VIRY.CZ

D večer, včera nějaká instalace a hned odinst, jelikož se natahly nějaké srá.ory typu mcaffy,doplňky pro chrome apod..
Prosím omrkněte, zda je po veškeré havěti. Díky Jirka.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Jirka at 2015-08-28 18:18:51
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 501 GB (70%) free of 715 GB
Total RAM: 3053 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:19:08, on 28.8.2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16685)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\FileOpen\Services\FileOpenBroker32.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\APC\PowerChute Personal Edition\apcsystray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jirka\Downloads\RSIT.exe
C:\Program Files\trend micro\Jirka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [FileOpenBroker] C:\Program Files\FileOpen\Services\FileOpenBroker32.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Adobe Reader Synchronizer] "C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-21-473776709-23561653-1376516071-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-473776709-23561653-1376516071-1001\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-473776709-23561653-1376516071-1001\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun (User 'UpdatusUser')
O4 - Global Startup: APC UPS Status.lnk = C:\Program Files\APC\PowerChute Personal Edition\Display.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - https://biz.lgservice.com/DATA/cab/djvu ... r34387.cab
O16 - DPF: {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} (FormApps Plug-in) - https://eportal.cssz.cz/fas/page/active ... bff_cs.cab
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - https://adisepo.mfcr.cz/adistc/adis/idp ... tsignx.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Abelssoft Admin-Service (AbAdminService) - Ascora GmbH - C:\Program Files\ToolbarTerminator\AbAdminService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: APC Data Service - Schneider Electric - C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe
O23 - Service: APC UPS Service - Schneider Electric - C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
O23 - Service: FileOpen Manager Service (FileOpenManagerService) - FileOpen Systems Inc. - C:\Program Files\FileOpen\Services\FileOpenManagerService32.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 6836 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\Norton Security Scan for Jirka.job - C:\PROGRA~1\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled

