Kontrola logu prosím Vyřešeno

[mafian]

Snad ok uděláno v nouzáku.


ComboFix 18-06-17.01 - uživatel 24.06.2018 10:29:44.5.4 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.2883 [GMT 2:00]
Spuštěný z: c:\documents and settings\u×ivatel\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\u×ivatel\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 9.0.376.1 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2018-05-24 do 2018-06-24 )))))))))))))))))))))))))))))))
.
.
2018-06-22 18:27 . 2018-06-22 18:27 -------- d-----w- C:\zoek
2018-06-22 11:19 . 2012-10-12 13:34 33096 ----a-w- c:\windows\system32\drivers\sct_skmscan.sys
2018-06-22 11:17 . 2018-06-22 11:17 -------- d-----w- c:\program files\Sophos
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2018-06-22 13:10 . 2016-05-29 06:05 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2018-06-08 12:03 . 2018-03-04 09:47 842240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2018-06-08 12:03 . 2018-03-04 09:47 175104 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtPending]
@="{056D528D-CE28-4194-9BA3-BA2E9197FF8C}"
[HKEY_CLASSES_ROOT\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}]
2014-05-01 14:15 463360 ----a-w- c:\documents and settings\uživatel\Local Settings\Data aplikací\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtSynced]
@="{05B38830-F4E9-4329-978B-1DD28605D202}"
[HKEY_CLASSES_ROOT\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}]
2014-05-01 14:15 463360 ----a-w- c:\documents and settings\uživatel\Local Settings\Data aplikací\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtSyncing]
@="{0596C850-7BDD-4C9D-AFDF-873BE6890637}"
[HKEY_CLASSES_ROOT\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}]
2014-05-01 14:15 463360 ----a-w- c:\documents and settings\uživatel\Local Settings\Data aplikací\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2013-10-04 20145368]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCT_SKMScan]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2010-08-20 11:03 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
2018-01-09 22:43 171064 ----a-w- c:\program files\BlueStacks\HD-Agent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-11-10 09:17 3514176 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2018-06-09 20:02 601680 ----atw- c:\documents and settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.33.17\GoogleUpdateCore.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2013-10-04 11:29 20145368 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2005-10-26 15:17 159744 ----a-r- c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
2013-12-13 15:36 831488 ----a-w- c:\program files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"RTHDCPL"=RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"RTHDCPL"=RTHDCPL.EXE
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
"c:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Documents and Settings\\uživatel\\Plocha\\Microsoft-Office-2010-v1.0-CZ-Portable\\Microsoft Office 2010 Portable CZ by Sparrow v1.0\\MSO_2010_by_Sparrow.dat"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Documents and Settings\\uživatel\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"f:\\FormatFactory\\FormatFactory.exe"=
"f:\\FormatFactory\\FFModules\\Encoder\\Doc\\EBookCodec.exe"=
"f:\\FormatFactory\\FFModules\\Package\\PTInstOnline.exe"=
"c:\\Program Files\\BlueStacks\\HD-Player.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56411:TCP"= 56411:TCP:Pando Media Booster
"56411:UDP"= 56411:UDP:Pando Media Booster
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29.12.2011 12:39 691696]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [6.3.2014 13:31 43296]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [10.1.2012 18:21 239168]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2.11.2012 13:53 43648]
S1 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [14.4.2016 16:09 206312]
S1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.4.2016 16:09 146024]
S1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [14.4.2016 16:09 127496]
S1 MBAMChameleon;MBAMChameleon;c:\windows\system32\drivers\MBAMChameleon.sys --> c:\windows\system32\drivers\MBAMChameleon.sys [?]
S1 ZAM;ZAM Helper Driver;\??\c:\windows\System32\drivers\zam32.sys --> c:\windows\System32\drivers\zam32.sys [?]
S1 ZAM_Guard;ZAM Guard Driver;\??\c:\windows\System32\drivers\zamguard32.sys --> c:\windows\System32\drivers\zamguard32.sys [?]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [4.3.2016 0:18 1983264]
S2 Správce výběru OS;Aktivátor Správce výběru OS Acronis;c:\program files\Acronis\DiskDirector\OSS\reinstall_svc.exe [28.10.2010 20:31 2156952]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [12.9.2012 11:47 1691480]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [16.4.2012 17:18 103040]
S3 BstkDrv;BlueStacks Plus Hypervisor;c:\program files\BlueStacks\BstkDrv.sys [24.1.2018 0:53 218720]
S3 etdrv;etdrv;c:\windows\etdrv.sys [23.7.2014 10:34 17488]
S3 SCT_SKMScan;SCT_SKMScan;c:\windows\system32\drivers\sct_skmscan.sys [22.6.2018 13:19 33096]
S3 SophosVirusRemovalTool;Sophos Virus Removal Tool;c:\program files\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [15.6.2017 14:30 163680]
S3 WacomISDPen;Wacom Penabled HID MiniDriver;c:\windows\system32\drivers\wacomisdpen.sys [2.6.2014 23:09 23040]
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - SASKUTIL
.
Obsah adresáře 'Naplánované úlohy'
.
2018-06-23 c:\windows\Tasks\Adobe Flash Player NPAPI Notifier.job
- c:\windows\system32\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe [2018-06-07 21:03]
.
2018-06-23 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\system32\Macromed\Flash\FlashUtil32_30_0_0_113_pepper.exe [2018-06-08 12:03]
.
2018-06-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-04 12:03]
.
2018-06-24 c:\windows\Tasks\Opera scheduled Autoupdate 1374932067.job
- c:\program files\Opera\launcher.exe [2013-07-27 12:29]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = about:blank
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: eset.com\help
TCP: DhcpNameServer = 10.100.0.100 10.10.10.10
DPF: {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} - hxxps://forms.celnisprava.cz/webfiller/ ... bff_cs.cab
FF - ProfilePath - c:\documents and settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\g7v96ew1.default-1523880811390\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2018-06-24 10:40
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\ćHőwć
*]
"DisplayName"="???\17?\11\09"
"DeviceDesc"="???\17?\11\09"
"ProviderName"="???\11?\17?\11??"
"MFG"="???????"
"ReinstallString"=".10.1000.8"
"DeviceInstanceIds"=multi:"e:\\chipset\\7-ser\\xp\\sbdrv\\smbus\\smbusati.inf\00"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(308)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(1636)
c:\documents and settings\uživatel\Local Settings\Data aplikací\MEGAsync\ShellExtX32.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Microsoft Office\OFFICE11\msohev.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
Celkový čas: 2018-06-24 10:43:31
ComboFix-quarantined-files.txt 2018-06-24 08:43
ComboFix2.txt 2018-06-23 08:05
ComboFix3.txt 2018-06-22 19:43
ComboFix4.txt 2018-04-18 07:52
ComboFix5.txt 2018-06-24 08:26
.
Před spuštěním: Volných bajtů: 50 836 746 240
Po spuštění: Volných bajtů: 50 864 054 272
.
- - End Of File - - 5976A855D0A10E571E8919AC510EA220
17A9D93EB59FDD9F532D51EE0F3D24C0

[Reklama]

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[mafian]

combofix nejde odinstalovat hodí to hlášku že windows nemůže combofix najít.Přitom je na ploše.

