VIRY.CZ

trojan killer by som neprecenoval - moze si vymyslat
ak sa nepodari FRST, vloz oba logy RSIT

info.txt logfile of random's system information tool 1.10 2016-03-02 21:00:18

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F85100183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731EFE4E110F850C00807E00800F848A00B280EB825532E48A5600CD135DEB9C813EFE7D55AA756EFF7600E88A000F851500B0D1E664E87F00B0DFE660E87800B0FFE664E87100B800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C0074FCBB0700B40ECD10EBF22BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D00000000627A9900000010000000010100DEFE3F083F0000008A340200800D050907FEFFFF0038020000205257000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{107254A0-0ADF-11D4-9397-00D0B7020B38}\setup.exe"
15354 Webcam Live-->C:\Program Files\InstallShield Installation Information\{3AC11667-B4DD-4984-AD0B-B2D4E40AB573}\setup.exe -runfromtemp -l0x0009 -removeonly
Adobe Flash Player 20 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_306_ActiveX.exe -maintain activex
Adobe Flash Player 20 NPAPI-->C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_306_Plugin.exe -maintain plugin
Adobe Reader X (10.1.16) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824166751}
Aktualizace NVIDIA 1.10.8-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Update
Ashampoo Burning Studio 6 FREE v.6.84-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 6 FREE\unins000.exe"
aTube Catcher verze 3.8-->"C:\Program Files\DsNET Corp\aTube Catcher 2.0\unins000.exe"
aTube Catcher-->C:\Program Files\DsNET Corp\aTube Catcher 2.0\uninstall.exe
Avast Free Antivirus-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall
AVS Video Converter 9.1-->"C:\Program Files\AVS4YOU\AVSVideoConverter\unins000.exe"
Bullzip PDF Printer 9.3.0.1516-->"C:\Program Files\Bullzip\PDF Printer\unins000.exe"
calibre-->MsiExec.exe /I{4E08670C-1F32-44CC-848E-CB6662DE92BF}
Canon Easy-WebPrint EX-->"C:\Program Files\Canon\Easy-WebPrint EX\uninst.exe" /UninstallRemove C:\Program Files\Canon\Easy-WebPrint EX\uninst.ini
Canon IJ Scan Utility-->"C:\Program Files\Canon\IJ Scan Utility\MAINT.exe" /UninstallRemove C:\Program Files\Canon\IJ Scan Utility\uninst.ini
Canon iP2700 series Printer Driver-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series /L0x0005
Canon MG7500 series MP Drivers-->"C:\Program Files\CanonBJ\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7500_series\DELDRV.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7500_series /L0x0005
Canon MG7500 series On-screen Manual-->C:\Program Files\Canon\IJ Manual\Canon MG7500 series\uninstall.exe
Canon MP Navigator EX 2.0-->"C:\Program Files\Canon\MP Navigator EX 2.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 2.0\uninst.ini
Canon MP630 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP630_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP630_series /L0x0005
Canon My Image Garden Design Files-->"C:\Program Files\Canon\My Image Garden\AddOn\uninst.exe" /UninstallRemove C:\Program Files\Canon\My Image Garden\AddOn\uninst.ini
Canon My Image Garden-->"C:\Program Files\Canon\My Image Garden\uninst.exe" /UninstallRemove C:\Program Files\Canon\My Image Garden\uninst.ini
Canon My Printer-->"C:\Program Files\Canon\MyPrinter\uninst.exe" /UninstallRemove C:\Program Files\Canon\MyPrinter\uninst.ini
Canon Quick Menu-->"C:\Program Files\Canon\Quick Menu\uninst.exe" /UninstallRemove C:\Program Files\Canon\Quick Menu\uninst.ini
Canon Utilities Easy-PhotoPrint EX-->C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe uninst.ini
Canon Utilities Solution Menu-->C:\Program Files\Canon\SolutionMenu\uninst.exe uninst.ini
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CoreAAC-->"C:\Program Files\CoreAAC\Uninstall.exe"
CrystalDiskInfo 6.2.1-->"C:\Program Files\CrystalDiskInfo\unins000.exe"
Český telefon 2004 STANDARD-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{0310CC17-4A4D-4521-A6BD-44B38612FA0A}
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
Ekonomický systém Money S3-->C:\Program Files\Common Files\CIGLER SOFTWARE\Money S3\Setup\Uninst.exe
FileOpen Client B964-->"C:\Program Files\FileOpen\unins000.exe"
FormApps Plug-in-->rundll32.exe advpack.dll,LaunchINFSection C:\Program Files\Software602\WebFF\webff.inf,DefaultUninstall.NT,,N
FormApps Signing Extension-->MsiExec.exe /X{801F9351-A8A7-441D-9398-6A56E143E316}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
GridinSoft Anti-Malware-->C:\Program Files\GridinSoft Anti-Malware\uninst.exe
Handset USB Driver-->"C:\Program Files\Handset USB Driver\unins000.exe"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Install Intel Desktop Utilities-->MsiExec.exe /I{5A79D3F9-1EB9-424A-A4EB-721677E56740}