=========Mozilla firefox=========

ProfilePath - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\1osd4hsz.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.idnes.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@cuminas.jp/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\1osd4hsz.default\searchplugins\
firmy.cz-165656.xml
seznam.cz-165656.xml
videa.seznam.cz-165656.xml
zbozi.cz-165656.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-20 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-20 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07 4439128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2006-05-11 151552]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"FileOpenBroker"=C:\Program Files\FileOpen\Services\FileOpenBroker32.exe [2012-11-07 840624]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]
"AVG_UI"=C:\Program Files\AVG\AVG2015\avgui.exe [2015-07-31 3780520]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Synchronizer"=C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe [2015-06-27 1104288]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu]
C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [2014-01-17 1284680]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
APC UPS Status.lnk - C:\Program Files\APC\PowerChute Personal Edition\Display.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-08-28 18:18:51 ----D---- C:\rsit
2015-08-28 18:18:51 ----D---- C:\Program Files\trend micro
2015-08-28 08:16:09 ----D---- C:\Program Files\Mozilla Firefox
2015-08-27 20:51:44 ----D---- C:\Windows\system32\drivers\NSS
2015-08-27 20:51:44 ----D---- C:\Program Files\Norton Security Scan
2015-08-27 20:51:41 ----D---- C:\Program Files\NortonInstaller
2015-08-23 16:20:47 ----D---- C:\Program Files\Cuminas
2015-08-23 16:20:04 ----D---- C:\ProgramData\Caminova
2015-08-20 16:35:38 ----A---- C:\Windows\system32\msonpmon.dll
2015-08-20 16:27:21 ----D---- C:\ProgramData\Microsoft Help
2015-08-19 13:00:48 ----A---- C:\Windows\system32\mshtml.dll
2015-08-19 13:00:46 ----A---- C:\Windows\system32\iertutil.dll
2015-08-16 10:00:43 ----D---- C:\Users\Jirka\AppData\Roaming\Shortcut
2015-08-16 09:59:02 ----D---- C:\Users\Jirka\AppData\Roaming\0U1E1Q1T2Z1P0S2Z1T1C
2015-08-16 09:46:19 ----D---- C:\ProgramData\CanonIJPLM
2015-08-16 09:33:57 ----A---- C:\Windows\system32\CNC_C7I.dll
2015-08-15 14:43:38 ----A---- C:\Windows\system32\drivers\ZTEusbser6k.sys
2015-08-15 14:43:38 ----A---- C:\Windows\system32\drivers\ZTEusbnmea.sys
2015-08-15 14:43:38 ----A---- C:\Windows\system32\drivers\ZTEusbnet.sys
2015-08-15 14:43:38 ----A---- C:\Windows\system32\drivers\ZTEusbmdm6k.sys
2015-08-15 14:43:38 ----A---- C:\Windows\system32\drivers\massfilter.sys
2015-08-12 18:09:07 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-08-12 18:09:07 ----A---- C:\Windows\system32\drivers\ecache.sys
2015-08-12 18:09:07 ----A---- C:\Windows\system32\csrsrv.dll
2015-08-12 18:09:06 ----A---- C:\Windows\system32\ntdll.dll
2015-08-12 18:09:06 ----A---- C:\Windows\system32\msmmsp.dll
2015-08-12 18:09:06 ----A---- C:\Windows\system32\emdmgmt.dll
2015-08-12 18:09:05 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-08-12 18:09:04 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-08-12 18:06:37 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 18:06:07 ----A---- C:\Windows\system32\drivers\srv.sys
2015-08-12 18:05:41 ----A---- C:\Windows\system32\mstscax.dll
2015-08-12 18:05:12 ----A---- C:\Windows\system32\shell32.dll
2015-08-12 17:53:53 ----A---- C:\Windows\system32\basesrv.dll
2015-08-12 17:53:31 ----A---- C:\Windows\system32\msxml6.dll
2015-08-12 17:53:30 ----A---- C:\Windows\system32\msxml3.dll
2015-08-12 17:52:52 ----A---- C:\Windows\system32\d3d10warp.dll
2015-08-12 17:52:52 ----A---- C:\Windows\system32\d3d10level9.dll
2015-08-12 17:52:52 ----A---- C:\Windows\system32\d3d10core.dll
2015-08-12 17:52:52 ----A---- C:\Windows\system32\d3d10_1core.dll
2015-08-12 17:52:52 ----A---- C:\Windows\system32\d3d10_1.dll
2015-08-12 17:52:52 ----A---- C:\Windows\system32\atmlib.dll
2015-08-12 17:52:52 ----A---- C:\Windows\system32\atmfd.dll
2015-08-12 17:52:51 ----A---- C:\Windows\system32\win32k.sys
2015-08-12 17:52:51 ----A---- C:\Windows\system32\FntCache.dll
2015-08-12 17:52:51 ----A---- C:\Windows\system32\DWrite.dll
2015-08-12 17:52:51 ----A---- C:\Windows\system32\d3d10.dll
2015-08-12 17:52:51 ----A---- C:\Windows\system32\d2d1.dll
2015-08-12 17:51:57 ----A---- C:\Windows\system32\WebClnt.dll
2015-08-12 17:51:42 ----A---- C:\Windows\system32\notepad.exe
2015-08-12 17:51:42 ----A---- C:\Windows\notepad.exe
2015-08-12 11:00:14 ----A---- C:\Windows\system32\vbscript.dll
2015-08-12 11:00:14 ----A---- C:\Windows\system32\urlmon.dll
2015-08-12 11:00:14 ----A---- C:\Windows\system32\mshta.exe
2015-08-12 11:00:14 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-08-12 11:00:14 ----A---- C:\Windows\system32\msfeeds.dll
2015-08-12 11:00:14 ----A---- C:\Windows\system32\ieUnatt.exe
2015-08-12 11:00:14 ----A---- C:\Windows\system32\dxtmsft.dll
2015-08-12 11:00:13 ----A---- C:\Windows\system32\url.dll
2015-08-12 11:00:13 ----A---- C:\Windows\system32\jsproxy.dll
2015-08-12 11:00:13 ----A---- C:\Windows\system32\jscript.dll
2015-08-12 11:00:12 ----A---- C:\Windows\system32\msfeedssync.exe
2015-08-12 11:00:11 ----A---- C:\Windows\system32\wininet.dll
2015-08-12 11:00:11 ----A---- C:\Windows\system32\mshtmled.dll
2015-08-12 11:00:11 ----A---- C:\Windows\system32\jscript9.dll
2015-08-12 11:00:11 ----A---- C:\Windows\system32\ieui.dll
2015-08-12 11:00:11 ----A---- C:\Windows\system32\dxtrans.dll
2015-08-12 11:00:10 ----A---- C:\Windows\system32\ieframe.dll
2015-08-05 00:03:08 ----A---- C:\Windows\system32\msvcr120_clr0400.dll
2015-08-05 00:03:08 ----A---- C:\Windows\system32\msvcp120_clr0400.dll

