTemp
2018-07-26 15:38 - 2018-07-26 15:46 - 000000000 ____D C:\Users\Lenka\AppData\Local\NVIDIA
2018-07-26 15:34 - 2018-07-26 15:45 - 000001170 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-07-26 15:20 - 2018-07-26 15:20 - 000001970 _____ C:\Users\Public\Desktop\GIGABYTE OC_GURU.lnk
2018-07-26 15:20 - 2018-07-26 15:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2018-07-26 15:20 - 2018-07-26 15:20 - 000000000 ____D C:\Program Files\GIGABYTE

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-13 20:29 - 2017-08-31 14:01 - 000000000 ____D C:\FRST
2018-08-13 20:28 - 2017-08-31 11:34 - 000000000 ____D C:\Users\Lenka\AppData\LocalLow\Mozilla
2018-08-13 20:13 - 2006-11-02 15:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-13 20:13 - 2006-11-02 14:47 - 000003664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-13 20:13 - 2006-11-02 14:47 - 000003664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-13 20:12 - 2006-11-02 15:01 - 000032562 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-08-13 16:43 - 2014-12-24 13:02 - 000000000 ____D C:\ProgramData\Origin
2018-08-13 13:31 - 2017-12-09 15:22 - 000022528 _____ C:\Users\Lenka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-08-13 11:21 - 2009-12-30 14:11 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\vlc
2018-08-13 10:36 - 2010-01-17 10:47 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\dvdcss
2018-08-13 09:12 - 2015-07-25 18:58 - 000000804 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-08-13 09:12 - 2011-04-17 19:06 - 000000000 ____D C:\Program Files\CCleaner
2018-08-12 19:08 - 2006-11-02 13:18 - 000000000 ____D C:\Windows\inf
2018-08-12 11:54 - 2008-01-21 08:47 - 001541246 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-12 11:54 - 2008-01-21 08:46 - 000648308 _____ C:\Windows\system32\perfh005.dat
2018-08-12 11:54 - 2008-01-21 08:46 - 000138914 _____ C:\Windows\system32\perfc005.dat
2018-08-10 14:42 - 2011-04-17 19:07 - 000000000 ____D C:\Users\Lenka\Documents\registry
2018-08-10 14:37 - 2009-11-08 12:34 - 000000000 ____D C:\Windows\Minidump
2018-08-10 14:30 - 2017-08-31 17:16 - 000000000 ____D C:\AdwCleaner
2018-08-05 11:44 - 2017-02-20 16:20 - 000000000 ____D C:\Users\TuÄŤka\AppData\LocalLow\Mozilla
2018-08-05 11:32 - 2017-08-20 14:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-08-04 18:04 - 2017-09-08 13:40 - 000002067 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2018-08-04 18:04 - 2009-01-24 21:33 - 000000000 ____D C:\Program Files\Google
2018-07-30 15:28 - 2012-06-10 11:19 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-07-30 15:28 - 2012-06-10 11:19 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2018-07-30 15:28 - 2008-11-06 15:25 - 000000000 ____D C:\Windows\system32\Macromed
2018-07-26 16:44 - 2008-12-08 19:05 - 000000000 ____D C:\Users\Lenka
2018-07-26 16:43 - 2010-04-14 18:44 - 000000000 ____D C:\temp
2018-07-26 16:42 - 2012-12-02 10:30 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-07-26 16:42 - 2006-11-02 13:18 - 000000000 ____D C:\Windows\Help
2018-07-26 16:41 - 2012-12-02 10:34 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-07-26 16:30 - 2009-06-24 15:09 - 000000000 ____D C:\Users\Lenka\Documents\Electronic Arts
2018-07-26 15:34 - 2008-12-08 21:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-07-26 15:27 - 2012-12-02 10:36 - 000000000 ____D C:\Users\UpdatusUser
2018-07-26 15:21 - 2008-11-06 14:28 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2018-07-26 15:13 - 2010-06-21 14:35 - 000001356 _____ C:\Users\Lenka\AppData\Local\d3d9caps.dat
2018-07-17 00:02 - 2009-10-03 08:25 - 000480888 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2015-08-27 12:29 - 2015-08-27 12:29 - 000128626 _____ () C:\Users\Petra\cc_20150827_122906.reg
2015-08-27 12:38 - 2015-08-27 12:38 - 000324580 _____ () C:\Users\TaĹĄka\cc_20150827_123831.reg
2015-08-27 12:39 - 2015-08-27 12:39 - 000000788 _____ () C:\Users\TaĹĄka\cc_20150827_123902.reg
2015-08-27 12:43 - 2015-08-27 12:43 - 000110996 _____ () C:\Users\TuÄŤka\cc_20150827_124257.reg
2014-10-29 16:27 - 2014-10-29 16:28 - 000005960 _____ () C:\Program Files\log.txt
2009-10-17 19:04 - 2010-10-02 15:41 - 000000141 _____ () C:\Users\Lenka\AppData\Roaming\default.rss
2008-12-16 20:17 - 2008-12-16 20:17 - 000000235 _____ () C:\Users\Lenka\AppData\Roaming\devices.xml
2008-12-16 20:17 - 2008-12-16 20:17 - 000000012 _____ () C:\Users\Lenka\AppData\Roaming\settings.xml
2010-06-21 14:35 - 2018-07-26 15:13 - 000001356 _____ () C:\Users\Lenka\AppData\Local\d3d9caps.dat
2017-12-09 15:22 - 2018-08-13 13:31 - 000022528 _____ () C:\Users\Lenka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
2017-09-01 11:08 - 2017-09-01 11:08 - 000000000 ____D () C:\Users\Lenka\AppData\Local\Temp\avgnt.exe
2015-01-05 17:32 - 2016-02-13 20:24 - 000000000 ____D () C:\Users\Petra\AppData\Local\Temp\avgnt.exe
2015-11-13 14:07 - 2015-11-28 12:06 - 033860608 _____ () C:\Users\Petra\AppData\Local\Temp\SkypeSetup.exe
2015-03-08 15:37 - 2015-03-08 15:37 - 000000000 ____D () C:\Users\TaĹĄka\AppData\Local\Temp\avgnt.exe
2015-01-08 18:37 - 2015-01-08 18:37 - 000000000 ____D () C:\Users\TuÄŤka\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Lenka\Desktop" je 2 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent
C:\Program Files\BlueStacks\HD-Agent.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core
"C:\Program Files\Electronic Arts\EADM\Core.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files\iTunes\iTunesHelper.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jing
C:\Program Files\TechSmith\Jing\Jing.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LG LinkAir
C:\Program Files\PeerBlock\peerblock.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PeerBlock
C:\Windows\system32\PrintDisp.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrintDisp
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
Re§im ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Network Server.lnk
C:\PROGRA~1\WIBUKEY\Server\WkSvMgr.exe [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02.08.2018
Ran by Lenka (13-08-2018 20:30:28)
Running from C:\Users\Lenka\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2008-12-08 16:57:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-667600844-4042081094-1971980655-500 - Administrator - Disabled)
Guest (S-1-5-21-667600844-4042081094-1971980655-501 - Limited - Disabled) => C:\Users\Guest
Lenka (S-1-5-21-667600844-4042081094-1971980655-1003 - Administrator - Enabled) => C:\Users\Lenka
Petra (S-1-5-21-667600844-4042081094-1971980655-1004 - Administrator - Enabled) => C:\Users\Petra
Taťka (S-1-5-21-667600844-4042081094-1971980655-1005 - Limited - Enabled) => C:\Users\Taťka
Tučka (S-1-5-21-667600844-4042081094-1971980655-1263 - Limited - Enabled) => C:\Users\Tučka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Activation (Nero 9 HD) (HKLM\...\{a63187f6-6aea-41ea-a218-22f943beb67e}) (Version: - Nero AG)
Activation (Nero BackItUp 4) (HKLM\...\{d6c05fd4-eefa-493c-8904-2b7fa22b9ab6}) (Version: - Nero AG)
Activation (Nero MediaHome 4) (HKLM\...\{a130e290-dac7-462d-a533-4437efdbadb8}) (Version: - Nero AG)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}) (Version: 1.0 - Microsoft Corporation) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (HKLM\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
Advertising Center (HKLM\...\{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}) (Version: 0.0.0.1 - Nero AG) Hidden
Aktualizace NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_PROR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_PROR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_PROR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ArchiCAD 16 CZE (HKLM\...\001FFF1FFF16FF00FF1101F01F02F000-R1) (Version: 16.0 - GRAPHISOFT)
Artlantis Studio 4.0 (HKLM\...\Artlantis Studio 4) (Version: 4.0.14 - Abvent R&D)
ArtRage Studio Pro (HKLM\...\{43F81BD1-10E1-4CCE-BCAF-E3100F039D6B}) (Version: 3.0.7 - Ambient Design)
Audiosurf (HKLM\...\{6D316D67-DA52-4659-9C98-F479963534D6}) (Version: 1.00.0000 - BestGameEver)
AutoCAD 2012 - Czech (HKLM\...\{5783F2D7-A001-0405-0002-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 - Czech (HKLM\...\AutoCAD 2012 - Czech) (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 Language Pack - Czech (HKLM\...\{5783F2D7-A001-0405-1002-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD Architecture 2009 - Český (HKLM\...\{5783F2D7-7004-0405-0002-0060B0CE6BBA}) (Version: 5.7.68.0 - Autodesk) Hidden
AutoCAD Architecture 2009 - Český (HKLM\...\AutoCAD Architecture 2009 - Český) (Version: 5.7.68.0 - Autodesk)
Autodesk Content Service (HKLM\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
Autodesk Material Library 2012 (HKLM\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.19.164 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM\...\{18C7265D-7754-457D-83A4-492A62F02591}) (Version: 1.1.68.2326 - Avira Operations GmbH & Co. KG) Hidden
Avira Launcher (HKLM\...\{b7a1a821-b592-485a-886c-b744b4dbe004}) (Version: 1.1.68.2326 - Avira Operations GmbH & Co. KG)
BlueStacks Notification Center (HKLM\...\{6397E61B-A6B5-4479-85A4-0F746D6B328F}) (Version: 0.7.13.899 - BlueStack Systems, Inc.)
Blu-ray Disc Authoring Plug-in (HKLM\...\{f58e0570-b3da-4f53-95cf-22de5b19b67a}) (Version: - Nero AG)
Blu-ray Video Plug-in (HKLM\...\{c9d9a0e0-fdbb-40c2-b73a-b094456dd019}) (Version: - Nero AG)
Blu-ray/HD DVD Video Plug-in (HKLM\...\{25d95fb5-6ca8-4357-87ce-1f4ad0ffcdb3}) (Version: - Nero AG)
CADKON-2D 2009.1 (HKLM\...\{0ABCECAD-0600-0400-0100-0ABCECAD0090}) (Version: 13.10.0000 - AB Studio) Hidden
CADKON-2D 2009.1 pro ACD-A 2009 (HKLM\...\InstallShield_{0ABCECAD-0600-0400-0100-0ABCECAD0090}) (Version: 13.10.0000 - AB Studio)
capella 7 (HKLM\...\{805309CD-4AE4-4587-9EEA-03148871A414}) (Version: 7.1.14 - capella software AG)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Connect (HKLM\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Corel Painter Essentials 4 (HKLM\...\_{53A908D4-99C6-469B-BC13-F4189F260742}) (Version: - Corel Corporation)
Corel Painter Essentials 4 (HKLM\...\{53A908D4-99C6-469B-BC13-F4189F260742}) (Version: 4.0 - Corel Corporation) Hidden
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DolbyFiles (HKLM\...\{56BE5CC9-95E6-4128-ABEA-968414CA9C80}) (Version: 2.0 - Nero AG) Hidden
Dropbox (HKU\S-1-5-21-667600844-4042081094-1971980655-1003\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
Frets On Fire (HKLM\...\Frets on Fire) (Version: 1.3.110-win32 - )
GIGABYTE OC_GURU II (HKLM\...\{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.96.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIGABYTE OC_GURU II (HKLM\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.96.0000 - GIGABYTE Technology Co.,Ltd.)
Google Drive (HKLM\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Earth Pro (HKLM\...\{BF354C72-AC4C-4A87-8D42-B089862BAE58}) (Version: 7.3.2.5491 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Gracenote Plug-in (HKLM\...\{dbd178fc-63fc-456f-aeb8-5389771e5b9c}) (Version: - Nero AG)
ICQ7.4 (HKLM\...\{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}) (Version: 7.4 - ICQ)
ImagXpress (HKLM\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
kuler (HKLM\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Livestream for Producers (HKLM\...\{53466613-9260-4814-AE66-7F3A3FA978D3}) (Version: 0.0.64 - Livestream)
Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM\...\{B44F3823-52DD-45CA-A916-8B320778715D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM\...\{90170409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 52.7.3 ESR (x86 cs) (HKLM\...\Mozilla Firefox 52.7.3 ESR (x86 cs)) (Version: 52.7.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.7.3.6655 - Mozilla)
mp3PRO Plug-in (HKLM\...\{4dbf3958-5338-4d66-86e0-670c39dd3fc5}) (Version: - Nero AG)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero BackItUp 4 (HKLM\...\{e219f9a4-16b3-4816-82de-ffcb8599e734}) (Version: - Nero AG)