Intel(R) Management Engine Interface-->C:\Windows\system32\heciudlg.exe -uninstall
Intel(R) Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe
IP Camera Viewer 2-->"C:\Program Files\Deskshare\IP Camera Viewer 2\unins000.exe"
IrfanView (remove only)-->"C:\Program Files\IrfanView\iv_uninstall.exe"
Java 8 Update 73-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218073F0}
Java(TM) 6 Update 30-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216030FF}
K-Lite Mega Codec Pack 10.0.5-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Magical Jelly Bean KeyFinder-->"C:\Program Files\Magical Jelly Bean\unins000.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4.5.2 (CSY)-->MsiExec.exe /X{69EDC871-8A8A-34A8-B511-FF7CE3C4B0B7}
Microsoft .NET Framework 4.5.2 (čeština)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.51209\CSY\\Setup.exe /repair /x86 /lcid 1029
Microsoft .NET Framework 4.5.2-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.51209\\Setup.exe /repair /x86
Microsoft .NET Framework 4.5.2-->MsiExec.exe /X{3911CF56-9EF2-39BA-846A-C27BD3CD0685}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{6AFCA4E1-9B78-3640-8F72-A7BF33448200}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005-->MsiExec.exe /X{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}
Mozilla Firefox 44.0.2 (x86 cs)-->"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP3 Parser (KB2758694)-->MsiExec.exe /I{1D95BA90-F4F8-47EC-A882-441C99D30C1E}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NetSoftware-->"C:\Program Files\NetSoftware\rmNetSoftware.exe" "C:\Program Files\NetSoftware"
NVIDIA Ovladače grafiky 307.83-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{78030D07-3F06-405D-B7A0-688744F51378}\NVI2.DLL",UninstallPackage Display.Driver
OpenOffice 4.1.2 Language Pack (Czech)-->MsiExec.exe /I{E70E663E-19DE-425B-98EB-3ADBDE08D5EA}
OpenOffice 4.1.2-->MsiExec.exe /I{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}
PC Wizard 2013.2.12-->"C:\Program Files\CPUID\PC Wizard 2013\unins000.exe"
PDF to JPG 4.2-->"C:\Program Files\PDF Helper\PDF to JPG\unins000.exe"
PowerChute Personal Edition 3.0.2-->MsiExec.exe /X{8ED262EE-FC73-47A9-BB86-D92223246881}
ProFact 3.0 Free-->"C:\Program Files\ProFact 3.0 Free\unins000.exe"
Příjmové a výdajové doklady-->"C:\Program Files\Příjmové a výdajové doklady\unins000.exe"
Recuva-->"C:\Program Files\Recuva\uninst.exe"
Registrace uživatele zařízení Canon MG7500 series-->C:\Program Files\Canon\IJEREG\MG7500 series\UNINST.EXE
Revo Uninstaller 1.95-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {94EFE014-E577-310B-B2D5-6973A21D8A90} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {939AF4BC-EC42-38D1-AE82-91D4A7ED8911} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8433C01-319F-3370-850E-87C35496299A} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {48B0C142-A0F4-3263-90E1-1984CBB8DD18} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4.5.2 (KB3074230)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {CCEC28F6-82A2-35B0-8FE6-39C22A698F23}
Security Update for Microsoft .NET Framework 4.5.2 (KB3074550)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {A4953275-5880-3E7F-ABC2-BE1904624135}
Security Update for Microsoft .NET Framework 4.5.2 (KB3097996)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {63474770-8265-373F-8E8A-63BE4DB58739}
Security Update for Microsoft .NET Framework 4.5.2 (KB3098781)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {DB389F39-13F5-33DE-B9A2-C2AF6E3D4EDE}
Security Update for Microsoft .NET Framework 4.5.2 (KB3099869)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {4B390C27-9F65-33F8-9483-F5A6BC9F78B1}
Security Update for Microsoft .NET Framework 4.5.2 (KB3122656)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {BCC414C0-8FCC-3249-B692-4A832E0A9326}
Security Update for Microsoft .NET Framework 4.5.2 (KB3127229)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {DB5B33BE-851E-30AC-AFEC-32082B3448EC}
Software602 Form Filler-->MsiExec.exe /X{F8F79FE0-64EA-439C-A6AE-B1946A178F24}
SpyHunter 4-->C:\Users\Jirka\AppData\Roaming\Enigma Software Group\sh_installer.exe -r sh
TablEdit 2.73-->"C:\Program Files\TablEdit\unins000.exe"
Trojan Killer-->C:\Program Files\GridinSoft Trojan Killer\uninst.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
UZEL Evidence-->"C:\Program Files\JPeTFree\Uzel\unins000.exe"
Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
Vit Registry Fix 9.5.9 (remove only)-->C:\Program Files\VITSOFT\Vit Registry Fix\Uninstall.exe
VLC media player-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WinRAR 4.20 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe
Zoner Photo Studio 16-->"C:\Program Files\Zoner\Photo Studio 16\unins000.exe"