======List of files/folders modified in the last 1 month======

2015-08-28 18:18:51 ----RD---- C:\Program Files
2015-08-28 18:18:14 ----D---- C:\Windows\temp
2015-08-28 17:31:02 ----D---- C:\POSTA
2015-08-28 08:44:01 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-08-28 08:43:38 ----D---- C:\ProgramData\MFAData
2015-08-28 07:54:34 ----SHD---- C:\System Volume Information
2015-08-27 21:12:41 ----D---- C:\Windows\System32
2015-08-27 21:12:41 ----D---- C:\Windows\inf
2015-08-27 21:12:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-08-27 21:12:13 ----D---- C:\Program Files\Google
2015-08-27 21:12:10 ----SHD---- C:\Windows\Installer
2015-08-27 21:12:10 ----D---- C:\Windows\Tasks
2015-08-27 21:07:26 ----D---- C:\Windows\Prefetch
2015-08-27 21:06:12 ----D---- C:\ProgramData
2015-08-27 20:59:38 ----D---- C:\Windows\system32\Tasks
2015-08-27 20:56:45 ----D---- C:\ProgramData\Norton
2015-08-27 20:56:08 ----D---- C:\Windows\system32\drivers\etc
2015-08-27 20:51:44 ----D---- C:\Windows\system32\drivers
2015-08-27 20:50:37 ----D---- C:\Users\Jirka\AppData\Roaming\ImperiaOnline
2015-08-27 20:44:04 ----A---- C:\AVScanner.ini
2015-08-27 20:24:08 ----D---- C:\Users\Jirka\AppData\Roaming\vlc
2015-08-23 16:21:02 ----SD---- C:\Windows\Downloaded Program Files
2015-08-23 12:22:18 ----D---- C:\Program Files\ProFact 3.0 Free
2015-08-22 12:46:37 ----D---- C:\Program Files\Recuva
2015-08-20 17:16:16 ----SD---- C:\ProgramData\Microsoft
2015-08-20 17:13:01 ----RSD---- C:\Windows\assembly
2015-08-20 17:12:51 ----D---- C:\Windows\winsxs
2015-08-20 17:12:43 ----D---- C:\Windows
2015-08-20 17:12:43 ----D---- C:\Program Files\Microsoft.NET
2015-08-20 17:12:43 ----D---- C:\Program Files\Common Files\microsoft shared
2015-08-20 17:12:40 ----D---- C:\Program Files\Common Files
2015-08-20 17:12:32 ----D---- C:\Windows\ShellNew
2015-08-20 17:11:51 ----RSD---- C:\Windows\Fonts
2015-08-20 17:08:32 ----A---- C:\Windows\win.ini
2015-08-20 16:59:04 ----SD---- C:\Users\Jirka\AppData\Roaming\Microsoft
2015-08-20 16:28:03 ----D---- C:\Program Files\Common Files\System
2015-08-20 16:24:01 ----D---- C:\Users\Jirka\AppData\Roaming\dvdcss
2015-08-19 13:27:15 ----D---- C:\Program Files\Internet Explorer
2015-08-19 13:01:15 ----D---- C:\Windows\system32\catroot
2015-08-17 19:27:55 ----D---- C:\Windows\system32\catroot2
2015-08-16 10:06:58 ----D---- C:\Users\Jirka\AppData\Roaming\Opera Software
2015-08-16 09:52:02 ----D---- C:\Program Files\Canon
2015-08-16 09:51:58 ----RSD---- C:\Windows\Media
2015-08-16 09:45:52 ----D---- C:\Users\Jirka\AppData\Roaming\Canon
2015-08-15 14:44:11 ----D---- C:\Windows\ModemLogs
2015-08-15 14:43:33 ----D---- C:\Program Files\ZTE
2015-08-12 19:13:35 ----D---- C:\Windows\Microsoft.NET
2015-08-12 19:06:56 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-12 19:05:05 ----D---- C:\Windows\system32\XPSViewer
2015-08-12 19:05:04 ----D---- C:\Windows\system32\migration
2015-08-12 18:03:59 ----D---- C:\Windows\system32\MRT
2015-08-12 17:54:41 ----A---- C:\Windows\system32\mrt.exe
2015-08-12 17:34:29 ----A---- C:\Windows\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2015-05-12 190944]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2015-05-07 290272]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2015-07-28 186800]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2015-03-20 35808]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2006-05-11 247808]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2015-03-11 132576]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2015-07-28 250288]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2015-07-23 31664]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2015-06-16 207328]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2015-05-12 213984]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2014-12-10 43296]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-18 220672]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2007-07-09 44416]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-02-19 10919200]
R3 PAC7302;PAC7302 VGA USB Camera; C:\Windows\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-19 45624]
R3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2011-08-15 32408]
S3 catchme;catchme; \??\C:\Users\Jirka\AppData\Local\Temp\catchme.sys []
S3 cpuz135;cpuz135; \??\C:\Program Files\CPUID\PC Wizard 2012\pcwiz_x32.sys []
S3 cpuz136;cpuz136; \??\C:\Program Files\CPUID\PC Wizard 2013\pcwiz_x32.sys [2013-08-24 25320]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HidBatt;Ovladač baterie zdroje UPS standardu HID; C:\Windows\system32\DRIVERS\HidBatt.sys [2008-01-18 21504]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2011-04-13 9216]
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver; \??\C:\Windows\system32\drivers\massfilter_hs.sys [2011-08-15 15896]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\Windows\system32\drivers\sfng32.sys [2005-12-02 41728]
S3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\sthda.sys []
S3 TrueSight;TrueSight; \??\C:\Windows\System32\drivers\TrueSight.sys [2015-02-26 34808]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 zghsmdm;ZTE General Handset USB Modem Proprietary; C:\Windows\system32\DRIVERS\zghsmdm.sys [2011-08-15 113688]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2012-03-30 107392]
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2012-03-30 107392]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2012-03-30 107392]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 APC Data Service;APC Data Service; C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe [2012-01-24 21880]
R2 APC UPS Service;APC UPS Service; C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe [2012-01-24 705912]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [2015-07-31 3633576]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [2015-07-31 335656]
R2 FileOpenManagerService;FileOpen Manager Service; C:\Program Files\FileOpen\Services\FileOpenManagerService32.exe [2012-11-07 213432]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2006-05-11 90112]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2013-06-28 84616]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 634656]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-10 1258856]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 WtuSystemSupport;WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [2015-02-26 620056]
R3 AbAdminService;Abelssoft Admin-Service; C:\Program Files\ToolbarTerminator\AbAdminService.exe [2015-01-22 30984]
R3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-28 149160]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravim

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

# AdwCleaner v5.004 - Logfile created 28/08/2015 at 21:59:11
# Updated 26/08/2015 by Xplode
# Database : 2015-08-25.1 [Server]
# Operating system : Windows Vista (TM) Business Service Pack 2 (x86)
# Username : Jirka - JIRKA-PC
# Running from : C:\Users\Jirka\Desktop\adwcleaner_5.004.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****

[-] File Deleted : C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acklnhgjphbhhomkneonohbjnbmkclfb

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\UpdateStar
[-] Key Deleted : HKCU\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\PRODUCTSETUP

***** [ Web browsers ] *****

[-] [C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\1osd4hsz.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1440701365613");
[-] [C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\1osd4hsz.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "videodownloadconverter@mindspark.com");

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C9].txt - [1379 bytes] ##########

D den, tak další sken MBAM:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 28.8.2015
Čas skenování: 22:20:37
Protokol: mbam288.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.28.05
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: Jirka

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 618944
Uplynulý čas: 2 hod, 52 min, 47 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 2
PUP.Optional.PCSpeedUp.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, , [0134ab63a8e31a1caec0802a36cebb45],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-473776709-23561653-1376516071-1000\SOFTWARE\ICSW1.13, , [1025da34008baf872545e44035cec13f],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 1
PUP.Optional.MindSpark.A, C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\1osd4hsz.default\VideoDownloadConverter_4z, , [290cf21ca4e7979fa13ca481f60df50b],

Soubory: 5
PUP.Optional.APNToolBar.A, C:\Users\Jirka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UAQXHCAR\WeatherBugSetup[1].exe, , [3ef75db18cff35016db55d47fa07b848],
PUP.Optional.InstallCore, C:\Users\Jirka\Downloads\updatestar-drivers.exe, , [76bf55b9dbb085b1e9bd09851ee30bf5],
PUP.Optional.InstallCore, C:\Users\Jirka\Downloads\Malavida_Download_Manager(1).exe, , [a095fc12a3e8a69095058e02fb0a46ba],
PUP.Optional.InstallCore, C:\Users\Jirka\Downloads\Malavida_Download_Manager.exe, , [66cf7599f893c373efab137d27de33cd],
PUP.Optional.MindSpark.A, C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\1osd4hsz.default\VideoDownloadConverter_4z\4A7301AD-8669-41C8-B18B-3D2B2E523DED.sqlite, , [290cf21ca4e7979fa13ca481f60df50b],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Krasne sobotni rano/dopoledne

Vsechny nalezy MBAM nechte odstranit. Po odstraneni a restarti pc test zopakujte - tentokrat uz staci jen Sken hrozeb, bude rychejsi - at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

Díky za rychlou odpověď:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 29.8.2015
Čas skenování: 9:42:02
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.29.01
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: Jirka

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 361574
Uplynulý čas: 17 min, 31 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

MBAM muzete odinstalovat.