Nero InCD-Reader (HKLM\...\{8404580d-8c12-4f3c-9b19-b026251975ee}) (Version: - Nero AG)
Nero MediaHome 4 (HKLM\...\{e0b72183-d712-4a7e-97ad-7404bf3f8140}) (Version: - Nero AG)
Nero Move it (HKLM\...\{645271dd-9437-4ca0-b4a5-30f4590cff13}) (Version: - Nero AG)
Notová Osnova (HKLM\...\Notová Osnova) (Version: 1.00 - PC-MarKo)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 365.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 365.19 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice.org 3.0 (HKLM\...\{BE8BE32F-F595-4693-9F82-1E0A5A047BB6}) (Version: 3.0.9358 - OpenOffice.org)
Origin (HKLM\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 365.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 365.19 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Settings CS4 (HKLM\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.1 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v9.6 (HKLM\...\{AA47ABA7-4F91-4B66-A03D-47CB1552F5E6}) (Version: 9.6 - Spigot, Inc.) <==== ATTENTION
PhotoFiltre (HKLM\...\PhotoFiltre) (Version: - )
Photoshop Camera Raw (HKLM\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.4 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5413 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
SecurDisc Viewer (HKLM\...\{ea720de1-d14a-4e88-9878-61db27e1d103}) (Version: - Nero AG)
Segoe UI (HKLM\...\{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}) (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
SketchUp 2013 (HKLM\...\{72B622C9-AA10-47D7-A10C-377CF9BC8502}) (Version: 13.0.4124 - Trimble Navigation Limited)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Suite Shared Configuration CS4 (HKLM\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
SweetIM for Messenger 3.0 (HKLM\...\{F81415D2-CEC9-4F96-9ABA-B2CC5382A930}) (Version: 3.0.0004 - SweetIM Technologies Ltd.) <==== ATTENTION
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Sims™ 4 (HKLM\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.45.62.1020 - Electronic Arts Inc.)
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-667600844-4042081094-1971980655-1003\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Manager (HKLM\...\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}) (Version: 4.60 - Corel Corporation) Hidden
VBA (2627.01) (HKLM\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2720) (HKLM\...\{1727CD47-A408-11d2-AFAD-00C04F72FB3E}) (Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (HKLM\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
Vegas Pro 10.0 (HKLM\...\{5AC11070-A1CB-11E0-A0DC-0013D3D69929}) (Version: 10.0.737 - Sony)
VLC media player 1.0.1 (HKLM\...\VLC media player) (Version: 1.0.1 - VideoLAN Team)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinDirStat 1.1.2 (HKU\S-1-5-21-667600844-4042081094-1971980655-1003\...\WinDirStat) (Version: - )
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Zkušební verze produktu Microsoft Office Professional 2007 (HKLM\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Zoo Tycoon 2 (HKLM\...\Zoo Tycoon 2) (Version: 1.0 - Microsoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{037FB476-15E0-4ED1-B11A-E420B750B1A8}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{09D5408E-9690-46E3-B0CA-9A7A36FEF2A5}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}\InprocServer32 -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{2837E0FE-686B-4CB0-BE53-0EA097EAF71B}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Program Files\AutoCAD Architecture 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> C:\Program Files\AutoCAD Architecture 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Lenka\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{517C01D5-4E55-5627-A7A6-C680043FD3AF}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{5AFAFE48-7107-4FE5-B21A-86A4254541DD}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{5B7524C8-2446-40E9-9474-94A779DBA224}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{621D3650-F1D3-414C-97F9-03A02B211261}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{623E415A-22EF-4DAA-A2FF-E68E77A673C9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Program Files\AutoCAD Architecture 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Program Files\AutoCAD Architecture 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{885BB46A-3F1E-44C3-A01B-A7D9260CC98B}\InprocServer32 -> C:\Windows\Downloaded Program Files\dwusplay.dll (InstallShield Software Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{915C2CEB-216B-4B7C-89E4-9ED3512D58D9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{92C5E738-7372-4CD6-BE57-15833624EBF3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{9CAAD2EA-177B-4D07-871F-47255B5D30F3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{AAC30F99-D832-421A-BCEE-B699491916AA}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{B391A1DB-28C8-4506-A43C-5BD6051F16BA}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{E42CE23D-69F9-480A-A15F-BFF5E4D170C3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{E50C953D-311A-481B-8F8D-C55E65AF7417}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{E9880553-B8A7-4960-A668-95C68BED571E}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{E9A93328-79D4-4AED-A778-146E7191F8BC}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{F1522EC1-F84F-4CE2-A38C-F9384B0DFD41}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FFF2D28F-E4EE-44D9-8104-8E71556757F6}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2011-02-04] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2011-02-04] (Autodesk)
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [2008-09-29] (Nero AG)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google)
ContextMenuHandlers1: [PSPad] -> {8903F6C9-25E3-40AC-A98F-E6D35CD0469C} => C:\Program Files\PSPad editor\PSPadShell.dll [2008-03-30] ()
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\AntiVir Desktop\shlext.dll [2016-10-26] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2008-08-29] ()
ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers3: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2008-08-29] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-05-10] (NVIDIA Corporation)
ContextMenuHandlers5: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\AntiVir Desktop\shlext.dll [2016-10-26] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2008-08-29] ()
ContextMenuHandlers1_S-1-5-21-667600844-4042081094-1971980655-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-667600844-4042081094-1971980655-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-667600844-4042081094-1971980655-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {1208743E-61F8-4539-833C-3A9C5E392DCB} - System32\Tasks\{F59721B4-1D55-4D49-967D-72B793B03CD9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Common Files\Nero\Uninstall\setupx.exe" -c /uninstall ExtraUninstallID=""
Task: {1468EA04-10F8-4B40-9BFE-6FD2E583C18F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-30] (Adobe Systems Incorporated)
Task: {220D5908-8889-492D-9774-14912EC3EC40} - System32\Tasks\{C2FF93A5-AC0E-4F3E-AE85-EE8061B48526} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Graphisoft\ArchiCAD 13\Uninstall.AC\uninstaller.exe"
Task: {3E5CAAA3-1768-4DA7-AAD9-149AA4939B5E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {407E4B8E-7A6F-4089-ACC0-F9D255019DE8} - System32\Tasks\{65AD4699-EFB5-4339-B1CF-C5F5E1AF16DE} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.1.0.105/cs/abandoninstall?page=tsProgressBar
Task: {5A2BBE63-CF07-45B5-A815-87CA7FD7CF22} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-667600844-4042081094-1971980655-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {66D54D8A-5312-4198-91A0-F839F452468C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {71441071-A4E9-4386-AF1E-A6AE1D89115C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-30] (Adobe Systems Incorporated)
Task: {7B0E8ABF-80CB-4405-BC90-7947360564B1} - System32\Tasks\RealCreateProcessScheduledTask10430913S-1-5-21-667600844-4042081094-1971980655-1003 => c:\program files\real\realplayer\update\realsched.exe [2012-05-18] (RealNetworks, Inc.)
Task: {7FE97D8A-4078-469B-9C1C-DD943661D1BD} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-667600844-4042081094-1971980655-1263 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {8DE3ADF5-C554-42F3-B323-F8F424FE5727} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe
Task: {8EE25BAE-4048-4B14-AEA6-C91C97201DEA} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-667600844-4042081094-1971980655-1006 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {8F16325C-7DC9-4B4E-83FF-2B2EF365F636} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-667600844-4042081094-1971980655-1263 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {8F1E24B0-EB89-4234-9236-7FD1FB985BF7} - System32\Tasks\{2C127F6F-4F23-4EFD-AD9C-A3D893B923C4} => C:\Program Files\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {9CEFCF6D-FA8C-4478-834B-878680125C08} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-667600844-4042081094-1971980655-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {9F5D61DB-3119-4E11-B290-961C874FE443} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-667600844-4042081094-1971980655-1005 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {AAB2883D-6DB7-408B-99BE-0DF70104D2AF} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-667600844-4042081094-1971980655-1006 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {AF0B2C89-9D36-41AF-B6BC-742D501AF699} - System32\Tasks\{2E99501F-84DB-441F-B5F6-CDEA7803299C} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe" -c REMOVESERIALNUMBER="9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A"
Task: {C63EC41A-4C53-4961-961D-76EF2BF5A8BC} - \DriverToolkit Autorun -> No File <==== ATTENTION
Task: {CD1114C0-0419-4425-87C1-C429BF6D6C4D} - System32\Tasks\{6A88973A-6E84-489B-BF99-A6E415345D96} => "C:\Program Files\Internet Explorer\IEXPLORE.EXE" hxxp://ui.skype.com/ui/0/7.1.0.105/cs/abandoninstall?page=tsProgressBar
Task: {DA8A523E-3155-4F3A-A892-CD0D987B204B} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-667600844-4042081094-1971980655-1003 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {E03463FB-A1CB-4FE8-8274-CE8B2DAA6EE9} - System32\Tasks\{D4E42282-B7C4-41DF-A1F7-4D869B5EA0BA} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.6.0.106/cs/abandoninstall?page=tsBing
Task: {E4E22FB1-F9E7-483C-B8CE-B4EB5531D159} - System32\Tasks\RealCreateProcessScheduledTask3228175S-1-5-21-667600844-4042081094-1971980655-1003 => c:\program files\real\realplayer\update\realsched.exe [2012-05-18] (RealNetworks, Inc.)
Task: {E833B7E7-DD4C-479A-BF51-B0E58FC1493F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {ED798D29-E0C8-4D5F-865F-8BC80243C3EB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-667600844-4042081094-1971980655-1003 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {F1F6F137-E50E-49A3-9E62-40FDEF23C728} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {FE9BD8BA-4F06-4600-B2F7-2C983BCC545B} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-667600844-4042081094-1971980655-1005 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  File: C:\Windows\system32\napinsp.dll
  File: C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  File: C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
  File: C:\Program Files\Avira\AntiVir Desktop\sched.exe
  File: C:\Program Files\Avira\AntiVir Desktop\avguard.exe
  File: C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
  File: C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
  File: C:\Windows\system32\PrintCtrl.exe
  File: C:\Windows\system32\Drivers\secdrv.sys
  File: C:\Windows\system32\Drivers\aaymuygo.sys
  Folder: C:\GvTemp
  ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AA47ABA7-4F91-4B66-A03D-47CB1552F5E6}
  ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F81415D2-CEC9-4F96-9ABA-B2CC5382A930}
  
  HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
  HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
  HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
  HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
  HKU\S-1-5-21-667600844-4042081094-1971980655-1003\Software\Microsoft\Internet Explorer\Main,Start Page = 
  SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  FF Plugin HKU\S-1-5-21-667600844-4042081094-1971980655-1003: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
  U3 aaymuygo; C:\Windows\system32\Drivers\aaymuygo.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
  S1 ESProtectionDriver; \??\C:\Windows\system32\drivers\mbae.sys [X]
  S3 LgBttPort; system32\DRIVERS\lgbtport.sys [X]
  S3 lgbusenum; system32\DRIVERS\lgbtbus.sys [X]
  S3 LGVMODEM; system32\DRIVERS\lgvmodem.sys [X]
  S2 MBAMChameleon; \SystemRoot\system32\drivers\MBAMChameleon.sys [X]
  S3 MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [X]
  S3 MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [X]
  S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
  S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
  S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
  S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]
  2018-08-13 09:54 - 2018-08-13 10:00 - 000000000 ____D C:\Program Files\trend micro
  2018-08-13 09:54 - 2018-08-13 09:55 - 000000000 ____D C:\rsit
  2018-08-13 09:54 - 2018-08-13 09:54 - 001107968 _____ C:\Users\Lenka\Downloads\RSIT.exe
  ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> No File
  ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File
  ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File
  Task: {C63EC41A-4C53-4961-961D-76EF2BF5A8BC} - \DriverToolkit Autorun -> No File <==== ATTENTION
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Fix result of Farbar Recovery Scan Tool (x86) Version: 02.08.2018
Ran by Lenka (14-08-2018 09:53:42) Run:1
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka (Available Profiles: Lenka & Petra & Taťka & Tučka & Guest)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

File: C:\Windows\system32\napinsp.dll
File: C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
File: C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
File: C:\Program Files\Avira\AntiVir Desktop\sched.exe
File: C:\Program Files\Avira\AntiVir Desktop\avguard.exe
File: C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
File: C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
File: C:\Windows\system32\PrintCtrl.exe
File: C:\Windows\system32\Drivers\secdrv.sys
File: C:\Windows\system32\Drivers\aaymuygo.sys
Folder: C:\GvTemp
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AA47ABA7-4F91-4B66-A03D-47CB1552F5E6}
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F81415D2-CEC9-4F96-9ABA-B2CC5382A930}

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-667600844-4042081094-1971980655-1003\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin HKU\S-1-5-21-667600844-4042081094-1971980655-1003: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
U3 aaymuygo; C:\Windows\system32\Drivers\aaymuygo.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S1 ESProtectionDriver; \??\C:\Windows\system32\drivers\mbae.sys [X]
S3 LgBttPort; system32\DRIVERS\lgbtport.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbus.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmodem.sys [X]
S2 MBAMChameleon; \SystemRoot\system32\drivers\MBAMChameleon.sys [X]
S3 MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [X]
S3 MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]
2018-08-13 09:54 - 2018-08-13 10:00 - 000000000 ____D C:\Program Files\trend micro
2018-08-13 09:54 - 2018-08-13 09:55 - 000000000 ____D C:\rsit
2018-08-13 09:54 - 2018-08-13 09:54 - 001107968 _____ C:\Users\Lenka\Downloads\RSIT.exe
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
Task: {C63EC41A-4C53-4961-961D-76EF2BF5A8BC} - \DriverToolkit Autorun -> No File <==== ATTENTION

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= File: C:\Windows\system32\napinsp.dll ========================

C:\Windows\system32\napinsp.dll
File is digitally signed
MD5: FC62A635063B762E1C3C60EA77279378
Creation and modification date: 2008-01-21 04:24 - 2008-01-21 04:24
Size: 000050176
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: napinsp.dll
Original Name: napinsp.dll
Product: Microsoft® Windows® Operating System
Description: E-mail Naming Shim Provider
File Version: 6.0.6001.18000 (longhorn_rtm.080118-1840)
Product Version: 6.0.6001.18000
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/9c7ade3 ... 530025124/

====== End of File: ======


========================= File: C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe ========================

C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
File not signed
MD5: 83F2FD354745C16CE5D5168432F7B4CE
Creation and modification date: 2012-06-10 11:19 - 2018-07-30 15:28
Size: 000335872
Attributes: ----A
Company Name: Adobe Systems Incorporated
Internal Name:
Original Name:
Product: Adobe® Flash® Player Update Service
Description: Adobe® Flash® Player Update Service 30.0 r0
File Version: 30,0,0,134
Product Version: 30,0,0,134
Copyright: Copyright © 1996-2018 Adobe Systems Incorporated
VirusTotal: https://www.virustotal.com/file/ebfdb6b ... 534114703/

====== End of File: ======


========================= File: C:\Program Files\Avira\AntiVir Desktop\avmailc.exe ========================

C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
File not signed
MD5: 8BA3AE7800EC209D5F3C499771B47690
Creation and modification date: 2016-10-26 13:35 - 2016-10-26 13:32
Size: 000970632
Attributes: ----A
Company Name: Avira Operations GmbH & Co. KG
Internal Name: avmailc.exe
Original Name: avmailc.exe
Product: Avira Product Family
Description: Antivirus MailScanner LSP Service
File Version: 15.0.19.163
Product Version: 15.0.19.163
Copyright: Copyright © 2016 Avira Operations GmbH & Co. KG and its Licensors
VirusTotal: https://www.virustotal.com/file/13ee354 ... 518710989/

====== End of File: ======


========================= File: C:\Program Files\Avira\AntiVir Desktop\sched.exe ========================

C:\Program Files\Avira\AntiVir Desktop\sched.exe
File not signed
MD5: AC0A0FDFB1C1FC25B9455C1C710A28DA
Creation and modification date: 2014-08-27 20:32 - 2016-10-26 13:32
Size: 000470600
Attributes: ----A
Company Name: Avira Operations GmbH & Co. KG
Internal Name: avguard_ld.exe
Original Name: avguard_ld.exe
Product: Avira Product Family
Description: Antivirus Host Framework Service
File Version: 15.0.19.163
Product Version: 15.0.19.163
Copyright: Copyright © 2016 Avira Operations GmbH & Co. KG and its Licensors
VirusTotal: https://www.virustotal.com/file/2b007c8 ... 518710962/

====== End of File: ======


========================= File: C:\Program Files\Avira\AntiVir Desktop\avguard.exe ========================

C:\Program Files\Avira\AntiVir Desktop\avguard.exe
File not signed
MD5: AC0A0FDFB1C1FC25B9455C1C710A28DA
Creation and modification date: 2014-08-27 20:32 - 2016-10-26 13:32
Size: 000470600
Attributes: ----A
Company Name: Avira Operations GmbH & Co. KG
Internal Name: avguard_ld.exe
Original Name: avguard_ld.exe
Product: Avira Product Family
Description: Antivirus Host Framework Service
File Version: 15.0.19.163
Product Version: 15.0.19.163
Copyright: Copyright © 2016 Avira Operations GmbH & Co. KG and its Licensors
VirusTotal: 0

====== End of File: ======


========================= File: C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE ========================

C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
File not signed
MD5: 6C208088B4562F5A63156F315356F0BE
Creation and modification date: 2016-10-26 13:35 - 2016-10-26 13:32
Size: 001253352
Attributes: ----A
Company Name: Avira Operations GmbH & Co. KG
Internal Name: avwebgrd.exe
Original Name: avwebgrd.exe
Product: Avira Product Family
Description: AntiVir WebGuard Service
File Version: 15.0.19.163
Product Version: 15.0.19.163
Copyright: Copyright © 2016 Avira Operations GmbH & Co. KG and its Licensors
VirusTotal: 0

====== End of File: ======


========================= File: C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe ========================

C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
File not signed
MD5: DAF66902F08796F9C694901660E5A64A
Creation and modification date: 2005-11-14 01:06 - 2005-11-14 01:06
Size: 000069632
Attributes: ----A
Company Name: Macrovision Corporation
Internal Name: IDriverT
Original Name: IDriverT.exe
Product: InstallShield
Description: IDriverT Module
File Version: 11.50.42618
Product Version: 11.50
Copyright: Copyright (C) 2005 Macrovision Corporation
VirusTotal: 0

====== End of File: ======


========================= File: C:\Windows\system32\PrintCtrl.exe ========================

C:\Windows\system32\PrintCtrl.exe
File not signed
MD5: 81DBFB92EC47CAC5A7DBAC688886C212
Creation and modification date: 2012-04-15 13:31 - 2009-10-28 19:59
Size: 000065536
Attributes: ----A
Company Name: ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM
Internal Name: PrintCtrl
Original Name: PrintCtrl.exe
Product: PrintCtrl
Description: PrintCtrl
File Version: 1, 0, 4, 1
Product Version: 1, 0, 4, 1
Copyright: Copyright ? 2009 ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM
VirusTotal: 0

====== End of File: ======


========================= File: C:\Windows\system32\Drivers\secdrv.sys ========================

C:\Windows\system32\Drivers\secdrv.sys
File not signed
MD5: 07F7F501AD50DE2BA2D5842D9B6D6155
Creation and modification date: 2006-11-02 08:37 - 2017-08-31 10:58
Size: 000163644
Attributes: ----A
Company Name: Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.
Internal Name: SECDRV
Original Name: SECDRV.SYS
Product: Macrovision SECURITY Driver
Description: Macrovision SECURITY Driver
File Version: 4.00.060
Product Version: SECURITY Driver 4.00.060 2004/08/31
Copyright: © 2004 Macrovision Corporation
VirusTotal: 0

====== End of File: ======


========================= File: C:\Windows\system32\Drivers\aaymuygo.sys ========================

"C:\Windows\system32\Drivers\aaymuygo.sys" => not found
====== End of File: ======


========================= Folder: C:\GvTemp ========================


====== End of Folder: ======

================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AA47ABA7-4F91-4B66-A03D-47CB1552F5E6}]
"AuthorizedCDFPrefix"=""
"Comments"=""
"Contact"=""
"DisplayVersion"="9.6"
"HelpLink"=""
"HelpTelephone"=""
"InstallDate"="20140816"
"InstallLocation"="C:\Program Files\pdfforge Toolbar\"
"InstallSource"="C:\Users\Lenka\AppData\Local\Temp\{3A2F27C9-9F34-4968-A71F-BE7ED5E67C16}\"
"ModifyPath"="MsiExec.exe /X{AA47ABA7-4F91-4B66-A03D-47CB1552F5E6}"
"NoModify"="1"
"NoRepair"="1"
"Publisher"="Spigot, Inc."
"Readme"=""
"Size"=""
"EstimatedSize"="7463"
"UninstallString"="MsiExec.exe /X{AA47ABA7-4F91-4B66-A03D-47CB1552F5E6}"
"URLInfoAbout"=""
"URLUpdateInfo"=""
"VersionMajor"="9"
"VersionMinor"="6"
"WindowsInstaller"="1"
"Version"="151388160"
"Language"="0"
"DisplayName"="pdfforge Toolbar v9.6"