======Security center information======

AV: AVG Anti-Virus Free Edition 2013
AS: AVG Anti-Virus Free Edition 2013 (disabled)
AS: Windows Defender (disabled)

======System event log======

Computer Name: Jirka-PC
Event Code: 1103
Message: Počítači byla úspěšně přidělena adresa ze sítě, takže se nyní může připojovat k jiným počítačům.
Record Number: 209233
Source Name: Microsoft-Windows-Dhcp-Client
Time Written: 20150227064714.000000-000
Event Type: Informace
User:

Computer Name: Jirka-PC
Event Code: 4201
Message: Systém zjistil, že síťový adaptér Připojení k místní síti byl připojen k síti a inicializoval normální činnost.
Record Number: 209232
Source Name: Tcpip
Time Written: 20150227064712.390120-000
Event Type: Informace
User:

Computer Name: Jirka-PC
Event Code: 4201
Message: Systém zjistil, že síťový adaptér Připojení k místní síti byl připojen k síti a inicializoval normální činnost.
Record Number: 209231
Source Name: Tcpip
Time Written: 20150227064712.322741-000
Event Type: Informace
User:

Computer Name: Jirka-PC
Event Code: 8033
Message: Prohledávač vyvolal v síti \Device\NetBT_Tcpip_{C1127E1E-07F9-4B8A-BCD9-D5E8EF04B696} volby, protože hlavní prohledávač byl zastaven.
Record Number: 209230
Source Name: BROWSER
Time Written: 20150226190932.000000-000
Event Type: Informace
User:

Computer Name: Jirka-PC
Event Code: 42
Message: Systém přechází do režimu spánku.
Record Number: 209229
Source Name: Microsoft-Windows-Kernel-Power
Time Written: 20150226190924.606828-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: Jirka-PC
Event Code: 1000
Message: Čítače výkonu pro službu .NET Memory Cache 4.0 (.NET Memory Cache 4.0) byly úspěšně načteny. Data záznamu v datové části obsahují nové indexové hodnoty přiřazené této službě.
Record Number: 934
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20130217131846.000000-000
Event Type: Informace
User:

Computer Name: Jirka-PC
Event Code: 10000
Message: Zahajování relace 1 – 2013-02-17T13:18:26.258Z.
Record Number: 933
Source Name: Microsoft-Windows-RestartManager
Time Written: 20130217131826.258623-000
Event Type: Informace
User: Jirka-PC\Jirka

Computer Name: Jirka-PC
Event Code: 10001
Message: Ukončování relace 1, zahájení 2013-02-17T13:14:33.202Z.
Record Number: 932
Source Name: Microsoft-Windows-RestartManager
Time Written: 20130217131826.053558-000
Event Type: Informace
User: Jirka-PC\Jirka

Computer Name: Jirka-PC
Event Code: 1040
Message: Zahajuji transakci Instalační služby systému Windows: C:\Users\Jirka\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\netfx_Extended_x86.msi. ID procesu klienta: 2236.
Record Number: 931
Source Name: MsiInstaller
Time Written: 20130217131826.000000-000
Event Type: Informace
User: Jirka-PC\Jirka

Computer Name: Jirka-PC
Event Code: 1042
Message: Ukončuji transakci Instalační služby systému Windows: C:\Users\Jirka\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\netfx_Core_x86.msi. ID procesu klienta: 2236.
Record Number: 930
Source Name: MsiInstaller
Time Written: 20130217131826.000000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jirka at 2016-03-02 21:00:05
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 489 GB (68%) free of 715 GB
Total RAM: 3053 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:00:15, on 2.3.2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16748)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\Pixart\Pac7302\Monitor.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\FileOpen\Services\FileOpenBroker32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\NetSoftware\NetSoftware.exe
C:\Program Files\APC\PowerChute Personal Edition\apcsystray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
C:\Program Files\Internet Explorer\IELowutil.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jirka\Downloads\RSIT.exe
C:\Program Files\trend micro\Jirka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [FileOpenBroker] C:\Program Files\FileOpen\Services\FileOpenBroker32.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [NetSoftware] "C:\Program Files\NetSoftware\Starter.exe" /path="C:\Program Files\NetSoftware"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O4 - Global Startup: APC UPS Status.lnk = C:\Program Files\APC\PowerChute Personal Edition\Display.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - https://biz.lgservice.com/DATA/cab/djvu ... r34387.cab
O16 - DPF: {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} (FormApps Plug-in) - https://eportal.cssz.cz/fas/page/active ... bff_cs.cab
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - https://adisepo.mfcr.cz/adistc/adis/idp ... tsignx.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: APC Data Service - Schneider Electric - C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe
O23 - Service: APC UPS Service - Schneider Electric - C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FileOpen Manager (FileOpenManager) - FileOpen Systems Inc. - C:\Program Files\FileOpen\Services\FileOpenManager32.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe

--
End of file - 5837 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\1osd4hsz.default