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20.06.2018
Ran by uživatel (26-06-2018 09:13:15)
Running from C:\Documents and Settings\uživatel\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) (2011-12-28 09:25:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-854245398-1383384898-839522115-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-854245398-1383384898-839522115-1007 - Limited - Enabled)
Guest (S-1-5-21-854245398-1383384898-839522115-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-854245398-1383384898-839522115-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-854245398-1383384898-839522115-1002 - Limited - Disabled)
uživatel (S-1-5-21-854245398-1383384898-839522115-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\uživatel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 9.0.376.1 (Enabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.20 - GIGABYTE)
3D Morris 2.02 (HKLM\...\3D Morris_is1) (Version: - Lobstersoft)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
ABBYY FineReader 11 (HKLM\...\{F1100000-0008-0000-0001-074957833700}) (Version: 11.0.289 - ABBYY)
Acronis Disk Director (HKLM\...\{06E34C00-0446-4176-81C8-A5DAFE53CA36}) (Version: 11.0.2121 - Acronis)
Active@ ISO Burner (HKLM\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.1 - LSoft Technologies)
Adobe Flash Player 30 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AIDA64 Extreme v4.70 (HKLM\...\AIDA64 Extreme_is1) (Version: 4.70 - FinalWire Ltd.)
Aktualizace systému Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2647516) (HKLM\...\KB2647516-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2675157) (HKLM\...\KB2675157-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation)
ANDY OS (HKLM\...\ANDY OS) (Version: 1.1 - andyroid.net)
Ashampoo Burning Studio FREE (HKLM\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
ATI AVIVO Codecs (HKLM\...\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}) (Version: 10.0.0.31121 - ATI Technologies Inc.)
ATI Parental Control & Encoder (HKLM\...\{36CDA33B-909B-4719-97D1-C4B99309BDC7}) (Version: 3.0 - Název společnosti:) Hidden
ATI Problem Report Wizard (HKLM\...\{5DA6F06A-B389-407B-BF8C-1548767914D8}) (Version: 8.10 - ATI Technologies)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.6.11 - Autodesk, Inc.)
Avanquest update (HKLM\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.34 - Avanquest Software)
Balíček ovladače systému Windows - Advanced Micro Devices (amdide) hdc (12/04/2012 5.2.2.0179) (HKLM\...\92CABF192AE59FEC7A26BF526AE067A4C700A858) (Version: 12/04/2012 5.2.2.0179 - Advanced Micro Devices)
Balíček ovladače systému Windows - LG Monitor (11/16/2006 1.3) (HKLM\...\591196B86D6AB052BD2AB3227EA1EB79A226E8D9) (Version: 11/16/2006 1.3 - LG)
Balíček ovladače systému Windows - Wacom (WacomISDPen) HIDClass (01/16/2006 2.5.0.0) (HKLM\...\06BA12C2FD6352D410C15EC9E359E80332E24487) (Version: 01/16/2006 2.5.0.0 - Wacom)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 3.55.70.1783 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Combined Community Codec Pack 2011-11-11 (HKLM\...\Combined Community Codec Pack_is1) (Version: 2011.11.11.0 - CCCP Project)
Connectivity Abstraction Layer (HKLM\...\{510414A2-0F14-4DB8-BDF2-C98A6E1D1367}) (Version: 1.3.014 - Deere & Company)
CrystalDiskInfo 4.2.0a (HKLM\...\CrystalDiskInfo_is1) (Version: 4.2.0a - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
EasyCapture 1.0.0.0 (HKLM\...\EasyCapture_is1) (Version: - )
ECULP 4.0 (HKLM\...\ECULP4_is1) (Version: - John Deere FOCUS)
Epson Easy Photo Print 2 (HKLM\...\{310C1558-F6B5-4889-98B0-7471966BA7F2}) (Version: 2.2.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX420W Series Printer Uninstall (HKLM\...\EPSON SX420W Series) (Version: - SEIKO EPSON Corporation)
EVEREST Ultimate Edition v5.50 (HKLM\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
FCleaner 1.3.1.621 (HKLM\...\FCleaner_is1) (Version: - FTweak, Inc.)
ffdshow (remove only) (HKLM\...\ffdshow) (Version: - )
FilesTuber (HKU\S-1-5-21-854245398-1383384898-839522115-1003\...\a49b2cdf927707e4) (Version: 1.1.0.2 - FilesTuber)
FormApps Plug-in (HKLM\...\{9a1d8d96-8b6f-4b5e-9281-abf022feb360}) (Version: 1.21.2.70 - Software602 a.s.)
FormApps Signing Extension (HKLM\...\{1896CB18-36FE-4AA6-8F9C-F42C087941CD}) (Version: 2.19.0.37 - Software602 a.s.)
FormatFactory 4.1.0.0 (HKLM\...\FormatFactory) (Version: 4.1.0.0 - Free Time)
GetDataBack for FAT (HKLM\...\{2EEEC858-21F8-419B-8FE2-820621BFFCD7}) (Version: 3.66.000 - Runtime Software)
GetDataBack for NTFS (HKLM\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 3.03.017 - Runtime Software)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Glary Utilities 2.53.0.1726 (HKLM\...\Glary Utilities_is1) (Version: 2.53.0.1726 - Glarysoft Ltd)
Google Chrome (HKU\S-1-5-21-854245398-1383384898-839522115-1003\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.0 - Google Inc.) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
Chromium (HKLM\...\{560ABECA-068A-6F4A-B70A-1FCA678ACC4A}) (Version: - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: - )
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Jpeg Resampler Vs 6+ (HKLM\...\JpegResampler2010_is1) (Version: - Jpeg Resampler)
JPG To PDF 2.2.1 (HKLM\...\JPG To PDF_is1) (Version: - JPG To PDF Developer Team)
KMP Media Toolbar (HKLM\...\{4B4D5056-3700-A76A-76A7-A758B70C0600}) (Version: 12.6.0.1645 - APN, LLC)
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 4.1.5.6 - PandoraTV)
League of Legends (HKLM\...\{79BF4901-1EC4-4726-B3C2-A7859706C6E7}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Light Image Resizer 4.7.7.0 (HKLM\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.7.7.0 - ObviousIdea)
MEGAsync (HKLM\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 1.1 Czech Language Pack (HKLM\...\{5E65E94D-69F2-4850-9E93-6459C53A0F50}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY (HKLM\...\{A2C9CD1B-2551-3AED-B244-6698FB929FA6}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY (HKLM\...\{546C143E-68DC-314D-97BC-1E454E3BA429}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM\...\{90120405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 CSY (HKLM\...\{E8BEDB28-151D-465C-9BE0-F6EB930A629C}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiniTool Power Data Recovery Free Edition 7.0 (HKLM\...\MiniTool Power Data Recovery Free Edition_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 52.8.1 ESR (x86 cs) (HKLM\...\Mozilla Firefox 52.8.1 ESR (x86 cs)) (Version: 52.8.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.8.1.6730 - Mozilla)
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 6.0 Parser (HKLM\...\{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}) (Version: 6.10.1129.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM\...\{91C0B95B-B83A-4828-A775-BBE2DD421029}) (Version: 7.02.9752 - Nero AG)
NEXIQ Readings (HKLM\...\{5DE5512A-6F6F-43FB-82C6-9A523E3AC771}) (Version: 3.01.320 - )
nLite 1.4.8 (HKLM\...\nLite_is1) (Version: 1.4.8 - Dino Nuhagic (nuhi))
Nuclear Coffee - VideoGet (HKLM\...\VideoGet_is1) (Version: 2012 - Nuclear Coffee)
NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenOffice.org 3.0 (HKLM\...\{BE8BE32F-F595-4693-9F82-1E0A5A047BB6}) (Version: 3.0.9358 - OpenOffice.org)
Opera Stable 36.0.2130.80 (HKLM\...\Opera 36.0.2130.80) (Version: 36.0.2130.80 - Opera Software)
Opera Stable 36.0.2130.80 (HKLM\...\Opera 36.0.2130.801) (Version: 36.0.2130.80 - Opera Software)
PDF Editor 4 (HKLM\...\PDF Editor 4) (Version: - )
PDF Shrink 2 (HKLM\...\PDF Shrink 2) (Version: - )
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
Polda III čára (HKLM\...\Polda III čára_is1) (Version: - )
Polda III karty (HKLM\...\Polda III karty_is1) (Version: - )
Pošta & kancelář 2.3 (HKLM\...\Pošta & kancelář_is1) (Version: - PS Media s.r.o.)
Pošta a kancelář 3.7 (HKLM\...\Pošta a kancelář 3_is1) (Version: - PS Media s.r.o.)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.35.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.7111 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RogueKiller version 12.12.20.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.20.0 - Adlice Software)
Sada Compatibility Pack pro systém Office 2007 (HKLM\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Seznam Software (HKU\S-1-5-21-854245398-1383384898-839522115-1003\...\SeznamInstall) (Version: - Seznam.cz)
Software602 Form Filler (HKLM\...\{C6E36857-F622-4DF5-B458-05752A4D13F0}) (Version: 4.13 - Software602 a.s.)
Software602 Print2PDF (HKLM\...\{32C74893-0243-4235-A6F3-201F0E5D2C03}) (Version: 9.1.11.0421 - Software602 a.s.)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM\...\{6C8C4577-8E15-4C63-96ED-D40F2072FF74}) (Version: 6.0.19.0 - Husdawg, LLC)
The Settlers Online - Standalone Client (HKU\S-1-5-21-854245398-1383384898-839522115-1003\...\The Settlers Online) (Version: - )
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMR Client Install (HKLM\...\{3FAF52DB-8007-48D1-98E0-A388B92057CC}) (Version: 1.00.0000 - Deere & Company) Hidden
WebFldrs XP (HKLM\...\{350C97C4-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.5318 - Microsoft Corporation) Hidden
Window Handler (HKLM\...\ST5UNST #1) (Version: - )
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
WinRAR 4.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.5 - ZONER software)
Аrdamаx Kеylogger 4.8 (HKLM\...\Аrdamаx Kеylogger 4. (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{0561E9ED-1BA8-A8E6-8873-14E47B15E3D8}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{9D1CC63A-3313-563A-189B-00AB5A3A87D8}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{D5B39FC5-8683-5FAF-724A-A5E25BBD0B10}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.33.17\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-854245398-1383384898-839522115-1003_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.33.17\psuser.dll (Google Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Documents and Settings\uživatel\Local Settings\Data aplikací\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Documents and Settings\uživatel\Local Settings\Data aplikací\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Documents and Settings\uživatel\Local Settings\Data aplikací\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Documents and Settings\uživatel\Local Settings\Data aplikací\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-06-28] (Nero AG)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-03-04] (ESET)
ContextMenuHandlers1: [FineReader11ContextMenu] -> {79E48320-C6B5-49F1-992B-571D53586885} => C:\Program Files\ABBYY FineReader 11\FRIntegration.dll [2011-08-18] (ABBYY.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => F:\FormatFactory\ShellEx_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers1: [Glary Utilities] -> {72923739-5A47-40A3-9895-25AF0DFBB9E4} => C:\Program Files\Glary Utilities\ContextHandler.dll [2012-10-21] (Glarysoft Ltd)
ContextMenuHandlers1: [Print602] -> {D5F8CFC7-1A45-4517-A565-E42CDE7880CF} => C:\Program Files\Software602\Print2PDF\CtxMenu.dll [2011-04-15] (Software602)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers2: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files\Alcohol Soft\Alcohol 120\AxShlex.dll [2010-03-25] (Alcohol Soft Development Team)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-03-04] (ESET)
ContextMenuHandlers2: [Glary Utilities] -> {72923739-5A47-40A3-9895-25AF0DFBB9E4} => C:\Program Files\Glary Utilities\ContextHandler.dll [2012-10-21] (Glarysoft Ltd)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-04] ()
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Documents and Settings\uživatel\Local Settings\Data aplikací\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => F:\FormatFactory\ShellEx_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-03-04] (ESET)
ContextMenuHandlers6: [FineReader11ContextMenu] -> {79E48320-C6B5-49F1-992B-571D53586885} => C:\Program Files\ABBYY FineReader 11\FRIntegration.dll [2011-08-18] (ABBYY.)
ContextMenuHandlers6: [Glary Utilities] -> {72923739-5A47-40A3-9895-25AF0DFBB9E4} => C:\Program Files\Glary Utilities\ContextHandler.dll [2012-10-21] (Glarysoft Ltd)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-04] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()