=== End of ExportKey ===
================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F81415D2-CEC9-4F96-9ABA-B2CC5382A930}]
"DisplayName"="SweetIM for Messenger 3.0"
"Language"="1033"
"Version"="50331652"
"WindowsInstaller"="1"
"VersionMinor"="0"
"VersionMajor"="3"
"URLUpdateInfo"="http://www.sweetim.com"
"URLInfoAbout"="http://www.sweetim.com"
"UninstallString"="MsiExec.exe /X{F81415D2-CEC9-4F96-9ABA-B2CC5382A930}"
"EstimatedSize"="3982"
"Size"=""
"Readme"=""
"Publisher"="SweetIM Technologies Ltd."
"NoRepair"="1"
"NoModify"="1"
"ModifyPath"="MsiExec.exe /X{F81415D2-CEC9-4F96-9ABA-B2CC5382A930}"
"InstallSource"="C:\Users\Lenka\AppData\Local\Temp\{5BF77B45-62F0-4043-93C3-530DAD92C6BC}\"
"InstallLocation"="C:\Program Files\SweetIM\Messenger\"
"InstallDate"="20100328"
"HelpTelephone"=""
"HelpLink"="http://www.sweetim.com"
"DisplayVersion"="3.0.0004"
"Contact"="SweetIM Technical Support Department"
"Comments"=""
"AuthorizedCDFPrefix"=""

=== End of ExportKey ===
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-667600844-4042081094-1971980655-1003\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-667600844-4042081094-1971980655-1003\Software\MozillaPlugins\wacom.com/WacomTabletPlugin" => removed successfully.
"C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll" => not found
aaymuygo => service not found.
"HKLM\System\CurrentControlSet\Services\ESProtectionDriver" => removed successfully.
ESProtectionDriver => service removed successfully.
"HKLM\System\CurrentControlSet\Services\LgBttPort" => removed successfully.
LgBttPort => service removed successfully.
"HKLM\System\CurrentControlSet\Services\lgbusenum" => removed successfully.
lgbusenum => service removed successfully.
"HKLM\System\CurrentControlSet\Services\LGVMODEM" => removed successfully.
LGVMODEM => service removed successfully.
"HKLM\System\CurrentControlSet\Services\MBAMChameleon" => removed successfully.
MBAMChameleon => service removed successfully.
"HKLM\System\CurrentControlSet\Services\MBAMProtection" => removed successfully.
MBAMProtection => service removed successfully.
"HKLM\System\CurrentControlSet\Services\MBAMWebProtection" => removed successfully.
MBAMWebProtection => service removed successfully.
"HKLM\System\CurrentControlSet\Services\USBAAPL" => removed successfully.
USBAAPL => service removed successfully.
"HKLM\System\CurrentControlSet\Services\usbbus" => removed successfully.
usbbus => service removed successfully.
"HKLM\System\CurrentControlSet\Services\UsbDiag" => removed successfully.
UsbDiag => service removed successfully.
"HKLM\System\CurrentControlSet\Services\USBModem" => removed successfully.
USBModem => service removed successfully.
C:\Program Files\trend micro => moved successfully
C:\rsit => moved successfully
C:\Users\Lenka\Downloads\RSIT.exe => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay" => removed successfully.
HKLM\Software\Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\PowerISO" => removed successfully.
HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully.
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\PowerISO" => removed successfully.
HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C63EC41A-4C53-4961-961D-76EF2BF5A8BC}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DriverToolkit Autorun" => removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 81390038 B
Java, Flash, Steam htmlcache => 1110 B
Windows/system/drivers => 1012224 B
Edge => 0 B
Chrome => 0 B
Firefox => 380426644 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66882 B
LocalService => 0 B
NetworkService => 0 B
Lenka => 21752311 B
Petra => 93925719 B
Taťka => 10229892 B
Pája => 0 B
UpdatusUser => 0 B
Tučka => 50824429 B
Guest => 0 B

RecycleBin => 0 B
EmptyTemp: => 618 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:58:26 ====

Odinstaluj

• pdfforge Toolbar v9.6
• SweetIM Technologies Ltd.

Nasledne poprosim este o nove logy z FRST, ale bez pouzitia FRSTLauncheru (spusti iba samotny FRST a klikni na Scan).

Ako to vyzera s PC?

Odinstalovat se mě nepodařilo ani jednu věc. Vyskakují hlášky

pdf: error 2738. could not access VBScript run time for custom action
sweet: error 1316. Zadaný účet již existuje.

OK, odstranime to rucne.

Poprosim este o nove logy z FRST, ale bez pouzitia FRSTLauncheru (spusti iba samotny FRST a klikni na Scan).

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02.08.2018
Ran by Lenka (administrator) on NASPC (16-08-2018 07:15:13)
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka (Available Profiles: Lenka & Petra & Taťka & Tučka & Guest)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
() C:\Windows\System32\PSIService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(GIGABYTE Technology Co.,Ltd.) C:\Program Files\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4468736 2007-05-10] (Realtek Semiconductor)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [831576 2016-10-26] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [67040 2018-02-12] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [296056 2012-05-18] (RealNetworks, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2018-07-26]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files\GIGABYTE\GIGABYTE OC_GURU II\Launcher.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\Users\Tučka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk [2017-11-17]
ShortcutTarget: OpenOffice.org 3.0.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 84.16.110.129 84.16.96.2
Tcpip\..\Interfaces\{D685CB04-1893-4C1C-8FE7-5080986A74B6}: [DhcpNameServer] 84.16.110.129 84.16.96.2

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-05-18] (RealPlayer)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

FireFox:
========
FF DefaultProfile: 6dilfgky.default
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default [2018-08-15]
FF Homepage: Mozilla\Firefox\Profiles\6dilfgky.default -> about:home
FF Extension: (Flash Video Downloader) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\artur.dubovoy@gmail.com.xpi [2018-08-10]
FF Extension: (Cooliris) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\piclens@cooliris.com [2012-02-10] [Legacy] [not signed]
FF Extension: (Google Translator for Firefox) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\translator@zoli.bod.xpi [2017-08-31] [Legacy]
FF Extension: (Microsoft .NET Framework Assistant) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-07-17] [Legacy] [not signed]
FF Extension: (Stylish) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2017-08-31] [Legacy]
FF Extension: (Ultimate Finder) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [2014-10-16] [Legacy] [not signed]
FF Extension: (Adblock Plus) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-08-10]
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\kpmt7ry8.namozilu [2017-09-01]
FF Homepage: Mozilla\Firefox\Profiles\kpmt7ry8.namozilu -> about:home
FF NewTab: Mozilla\Firefox\Profiles\kpmt7ry8.namozilu -> about:newtab
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-06-15] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: (RealPlayer Browser Record Plugin) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2016-02-13] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2012-05-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll [2012-05-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-05-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-05-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2012-05-18] (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-667600844-4042081094-1971980655-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lenka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-667600844-4042081094-1971980655-1003: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-11-29] ()