prefs.js - "browser.startup.homepage" - "http://www.idnes.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@cuminas.jp/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.73.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.73.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=Software602 Form Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\1osd4hsz.default\searchplugins\
seznam.cz-165656.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-14 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-01 678656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE7C3CF0-4B15-11D1-ABED-709549C10000}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-14 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07 4439128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2006-05-11 151552]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]
"FileOpenBroker"=C:\Program Files\FileOpen\Services\FileOpenBroker32.exe [2015-07-17 919872]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2016-01-29 594992]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-01 7139768]
"NetSoftware"=C:\Program Files\NetSoftware\Starter.exe [2016-03-02 223216]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
APC UPS Status.lnk - C:\Program Files\APC\PowerChute Personal Edition\Display.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"VIDC.FMVC"=fmcodec.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"VIDC.VP80"=vp8vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux2"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2016-03-02 21:00:05 ----D---- C:\rsit
2016-03-02 13:57:37 ----D---- C:\Program Files\GridinSoft Anti-Malware
2016-03-02 07:44:51 ----ASH---- C:\hiberfil.sys
2016-03-01 20:39:51 ----D---- C:\AVG_Remover
2016-03-01 18:22:04 ----D---- C:\Users\Jirka\AppData\Roaming\Enigma Software Group
2016-03-01 18:21:29 ----D---- C:\sh4ldr
2016-03-01 18:18:08 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2016-03-01 18:17:35 ----D---- C:\Program Files\Enigma Software Group
2016-03-01 16:38:48 ----A---- C:\Windows\system32\aswBoot.exe
2016-03-01 16:35:47 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2016-03-01 16:35:47 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2016-03-01 16:35:47 ----A---- C:\Windows\system32\drivers\aswStmXP.sys
2016-03-01 16:35:47 ----A---- C:\Windows\system32\drivers\aswSP.sys
2016-03-01 16:35:47 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2016-03-01 16:35:47 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-03-01 16:35:47 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2016-03-01 16:35:47 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-03-01 16:35:47 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-03-01 16:35:28 ----A---- C:\Windows\avastSS.scr
2016-03-01 16:32:55 ----D---- C:\Program Files\AVAST Software
2016-03-01 16:18:12 ----D---- C:\Windows\temp
2016-03-01 16:13:38 ----SHD---- C:\$RECYCLE.BIN
2016-02-29 18:41:39 ----D---- C:\Program Files\GridinSoft Trojan Killer
2016-02-29 18:30:44 ----D---- C:\KVRT_Data
2016-02-29 17:36:34 ----A---- C:\Windows\system32\drivers\gtkdrv.sys
2016-02-29 16:24:41 ----D---- C:\Program Files\TrojanHunter
2016-02-29 08:36:37 ----D---- C:\ProgramData\Licenses
2016-02-29 08:08:39 ----D---- C:\ProgramData\GridinSoft
2016-02-28 18:18:00 ----A---- C:\kkkk.txt
2016-02-27 13:28:47 ----D---- C:\Users\Jirka\AppData\Roaming\AVS4YOU
2016-02-27 13:27:38 ----D---- C:\ProgramData\AVS4YOU
2016-02-27 13:27:38 ----D---- C:\Program Files\Common Files\AVSMedia
2016-02-27 13:27:38 ----D---- C:\Program Files\AVS4YOU
2016-02-21 20:53:57 ----D---- C:\ProgramData\tmp
2016-02-21 20:53:57 ----D---- C:\ProgramData\hps
2016-02-21 16:30:18 ----D---- C:\ProgramData\NetSoftware
2016-02-20 20:55:33 ----A---- C:\Windows\system32\javaws.exe
2016-02-20 20:55:33 ----A---- C:\Windows\system32\javaw.exe
2016-02-20 20:55:33 ----A---- C:\Windows\system32\java.exe
2016-02-19 13:29:40 ----D---- C:\Users\Jirka\AppData\Roaming\DVDVideoSoft
2016-02-13 18:25:12 ----D---- C:\Program Files\Mozilla Firefox
2016-02-13 17:34:55 ----A---- C:\Windows\system32\sdohlp.dll
2016-02-13 17:34:55 ----A---- C:\Windows\system32\sbeio.dll
2016-02-13 17:34:55 ----A---- C:\Windows\system32\sbe.dll
2016-02-13 17:34:55 ----A---- C:\Windows\system32\psisdecd.dll
2016-02-13 17:34:55 ----A---- C:\Windows\system32\iasrecst.dll
2016-02-13 17:34:55 ----A---- C:\Windows\system32\iashost.exe
2016-02-13 17:34:55 ----A---- C:\Windows\system32\iasdatastore.dll
2016-02-13 17:34:55 ----A---- C:\Windows\system32\iasads.dll
2016-02-13 17:34:54 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-13 17:34:54 ----A---- C:\Windows\system32\msorcl32.dll
2016-02-13 17:34:54 ----A---- C:\Windows\system32\EncDec.dll
2016-02-13 17:34:03 ----A---- C:\Windows\system32\advapi32.dll
2016-02-13 17:34:02 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-13 17:34:02 ----A---- C:\Windows\system32\ole32.dll
2016-02-13 17:34:02 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-13 17:34:01 ----A---- C:\Windows\system32\smss.exe
2016-02-13 17:34:01 ----A---- C:\Windows\system32\ntkrnlpa.exe
2016-02-13 17:34:01 ----A---- C:\Windows\system32\ntdll.dll
2016-02-13 17:34:01 ----A---- C:\Windows\system32\kernel32.dll
2016-02-13 17:34:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-13 17:33:04 ----A---- C:\Windows\system32\win32k.sys
2016-02-13 17:25:03 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-13 17:22:25 ----A---- C:\Windows\system32\kerberos.dll
2016-02-13 16:36:11 ----A---- C:\Windows\system32\urlmon.dll
2016-02-13 16:36:11 ----A---- C:\Windows\system32\mshta.exe
2016-02-13 16:36:11 ----A---- C:\Windows\system32\msfeedssync.exe
2016-02-13 16:36:11 ----A---- C:\Windows\system32\msfeedsbs.dll
2016-02-13 16:36:11 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-13 16:36:10 ----A---- C:\Windows\system32\vbscript.dll
2016-02-13 16:36:10 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-13 16:36:09 ----A---- C:\Windows\system32\wininet.dll
2016-02-13 16:36:09 ----A---- C:\Windows\system32\url.dll
2016-02-13 16:36:09 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-13 16:36:09 ----A---- C:\Windows\system32\jscript.dll
2016-02-13 16:36:09 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-13 16:36:09 ----A---- C:\Windows\system32\ieui.dll
2016-02-13 16:36:09 ----A---- C:\Windows\system32\iertutil.dll
2016-02-13 16:36:09 ----A---- C:\Windows\system32\ieframe.dll
2016-02-13 16:36:09 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-13 16:36:06 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-13 16:36:04 ----A---- C:\Windows\system32\mshtml.dll
2016-02-13 16:36:04 ----A---- C:\Windows\system32\jscript9.dll