==================== Scheduled Tasks=============================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_30_0_0_113_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1374932067.job => C:\Program Files\Opera\launcher.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Documents and Settings\uživatel\Plocha\programy\Secustamp Smart Form.lnk -> C:\Program Files\Software602\602XML\Filler\Filler602.exe (Software602 a.s.) -> "<?xml version='1.0' ?><d:root xmlns:d='hxxp://www.software602.cz/signmastercz'/>"

==================== Loaded Modules (Whitelisted) ==============

2012-01-13 19:44 - 2001-10-28 18:42 - 000116224 _____ () C:\WINDOWS\system32\pdfcmnnt.dll
2014-05-01 16:15 - 2014-05-01 16:15 - 000463360 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\MEGAsync\ShellExtX32.dll
2010-07-04 23:32 - 2010-07-04 23:32 - 000010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2011-12-30 11:45 - 2011-05-28 23:04 - 000140288 _____ () C:\Program Files\WinRAR\rarext.dll
2011-12-30 11:45 - 2011-06-16 01:14 - 000331776 _____ () C:\Program Files\WinRAR\rarlng.dll
2010-10-28 20:31 - 2010-10-28 20:31 - 002156952 _____ () C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
2017-12-25 00:38 - 2016-08-05 14:29 - 063846920 _____ () C:\Program Files\Opera\36.0.2130.80_0\opera.dll
2011-12-28 12:23 - 2008-04-14 09:51 - 000014336 _____ () C:\WINDOWS\system32\msdmo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Documents and Settings\uživatel:gs5sys [2560]
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\desktop.ini:gs5sys [2816]
AlternateDataStreams: C:\Documents and Settings\All Users\Dokumenty\desktop.ini:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uživatel\Cookies:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uživatel\Plocha:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uživatel\Šablony:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uživatel\Data aplikací\desktop.ini:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uživatel\Local Settings\Data aplikací:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uživatel\Local Settings\History:gs5sys [2816]
AlternateDataStreams: C:\Documents and Settings\uživatel\Dokumenty\43017:300x250_citysex_v34 [27982]
AlternateDataStreams: C:\Documents and Settings\uživatel\Dokumenty\desktop.ini:gs5sys [2560]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCT_SKMScan => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCT_SKMScan => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SophosVirusRemovalTool => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-10-12 20:45 - 2018-06-22 20:19 - 000000753 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-854245398-1383384898-839522115-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Nebe.bmp
DNS Servers: 10.100.0.100 - 10.10.10.10
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Google Update => C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.33.17\GoogleUpdateCore.exe
MSCONFIG\startupreg: RTHDCPL => RTHDCPL.EXE
MSCONFIG\startupreg: Sony Ericsson PC Suite => "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