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default [2017-12-09]
CHR Extension: (Last.fm free music player) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbncpldmanoknoahidbgmkgobgmhnafh [2014-09-22]
CHR Extension: (AdBlock) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-24]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-07-01]
CHR Extension: (Peněženka Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-01]
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-08-26]
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 1 [2015-08-26]
CHR Extension: (Avira Browser Safety) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-12-11]
CHR Extension: (No Name) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-06-11]
CHR Extension: (Google Wallet) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-11]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-12-11]
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 2 [2015-08-26]
CHR Extension: (Avira Browser Safety) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-12-11]
CHR Extension: (No Name) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-06-12]
CHR Extension: (Google Wallet) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-11]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-12-11]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-06-16]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-08-15] (Adobe Systems Incorporated) [File not signed]
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [970632 2016-10-26] (Avira Operations GmbH & Co. KG) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [470600 2016-10-26] (Avira Operations GmbH & Co. KG) [File not signed]
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [470600 2016-10-26] (Avira Operations GmbH & Co. KG) [File not signed]
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1253352 2016-10-26] (Avira Operations GmbH & Co. KG) [File not signed]
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [310096 2018-02-12] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [393032 2013-06-10] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-10] (BlueStack Systems, Inc.)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1045328 2012-02-11] (Flexera Software, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [931896 2016-06-15] (NVIDIA Corporation)
S2 gupdate1ca5eefa774ed9c; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2167056 2018-05-25] (Electronic Arts)
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [65536 2009-10-28] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [File not signed]
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [20624 2012-10-31] (AVAST Software)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [115600 2016-10-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140272 2016-10-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [63816 2013-06-10] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-12-10] (Disc Soft Ltd)
S3 ENTECH; C:\Windows\system32\DRIVERS\ENTECH.sys [27672 2007-08-20] (EnTech Taiwan)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 gdrv; C:\Windows\gdrv.sys [16608 2008-12-08] (Windows (R) 2000 DDK provider)
R3 GPCIDrv; C:\Program Files\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv.sys [14504 2014-08-28] ()
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2005-02-11] (MCCI)
S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [26976 2012-02-11] (Feitian Technologies Co., Ltd.)
S4 secdrv; C:\Windows\system32\Drivers\secdrv.sys [163644 2017-08-31] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-10-29] (Duplex Secure Ltd.)
U3 ac4ov481; C:\Windows\system32\Drivers\ac4ov481.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\Users\Petra\Desktop\pája staví .. ... "
Error(1) reading file: "C:\Users\Petra\Desktop\pája staví .. "
2018-08-16 07:15 - 2018-08-16 07:15 - 000018219 _____ C:\Users\Lenka\Desktop\FRST.txt
2018-08-14 09:53 - 2018-08-14 09:58 - 000016502 _____ C:\Users\Lenka\Desktop\Fixlog.txt
2018-08-14 09:53 - 2018-08-14 09:53 - 000029696 _____ C:\Users\Lenka\AppData\Local\MSGBOX.EXE
2018-08-14 09:53 - 2018-08-14 09:53 - 000015327 _____ C:\Users\Lenka\Desktop\LM.bat
2018-08-14 09:52 - 2018-08-14 09:52 - 000112640 _____ (forum.viry.cz) C:\Users\Lenka\Desktop\FRSTLauncher.exe
2018-08-13 20:24 - 2018-08-13 20:24 - 001773056 _____ (Farbar) C:\Users\Lenka\Desktop\FRST.exe
2018-08-13 20:09 - 2018-08-13 20:09 - 007417040 _____ (Malwarebytes) C:\Users\Lenka\Downloads\adwcleaner_7.2.2(1).exe
2018-08-12 18:41 - 2018-08-12 18:41 - 000000857 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2018-08-12 18:41 - 2018-08-12 18:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2018-08-12 18:41 - 2018-08-12 18:41 - 000000000 ____D C:\Program Files\CPUID
2018-08-12 18:40 - 2018-08-12 18:40 - 001803392 _____ (CPUID, Inc. ) C:\Users\Lenka\Downloads\cpu-z_1.86-en.exe
2018-08-10 14:29 - 2018-08-10 14:29 - 007417040 _____ (Malwarebytes) C:\Users\Lenka\Downloads\adwcleaner_7.2.2.exe
2018-08-10 13:55 - 2018-08-13 16:40 - 000000000 ____D C:\Users\Lenka\AppData\Local\CrashDumps
2018-08-10 13:54 - 2018-08-10 13:54 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\NVIDIA
2018-08-10 13:52 - 2018-08-10 13:53 - 033411072 _____ C:\Users\Lenka\Downloads\EpicInstaller-7.14.2.msi
2018-08-04 18:04 - 2018-08-04 18:04 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2018-07-30 14:59 - 2018-08-05 11:26 - 000000000 ____D C:\Users\Petra\Documents\temp
2018-07-29 15:12 - 2018-07-29 15:12 - 000000000 ____D C:\Users\Tučka\AppData\Local\CrashDumps
2018-07-29 11:05 - 2018-07-29 11:05 - 000000000 ____D C:\Users\Tučka\AppData\Local\NVIDIA
2018-07-26 16:43 - 2018-07-26 16:43 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-26 16:43 - 2018-07-26 16:43 - 000000000 ____D C:\Program Files\VulkanRT
2018-07-26 16:43 - 2016-05-04 04:23 - 000129824 _____ C:\Windows\system32\vulkan-1.dll
2018-07-26 16:43 - 2016-05-04 04:22 - 000040224 _____ C:\Windows\system32\vulkaninfo.exe
2018-07-26 16:42 - 2016-05-10 05:46 - 000203320 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 003948480 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 002590656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 002563128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 000908344 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2018-07-26 16:42 - 2016-05-10 01:45 - 000436672 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 000381888 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 000083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 000068544 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-07-26 16:42 - 2016-05-06 15:48 - 006423191 _____ C:\Windows\system32\nvcoproc.bin
2018-07-26 16:37 - 2016-05-10 19:43 - 000926520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco3220103.dll
2018-07-26 16:37 - 2016-05-10 19:43 - 000170128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
2018-07-26 16:37 - 2016-05-10 19:43 - 000035984 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 037569080 _____ C:\Windows\system32\nvcompiler.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 025344960 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 017768992 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 017362992 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 016449424 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 014129544 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 010720312 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-07-26 16:37 - 2016-05-10 05:46 - 008674064 _____ C:\Windows\system32\nvptxJitCompiler.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 003286480 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 002810936 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 001068600 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3236519.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 000925752 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3236519.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 000571912 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 000379448 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 000031406 _____ C:\Windows\system32\nvinfo.pb
2018-07-26 16:37 - 2016-05-10 05:46 - 000000592 _____ C:\Windows\system32\nv-vk32.json
2018-07-26 16:32 - 2018-07-26 16:32 - 000000000 ____D C:\NVIDIA
2018-07-26 16:24 - 2018-07-26 16:29 - 282594864 _____ (NVIDIA Corporation) C:\Users\Lenka\Downloads\365.19-desktop-win8-win7-winvista-32bit-international-whql.exe
2018-07-26 16:14 - 2018-07-26 16:14 - 004703728 _____ (Blizzard Entertainment) C:\Users\Lenka\Downloads\Battle.net-Setup(3).exe
2018-07-26 16:11 - 2018-07-26 16:11 - 004703728 _____ (Blizzard Entertainment) C:\Users\Lenka\Downloads\Battle.net-Setup(2).exe
2018-07-26 16:01 - 2018-07-26 16:01 - 000000000 ____D C:\Users\Lenka\AppData\Local\Blizzard
2018-07-26 16:00 - 2018-07-26 16:01 - 000000000 ____D C:\ProgramData\Battle.net
2018-07-26 16:00 - 2018-07-26 16:00 - 004703728 _____ (Blizzard Entertainment) C:\Users\Lenka\Downloads\Battle.net-Setup(1).exe
2018-07-26 15:59 - 2018-07-26 16:00 - 004703728 _____ (Blizzard Entertainment) C:\Users\Lenka\Downloads\Battle.net-Setup.exe
2018-07-26 15:47 - 2018-07-26 15:47 - 000000000 ____D C:\Users\Lenka\AppData\Local\Nvidia Corporation
2018-07-26 15:40 - 2018-08-16 07:14 - 000000000 ____D C:\Users\Lenka\Documents\temp
2018-07-26 15:40 - 2018-07-26 15:40 - 000000000 ____D C:\GvTemp
2018-07-26 15:38 - 2018-07-26 15:46 - 000000000 ____D C:\Users\Lenka\AppData\Local\NVIDIA
2018-07-26 15:34 - 2018-07-26 15:45 - 000001170 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-07-26 15:20 - 2018-07-26 15:20 - 000001970 _____ C:\Users\Public\Desktop\GIGABYTE OC_GURU.lnk
2018-07-26 15:20 - 2018-07-26 15:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2018-07-26 15:20 - 2018-07-26 15:20 - 000000000 ____D C:\Program Files\GIGABYTE

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-16 07:15 - 2017-08-31 14:01 - 000000000 ____D C:\FRST
2018-08-16 07:15 - 2017-08-31 11:34 - 000000000 ____D C:\Users\Lenka\AppData\LocalLow\Mozilla
2018-08-16 07:07 - 2006-11-02 15:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-16 07:07 - 2006-11-02 14:47 - 000003664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-16 07:07 - 2006-11-02 14:47 - 000003664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-15 12:29 - 2006-11-02 15:01 - 000032562 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-08-15 10:28 - 2012-06-10 11:19 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-08-15 10:28 - 2012-06-10 11:19 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2018-08-15 10:28 - 2008-11-06 15:25 - 000000000 ____D C:\Windows\system32\Macromed
2018-08-14 10:17 - 2014-12-24 13:02 - 000000000 ____D C:\ProgramData\Origin
2018-08-13 13:31 - 2017-12-09 15:22 - 000022528 _____ C:\Users\Lenka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-08-13 11:21 - 2009-12-30 14:11 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\vlc
2018-08-13 10:36 - 2010-01-17 10:47 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\dvdcss
2018-08-13 09:12 - 2015-07-25 18:58 - 000000804 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-08-13 09:12 - 2011-04-17 19:06 - 000000000 ____D C:\Program Files\CCleaner
2018-08-12 19:08 - 2006-11-02 13:18 - 000000000 ____D C:\Windows\inf
2018-08-12 11:54 - 2008-01-21 08:47 - 001541246 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-12 11:54 - 2008-01-21 08:46 - 000648308 _____ C:\Windows\system32\perfh005.dat
2018-08-12 11:54 - 2008-01-21 08:46 - 000138914 _____ C:\Windows\system32\perfc005.dat
2018-08-10 14:42 - 2011-04-17 19:07 - 000000000 ____D C:\Users\Lenka\Documents\registry
2018-08-10 14:37 - 2009-11-08 12:34 - 000000000 ____D C:\Windows\Minidump
2018-08-10 14:30 - 2017-08-31 17:16 - 000000000 ____D C:\AdwCleaner
2018-08-05 11:44 - 2017-02-20 16:20 - 000000000 ____D C:\Users\Tučka\AppData\LocalLow\Mozilla
2018-08-05 11:32 - 2017-08-20 14:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-08-04 18:04 - 2017-09-08 13:40 - 000002067 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2018-08-04 18:04 - 2009-01-24 21:33 - 000000000 ____D C:\Program Files\Google
2018-07-26 16:44 - 2008-12-08 19:05 - 000000000 ____D C:\Users\Lenka
2018-07-26 16:43 - 2010-04-14 18:44 - 000000000 ____D C:\temp
2018-07-26 16:42 - 2012-12-02 10:30 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-07-26 16:42 - 2006-11-02 13:18 - 000000000 ____D C:\Windows\Help
2018-07-26 16:41 - 2012-12-02 10:34 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-07-26 16:30 - 2009-06-24 15:09 - 000000000 ____D C:\Users\Lenka\Documents\Electronic Arts
2018-07-26 15:34 - 2008-12-08 21:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-07-26 15:27 - 2012-12-02 10:36 - 000000000 ____D C:\Users\UpdatusUser
2018-07-26 15:21 - 2008-11-06 14:28 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2018-07-26 15:13 - 2010-06-21 14:35 - 000001356 _____ C:\Users\Lenka\AppData\Local\d3d9caps.dat
2018-07-17 00:02 - 2009-10-03 08:25 - 000480888 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2015-08-27 12:29 - 2015-08-27 12:29 - 000128626 _____ () C:\Users\Petra\cc_20150827_122906.reg
2015-08-27 12:38 - 2015-08-27 12:38 - 000324580 _____ () C:\Users\Taťka\cc_20150827_123831.reg
2015-08-27 12:39 - 2015-08-27 12:39 - 000000788 _____ () C:\Users\Taťka\cc_20150827_123902.reg
2015-08-27 12:43 - 2015-08-27 12:43 - 000110996 _____ () C:\Users\Tučka\cc_20150827_124257.reg
2014-10-29 16:27 - 2014-10-29 16:28 - 000005960 _____ () C:\Program Files\log.txt
2009-10-17 19:04 - 2010-10-02 15:41 - 000000141 _____ () C:\Users\Lenka\AppData\Roaming\default.rss
2008-12-16 20:17 - 2008-12-16 20:17 - 000000235 _____ () C:\Users\Lenka\AppData\Roaming\devices.xml
2008-12-16 20:17 - 2008-12-16 20:17 - 000000012 _____ () C:\Users\Lenka\AppData\Roaming\settings.xml
2010-06-21 14:35 - 2018-07-26 15:13 - 000001356 _____ () C:\Users\Lenka\AppData\Local\d3d9caps.dat
2017-12-09 15:22 - 2018-08-13 13:31 - 000022528 _____ () C:\Users\Lenka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-08-14 09:53 - 2018-08-14 09:53 - 000029696 _____ () C:\Users\Lenka\AppData\Local\MSGBOX.EXE

Some files in TEMP:
====================
2017-09-01 11:08 - 2018-08-14 10:05 - 000000000 ____D () C:\Users\Lenka\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-08-16 07:13