======List of files/folders modified in the last 1 month======

2016-03-02 21:00:15 ----D---- C:\Windows\Prefetch
2016-03-02 21:00:11 ----D---- C:\Program Files\trend micro
2016-03-02 20:58:51 ----D---- C:\Program Files\NetSoftware
2016-03-02 20:40:36 ----D---- C:\POSTA
2016-03-02 15:42:12 ----SHD---- C:\System Volume Information
2016-03-02 15:39:22 ----D---- C:\Program Files\Google
2016-03-02 15:39:19 ----SHD---- C:\Windows\Installer
2016-03-02 15:39:19 ----D---- C:\Windows\Tasks
2016-03-02 14:55:59 ----A---- C:\DelFix.txt
2016-03-02 14:32:25 ----D---- C:\Windows
2016-03-02 14:32:24 ----D---- C:\AdwCleaner
2016-03-02 13:57:57 ----D---- C:\Windows\system32\Tasks
2016-03-02 13:57:49 ----D---- C:\Windows\system32\drivers
2016-03-02 13:57:37 ----RD---- C:\Program Files
2016-03-02 08:11:14 ----D---- C:\Windows\System32
2016-03-02 08:11:14 ----D---- C:\Windows\inf
2016-03-02 08:11:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-01 20:49:38 ----D---- C:\ProgramData
2016-03-01 20:49:36 ----D---- C:\Users\Jirka\AppData\Roaming\AVG
2016-03-01 16:35:38 ----D---- C:\Windows\winsxs
2016-03-01 16:13:38 ----A---- C:\Windows\system.ini
2016-03-01 16:13:34 ----D---- C:\Windows\system32\drivers\etc
2016-03-01 16:06:13 ----D---- C:\Windows\AppPatch
2016-03-01 16:06:12 ----D---- C:\Program Files\Common Files
2016-03-01 15:04:56 ----D---- C:\Windows\erdnt
2016-03-01 14:59:34 ----AD---- C:\ProgramData\TEMP
2016-02-29 21:02:46 ----D---- C:\ProgramData\Freemake
2016-02-29 18:21:30 ----D---- C:\Users\Jirka\AppData\Roaming\Media Player Classic
2016-02-29 14:12:56 ----D---- C:\Windows\system32\catroot2
2016-02-29 13:59:13 ----HD---- C:\Windows\system32\GroupPolicy
2016-02-29 06:37:55 ----D---- C:\Program Files\Příjmové a výdajové doklady
2016-02-28 18:21:06 ----D---- C:\Windows\tracing
2016-02-28 17:43:46 ----D---- C:\Users\Jirka\AppData\Roaming\vlc
2016-02-28 12:33:27 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-02-28 11:38:45 ----D---- C:\Users\Jirka\AppData\Roaming\Seznam.cz
2016-02-27 09:25:08 ----RSD---- C:\Windows\assembly
2016-02-27 09:18:37 ----D---- C:\Program Files\Ashampoo
2016-02-27 09:09:20 ----D---- C:\ProgramData\Ashampoo
2016-02-27 09:06:19 ----A---- C:\Windows\win.ini
2016-02-26 07:09:27 ----D---- C:\Program Files\Recuva
2016-02-25 14:42:01 ----D---- C:\Windows\system32\catroot
2016-02-22 13:53:16 ----D---- C:\Windows\Debug
2016-02-20 20:55:16 ----D---- C:\Program Files\Java
2016-02-19 14:20:08 ----D---- C:\Users\Jirka\AppData\Roaming\dvdcss
2016-02-14 20:29:26 ----SD---- C:\Users\Jirka\AppData\Roaming\Microsoft
2016-02-14 08:39:43 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2016-02-13 18:03:17 ----D---- C:\Windows\Microsoft.NET
2016-02-13 17:57:08 ----D---- C:\Windows\rescache
2016-02-13 17:37:57 ----D---- C:\Program Files\Windows Collaboration
2016-02-13 17:37:53 ----D---- C:\Windows\system32\cs-CZ
2016-02-13 17:37:52 ----D---- C:\Windows\system32\migration
2016-02-13 17:37:48 ----D---- C:\Program Files\Internet Explorer
2016-02-13 17:37:46 ----D---- C:\Program Files\Windows Journal
2016-02-13 17:31:58 ----D---- C:\Windows\system32\MRT
2016-02-13 17:25:31 ----A---- C:\Windows\system32\mrt.exe
2016-02-13 16:36:35 ----A---- C:\Windows\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-03-01 58776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-03-01 221240]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2006-05-11 247808]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2016-03-01 64272]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-03-01 812720]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-03-01 447848]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2014-12-10 43296]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-03-01 32792]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-03-01 91168]
R3 aswStmXP;Avast StreamFilter Driver; C:\Windows\system32\drivers\aswStmXP.sys [2016-03-01 171608]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-18 220672]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2007-07-09 44416]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-02-19 10919200]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-18 45624]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2011-08-15 32408]
S3 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2016-03-01 67088]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cpuz135;cpuz135; \??\C:\Program Files\CPUID\PC Wizard 2012\pcwiz_x32.sys []
S3 cpuz136;cpuz136; \??\C:\Program Files\CPUID\PC Wizard 2013\pcwiz_x32.sys [2013-08-24 25320]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2016-03-01 16432]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2016-03-01 19984]
S3 HidBatt;Ovladač baterie zdroje UPS standardu HID; C:\Windows\system32\DRIVERS\HidBatt.sys [2008-01-18 21504]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver; \??\C:\Windows\system32\drivers\massfilter_hs.sys [2011-08-15 15896]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 PAC7302;PAC7302 VGA USB Camera; C:\Windows\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
S3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\Windows\system32\drivers\sfng32.sys [2005-12-02 41728]
S3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\sthda.sys []
S3 TrojanKillerDriver;GridinSoft Trojan Killer Driver; C:\Windows\system32\DRIVERS\gtkdrv.sys [2016-02-29 16128]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 zghsmdm;ZTE General Handset USB Modem Proprietary; C:\Windows\system32\DRIVERS\zghsmdm.sys [2011-08-15 113688]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 APC Data Service;APC Data Service; C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe [2012-01-24 21880]
R2 APC UPS Service;APC UPS Service; C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe [2012-01-24 705912]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-03-01 237096]
R2 FileOpenManager;FileOpen Manager; C:\Program Files\FileOpen\Services\FileOpenManager32.exe [2015-07-17 219968]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2006-05-11 90112]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S2 SpyHunter 4 Service;SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [2016-03-01 784256]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S3 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-02-11 146888]
S3 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 634656]
S3 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-10 1258856]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-13 269504]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]
S4 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-11 772296]