StandardProfile\AuthorizedApplications: [C:\Program Files\Epson Software\Event Manager\EEventManager.exe] => Enabled:EEventManager Application
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\soft602\langserv.exe] => Enabled:Software602 Spell Checker
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\msiexec.exe] => Enabled:UpdateManagerSetup
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\uživatel\Plocha\Microsoft-Office-2010-v1.0-CZ-Portable\Microsoft Office 2010 Portable CZ by Sparrow v1.0\MSO_2010_by_Sparrow.dat] => Enabled:MSO_2010_by_Sparrow
StandardProfile\AuthorizedApplications: [C:\Program Files\VideoLAN\VLC\vlc.exe] => Enabled:VLC media player 2.1.0
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [F:\FormatFactory\FormatFactory.exe] => Enabled:Format Factory
StandardProfile\AuthorizedApplications: [F:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe] => Enabled:EBook Codec Downloader
StandardProfile\AuthorizedApplications: [F:\FormatFactory\FFModules\Package\PTInstOnline.exe] => Enabled:Picosmos P2P Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\BlueStacks\HD-Player.exe] => Enabled:BlueStacks Android Host
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
DomainProfile\GloballyOpenPorts: [56411:TCP] => Enabled:Pando Media Booster
DomainProfile\GloballyOpenPorts: [56411:UDP] => Enabled:Pando Media Booster
StandardProfile\GloballyOpenPorts: [56411:TCP] => Enabled:Pando Media Booster
StandardProfile\GloballyOpenPorts: [56411:UDP] => Enabled:Pando Media Booster

==================== Restore Points =========================

26-03-2018 21:08:32 Kontrolní bod systému
29-03-2018 20:13:42 Kontrolní bod systému
31-03-2018 20:40:58 Kontrolní bod systému
04-04-2018 22:58:00 Kontrolní bod systému
06-04-2018 11:29:54 Kontrolní bod systému
07-04-2018 21:06:40 Kontrolní bod systému
09-04-2018 10:39:34 Kontrolní bod systému
11-04-2018 17:41:43 Kontrolní bod systému
13-04-2018 19:16:54 Kontrolní bod systému
14-04-2018 19:42:25 Kontrolní bod systému
17-04-2018 13:30:35 Kontrolní bod systému
18-04-2018 09:30:53 JRT Pre-Junkware Removal
20-04-2018 12:20:01 Kontrolní bod systému
24-04-2018 20:25:33 Kontrolní bod systému
25-04-2018 21:09:35 Kontrolní bod systému
27-04-2018 09:46:30 Kontrolní bod systému
28-04-2018 19:54:11 Kontrolní bod systému
30-04-2018 12:50:07 Kontrolní bod systému
02-05-2018 15:19:50 Kontrolní bod systému
03-05-2018 22:21:35 Kontrolní bod systému
05-05-2018 13:21:50 Kontrolní bod systému
09-05-2018 20:49:11 Kontrolní bod systému
10-05-2018 21:29:18 Kontrolní bod systému
11-05-2018 22:05:17 Kontrolní bod systému
13-05-2018 14:42:44 Kontrolní bod systému
15-05-2018 20:07:37 Kontrolní bod systému
18-05-2018 20:47:55 Kontrolní bod systému
21-05-2018 09:11:20 Kontrolní bod systému
22-05-2018 20:35:32 Kontrolní bod systému
24-05-2018 15:25:23 Kontrolní bod systému
25-05-2018 15:49:41 Kontrolní bod systému
26-05-2018 21:26:27 Kontrolní bod systému
28-05-2018 18:34:55 Kontrolní bod systému
29-05-2018 20:56:28 Kontrolní bod systému
31-05-2018 17:11:49 Kontrolní bod systému
01-06-2018 20:53:23 Kontrolní bod systému
07-06-2018 22:05:57 Kontrolní bod systému
09-06-2018 08:15:13 Kontrolní bod systému
11-06-2018 19:42:53 Kontrolní bod systému
12-06-2018 23:04:23 Kontrolní bod systému
14-06-2018 08:16:39 Kontrolní bod systému
16-06-2018 17:39:27 Kontrolní bod systému
18-06-2018 11:05:29 Kontrolní bod systému
19-06-2018 10:27:05 Revo Uninstaller's restore point - Malwarebytes Anti-Malware verze 2.2.0.1024
19-06-2018 10:53:34 Revo Uninstaller's restore point - Malwarebytes Anti-Malware verze 2.2.0.1024
22-06-2018 13:15:46 Removed Sophos Virus Removal Tool.
22-06-2018 13:17:31 Installed Sophos Virus Removal Tool.
22-06-2018 20:18:39 zoek.exe restore point
23-06-2018 10:20:50 Revo Uninstaller's restore point - WinUtilities Professional Edition 14.6
23-06-2018 20:14:15 Revo Uninstaller's restore point - Zemana AntiMalware
24-06-2018 23:03:08 Kontrolní bod systému

==================== Faulty Device Manager Devices =============

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTLE8023xp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Komunikační port (COM1)
Description: Wacom Penabled HID MiniDriver
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: Wacom
Service: WacomISDPen
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/26/2018 09:08:14 AM) (Source: MSSQLSERVER) (EventID: 3409) (User: )
Description: Performance counter shared memory setup failed with error -1. Reinstall sqlctr.ini for this instance, and ensure that the instance login account has correct registry permissions.

Error: (06/26/2018 09:08:14 AM) (Source: MSSQLSERVER) (EventID: 8313) (User: )
Description: Error in mapping SQL Server performance object/counter indexes to object/counter names. SQL Server performance counters are disabled.

Error: (06/26/2018 08:51:06 AM) (Source: MSSQLSERVER) (EventID: 3409) (User: )
Description: Performance counter shared memory setup failed with error -1. Reinstall sqlctr.ini for this instance, and ensure that the instance login account has correct registry permissions.

Error: (06/26/2018 08:51:06 AM) (Source: MSSQLSERVER) (EventID: 8313) (User: )
Description: Error in mapping SQL Server performance object/counter indexes to object/counter names. SQL Server performance counters are disabled.

Error: (06/25/2018 09:26:34 PM) (Source: MSSQLSERVER) (EventID: 3409) (User: )
Description: Performance counter shared memory setup failed with error -1. Reinstall sqlctr.ini for this instance, and ensure that the instance login account has correct registry permissions.

Error: (06/25/2018 09:26:34 PM) (Source: MSSQLSERVER) (EventID: 8313) (User: )
Description: Error in mapping SQL Server performance object/counter indexes to object/counter names. SQL Server performance counters are disabled.

Error: (06/25/2018 08:56:07 AM) (Source: MSSQLSERVER) (EventID: 3409) (User: )
Description: Performance counter shared memory setup failed with error -1. Reinstall sqlctr.ini for this instance, and ensure that the instance login account has correct registry permissions.

Error: (06/25/2018 08:56:07 AM) (Source: MSSQLSERVER) (EventID: 8313) (User: )
Description: Error in mapping SQL Server performance object/counter indexes to object/counter names. SQL Server performance counters are disabled.