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02.08.2018
Ran by Lenka (16-08-2018 07:16:06)
Running from C:\Users\Lenka\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2008-12-08 16:57:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-667600844-4042081094-1971980655-500 - Administrator - Disabled)
Guest (S-1-5-21-667600844-4042081094-1971980655-501 - Limited - Disabled) => C:\Users\Guest
Lenka (S-1-5-21-667600844-4042081094-1971980655-1003 - Administrator - Enabled) => C:\Users\Lenka
Petra (S-1-5-21-667600844-4042081094-1971980655-1004 - Administrator - Enabled) => C:\Users\Petra
Taťka (S-1-5-21-667600844-4042081094-1971980655-1005 - Limited - Enabled) => C:\Users\Taťka
Tučka (S-1-5-21-667600844-4042081094-1971980655-1263 - Limited - Enabled) => C:\Users\Tučka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Activation (Nero 9 HD) (HKLM\...\{a63187f6-6aea-41ea-a218-22f943beb67e}) (Version: - Nero AG)
Activation (Nero BackItUp 4) (HKLM\...\{d6c05fd4-eefa-493c-8904-2b7fa22b9ab6}) (Version: - Nero AG)
Activation (Nero MediaHome 4) (HKLM\...\{a130e290-dac7-462d-a533-4437efdbadb8}) (Version: - Nero AG)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}) (Version: 1.0 - Microsoft Corporation) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (HKLM\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
Advertising Center (HKLM\...\{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}) (Version: 0.0.0.1 - Nero AG) Hidden
Aktualizace NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_PROR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_PROR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_PROR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ArchiCAD 16 CZE (HKLM\...\001FFF1FFF16FF00FF1101F01F02F000-R1) (Version: 16.0 - GRAPHISOFT)
Artlantis Studio 4.0 (HKLM\...\Artlantis Studio 4) (Version: 4.0.14 - Abvent R&D)
ArtRage Studio Pro (HKLM\...\{43F81BD1-10E1-4CCE-BCAF-E3100F039D6B}) (Version: 3.0.7 - Ambient Design)
Audiosurf (HKLM\...\{6D316D67-DA52-4659-9C98-F479963534D6}) (Version: 1.00.0000 - BestGameEver)
AutoCAD 2012 - Czech (HKLM\...\{5783F2D7-A001-0405-0002-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 - Czech (HKLM\...\AutoCAD 2012 - Czech) (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 Language Pack - Czech (HKLM\...\{5783F2D7-A001-0405-1002-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD Architecture 2009 - Český (HKLM\...\{5783F2D7-7004-0405-0002-0060B0CE6BBA}) (Version: 5.7.68.0 - Autodesk) Hidden
AutoCAD Architecture 2009 - Český (HKLM\...\AutoCAD Architecture 2009 - Český) (Version: 5.7.68.0 - Autodesk)
Autodesk Content Service (HKLM\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
Autodesk Material Library 2012 (HKLM\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.19.164 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM\...\{18C7265D-7754-457D-83A4-492A62F02591}) (Version: 1.1.68.2326 - Avira Operations GmbH & Co. KG) Hidden
Avira Launcher (HKLM\...\{b7a1a821-b592-485a-886c-b744b4dbe004}) (Version: 1.1.68.2326 - Avira Operations GmbH & Co. KG)
BlueStacks Notification Center (HKLM\...\{6397E61B-A6B5-4479-85A4-0F746D6B328F}) (Version: 0.7.13.899 - BlueStack Systems, Inc.)
Blu-ray Disc Authoring Plug-in (HKLM\...\{f58e0570-b3da-4f53-95cf-22de5b19b67a}) (Version: - Nero AG)
Blu-ray Video Plug-in (HKLM\...\{c9d9a0e0-fdbb-40c2-b73a-b094456dd019}) (Version: - Nero AG)
Blu-ray/HD DVD Video Plug-in (HKLM\...\{25d95fb5-6ca8-4357-87ce-1f4ad0ffcdb3}) (Version: - Nero AG)
CADKON-2D 2009.1 (HKLM\...\{0ABCECAD-0600-0400-0100-0ABCECAD0090}) (Version: 13.10.0000 - AB Studio) Hidden
CADKON-2D 2009.1 pro ACD-A 2009 (HKLM\...\InstallShield_{0ABCECAD-0600-0400-0100-0ABCECAD0090}) (Version: 13.10.0000 - AB Studio)
capella 7 (HKLM\...\{805309CD-4AE4-4587-9EEA-03148871A414}) (Version: 7.1.14 - capella software AG)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Connect (HKLM\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Corel Painter Essentials 4 (HKLM\...\_{53A908D4-99C6-469B-BC13-F4189F260742}) (Version: - Corel Corporation)
Corel Painter Essentials 4 (HKLM\...\{53A908D4-99C6-469B-BC13-F4189F260742}) (Version: 4.0 - Corel Corporation) Hidden
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DolbyFiles (HKLM\...\{56BE5CC9-95E6-4128-ABEA-968414CA9C80}) (Version: 2.0 - Nero AG) Hidden
Dropbox (HKU\S-1-5-21-667600844-4042081094-1971980655-1003\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
Frets On Fire (HKLM\...\Frets on Fire) (Version: 1.3.110-win32 - )
GIGABYTE OC_GURU II (HKLM\...\{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.96.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIGABYTE OC_GURU II (HKLM\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.96.0000 - GIGABYTE Technology Co.,Ltd.)
Google Drive (HKLM\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Earth Pro (HKLM\...\{BF354C72-AC4C-4A87-8D42-B089862BAE58}) (Version: 7.3.2.5491 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Gracenote Plug-in (HKLM\...\{dbd178fc-63fc-456f-aeb8-5389771e5b9c}) (Version: - Nero AG)
ICQ7.4 (HKLM\...\{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}) (Version: 7.4 - ICQ)
ImagXpress (HKLM\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
kuler (HKLM\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Livestream for Producers (HKLM\...\{53466613-9260-4814-AE66-7F3A3FA978D3}) (Version: 0.0.64 - Livestream)
Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM\...\{B44F3823-52DD-45CA-A916-8B320778715D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM\...\{90170409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 52.7.3 ESR (x86 cs) (HKLM\...\Mozilla Firefox 52.7.3 ESR (x86 cs)) (Version: 52.7.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.7.3.6655 - Mozilla)
mp3PRO Plug-in (HKLM\...\{4dbf3958-5338-4d66-86e0-670c39dd3fc5}) (Version: - Nero AG)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero BackItUp 4 (HKLM\...\{e219f9a4-16b3-4816-82de-ffcb8599e734}) (Version: - Nero AG)
Nero InCD-Reader (HKLM\...\{8404580d-8c12-4f3c-9b19-b026251975ee}) (Version: - Nero AG)
Nero MediaHome 4 (HKLM\...\{e0b72183-d712-4a7e-97ad-7404bf3f8140}) (Version: - Nero AG)
Nero Move it (HKLM\...\{645271dd-9437-4ca0-b4a5-30f4590cff13}) (Version: - Nero AG)
Notová Osnova (HKLM\...\Notová Osnova) (Version: 1.00 - PC-MarKo)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 365.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 365.19 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice.org 3.0 (HKLM\...\{BE8BE32F-F595-4693-9F82-1E0A5A047BB6}) (Version: 3.0.9358 - OpenOffice.org)
Origin (HKLM\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 365.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 365.19 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Settings CS4 (HKLM\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.1 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v9.6 (HKLM\...\{AA47ABA7-4F91-4B66-A03D-47CB1552F5E6}) (Version: 9.6 - Spigot, Inc.) <==== ATTENTION
PhotoFiltre (HKLM\...\PhotoFiltre) (Version: - )
Photoshop Camera Raw (HKLM\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.4 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5413 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
SecurDisc Viewer (HKLM\...\{ea720de1-d14a-4e88-9878-61db27e1d103}) (Version: - Nero AG)
Segoe UI (HKLM\...\{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}) (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
SketchUp 2013 (HKLM\...\{72B622C9-AA10-47D7-A10C-377CF9BC8502}) (Version: 13.0.4124 - Trimble Navigation Limited)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Suite Shared Configuration CS4 (HKLM\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
SweetIM for Messenger 3.0 (HKLM\...\{F81415D2-CEC9-4F96-9ABA-B2CC5382A930}) (Version: 3.0.0004 - SweetIM Technologies Ltd.) <==== ATTENTION
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Sims™ 4 (HKLM\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.45.62.1020 - Electronic Arts Inc.)
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-667600844-4042081094-1971980655-1003\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Manager (HKLM\...\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}) (Version: 4.60 - Corel Corporation) Hidden
VBA (2627.01) (HKLM\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2720) (HKLM\...\{1727CD47-A408-11d2-AFAD-00C04F72FB3E}) (Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (HKLM\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
Vegas Pro 10.0 (HKLM\...\{5AC11070-A1CB-11E0-A0DC-0013D3D69929}) (Version: 10.0.737 - Sony)
VLC media player 1.0.1 (HKLM\...\VLC media player) (Version: 1.0.1 - VideoLAN Team)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinDirStat 1.1.2 (HKU\S-1-5-21-667600844-4042081094-1971980655-1003\...\WinDirStat) (Version: - )
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Zkušební verze produktu Microsoft Office Professional 2007 (HKLM\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Zoo Tycoon 2 (HKLM\...\Zoo Tycoon 2) (Version: 1.0 - Microsoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{037FB476-15E0-4ED1-B11A-E420B750B1A8}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{09D5408E-9690-46E3-B0CA-9A7A36FEF2A5}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}\InprocServer32 -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{2837E0FE-686B-4CB0-BE53-0EA097EAF71B}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Program Files\AutoCAD Architecture 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> C:\Program Files\AutoCAD Architecture 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Lenka\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{517C01D5-4E55-5627-A7A6-C680043FD3AF}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{5AFAFE48-7107-4FE5-B21A-86A4254541DD}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{5B7524C8-2446-40E9-9474-94A779DBA224}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{621D3650-F1D3-414C-97F9-03A02B211261}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{623E415A-22EF-4DAA-A2FF-E68E77A673C9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Program Files\AutoCAD Architecture 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Program Files\AutoCAD Architecture 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{885BB46A-3F1E-44C3-A01B-A7D9260CC98B}\InprocServer32 -> C:\Windows\Downloaded Program Files\dwusplay.dll (InstallShield Software Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{915C2CEB-216B-4B7C-89E4-9ED3512D58D9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{92C5E738-7372-4CD6-BE57-15833624EBF3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{9CAAD2EA-177B-4D07-871F-47255B5D30F3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{AAC30F99-D832-421A-BCEE-B699491916AA}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{B391A1DB-28C8-4506-A43C-5BD6051F16BA}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{E42CE23D-69F9-480A-A15F-BFF5E4D170C3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{E50C953D-311A-481B-8F8D-C55E65AF7417}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{E9880553-B8A7-4960-A668-95C68BED571E}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{E9A93328-79D4-4AED-A778-146E7191F8BC}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{F1522EC1-F84F-4CE2-A38C-F9384B0DFD41}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FFF2D28F-E4EE-44D9-8104-8E71556757F6}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2011-02-04] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2011-02-04] (Autodesk)
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [2008-09-29] (Nero AG)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google)
ContextMenuHandlers1: [PSPad] -> {8903F6C9-25E3-40AC-A98F-E6D35CD0469C} => C:\Program Files\PSPad editor\PSPadShell.dll [2008-03-30] ()
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\AntiVir Desktop\shlext.dll [2016-10-26] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2008-08-29] ()
ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers3: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2008-08-29] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-05-10] (NVIDIA Corporation)
ContextMenuHandlers5: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\AntiVir Desktop\shlext.dll [2016-10-26] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2008-08-29] ()
ContextMenuHandlers1_S-1-5-21-667600844-4042081094-1971980655-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-667600844-4042081094-1971980655-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-667600844-4042081094-1971980655-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {1208743E-61F8-4539-833C-3A9C5E392DCB} - System32\Tasks\{F59721B4-1D55-4D49-967D-72B793B03CD9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Common Files\Nero\Uninstall\setupx.exe" -c /uninstall ExtraUninstallID=""
Task: {1468EA04-10F8-4B40-9BFE-6FD2E583C18F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-08-15] (Adobe Systems Incorporated)
Task: {220D5908-8889-492D-9774-14912EC3EC40} - System32\Tasks\{C2FF93A5-AC0E-4F3E-AE85-EE8061B48526} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Graphisoft\ArchiCAD 13\Uninstall.AC\uninstaller.exe"
Task: {3E5CAAA3-1768-4DA7-AAD9-149AA4939B5E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {407E4B8E-7A6F-4089-ACC0-F9D255019DE8} - System32\Tasks\{65AD4699-EFB5-4339-B1CF-C5F5E1AF16DE} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.1.0.105/cs/abandoninstall?page=tsProgressBar
Task: {5A2BBE63-CF07-45B5-A815-87CA7FD7CF22} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-667600844-4042081094-1971980655-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {66D54D8A-5312-4198-91A0-F839F452468C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {71441071-A4E9-4386-AF1E-A6AE1D89115C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-15] (Adobe Systems Incorporated)
Task: {7B0E8ABF-80CB-4405-BC90-7947360564B1} - System32\Tasks\RealCreateProcessScheduledTask10430913S-1-5-21-667600844-4042081094-1971980655-1003 => c:\program files\real\realplayer\update\realsched.exe [2012-05-18] (RealNetworks, Inc.)
Task: {7FE97D8A-4078-469B-9C1C-DD943661D1BD} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-667600844-4042081094-1971980655-1263 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {8DE3ADF5-C554-42F3-B323-F8F424FE5727} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe
Task: {8EE25BAE-4048-4B14-AEA6-C91C97201DEA} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-667600844-4042081094-1971980655-1006 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {8F16325C-7DC9-4B4E-83FF-2B2EF365F636} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-667600844-4042081094-1971980655-1263 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {8F1E24B0-EB89-4234-9236-7FD1FB985BF7} - System32\Tasks\{2C127F6F-4F23-4EFD-AD9C-A3D893B923C4} => C:\Program Files\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {9CEFCF6D-FA8C-4478-834B-878680125C08} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-667600844-4042081094-1971980655-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {9F5D61DB-3119-4E11-B290-961C874FE443} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-667600844-4042081094-1971980655-1005 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {AAB2883D-6DB7-408B-99BE-0DF70104D2AF} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-667600844-4042081094-1971980655-1006 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {AF0B2C89-9D36-41AF-B6BC-742D501AF699} - System32\Tasks\{2E99501F-84DB-441F-B5F6-CDEA7803299C} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe" -c REMOVESERIALNUMBER="9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A"
Task: {CD1114C0-0419-4425-87C1-C429BF6D6C4D} - System32\Tasks\{6A88973A-6E84-489B-BF99-A6E415345D96} => "C:\Program Files\Internet Explorer\IEXPLORE.EXE" hxxp://ui.skype.com/ui/0/7.1.0.105/cs/abandoninstall?page=tsProgressBar
Task: {DA8A523E-3155-4F3A-A892-CD0D987B204B} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-667600844-4042081094-1971980655-1003 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {E03463FB-A1CB-4FE8-8274-CE8B2DAA6EE9} - System32\Tasks\{D4E42282-B7C4-41DF-A1F7-4D869B5EA0BA} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.6.0.106/cs/abandoninstall?page=tsBing
Task: {E4E22FB1-F9E7-483C-B8CE-B4EB5531D159} - System32\Tasks\RealCreateProcessScheduledTask3228175S-1-5-21-667600844-4042081094-1971980655-1003 => c:\program files\real\realplayer\update\realsched.exe [2012-05-18] (RealNetworks, Inc.)
Task: {E833B7E7-DD4C-479A-BF51-B0E58FC1493F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {ED798D29-E0C8-4D5F-865F-8BC80243C3EB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-667600844-4042081094-1971980655-1003 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {F1F6F137-E50E-49A3-9E62-40FDEF23C728} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {FE9BD8BA-4F06-4600-B2F7-2C983BCC545B} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-667600844-4042081094-1971980655-1005 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co