-----------------EOF-----------------

odinstaluj vsetko:
C:\Program Files\TrojanHunter
C:\Program Files\GridinSoft Trojan Killer
C:\Program Files\GridinSoft Anti-Malware
C:\Program Files\Enigma Software Group\SpyHunter

potom vycisti registre CCleanerom

smazáno, vyčištěno ...

fajn
zopakuj Delfix - log sem
+
log RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jirka at 2016-03-03 11:24:46
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 491 GB (69%) free of 715 GB
Total RAM: 3053 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:24:53, on 3.3.2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16748)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\Pixart\Pac7302\Monitor.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\FileOpen\Services\FileOpenBroker32.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\NetSoftware\NetSoftware.exe
C:\Program Files\APC\PowerChute Personal Edition\apcsystray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\Explorer.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IELowutil.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jirka\Desktop\RSIT.exe
C:\Program Files\trend micro\Jirka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [FileOpenBroker] C:\Program Files\FileOpen\Services\FileOpenBroker32.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [NetSoftware] "C:\Program Files\NetSoftware\Starter.exe" /path="C:\Program Files\NetSoftware"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O4 - Global Startup: APC UPS Status.lnk = C:\Program Files\APC\PowerChute Personal Edition\Display.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - https://biz.lgservice.com/DATA/cab/djvu ... r34387.cab
O16 - DPF: {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} (FormApps Plug-in) - https://eportal.cssz.cz/fas/page/active ... bff_cs.cab
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - https://adisepo.mfcr.cz/adistc/adis/idp ... tsignx.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: APC Data Service - Schneider Electric - C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe
O23 - Service: APC UPS Service - Schneider Electric - C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FileOpen Manager (FileOpenManager) - FileOpen Systems Inc. - C:\Program Files\FileOpen\Services\FileOpenManager32.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

--
End of file - 5504 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\1osd4hsz.default