Dejte novy log z RSIT

a

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

Logfile of random's system information tool 1.08 (written by random/random)
Run by Jirka at 2015-08-29 10:52:50
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 502 GB (70%) free of 715 GB
Total RAM: 3053 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:52:59, on 29.8.2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16685)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\Pixart\Pac7302\Monitor.exe
C:\Program Files\FileOpen\Services\FileOpenBroker32.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\APC\PowerChute Personal Edition\apcsystray.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\Windows\Explorer.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
c:\Users\Jirka\Downloads\instalační soubory\RSIT.exe
C:\Program Files\trend micro\Jirka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [FileOpenBroker] C:\Program Files\FileOpen\Services\FileOpenBroker32.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Adobe Reader Synchronizer] "C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-21-473776709-23561653-1376516071-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-473776709-23561653-1376516071-1001\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-473776709-23561653-1376516071-1001\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun (User 'UpdatusUser')
O4 - Global Startup: APC UPS Status.lnk = C:\Program Files\APC\PowerChute Personal Edition\Display.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - https://biz.lgservice.com/DATA/cab/djvu ... r34387.cab
O16 - DPF: {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} (FormApps Plug-in) - https://eportal.cssz.cz/fas/page/active ... bff_cs.cab
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - https://adisepo.mfcr.cz/adistc/adis/idp ... tsignx.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Abelssoft Admin-Service (AbAdminService) - Ascora GmbH - C:\Program Files\ToolbarTerminator\AbAdminService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: APC Data Service - Schneider Electric - C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe
O23 - Service: APC UPS Service - Schneider Electric - C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
O23 - Service: FileOpen Manager Service (FileOpenManagerService) - FileOpen Systems Inc. - C:\Program Files\FileOpen\Services\FileOpenManagerService32.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 6951 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Norton Security Scan for Jirka.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-20 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-20 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07 4439128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2006-05-11 151552]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"FileOpenBroker"=C:\Program Files\FileOpen\Services\FileOpenBroker32.exe [2012-11-07 840624]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]
"AVG_UI"=C:\Program Files\AVG\AVG2015\avgui.exe [2015-07-31 3780520]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Synchronizer"=C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe [2015-06-27 1104288]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu]
C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [2014-01-17 1284680]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
APC UPS Status.lnk - C:\Program Files\APC\PowerChute Personal Edition\Display.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2015-08-29 10:23:43 ----A---- C:\Windows\system32\fmcodec.DLL
2015-08-29 09:10:26 ----A---- C:\mbam288.txt
2015-08-28 18:18:51 ----D---- C:\rsit
2015-08-28 18:18:51 ----D---- C:\Program Files\trend micro
2015-08-28 08:16:09 ----D---- C:\Program Files\Mozilla Firefox
2015-08-27 20:51:44 ----D---- C:\Windows\system32\drivers\NSS
2015-08-27 20:51:44 ----D---- C:\Program Files\Norton Security Scan
2015-08-27 20:51:41 ----D---- C:\Program Files\NortonInstaller
2015-08-23 16:20:47 ----D---- C:\Program Files\Cuminas