==================== Loaded Modules (Whitelisted) ==============

2012-08-02 18:16 - 2001-10-28 17:42 - 000116224 _____ () C:\Windows\System32\pdfcmnnt.dll
2011-02-02 15:08 - 2011-02-02 15:08 - 000018656 _____ () C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
2007-06-05 13:20 - 2007-06-05 13:20 - 000177704 _____ () C:\Windows\system32\PSIService.exe
2008-12-11 17:42 - 2008-08-29 11:55 - 000132608 _____ () C:\Program Files\WinRAR\rarext.dll
2008-12-11 17:42 - 2008-09-03 16:28 - 000319488 _____ () C:\Program Files\WinRAR\rarlng.dll
2009-09-16 15:16 - 2008-03-30 16:22 - 000070144 _____ () C:\Program Files\PSPad editor\PSPadShell.dll
2018-07-26 15:34 - 2016-06-15 03:14 - 000020536 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll
2013-07-24 12:17 - 2013-07-24 12:17 - 000012520 _____ () C:\Users\Lenka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll
2013-07-24 12:17 - 2013-07-24 12:17 - 000015080 _____ () C:\Users\Lenka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\GetCoreTempInfoNET.dll
2013-07-24 12:17 - 2013-07-24 12:17 - 000014056 _____ () C:\Users\Lenka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\SystemInfo.dll
2015-03-24 18:01 - 2015-03-24 18:01 - 000192512 _____ () C:\Program Files\GIGABYTE\GIGABYTE OC_GURU II\GvVGAConfig.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF [1038]
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [210]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-667600844-4042081094-1971980655-1003\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-667600844-4042081094-1971980655-1003\...\mojebanka.cz -> hxxps://www.mojebanka.cz

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2018-08-14 09:55 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-667600844-4042081094-1971980655-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Lenka\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
DNS Servers: 84.16.110.129 - 84.16.96.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Network Server.lnk => C:\Windows\pss\Network Server.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: EA Core => "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Jing => C:\Program Files\TechSmith\Jing\Jing.exe
MSCONFIG\startupreg: LG LinkAir =>
MSCONFIG\startupreg: PeerBlock => C:\Program Files\PeerBlock\peerblock.exe
MSCONFIG\startupreg: PrintDisp => C:\Windows\system32\PrintDisp.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{34FA48E3-221B-43F2-96DB-1C76BD49E373}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A11792C0-33A3-4503-9913-53FEC8283CFB}] => (Allow) svchost.exe
FirewallRules: [{D7FB2B27-1F73-4805-A9B4-5B4147E24642}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{9FE753AB-0B41-4D34-990E-34B6687DC993}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{70B98C8C-5FB7-4AEE-96AE-33E4CFB60DDD}C:\soldat\soldat.exe] => (Block) C:\soldat\soldat.exe
FirewallRules: [UDP Query User{03416656-D69A-4C7E-88A7-01026E00E6E1}C:\soldat\soldat.exe] => (Block) C:\soldat\soldat.exe
FirewallRules: [TCP Query User{998D23E9-753D-4C4C-BAE0-A620C21622A1}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{548B2611-7051-41C5-84A3-D8BA3E00AE49}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{3C26F00E-D3A2-4C20-92CE-C222390E24A1}] => (Allow) LPort=5353
FirewallRules: [{7CB57855-D7A7-4A0D-9B2B-10F9B018B39F}] => (Allow) C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{83A844DF-C096-4493-A209-CCFF1B5AB5E2}] => (Allow) C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [TCP Query User{E77CA29F-05E9-478F-A116-B9D36A29FAAA}C:\windows\system32\dplaysvr.exe] => (Block) C:\windows\system32\dplaysvr.exe
FirewallRules: [UDP Query User{A337153F-4B8B-462A-8025-8937EED672DA}C:\windows\system32\dplaysvr.exe] => (Block) C:\windows\system32\dplaysvr.exe
FirewallRules: [TCP Query User{2951CFC0-B66D-4008-A9D0-7025DBC87E57}C:\program files\real\realplayer\realplay.exe] => (Allow) C:\program files\real\realplayer\realplay.exe
FirewallRules: [UDP Query User{F895B31F-AEEE-4F76-9259-F496471E713A}C:\program files\real\realplayer\realplay.exe] => (Allow) C:\program files\real\realplayer\realplay.exe
FirewallRules: [{3A6C41E5-1754-467A-9CFC-6DC3542D4A5B}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{38965A9E-0E5B-4CA5-B822-B8ECFFDFAB93}] => (Allow) svchost.exe
FirewallRules: [TCP Query User{4EDF9FF6-BB41-4128-AAA5-4AD9E251F752}C:\program files\windows sidebar\sidebar.exe] => (Block) C:\program files\windows sidebar\sidebar.exe
FirewallRules: [UDP Query User{B17F0A57-748D-4EBE-A3F5-5718C467BFCF}C:\program files\windows sidebar\sidebar.exe] => (Block) C:\program files\windows sidebar\sidebar.exe
FirewallRules: [{D9A3E14A-2A06-4EDC-BDB7-65E867EA9774}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{1EA0F088-74A8-4B0F-9551-A78D2E6C6221}] => (Allow) LPort=80
FirewallRules: [{D837335E-61E7-4DE0-BEA7-128BF318A3DC}] => (Allow) LPort=80
FirewallRules: [{08C8CC55-F2ED-4EE4-A1F6-90F197EB0561}] => (Allow) LPort=80
FirewallRules: [TCP Query User{B5A10A16-C594-42BC-8545-0D4AED9D0C86}C:\program files\ubisoft\assassin's creed brotherhood\acbspcrac.exe] => (Block) C:\program files\ubisoft\assassin's creed brotherhood\acbspcrac.exe
FirewallRules: [UDP Query User{EB03DCC9-AF40-4B35-B979-3AA7733EAD86}C:\program files\ubisoft\assassin's creed brotherhood\acbspcrac.exe] => (Block) C:\program files\ubisoft\assassin's creed brotherhood\acbspcrac.exe
FirewallRules: [TCP Query User{A6E97896-2040-4066-9075-A42C0D7122B1}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{B7C3668E-C35E-4CD7-B919-538C2943E75D}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{11784C61-F6A0-469A-88CE-1EF81AEEF4FE}C:\program files\artlantis studio 4\qtsocketserver.exe] => (Block) C:\program files\artlantis studio 4\qtsocketserver.exe
FirewallRules: [UDP Query User{EBFE8382-1CB6-4136-B8C2-7B52B983A50D}C:\program files\artlantis studio 4\qtsocketserver.exe] => (Block) C:\program files\artlantis studio 4\qtsocketserver.exe
FirewallRules: [{4C774998-07B5-4ABF-99E0-D47695582FEC}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{5299E02B-3436-44CE-B749-280D9B78A311}C:\users\pája\appdata\roaming\icq\application\icq7.7\icq.exe] => (Block) C:\users\pája\appdata\roaming\icq\application\icq7.7\icq.exe
FirewallRules: [UDP Query User{AE4F4F71-59E8-46EC-8FC7-86A608F40816}C:\users\pája\appdata\roaming\icq\application\icq7.7\icq.exe] => (Block) C:\users\pája\appdata\roaming\icq\application\icq7.7\icq.exe
FirewallRules: [TCP Query User{0B881D21-3742-4E92-A609-A0AB980E46B4}C:\users\taťka\appdata\roaming\icq\application\icq7.7\icq.exe] => (Block) C:\users\taťka\appdata\roaming\icq\application\icq7.7\icq.exe
FirewallRules: [UDP Query User{35B2CCE9-D6BA-4FFF-BC79-3D09CCB892FB}C:\users\taťka\appdata\roaming\icq\application\icq7.7\icq.exe] => (Block) C:\users\taťka\appdata\roaming\icq\application\icq7.7\icq.exe
FirewallRules: [TCP Query User{5E39A2B0-78E9-4E30-BC6B-AA40D4E7AF5D}C:\users\taťka\downloads\chmatakov15.exe] => (Block) C:\users\taťka\downloads\chmatakov15.exe
FirewallRules: [UDP Query User{DBC2F8CD-ED10-4E1C-9531-D6CD4C4969B0}C:\users\taťka\downloads\chmatakov15.exe] => (Block) C:\users\taťka\downloads\chmatakov15.exe
FirewallRules: [TCP Query User{7056CD2B-97DF-4D11-8921-56A11531A3F7}C:\users\taťka\downloads\chmatakov15 (1).exe] => (Block) C:\users\taťka\downloads\chmatakov15 (1).exe
FirewallRules: [UDP Query User{449D244C-8A52-436B-BCC7-4F705294C72D}C:\users\taťka\downloads\chmatakov15 (1).exe] => (Block) C:\users\taťka\downloads\chmatakov15 (1).exe
FirewallRules: [TCP Query User{CF359088-C210-410D-A536-D4311DFE89FF}C:\users\taťka\downloads\chmatakov15 (2).exe] => (Block) C:\users\taťka\downloads\chmatakov15 (2).exe
FirewallRules: [UDP Query User{06AD578A-E3FC-4B8C-B7C9-42DB03A8B854}C:\users\taťka\downloads\chmatakov15 (2).exe] => (Block) C:\users\taťka\downloads\chmatakov15 (2).exe
FirewallRules: [TCP Query User{ABFB4F4E-DD14-4373-B6BC-54842053F4B0}C:\users\taťka\downloads\chmatakov15 (3).exe] => (Block) C:\users\taťka\downloads\chmatakov15 (3).exe
FirewallRules: [UDP Query User{D469467B-6BAA-4AB1-BCB1-10E47FF177E4}C:\users\taťka\downloads\chmatakov15 (3).exe] => (Block) C:\users\taťka\downloads\chmatakov15 (3).exe
FirewallRules: [TCP Query User{A635540A-7FFB-4CE8-85AF-980CF8156EBF}C:\users\taťka\downloads\chmatakov15 (4).exe] => (Block) C:\users\taťka\downloads\chmatakov15 (4).exe
FirewallRules: [UDP Query User{EB6A5648-5B0D-4AAF-A30F-D773EFCC70E1}C:\users\taťka\downloads\chmatakov15 (4).exe] => (Block) C:\users\taťka\downloads\chmatakov15 (4).exe
FirewallRules: [{DB43424C-4261-42D0-B14F-AD09308DBD73}] => (Allow) C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe
FirewallRules: [{12DF331E-B9AD-49F7-8E9C-ABA8E352BE77}] => (Allow) C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe
FirewallRules: [{45320810-99AB-48F9-8679-88CD04232B7D}] => (Allow) C:\Users\Lenka\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CF1E3EF3-CE42-4839-ACEE-0D29E1F07540}] => (Allow) C:\Users\Lenka\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4933CD35-B2B8-4635-ACF7-495F6E3EF057}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{AA7E3CF1-7322-4546-929C-60D54296D2C5}] => (Allow) LPort=2869
FirewallRules: [{F4F76DF5-44AC-406B-83C8-2D6B17DAA62B}] => (Allow) LPort=1900
FirewallRules: [{2828FC58-FBB1-4BDC-AF7B-B03579A0B731}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{4922C4DD-BE28-4CB8-9AA4-5BE282D88DB6}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{123F96C7-BA24-4F32-909C-9C8F20692A62}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{1922C4BC-2844-4ED2-A398-B446E81CABC7}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 16\ArchiCAD.exe
FirewallRules: [{100FADD6-609B-4F19-B0EB-D1ED6A432AB2}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 16\ArchiCAD.exe
FirewallRules: [{D5D61E17-9069-4BF0-9B21-7FC3C9100B5E}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 16\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{2A519E14-6107-4D14-8460-103B4B41FA98}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 16\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{6FE762D8-1EB2-49B7-AB3A-B92A94EF92A6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BD63E2EE-76CD-471F-B3FF-B07E3C9B11DA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{47419641-A674-4904-899F-A6F9D1D71516}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{655A92CE-10DF-4882-B3FE-269029C98A9E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BE6ECEB8-FAC0-4B6D-8674-B347B5D4D9CD}] => (Allow) C:\Program Files\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{7E315FAA-A11E-4264-848D-85972A2C248E}] => (Allow) C:\Program Files\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{B721260E-7C04-4A5E-8DD4-E3E0ABF09A53}] => (Allow) C:\Program Files\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{C8DC1BFE-67F7-452E-9B5E-0D36266CACA1}] => (Allow) C:\Program Files\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{11F30A5F-01EB-4D9C-AA02-2FAB43A1B63A}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EC2E528C-C0D8-4B90-88C0-04EBCC8A1E13}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{D9230549-41CE-4B26-A53A-5B98F315EBF4}C:\soldat\soldat.exe] => (Block) C:\soldat\soldat.exe
FirewallRules: [UDP Query User{D908AD2E-A2FE-4F95-9A49-9C05A3F51A01}C:\soldat\soldat.exe] => (Block) C:\soldat\soldat.exe
FirewallRules: [{4B35CF47-B7FB-4C66-80AC-E760400A38A3}] => (Allow) C:\Program Files\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{E2A9AE0C-9E30-4B2C-943E-8E42DDE77807}] => (Allow) C:\Program Files\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{831DFDA0-4691-44CF-80DD-240D79B1C056}] => (Allow) C:\Program Files\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{12B422F1-593D-41BE-AEB6-EBB6DB5C89FB}] => (Allow) C:\Program Files\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{2129FF60-FA05-4E4C-A67D-82E50632A2EB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{3F1160D2-0ED4-483A-9823-4D29D8EEF628}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Restore Points =========================