prefs.js - "browser.startup.homepage" - "http://www.idnes.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@cuminas.jp/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.74.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.74.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_74\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=Software602 Form Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\1osd4hsz.default\searchplugins\
seznam.cz-165656.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll [2016-03-03 462432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-01 678656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE7C3CF0-4B15-11D1-ABED-709549C10000}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-03-03 173152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07 4439128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2006-05-11 151552]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]
"FileOpenBroker"=C:\Program Files\FileOpen\Services\FileOpenBroker32.exe [2015-07-17 919872]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-01 7139768]
"NetSoftware"=C:\Program Files\NetSoftware\Starter.exe [2016-03-02 223216]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2016-01-29 595504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
APC UPS Status.lnk - C:\Program Files\APC\PowerChute Personal Edition\Display.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"VIDC.FMVC"=fmcodec.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"VIDC.VP80"=vp8vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux2"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2016-03-03 11:24:46 ----D---- C:\rsit
2016-03-02 07:44:51 ----ASH---- C:\hiberfil.sys
2016-03-01 20:39:51 ----D---- C:\AVG_Remover
2016-03-01 18:18:08 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2016-03-01 16:38:48 ----A---- C:\Windows\system32\aswBoot.exe
2016-03-01 16:35:47 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2016-03-01 16:35:47 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2016-03-01 16:35:47 ----A---- C:\Windows\system32\drivers\aswStmXP.sys
2016-03-01 16:35:47 ----A---- C:\Windows\system32\drivers\aswSP.sys
2016-03-01 16:35:47 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2016-03-01 16:35:47 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-03-01 16:35:47 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2016-03-01 16:35:47 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-03-01 16:35:47 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-03-01 16:35:28 ----A---- C:\Windows\avastSS.scr
2016-03-01 16:32:55 ----D---- C:\Program Files\AVAST Software
2016-03-01 16:18:12 ----D---- C:\Windows\temp
2016-03-01 16:13:38 ----SHD---- C:\$RECYCLE.BIN
2016-02-29 18:30:44 ----D---- C:\KVRT_Data
2016-02-29 16:24:41 ----D---- C:\Program Files\TrojanHunter
2016-02-29 08:36:37 ----D---- C:\ProgramData\Licenses
2016-02-29 08:08:39 ----D---- C:\ProgramData\GridinSoft
2016-02-28 18:18:00 ----A---- C:\kkkk.txt
2016-02-27 13:28:47 ----D---- C:\Users\Jirka\AppData\Roaming\AVS4YOU
2016-02-27 13:27:38 ----D---- C:\ProgramData\AVS4YOU
2016-02-27 13:27:38 ----D---- C:\Program Files\Common Files\AVSMedia
2016-02-27 13:27:38 ----D---- C:\Program Files\AVS4YOU
2016-02-21 20:53:57 ----D---- C:\ProgramData\tmp
2016-02-21 20:53:57 ----D---- C:\ProgramData\hps
2016-02-21 16:30:18 ----D---- C:\ProgramData\NetSoftware
2016-02-20 20:55:33 ----A---- C:\Windows\system32\javaws.exe
2016-02-19 13:29:40 ----D---- C:\Users\Jirka\AppData\Roaming\DVDVideoSoft
2016-02-13 18:25:12 ----D---- C:\Program Files\Mozilla Firefox
2016-02-13 17:34:55 ----A---- C:\Windows\system32\sdohlp.dll
2016-02-13 17:34:55 ----A---- C:\Windows\system32\sbeio.dll
2016-02-13 17:34:55 ----A---- C:\Windows\system32\sbe.dll
2016-02-13 17:34:55 ----A---- C:\Windows\system32\psisdecd.dll
2016-02-13 17:34:55 ----A---- C:\Windows\system32\iasrecst.dll
2016-02-13 17:34:55 ----A---- C:\Windows\system32\iashost.exe
2016-02-13 17:34:55 ----A---- C:\Windows\system32\iasdatastore.dll
2016-02-13 17:34:55 ----A---- C:\Windows\system32\iasads.dll
2016-02-13 17:34:54 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-13 17:34:54 ----A---- C:\Windows\system32\msorcl32.dll
2016-02-13 17:34:54 ----A---- C:\Windows\system32\EncDec.dll
2016-02-13 17:34:03 ----A---- C:\Windows\system32\advapi32.dll
2016-02-13 17:34:02 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-13 17:34:02 ----A---- C:\Windows\system32\ole32.dll
2016-02-13 17:34:02 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-13 17:34:01 ----A---- C:\Windows\system32\smss.exe
2016-02-13 17:34:01 ----A---- C:\Windows\system32\ntkrnlpa.exe
2016-02-13 17:34:01 ----A---- C:\Windows\system32\ntdll.dll
2016-02-13 17:34:01 ----A---- C:\Windows\system32\kernel32.dll
2016-02-13 17:34:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-13 17:33:04 ----A---- C:\Windows\system32\win32k.sys
2016-02-13 17:25:03 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-13 17:22:25 ----A---- C:\Windows\system32\kerberos.dll
2016-02-13 16:36:11 ----A---- C:\Windows\system32\urlmon.dll
2016-02-13 16:36:11 ----A---- C:\Windows\system32\mshta.exe
2016-02-13 16:36:11 ----A---- C:\Windows\system32\msfeedssync.exe
2016-02-13 16:36:11 ----A---- C:\Windows\system32\msfeedsbs.dll
2016-02-13 16:36:11 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-13 16:36:10 ----A---- C:\Windows\system32\vbscript.dll
2016-02-13 16:36:10 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-13 16:36:09 ----A---- C:\Windows\system32\wininet.dll
2016-02-13 16:36:09 ----A---- C:\Windows\system32\url.dll
2016-02-13 16:36:09 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-13 16:36:09 ----A---- C:\Windows\system32\jscript.dll
2016-02-13 16:36:09 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-13 16:36:09 ----A---- C:\Windows\system32\ieui.dll
2016-02-13 16:36:09 ----A---- C:\Windows\system32\iertutil.dll
2016-02-13 16:36:09 ----A---- C:\Windows\system32\ieframe.dll
2016-02-13 16:36:09 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-13 16:36:06 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-13 16:36:04 ----A---- C:\Windows\system32\mshtml.dll
2016-02-13 16:36:04 ----A---- C:\Windows\system32\jscript9.dll