System errors:
=============
Error: (06/26/2018 09:08:32 AM) (Source: 0) (EventID: 259) (User: )
Description: Event-ID 259

Error: (06/26/2018 09:08:32 AM) (Source: 0) (EventID: 256) (User: )
Description: Event-ID 256

Error: (06/26/2018 09:08:32 AM) (Source: 0) (EventID: 256) (User: )
Description: Event-ID 256

Error: (06/26/2018 09:08:32 AM) (Source: 0) (EventID: 256) (User: )
Description: Event-ID 256

Error: (06/26/2018 09:08:32 AM) (Source: 0) (EventID: 256) (User: )
Description: Event-ID 256

Error: (06/26/2018 09:08:32 AM) (Source: 0) (EventID: 260) (User: )
Description: Event-ID 260

Error: (06/26/2018 09:08:32 AM) (Source: 0) (EventID: 256) (User: )
Description: Event-ID 256

Error: (06/26/2018 09:08:32 AM) (Source: 0) (EventID: 256) (User: )
Description: Event-ID 256


==================== Memory info ===========================

Processor: AMD Phenom(tm) II X4 920 Processor
Percentage of memory in use: 39%
Total physical RAM: 3326.42 MB
Available physical RAM: 2003.65 MB
Total Virtual: 5209.88 MB
Available Virtual: 3864.04 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:99.36 GB) (Free:42 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:59.63 GB) (Free:33.95 GB) NTFS
Drive f: () (Fixed) (Total:306.78 GB) (Free:105.44 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 9AE79AE7)
Partition 1: (Active) - (Size=99.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=59.6 GB) - (Type=0F Extended)
Partition 3: (Not Active) - (Size=306.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[mafian]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20.06.2018
Ran by uživatel (administrator) on ADMIN (26-06-2018 09:11:17)
Running from C:\Documents and Settings\uživatel\Plocha
Loaded Profiles: uživatel (Available Profiles: uživatel & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\WINDOWS\system32\locator.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
() C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80_0\opera.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20145368 2013-10-04] (Realtek Semiconductor Corp.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2012-03-09] (ATI Technologies Inc.)
HKU\S-1-5-21-854245398-1383384898-839522115-1003\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [831488 2013-12-13] (ZONER software)
HKU\S-1-5-21-854245398-1383384898-839522115-1003\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> (None)
BootExecute:

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.100.0.100 10.10.10.10
Tcpip\..\Interfaces\{90248221-6BF5-42EE-9CE9-B25DB8FA3F8C}: [DhcpNameServer] 10.100.0.100 10.10.10.10

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-854245398-1383384898-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-854245398-1383384898-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-21-854245398-1383384898-839522115-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-10-16] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-10-16] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-854245398-1383384898-839522115-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll [2008-04-14] (Společnost Microsoft)
DPF: {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} hxxps://forms.celnisprava.cz/webfiller/ ... bff_cs.cab
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll [2008-04-14] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\g7v96ew1.default-1523880811390 [2018-06-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-30] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-07] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-10-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-10-16] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-854245398-1383384898-839522115-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-854245398-1383384898-839522115-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-09] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default [2018-06-23]
CHR Extension: (Prezentace) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-28]
CHR Extension: (Dokumenty) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-28]
CHR Extension: (Disk Google) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-28]
CHR Extension: (YouTube) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-28]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2017-12-28]
CHR Extension: (Tabulky) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-28]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-29]
CHR Extension: (FormApps Extension) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2018-01-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-12]
CHR Extension: (Gmail) - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-28]
StartMenuInternet: Google Chrome.EFIX7PDXVMH4TSHU4JU2LULLNI - C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