16-03-2018 15:12:51 Windows Update
03-04-2018 18:47:33 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
14-04-2018 11:12:00 Windows Update
19-04-2018 18:30:40 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
25-05-2018 14:43:37 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
26-07-2018 15:19:37 Installed GIGABYTE OC_GURU II
26-07-2018 15:29:12 Instalace balíčku ovladače zařízení: NVIDIA Grafické adaptéry
26-07-2018 15:31:53 Instalace balíčku ovladače zařízení: NVIDIA Corporation Řadiče zvuku, videa a her
26-07-2018 15:32:20 Instalace balíčku ovladače zařízení: NVIDIA Řadiče USB (Universal Serial Bus)
26-07-2018 15:32:56 Odebráno: NVIDIA PhysX
26-07-2018 16:39:47 Instalace balíčku ovladače zařízení: NVIDIA Grafické adaptéry
26-07-2018 16:43:42 Instalace balíčku ovladače zařízení: NVIDIA Corporation Řadiče zvuku, videa a her
26-07-2018 16:44:08 Instalace balíčku ovladače zařízení: NVIDIA Řadiče USB (Universal Serial Bus)
29-07-2018 14:10:52 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
05-08-2018 11:38:42 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
10-08-2018 11:48:30 Windows Update
10-08-2018 14:00:00 Installed Epic Games Launcher
13-08-2018 08:44:59 Removed BlueStacks Notification Center
13-08-2018 08:58:28 Removed BlueStacks Notification Center
14-08-2018 09:53:46 Restore Point Created by FRST
15-08-2018 10:27:44 Removed pdfforge Toolbar v9.6.
15-08-2018 10:30:11 Removed pdfforge Toolbar v9.6.
15-08-2018 10:31:16 Removed SweetIM for Messenger 3.0
15-08-2018 10:32:30 Removed SweetIM for Messenger 3.0

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/16/2018 07:08:35 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Selhalo generování kontextu aktivace pro: C:\Program Files\Windows Live\Messenger\msnmsgr.exe. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti jsou:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifest.

Error: (08/16/2018 07:08:35 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Selhalo generování kontextu aktivace pro: C:\Program Files\Windows Live\Messenger\msnmsgr.exe. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti jsou:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifest.

Error: (08/16/2018 07:08:05 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Službu nelze spustit. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Operace byla dokončena úspěšně
--- Konec trasování zásobníku pro vnitřní výjimku ---
v BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (08/15/2018 10:34:27 AM) (Source: MsiInstaller) (EventID: 11316) (User: NasPC)
Description: Product: SweetIM for Messenger 3.0 -- Error 1316.Zadaný účet již existuje.

Error: (08/15/2018 10:34:05 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Selhalo generování kontextu aktivace pro: C:\Program Files\Windows Live\Messenger\msnmsgr.exe. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti jsou:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifest.

Error: (08/15/2018 10:34:05 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Selhalo generování kontextu aktivace pro: C:\Program Files\Windows Live\Messenger\msnmsgr.exe. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti jsou:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifest.

Error: (08/15/2018 10:32:20 AM) (Source: MsiInstaller) (EventID: 11316) (User: NasPC)
Description: Product: SweetIM for Messenger 3.0 -- Error 1316.Zadaný účet již existuje.

Error: (08/15/2018 10:31:02 AM) (Source: MsiInstaller) (EventID: 10005) (User: NasPC)
Description: Product: pdfforge Toolbar v9.6 -- Error 2738.Could not access VBScript run time for custom action .


System errors:
=============
Error: (08/16/2018 07:08:15 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
i8042prt

Error: (08/16/2018 07:08:15 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba BlueStacks Android Service byla ukončena s následující chybou:
Při obsluze řídicí žádosti došlo ve službě k výjimce.

Error: (08/15/2018 10:21:56 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
i8042prt

Error: (08/15/2018 10:21:56 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba BlueStacks Android Service byla ukončena s následující chybou:
Při obsluze řídicí žádosti došlo ve službě k výjimce.

Error: (08/14/2018 03:22:07 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby AntiVirSchedulerService bylo dosaženo časového limitu (30000 ms).

Error: (08/14/2018 10:05:03 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
i8042prt

Error: (08/14/2018 10:05:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba BlueStacks Android Service byla ukončena s následující chybou:
Při obsluze řídicí žádosti došlo ve službě k výjimce.

Error: (08/14/2018 09:53:43 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.


CodeIntegrity:
===================================

Date: 2017-08-31 14:02:48.441
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-08-31 14:02:48.195
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-08-31 14:02:47.953
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-08-31 14:02:47.702
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-08-31 14:02:47.387
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MBAMChameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-08-31 14:02:47.144
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MBAMChameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-08-31 14:02:46.900
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MBAMChameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-08-31 14:02:46.651
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MBAMChameleon.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 39%
Total physical RAM: 3581.58 MB
Available physical RAM: 2171.16 MB
Total Virtual: 7400.11 MB
Available Virtual: 6025.69 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:596.17 GB) (Free:125.25 GB) NTFS ==>[drive with boot components (obtained from BCD)]


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: 13BDEB28)
Partition 1: (Active) - (Size=596.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  File: C:\Program Files\Avira\AntiVir Desktop\sched.exe
  File: C:\Program Files\Avira\AntiVir Desktop\avguard.exe
  File: C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
  File: C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
  File: C:\Windows\system32\PrintCtrl.exe
  Folder: C:\Users\Petra\Desktop
  
  DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AA47ABA7-4F91-4B66-A03D-47CB1552F5E6}
  DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F81415D2-CEC9-4F96-9ABA-B2CC5382A930}
  
  C:\Program Files\pdfforge Toolbar
  C:\Program Files\SweetIM
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

fixlog

Vyzera to uz OK. Su este s PC nejake problemy?

Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

Bez problémů, děkuji.