======List of files/folders modified in the last 1 month======

2016-03-03 11:24:53 ----D---- C:\Windows\Prefetch
2016-03-03 11:24:49 ----D---- C:\Program Files\trend micro
2016-03-03 11:23:52 ----D---- C:\Program Files\NetSoftware
2016-03-03 11:21:40 ----A---- C:\DelFix.txt
2016-03-03 08:14:28 ----D---- C:\Windows\System32
2016-03-03 08:14:28 ----D---- C:\Windows\inf
2016-03-03 08:14:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-03 07:48:46 ----D---- C:\Windows
2016-03-03 07:44:28 ----RD---- C:\Program Files
2016-03-03 07:44:12 ----SHD---- C:\System Volume Information
2016-03-03 07:42:38 ----D---- C:\Windows\system32\drivers
2016-03-03 07:02:06 ----D---- C:\POSTA
2016-03-03 06:52:46 ----SHD---- C:\Windows\Installer
2016-03-03 06:51:57 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2016-03-03 06:51:36 ----D---- C:\Program Files\Java
2016-03-02 15:39:22 ----D---- C:\Program Files\Google
2016-03-02 15:39:19 ----D---- C:\Windows\Tasks
2016-03-02 13:57:57 ----D---- C:\Windows\system32\Tasks
2016-03-01 20:49:38 ----D---- C:\ProgramData
2016-03-01 20:49:36 ----D---- C:\Users\Jirka\AppData\Roaming\AVG
2016-03-01 16:35:38 ----D---- C:\Windows\winsxs
2016-03-01 16:13:38 ----A---- C:\Windows\system.ini
2016-03-01 16:13:34 ----D---- C:\Windows\system32\drivers\etc
2016-03-01 16:06:13 ----D---- C:\Windows\AppPatch
2016-03-01 16:06:12 ----D---- C:\Program Files\Common Files
2016-03-01 15:04:56 ----D---- C:\Windows\erdnt
2016-03-01 14:59:34 ----AD---- C:\ProgramData\TEMP
2016-02-29 21:02:46 ----D---- C:\ProgramData\Freemake
2016-02-29 18:21:30 ----D---- C:\Users\Jirka\AppData\Roaming\Media Player Classic
2016-02-29 14:12:56 ----D---- C:\Windows\system32\catroot2
2016-02-29 13:59:13 ----HD---- C:\Windows\system32\GroupPolicy
2016-02-29 06:37:55 ----D---- C:\Program Files\Příjmové a výdajové doklady
2016-02-28 18:21:06 ----D---- C:\Windows\tracing
2016-02-28 17:43:46 ----D---- C:\Users\Jirka\AppData\Roaming\vlc
2016-02-28 12:33:27 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-02-28 11:38:45 ----D---- C:\Users\Jirka\AppData\Roaming\Seznam.cz
2016-02-27 09:25:08 ----RSD---- C:\Windows\assembly
2016-02-27 09:18:37 ----D---- C:\Program Files\Ashampoo
2016-02-27 09:09:20 ----D---- C:\ProgramData\Ashampoo
2016-02-27 09:06:19 ----A---- C:\Windows\win.ini
2016-02-26 07:09:27 ----D---- C:\Program Files\Recuva
2016-02-25 14:42:01 ----D---- C:\Windows\system32\catroot
2016-02-22 13:53:16 ----D---- C:\Windows\Debug
2016-02-19 14:20:08 ----D---- C:\Users\Jirka\AppData\Roaming\dvdcss
2016-02-14 20:29:26 ----SD---- C:\Users\Jirka\AppData\Roaming\Microsoft
2016-02-13 18:03:17 ----D---- C:\Windows\Microsoft.NET
2016-02-13 17:57:08 ----D---- C:\Windows\rescache
2016-02-13 17:37:57 ----D---- C:\Program Files\Windows Collaboration
2016-02-13 17:37:53 ----D---- C:\Windows\system32\cs-CZ
2016-02-13 17:37:52 ----D---- C:\Windows\system32\migration
2016-02-13 17:37:48 ----D---- C:\Program Files\Internet Explorer
2016-02-13 17:37:46 ----D---- C:\Program Files\Windows Journal
2016-02-13 17:31:58 ----D---- C:\Windows\system32\MRT
2016-02-13 17:25:31 ----A---- C:\Windows\system32\mrt.exe
2016-02-13 16:36:35 ----A---- C:\Windows\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-03-01 58776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-03-01 221240]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2006-05-11 247808]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2016-03-01 64272]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-03-01 812720]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-03-01 447848]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2014-12-10 43296]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-03-01 32792]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-03-01 91168]
R3 aswStmXP;Avast StreamFilter Driver; C:\Windows\system32\drivers\aswStmXP.sys [2016-03-01 171608]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-18 220672]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2007-07-09 44416]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-02-19 10919200]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-18 45624]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2011-08-15 32408]
S3 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2016-03-01 67088]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cpuz135;cpuz135; \??\C:\Program Files\CPUID\PC Wizard 2012\pcwiz_x32.sys []
S3 cpuz136;cpuz136; \??\C:\Program Files\CPUID\PC Wizard 2013\pcwiz_x32.sys [2013-08-24 25320]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2016-03-01 19984]
S3 HidBatt;Ovladač baterie zdroje UPS standardu HID; C:\Windows\system32\DRIVERS\HidBatt.sys [2008-01-18 21504]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver; \??\C:\Windows\system32\drivers\massfilter_hs.sys [2011-08-15 15896]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 PAC7302;PAC7302 VGA USB Camera; C:\Windows\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
S3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\Windows\system32\drivers\sfng32.sys [2005-12-02 41728]
S3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\sthda.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 zghsmdm;ZTE General Handset USB Modem Proprietary; C:\Windows\system32\DRIVERS\zghsmdm.sys [2011-08-15 113688]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 APC Data Service;APC Data Service; C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe [2012-01-24 21880]
R2 APC UPS Service;APC UPS Service; C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe [2012-01-24 705912]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-03-01 237096]
R2 FileOpenManager;FileOpen Manager; C:\Program Files\FileOpen\Services\FileOpenManager32.exe [2015-07-17 219968]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2006-05-11 90112]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S3 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-02-11 146888]
S3 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 634656]
S3 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-10 1258856]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-13 269504]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]
S4 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-11 772296]

-----------------EOF-----------------
# DelFix v1.011 - Logfile created 03/03/2016 at 11:21:38
# Updated 18/08/2015 by Xplode
# Username : Jirka - JIRKA-PC
# Operating System : Windows Vista (TM) Business Service Pack 2 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\RSIT
Deleted : C:\AdwCleaner
Deleted : C:\Users\Jirka\Downloads\RSIT.exe
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########

ak existuje adresar C:\Users\Jirka\AppData\Roaming\AVG tak ho ZMAZ
ziadne virove problemy nevidim
popis problemy, ak su

adresář avg smazán 1x prázdná složka. JInak blbne furt a kope na jiné stránky. ASi přeinst? Díky

včera přeinstal win a v pohodě, čisto. Příští týden asi pro nový s win 10. Díky za čas.JB

Aj to je niekedy cesta