Opera:
=======
OPR Extension: (Mining Blocker) - C:\Documents and Settings\uživatel\Data aplikací\Opera Software\Opera Stable\Extensions\nbpfigdgbjgoejmnffbpgmbcnppjjokp [2018-05-29]
OPR Extension: (Adblock Plus) - C:\Documents and Settings\uživatel\Data aplikací\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-05-19]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-06-08] (Adobe Systems Incorporated) [File not signed]
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-01-13] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1983264 2016-03-04] (ESET)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S3 SophosVirusRemovalTool; C:\Program Files\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [163680 2017-06-15] (Sophos Limited)
R2 Správce výběru OS; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2010-10-28] ()
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R0 amdide; C:\WINDOWS\System32\DRIVERS\amdide.sys [11944 2012-12-03] (Advanced Micro Devices Inc.)
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [43296 2014-12-10] (AVG Technologies)
S3 BstkDrv; C:\Program Files\BlueStacks\BstkDrv.sys [218720 2018-01-10] (Bluestack System Inc. )
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [239168 2012-01-10] (DT Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [206312 2016-04-14] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [146024 2016-04-14] (ESET)
R1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [127496 2016-04-14] (ESET)
S3 etdrv; C:\WINDOWS\etdrv.sys [17488 2018-03-03] (Windows (R) 2000 DDK provider)
S3 gdrv; C:\WINDOWS\gdrv.sys [17488 2018-03-03] (Windows (R) 2000 DDK provider)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S2 PAR1284; C:\WINDOWS\system32\PAR1284.sys [54792 2009-06-29] (Warp Nine Engineering) [File not signed]
S3 RTHDMIAzAudService; C:\WINDOWS\System32\drivers\RtHDMI.sys [3684352 2008-08-26] (Realtek Semiconductor Corp.)
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
S3 SCT_SKMScan; C:\WINDOWS\System32\drivers\sct_skmscan.sys [33096 2012-10-12] (Sophos Limited)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2012-08-31] ()
U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [24688 2018-06-22] ()
S3 WacomISDPen; C:\WINDOWS\System32\DRIVERS\wacomisdpen.sys [23040 2007-05-24] (Wacom Technology)
R3 WinDriver6; C:\WINDOWS\System32\drivers\windrvr6.sys [193696 2009-06-29] (Jungo) [File not signed]
U5 GVTDrv; C:\WINDOWS\system32\Drivers\GVTDrv.sys [24944 2018-03-03] ()
S1 MBAMChameleon; \SystemRoot\system32\drivers\MBAMChameleon.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S3 trufos; system32\drivers\trufos.sys [X]
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam32.sys [X]
S1 ZAM_Guard; \??\C:\WINDOWS\System32\drivers\zamguard32.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-26 09:11 - 2018-06-26 09:11 - 000014207 _____ C:\Documents and Settings\uživatel\Plocha\FRST.txt
2018-06-26 09:11 - 2018-06-26 09:11 - 000000000 ____D C:\FRST
2018-06-26 09:10 - 2018-06-26 09:10 - 001773056 _____ (Farbar) C:\Documents and Settings\uživatel\Plocha\FRST.exe
2018-06-26 09:05 - 2018-06-26 09:05 - 000201728 _____ (OldTimer Tools) C:\Documents and Settings\uživatel\Dokumenty\OTC.exe
2018-06-25 21:42 - 2018-06-25 21:56 - 1606085092 _____ C:\Documents and Settings\uživatel\Dokumenty\Tomb Raider 2018 Cz dab..avi
2018-06-24 20:56 - 2018-06-24 20:57 - 000888727 _____ C:\Documents and Settings\uživatel\Dokumenty\Pojištění.pdf
2018-06-24 20:42 - 2018-06-24 20:55 - 000000000 ____D C:\Documents and Settings\uživatel\Dokumenty\pojištění zvířat
2018-06-24 20:42 - 2018-06-24 20:42 - 000132857 _____ C:\Documents and Settings\uživatel\Dokumenty\prilohy_35551.zip
2018-06-24 10:43 - 2018-06-26 09:11 - 000000000 ____D C:\Documents and Settings\uživatel\Local Settings\temp
2018-06-24 10:43 - 2018-06-24 10:43 - 000000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2018-06-24 10:43 - 2018-06-24 10:43 - 000000000 ____D C:\Documents and Settings\Administrator\Local Settings\temp
2018-06-24 10:18 - 2018-06-24 10:43 - 000129608 _____ C:\WINDOWS\ntbtlog.txt
2018-06-23 21:36 - 2018-06-23 21:36 - 000102400 _____ C:\WINDOWS\Minidump\Mini062318-01.dmp
2018-06-23 20:58 - 2018-06-23 20:58 - 000101338 _____ C:\Documents and Settings\uživatel\Dokumenty\rpttab2040007 (1).pdf
2018-06-23 12:14 - 2018-06-23 12:14 - 000101338 _____ C:\Documents and Settings\uživatel\Dokumenty\rpttab2040007.pdf
2018-06-23 10:05 - 2018-06-23 10:05 - 000000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2018-06-23 09:31 - 2018-06-23 09:31 - 000000111 _____ C:\Documents and Settings\uživatel\Plocha\CFScript.txt
2018-06-22 21:31 - 2018-06-22 21:31 - 005660124 ____R (Swearware) C:\Documents and Settings\uživatel\Plocha\ComboFix.exe
2018-06-22 20:27 - 2018-06-22 20:27 - 000000000 ____D C:\zoek
2018-06-22 20:12 - 2018-06-22 20:29 - 000001583 _____ C:\runcheck.txt
2018-06-22 20:12 - 2018-06-22 20:29 - 000000000 ____D C:\zoek_backup
2018-06-22 20:12 - 2018-06-22 20:12 - 006625600 _____ (Zemana Ltd. ) C:\Documents and Settings\uživatel\Dokumenty\Zemana.AntiMalware.Setup.exe
2018-06-22 20:10 - 2018-06-22 20:10 - 002038755 _____ C:\Documents and Settings\uživatel\Plocha\zoek.exe
2018-06-22 15:08 - 2018-06-22 15:08 - 044247152 _____ C:\Documents and Settings\uživatel\Dokumenty\RogueKiller.exe
2018-06-22 14:57 - 2018-06-22 14:57 - 031926992 _____ (Adlice Software ) C:\Documents and Settings\uživatel\Dokumenty\setup (1).exe
2018-06-22 13:19 - 2012-10-12 15:34 - 000033096 _____ (Sophos Limited) C:\WINDOWS\system32\Drivers\sct_skmscan.sys
2018-06-22 13:17 - 2018-06-22 13:18 - 000002465 _____ C:\Documents and Settings\All Users\Plocha\Sophos Virus Removal Tool.lnk
2018-06-22 13:17 - 2018-06-22 13:17 - 000000000 ____D C:\Program Files\Sophos
2018-06-22 13:17 - 2018-06-22 13:17 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Sophos
2018-06-22 13:01 - 2018-06-22 13:09 - 195958672 _____ (Sophos Limited) C:\Documents and Settings\uživatel\Dokumenty\Sophos Virus Removal Tool.exe
2018-06-21 21:03 - 2018-06-21 21:03 - 066347240 _____ (Malwarebytes ) C:\Documents and Settings\uživatel\Dokumenty\mb3-setup-consumer-3.2.2.2018.exe
2018-06-21 21:00 - 2018-06-21 21:00 - 004031440 _____ C:\Documents and Settings\uživatel\Dokumenty\adwcleaner_6.044 (2).exe
2018-06-21 21:00 - 2018-06-21 21:00 - 004031440 _____ C:\Documents and Settings\uživatel\Dokumenty\adwcleaner_6.044 (1).exe
2018-06-21 20:02 - 2018-06-21 20:02 - 000050688 _____ (Atribune.org) C:\Documents and Settings\uživatel\Dokumenty\ATF-Cleaner.exe
2018-06-21 20:02 - 2018-06-21 20:02 - 000050688 _____ (Atribune.org) C:\Documents and Settings\uživatel\Dokumenty\ATF-Cleaner (1).exe
2018-06-20 06:53 - 2018-06-20 06:53 - 000448512 _____ (OldTimer Tools) C:\Documents and Settings\uživatel\Dokumenty\TFC.exe
2018-06-19 22:08 - 2018-06-19 22:08 - 007372496 _____ (Malwarebytes) C:\Documents and Settings\uživatel\Dokumenty\adwcleaner_7.2.0.exe
2018-06-19 22:07 - 2018-06-19 22:07 - 007271632 _____ (Malwarebytes) C:\Documents and Settings\uživatel\Dokumenty\AdwCleaner (1).exe
2018-06-19 10:25 - 2018-06-19 10:25 - 021546080 _____ (Malwarebytes Corporation ) C:\Documents and Settings\uživatel\Dokumenty\mbam-setup-2.1.6.1022.exe
2018-06-19 10:23 - 2018-06-19 10:23 - 022908888 _____ (Malwarebytes ) C:\Documents and Settings\uživatel\Dokumenty\mbam-setup-2.2.0.1024.exe
2018-06-19 09:51 - 2018-06-19 09:51 - 000388608 _____ (Trend Micro Inc.) C:\Documents and Settings\uživatel\Dokumenty\hijackthis.exe
2018-06-12 21:29 - 2018-06-12 21:34 - 537999151 _____ C:\Documents and Settings\uživatel\Dokumenty\Supernatural S13E20 - Unfinished Business (CZ tit.).mkv
2018-06-12 14:15 - 2018-06-12 14:15 - 001188152 _____ C:\Documents and Settings\uživatel\Dokumenty\15924012.pdf
2018-06-12 14:15 - 2018-06-12 14:15 - 000197530 _____ C:\Documents and Settings\uživatel\Dokumenty\15924009.pdf
2018-06-11 18:30 - 2018-06-11 18:30 - 007271632 _____ (Malwarebytes) C:\Documents and Settings\uživatel\Dokumenty\AdwCleaner.exe
2018-06-07 08:18 - 2018-06-07 08:18 - 000041743 _____ C:\Documents and Settings\uživatel\Dokumenty\cenik-sluzeb.pdf
2018-06-07 07:40 - 2018-06-07 07:40 - 000982079 _____ C:\Documents and Settings\uživatel\Dokumenty\STROM - Smlouva o prémiové údržbě stroje.pdf
2018-06-05 22:03 - 2018-06-05 22:03 - 000016292 _____ C:\Documents and Settings\uživatel\Plocha\KAREL4.jpeg
2018-06-03 15:39 - 2018-06-03 15:43 - 524357205 _____ C:\Documents and Settings\uživatel\Dokumenty\SUPERNATURAL - LOVCI DUCHU - 2017 - S13E19 - en-cz sub - x265-1080p-chris.mkv
2018-06-01 09:53 - 2018-06-01 09:54 - 018036216 _____ C:\Documents and Settings\uživatel\Dokumenty\7775.rar
2018-06-01 09:33 - 2018-06-01 09:44 - 194230304 _____ C:\Documents and Settings\uživatel\Dokumenty\krotitelka77.rar
2018-06-01 09:20 - 2018-06-01 09:20 - 011422621 _____ C:\Documents and Settings\uživatel\Dokumenty\Swadro_Liftzinken_CZ_web.pdf
2018-06-01 09:11 - 2018-06-01 09:11 - 011267816 _____ C:\Documents and Settings\uživatel\Dokumenty\EasyCut_Anbau_F_R_2012_Druck_CZ_144dpi.pdf
2018-05-30 08:34 - 2018-05-30 08:34 - 000006084 _____ C:\Documents and Settings\uživatel\Dokumenty\cc_20180530_083445.reg
2018-05-29 20:15 - 2018-05-29 20:39 - 1815896090 _____ C:\Documents and Settings\uživatel\Dokumenty\Once.Upon.a.Time.in.Venice.Tenkrat v Kalifornii.2017.BluRay.AAC2.0.x264.CZ.mp4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-26 09:11 - 2011-12-28 11:29 - 000000000 ____D C:\Documents and Settings\uživatel\Plocha
2018-06-26 09:10 - 2011-12-28 11:29 - 000000000 ___RD C:\Documents and Settings\uživatel\Dokumenty
2018-06-26 09:08 - 2015-05-21 17:06 - 000000400 _____ C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1374932067.job
2018-06-26 09:08 - 2011-12-28 11:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-06-26 09:08 - 2001-10-25 14:00 - 000013002 _____ C:\WINDOWS\system32\wpa.dbl
2018-06-26 09:07 - 2011-12-28 12:11 - 000207304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-06-26 09:06 - 2012-03-02 11:24 - 000032524 _____ C:\WINDOWS\Tasks\SCHEDLGU.TXT
2018-06-26 09:06 - 2011-12-28 11:29 - 000000178 ___SH C:\Documents and Settings\uživatel\ntuser.ini
2018-06-26 09:05 - 2018-02-11 12:21 - 000000000 ____D C:\Qoobox
2018-06-26 09:03 - 2018-03-04 11:51 - 000000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2018-06-25 21:58 - 2012-05-23 13:51 - 000000000 ____D C:\Program Files\The KMPlayer
2018-06-24 23:04 - 2011-12-28 11:27 - 000000000 ___SD C:\Documents and Settings\NetworkService
2018-06-24 19:57 - 2013-01-16 10:48 - 000000000 ____D C:\Documents and Settings\uživatel\Data aplikací\vlc
2018-06-24 16:29 - 2014-06-09 14:09 - 000000150 _____ C:\Documents and Settings\uživatel\Dokumenty\HighScore.hsc
2018-06-24 10:45 - 2011-12-28 11:27 - 000000000 ___SD C:\Documents and Settings\LocalService
2018-06-24 10:40 - 2001-10-25 14:00 - 000000227 _____ C:\WINDOWS\system.ini
2018-06-24 10:29 - 2011-12-28 11:29 - 000000000 ___RD C:\Documents and Settings\uživatel\Data aplikací
2018-06-23 23:08 - 2011-12-28 11:29 - 000000000 ____D C:\Documents and Settings\uživatel
2018-06-23 22:48 - 2018-03-04 11:47 - 000000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2018-06-23 22:48 - 2011-12-28 11:22 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-06-23 22:15 - 2018-03-14 09:03 - 000000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job
2018-06-23 20:39 - 2017-01-01 12:07 - 000017495 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-06-23 20:27 - 2018-03-12 00:34 - 000000000 ____D C:\WINDOWS\Acronis
2018-06-23 20:14 - 2017-01-01 12:07 - 000033290 _____ C:\WINDOWS\ZAM.krnl.trace
2018-06-23 20:14 - 2011-12-28 12:12 - 000000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2018-06-23 20:14 - 2011-12-28 12:12 - 000000000 ____D C:\Documents and Settings\All Users\Plocha
2018-06-23 20:10 - 2011-12-28 12:11 - 000000000 ___RD C:\Documents and Settings\All Users\Data aplikací
2018-06-23 10:18 - 2018-02-16 13:50 - 000000046 _____ C:\WINDOWS\system32\_WKERNEL.SYL
2018-06-22 15:10 - 2016-05-29 08:05 - 000024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-06-22 15:09 - 2015-10-05 14:23 - 000000000 ____D C:\Program Files\RogueKiller
2018-06-22 15:09 - 2015-10-05 14:23 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\RogueKiller
2018-06-22 14:31 - 2018-05-05 21:09 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\NYG
2018-06-22 14:31 - 2018-05-05 19:47 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\TDC
2018-06-22 14:31 - 2018-04-21 19:43 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\HIW
2018-06-22 14:31 - 2018-04-21 08:18 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\FNI
2018-06-22 13:15 - 2014-07-09 20:13 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2018-06-21 21:02 - 2018-02-19 14:16 - 000000000 ____D C:\AdwCleaner
2018-06-21 20:48 - 2011-12-29 12:50 - 000000000 ____D C:\WINDOWS\Minidump
2018-06-13 21:38 - 2015-10-05 14:35 - 000000000 ____D C:\Documents and Settings\uživatel\Dokumenty\Stažené soubory
2018-06-13 17:59 - 2012-05-05 19:38 - 000002495 _____ C:\Documents and Settings\All Users\Plocha\ABBYY FineReader 11.lnk
2018-06-11 17:13 - 2012-08-27 15:56 - 000000000 ____D C:\Program Files\trend micro
2018-06-09 22:08 - 2012-08-31 16:23 - 000002282 _____ C:\Documents and Settings\uživatel\Plocha\Google Chrome.lnk
2018-06-08 14:16 - 2017-06-09 20:36 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-06-08 14:03 - 2018-03-04 11:47 - 000842240 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2018-06-08 14:03 - 2018-03-04 11:47 - 000175104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2018-06-08 13:42 - 2017-06-09 20:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-06-04 11:01 - 2012-01-21 14:16 - 000000372 _____ C:\Documents and Settings\uživatel\Dokumenty\spider.sav
2018-05-31 16:55 - 2012-08-20 09:22 - 000000038 _____ C:\Documents and Settings\uživatel\Dokumenty\dxc_error.txt