2015-08-23 16:20:04 ----D---- C:\ProgramData\Caminova
2015-08-20 16:35:38 ----A---- C:\Windows\system32\msonpmon.dll
2015-08-20 16:27:21 ----D---- C:\ProgramData\Microsoft Help
2015-08-19 13:00:48 ----A---- C:\Windows\system32\mshtml.dll
2015-08-19 13:00:46 ----A---- C:\Windows\system32\iertutil.dll
2015-08-16 10:00:43 ----D---- C:\Users\Jirka\AppData\Roaming\Shortcut
2015-08-16 09:59:02 ----D---- C:\Users\Jirka\AppData\Roaming\0U1E1Q1T2Z1P0S2Z1T1C
2015-08-16 09:46:19 ----D---- C:\ProgramData\CanonIJPLM
2015-08-16 09:33:57 ----A---- C:\Windows\system32\CNC_C7I.dll
2015-08-15 14:43:38 ----A---- C:\Windows\system32\drivers\ZTEusbser6k.sys
2015-08-15 14:43:38 ----A---- C:\Windows\system32\drivers\ZTEusbnmea.sys
2015-08-15 14:43:38 ----A---- C:\Windows\system32\drivers\ZTEusbnet.sys
2015-08-15 14:43:38 ----A---- C:\Windows\system32\drivers\ZTEusbmdm6k.sys
2015-08-15 14:43:38 ----A---- C:\Windows\system32\drivers\massfilter.sys
2015-08-12 18:09:07 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-08-12 18:09:07 ----A---- C:\Windows\system32\drivers\ecache.sys
2015-08-12 18:09:07 ----A---- C:\Windows\system32\csrsrv.dll
2015-08-12 18:09:06 ----A---- C:\Windows\system32\ntdll.dll
2015-08-12 18:09:06 ----A---- C:\Windows\system32\msmmsp.dll
2015-08-12 18:09:06 ----A---- C:\Windows\system32\emdmgmt.dll
2015-08-12 18:09:05 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-08-12 18:09:04 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-08-12 18:06:37 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 18:06:07 ----A---- C:\Windows\system32\drivers\srv.sys
2015-08-12 18:05:41 ----A---- C:\Windows\system32\mstscax.dll
2015-08-12 18:05:12 ----A---- C:\Windows\system32\shell32.dll
2015-08-12 17:53:53 ----A---- C:\Windows\system32\basesrv.dll
2015-08-12 17:53:31 ----A---- C:\Windows\system32\msxml6.dll
2015-08-12 17:53:30 ----A---- C:\Windows\system32\msxml3.dll
2015-08-12 17:52:52 ----A---- C:\Windows\system32\d3d10warp.dll
2015-08-12 17:52:52 ----A---- C:\Windows\system32\d3d10level9.dll
2015-08-12 17:52:52 ----A---- C:\Windows\system32\d3d10core.dll
2015-08-12 17:52:52 ----A---- C:\Windows\system32\d3d10_1core.dll
2015-08-12 17:52:52 ----A---- C:\Windows\system32\d3d10_1.dll
2015-08-12 17:52:52 ----A---- C:\Windows\system32\atmlib.dll
2015-08-12 17:52:52 ----A---- C:\Windows\system32\atmfd.dll
2015-08-12 17:52:51 ----A---- C:\Windows\system32\win32k.sys
2015-08-12 17:52:51 ----A---- C:\Windows\system32\FntCache.dll
2015-08-12 17:52:51 ----A---- C:\Windows\system32\DWrite.dll
2015-08-12 17:52:51 ----A---- C:\Windows\system32\d3d10.dll
2015-08-12 17:52:51 ----A---- C:\Windows\system32\d2d1.dll
2015-08-12 17:51:57 ----A---- C:\Windows\system32\WebClnt.dll
2015-08-12 17:51:42 ----A---- C:\Windows\system32\notepad.exe
2015-08-12 17:51:42 ----A---- C:\Windows\notepad.exe
2015-08-12 11:00:14 ----A---- C:\Windows\system32\vbscript.dll
2015-08-12 11:00:14 ----A---- C:\Windows\system32\urlmon.dll
2015-08-12 11:00:14 ----A---- C:\Windows\system32\mshta.exe
2015-08-12 11:00:14 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-08-12 11:00:14 ----A---- C:\Windows\system32\msfeeds.dll
2015-08-12 11:00:14 ----A---- C:\Windows\system32\ieUnatt.exe
2015-08-12 11:00:14 ----A---- C:\Windows\system32\dxtmsft.dll
2015-08-12 11:00:13 ----A---- C:\Windows\system32\url.dll
2015-08-12 11:00:13 ----A---- C:\Windows\system32\jsproxy.dll
2015-08-12 11:00:13 ----A---- C:\Windows\system32\jscript.dll
2015-08-12 11:00:12 ----A---- C:\Windows\system32\msfeedssync.exe
2015-08-12 11:00:11 ----A---- C:\Windows\system32\wininet.dll
2015-08-12 11:00:11 ----A---- C:\Windows\system32\mshtmled.dll
2015-08-12 11:00:11 ----A---- C:\Windows\system32\jscript9.dll
2015-08-12 11:00:11 ----A---- C:\Windows\system32\ieui.dll
2015-08-12 11:00:11 ----A---- C:\Windows\system32\dxtrans.dll
2015-08-12 11:00:10 ----A---- C:\Windows\system32\ieframe.dll
2015-08-05 00:03:08 ----A---- C:\Windows\system32\msvcr120_clr0400.dll
2015-08-05 00:03:08 ----A---- C:\Windows\system32\msvcp120_clr0400.dll

======List of files/folders modified in the last 1 months======

2015-08-29 10:53:00 ----D---- C:\Windows\Prefetch
2015-08-29 10:52:02 ----D---- C:\Windows\temp
2015-08-29 10:46:45 ----RD---- C:\Program Files
2015-08-29 10:46:45 ----D---- C:\Windows\system32\drivers
2015-08-29 10:46:30 ----SHD---- C:\System Volume Information
2015-08-29 10:45:09 ----D---- C:\Users\Jirka\AppData\Roaming\vlc
2015-08-29 10:23:55 ----D---- C:\Windows\System32
2015-08-29 10:23:54 ----D---- C:\Windows\inf
2015-08-29 09:44:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-08-29 09:36:09 ----D---- C:\Windows\Panther
2015-08-29 09:11:14 ----D---- C:\ProgramData\MFAData
2015-08-28 22:02:13 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-08-28 21:59:11 ----D---- C:\POSTA
2015-08-28 21:59:11 ----D---- C:\AdwCleaner
2015-08-28 20:55:39 ----D---- C:\Windows\system32\Tasks
2015-08-27 21:12:13 ----D---- C:\Program Files\Google
2015-08-27 21:12:10 ----SHD---- C:\Windows\Installer
2015-08-27 21:12:10 ----D---- C:\Windows\Tasks
2015-08-27 21:06:12 ----D---- C:\ProgramData
2015-08-27 20:56:45 ----D---- C:\ProgramData\Norton
2015-08-27 20:56:08 ----D---- C:\Windows\system32\drivers\etc
2015-08-27 20:50:37 ----D---- C:\Users\Jirka\AppData\Roaming\ImperiaOnline
2015-08-27 20:44:04 ----A---- C:\AVScanner.ini
2015-08-23 16:21:02 ----SD---- C:\Windows\Downloaded Program Files
2015-08-23 12:22:18 ----D---- C:\Program Files\ProFact 3.0 Free
2015-08-22 12:46:37 ----D---- C:\Program Files\Recuva
2015-08-20 17:16:16 ----SD---- C:\ProgramData\Microsoft
2015-08-20 17:13:01 ----RSD---- C:\Windows\assembly
2015-08-20 17:12:51 ----D---- C:\Windows\winsxs
2015-08-20 17:12:43 ----D---- C:\Windows
2015-08-20 17:12:43 ----D---- C:\Program Files\Microsoft.NET
2015-08-20 17:12:43 ----D---- C:\Program Files\Common Files\microsoft shared
2015-08-20 17:12:40 ----D---- C:\Program Files\Common Files
2015-08-20 17:12:32 ----D---- C:\Windows\ShellNew
2015-08-20 17:11:51 ----RSD---- C:\Windows\Fonts
2015-08-20 17:08:32 ----A---- C:\Windows\win.ini
2015-08-20 16:59:04 ----SD---- C:\Users\Jirka\AppData\Roaming\Microsoft
2015-08-20 16:28:03 ----D---- C:\Program Files\Common Files\System
2015-08-20 16:24:01 ----D---- C:\Users\Jirka\AppData\Roaming\dvdcss
2015-08-19 13:27:15 ----D---- C:\Program Files\Internet Explorer
2015-08-19 13:01:15 ----D---- C:\Windows\system32\catroot
2015-08-17 19:27:55 ----D---- C:\Windows\system32\catroot2
2015-08-16 10:06:58 ----D---- C:\Users\Jirka\AppData\Roaming\Opera Software
2015-08-16 09:52:02 ----D---- C:\Program Files\Canon
2015-08-16 09:51:58 ----RSD---- C:\Windows\Media
2015-08-16 09:45:52 ----D---- C:\Users\Jirka\AppData\Roaming\Canon
2015-08-15 14:44:11 ----D---- C:\Windows\ModemLogs
2015-08-15 14:43:33 ----D---- C:\Program Files\ZTE
2015-08-12 19:13:35 ----D---- C:\Windows\Microsoft.NET
2015-08-12 19:06:56 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-12 19:05:05 ----D---- C:\Windows\system32\XPSViewer
2015-08-12 19:05:04 ----D---- C:\Windows\system32\migration
2015-08-12 18:03:59 ----D---- C:\Windows\system32\MRT
2015-08-12 17:54:41 ----A---- C:\Windows\system32\mrt.exe
2015-08-12 17:34:29 ----A---- C:\Windows\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2015-05-12 190944]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2015-05-07 290272]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2015-07-28 186800]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2015-03-20 35808]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2006-05-11 247808]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2015-03-11 132576]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2015-07-28 250288]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2015-07-23 31664]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2015-06-16 207328]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2015-05-12 213984]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2014-12-10 43296]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-18 220672]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2007-07-09 44416]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-02-19 10919200]
R3 PAC7302;PAC7302 VGA USB Camera; C:\Windows\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-19 45624]
R3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2011-08-15 32408]
S3 catchme;catchme; \??\C:\Users\Jirka\AppData\Local\Temp\catchme.sys []
S3 cpuz135;cpuz135; \??\C:\Program Files\CPUID\PC Wizard 2012\pcwiz_x32.sys []
S3 cpuz136;cpuz136; \??\C:\Program Files\CPUID\PC Wizard 2013\pcwiz_x32.sys [2013-08-24 25320]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HidBatt;Ovladač baterie zdroje UPS standardu HID; C:\Windows\system32\DRIVERS\HidBatt.sys [2008-01-18 21504]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2011-04-13 9216]
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver; \??\C:\Windows\system32\drivers\massfilter_hs.sys [2011-08-15 15896]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\Windows\system32\drivers\sfng32.sys [2005-12-02 41728]
S3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\sthda.sys []
S3 TrueSight;TrueSight; \??\C:\Windows\System32\drivers\TrueSight.sys [2015-02-26 34808]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 zghsmdm;ZTE General Handset USB Modem Proprietary; C:\Windows\system32\DRIVERS\zghsmdm.sys [2011-08-15 113688]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2012-03-30 107392]
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2012-03-30 107392]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2012-03-30 107392]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 APC Data Service;APC Data Service; C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe [2012-01-24 21880]