==================== Files in the root of some directories =======

2012-02-17 17:43 - 2012-02-17 17:43 - 000001057 _____ () C:\Documents and Settings\uživatel\Data aplikací\vso_ts_preview.xml
2017-06-01 22:16 - 2017-06-01 22:16 - 007306240 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\agent.dat
2017-06-01 22:16 - 2017-06-01 22:16 - 000070800 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Config.xml
2012-08-29 21:43 - 2012-11-07 12:10 - 000047104 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-04-17 09:03 - 2012-04-17 09:03 - 000000128 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\fusioncache.dat
2017-06-01 22:16 - 2017-06-01 22:16 - 000016512 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\InstallationConfiguration.xml
2017-06-01 22:16 - 2017-06-01 22:16 - 000140800 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\installer.dat
2017-06-01 22:16 - 2017-06-01 22:16 - 000018432 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Main.dat.mwt
2017-06-01 22:16 - 2017-06-01 22:16 - 000005568 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\md.xml
2017-06-01 22:16 - 2017-06-01 22:16 - 000126464 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\noah.dat
2014-02-20 19:32 - 2014-02-20 19:32 - 000002709 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\recently-used.xbel
2017-06-01 22:16 - 2017-06-01 22:16 - 001897408 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Soloflex.tst
2013-09-13 19:56 - 2013-09-13 20:03 - 000000865 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\SRDownloader.err
2012-02-24 11:23 - 2013-09-13 20:03 - 000001352 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\SRDownloader.nast
2017-06-01 22:16 - 2017-06-01 22:16 - 000032038 _____ () C:\Documents and Settings\uživatel\Local Settings\Data aplikací\uninstall_temp.ico

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
SearchScopes: HKU\S-1-5-21-1988959208-3193996080-3333168219-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {04F01020-04FD-42A1-B1AA-3C5661919B2F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {111A4DC4-16B9-4452-8E97-807D3E7B3DB9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2E21299C-0CD0-49DD-94D8-7F3053C642F2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {400D945B-D86B-4D8E-A5A9-E1F67F711B60} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {664CECBA-3943-4270-870D-48A3212B8116} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {78B943FC-E9A2-4C65-8978-CCA4B485D713} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {87CBD9BA-2EB3-4F8B-BC06-8170F456AAF6} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {8CC7E5C5-B558-4E30-83E3-639D24C9FEDC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {9AA93E9C-75C4-471C-896A-5315FE2857AE} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {AAF63AE6-78DB-4FBA-A503-D94887607FAF} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B241C2E9-83E9-44EB-B422-949A02C9AC5E} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {B40D0312-EFD6-4721-AEBC-F7CD0DFF8D74} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {BB6AFC86-C32F-4E82-87D4-BD676D159AD1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C0D4144F-2F2B-484F-B2B9-0A0BD2207BA4} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {C84032B5-8CBC-4EFA-BDE3-0FE30FBC6150} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {E2F35312-BF01-4A4B-996A-4C58D1ADDF53} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {F0E2A9F5-928E-487A-A636-7876AC65AC36} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
AlternateDataStreams: C:\Documents and Settings\uživatel:gs5sys [2560]
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\desktop.ini:gs5sys [2816]
AlternateDataStreams: C:\Documents and Settings\All Users\Dokumenty\desktop.ini:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uživatel\Cookies:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uživatel\Plocha:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uživatel\Šablony:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uživatel\Data aplikací\desktop.ini:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uživatel\Local Settings\Data aplikací:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uživatel\Local Settings\History:gs5sys [2816]
AlternateDataStreams: C:\Documents and Settings\uživatel\Dokumenty\43017:300x250_citysex_v34 [27982]
AlternateDataStreams: C:\Documents and Settings\uživatel\Dokumenty\desktop.ini:gs5sys [2560]
HKU\S-1-5-21-854245398-1383384898-839522115-1003\...\Policies\Explorer: [NoInstrumentation] 1
SearchScopes: HKU\S-1-5-21-854245398-1383384898-839522115-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [43296 2014-12-10] (AVG Technologies)
S3 trufos; system32\drivers\trufos.sys [X]

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[mafian]

Fix result of Farbar Recovery Scan Tool (x86) Version: 20.06.2018
Ran by uživatel (27-06-2018 16:36:47) Run:2
Running from C:\Documents and Settings\uživatel\Plocha
Loaded Profiles: uživatel (Available Profiles: uživatel & Administrator)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
SearchScopes: HKU\S-1-5-21-1988959208-3193996080-3333168219-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {04F01020-04FD-42A1-B1AA-3C5661919B2F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {111A4DC4-16B9-4452-8E97-807D3E7B3DB9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2E21299C-0CD0-49DD-94D8-7F3053C642F2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {400D945B-D86B-4D8E-A5A9-E1F67F711B60} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {664CECBA-3943-4270-870D-48A3212B8116} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {78B943FC-E9A2-4C65-8978-CCA4B485D713} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {87CBD9BA-2EB3-4F8B-BC06-8170F456AAF6} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {8CC7E5C5-B558-4E30-83E3-639D24C9FEDC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {9AA93E9C-75C4-471C-896A-5315FE2857AE} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {AAF63AE6-78DB-4FBA-A503-D94887607FAF} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B241C2E9-83E9-44EB-B422-949A02C9AC5E} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {B40D0312-EFD6-4721-AEBC-F7CD0DFF8D74} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {BB6AFC86-C32F-4E82-87D4-BD676D159AD1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C0D4144F-2F2B-484F-B2B9-0A0BD2207BA4} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {C84032B5-8CBC-4EFA-BDE3-0FE30FBC6150} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {E2F35312-BF01-4A4B-996A-4C58D1ADDF53} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {F0E2A9F5-928E-487A-A636-7876AC65AC36} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
AlternateDataStreams: C:\Documents and Settings\uivatel:gs5sys [2560]
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikac\desktop.ini:gs5sys [2816]
AlternateDataStreams: C:\Documents and Settings\All Users\Dokumenty\desktop.ini:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uivatel\Cookies:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uivatel\Plocha:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uivatel\ablony:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uivatel\Data aplikac\desktop.ini:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uivatel\Local Settings\Data aplikac:gs5sys [2048]
AlternateDataStreams: C:\Documents and Settings\uivatel\Local Settings\History:gs5sys [2816]
AlternateDataStreams: C:\Documents and Settings\uivatel\Dokumenty\43017:300x250_citysex_v34 [27982]
AlternateDataStreams: C:\Documents and Settings\uivatel\Dokumenty\desktop.ini:gs5sys [2560]
HKU\S-1-5-21-854245398-1383384898-839522115-1003\...\Policies\Explorer: [NoInstrumentation] 1
SearchScopes: HKU\S-1-5-21-854245398-1383384898-839522115-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [43296 2014-12-10] (AVG Technologies)
S3 trufos; system32\drivers\trufos.sys [X]

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-1988959208-3193996080-3333168219-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => not found
HKLM\Software\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => not found
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast => not found
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => not found
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04F01020-04FD-42A1-B1AA-3C5661919B2F}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{111A4DC4-16B9-4452-8E97-807D3E7B3DB9}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E21299C-0CD0-49DD-94D8-7F3053C642F2}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{400D945B-D86B-4D8E-A5A9-E1F67F711B60}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{664CECBA-3943-4270-870D-48A3212B8116}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78B943FC-E9A2-4C65-8978-CCA4B485D713}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87CBD9BA-2EB3-4F8B-BC06-8170F456AAF6}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CC7E5C5-B558-4E30-83E3-639D24C9FEDC}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9AA93E9C-75C4-471C-896A-5315FE2857AE}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAF63AE6-78DB-4FBA-A503-D94887607FAF}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B241C2E9-83E9-44EB-B422-949A02C9AC5E}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B40D0312-EFD6-4721-AEBC-F7CD0DFF8D74}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB6AFC86-C32F-4E82-87D4-BD676D159AD1}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0D4144F-2F2B-484F-B2B9-0A0BD2207BA4}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C84032B5-8CBC-4EFA-BDE3-0FE30FBC6150}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2F35312-BF01-4A4B-996A-4C58D1ADDF53}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0E2A9F5-928E-487A-A636-7876AC65AC36}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => not found
"C:\Documents and Settings\uivatel" => ":gs5sys" ADS not found.
"C:\Documents and Settings\All Users\Data aplikac\desktop.ini" => ":gs5sys" ADS not found.
"C:\Documents and Settings\All Users\Dokumenty\desktop.ini" => ":gs5sys" ADS not found.
"C:\Documents and Settings\uivatel\Cookies" => ":gs5sys" ADS not found.
"C:\Documents and Settings\uivatel\Plocha" => ":gs5sys" ADS not found.
"C:\Documents and Settings\uivatel\ablony" => ":gs5sys" ADS not found.
"C:\Documents and Settings\uivatel\Data aplikac\desktop.ini" => ":gs5sys" ADS not found.
"C:\Documents and Settings\uivatel\Local Settings\Data aplikac" => ":gs5sys" ADS not found.
"C:\Documents and Settings\uivatel\Local Settings\History" => ":gs5sys" ADS not found.
"C:\Documents and Settings\uivatel\Dokumenty\43017" => ":300x250_citysex_v34" ADS not found.
"C:\Documents and Settings\uivatel\Dokumenty\desktop.ini" => ":gs5sys" ADS not found.
"HKU\S-1-5-21-854245398-1383384898-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInstrumentation" => removed successfully.
"HKU\S-1-5-21-854245398-1383384898-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => removed successfully.
HKLM\Software\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => not found
avgtp => Service stopped successfully.
"HKLM\System\CurrentControlSet\Services\avgtp" => removed successfully.
avgtp => service removed successfully.
"HKLM\System\CurrentControlSet\Services\trufos" => removed successfully.
trufos => service removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 49901 B
Java, Flash, Steam htmlcache => 2208 B
Windows/system/dllcache/drivers => 8805752 B
Edge => 0 B
Chrome => 716144 B
Firefox => 376723667 B
Opera => 62039596 B

Temp, IE cache, history, cookies, recent:
Documents and Settings => 0 B
Default User => 0 B
All Users => 0 B
systemprofile => 0 B
LocalService => 692 B
NetworkService => 66228 B
uživatel => 4947305 B
Administrator => 0 B

RecycleBin => 0 B
EmptyTemp: => 432.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:39:42 ====

[jaro3]

Co problémy?