R2 APC UPS Service;APC UPS Service; C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe [2012-01-24 705912]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [2015-07-31 3633576]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [2015-07-31 335656]
R2 FileOpenManagerService;FileOpen Manager Service; C:\Program Files\FileOpen\Services\FileOpenManagerService32.exe [2012-11-07 213432]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2006-05-11 90112]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2013-06-28 84616]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 634656]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-10 1258856]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 WtuSystemSupport;WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [2015-02-26 620056]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S3 AbAdminService;Abelssoft Admin-Service; C:\Program Files\ToolbarTerminator\AbAdminService.exe [2015-01-22 30984]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-28 149160]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Tak jeste FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:28-08-2015
Ran by Jirka (administrator) on JIRKA-PC (29-08-2015 12:16:45)
Running from C:\Users\Jirka\Desktop
Loaded Profiles: Jirka & UpdatusUser (Available Profiles: Jirka & UpdatusUser)
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(Schneider Electric) C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManagerService32.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Schneider Electric) C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(PixArt Imaging Incorporation) C:\Windows\Pixart\Pac7302\Monitor.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenBroker32.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Schneider Electric) C:\Program Files\APC\PowerChute Personal Edition\apcsystray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(CÍGLER SOFTWARE, a.s.) C:\Program Files\CIGLER SOFTWARE\Money S3\MonS3.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Jirka\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [151552 2006-05-11] (Intel Corporation)
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-10] (CANON INC.)
HKLM\...\Run: [FileOpenBroker] => C:\Program Files\FileOpen\Services\FileOpenBroker32.exe [840624 2012-11-07] (FileOpen Systems Inc.)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3780520 2015-07-31] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-473776709-23561653-1376516071-1000\...\Run: [Adobe Reader Synchronizer] => C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe [1104288 2015-06-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-473776709-23561653-1376516071-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-473776709-23561653-1376516071-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-473776709-23561653-1376516071-1001\...\Run: [T-Mobile CManager] => C:\Program Files\T-Mobile\T-Mobile Internet Manager\Manager.exe [2166552 2013-10-31] (Gemfor s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2015-01-11]
ShortcutTarget: APC UPS Status.lnk -> C:\Program Files\APC\PowerChute Personal Edition\Display.exe (Schneider Electric)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-473776709-23561653-1376516071-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-473776709-23561653-1376516071-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-473776709-23561653-1376516071-1000 -> DefaultScope {8BA9C4A8-FC66-4918-A79E-AB4B5470BAC9} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-473776709-23561653-1376516071-1000 -> 5B8D147C1877690E087CE3668C8CD123 URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-473776709-23561653-1376516071-1000 -> 60AD7DF367A51D78AE25011EFFE3FF4D URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-473776709-23561653-1376516071-1000 -> DA175516DCC6659CF9D0C9796A42161D URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-473776709-23561653-1376516071-1000 -> F35A53397BA0816FC7057CF7B8A37903 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-473776709-23561653-1376516071-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-473776709-23561653-1376516071-1000 -> {8BA9C4A8-FC66-4918-A79E-AB4B5470BAC9} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-473776709-23561653-1376516071-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-20] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-20] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} hxxps://biz.lgservice.com/DATA/cab/djvuctrl-6.1.4-en-r34387.cab
DPF: {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} hxxps://eportal.cssz.cz/fas/page/activexcab/webff_cs.cab
DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} hxxps://adisepo.mfcr.cz/adistc/adis/idpr_pub/xspa/bin/cryptsignx.cab
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2013-02-16] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 79.98.72.27 79.98.72.2
Tcpip\..\Interfaces\{C1127E1E-07F9-4B8A-BCD9-D5E8EF04B696}: [DhcpNameServer] 79.98.72.27 79.98.72.2

FireFox:
========
FF ProfilePath: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\1osd4hsz.default
FF DefaultSearchUrl:
FF SelectedSearchEngine:
FF Homepage: hxxp://www.idnes.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @cuminas.jp/DjVuPlugin -> C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\1osd4hsz.default\searchplugins\firmy.cz-165656.xml [2014-09-12]
FF SearchPlugin: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\1osd4hsz.default\searchplugins\seznam.cz-165656.xml [2014-09-12]
FF SearchPlugin: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\1osd4hsz.default\searchplugins\videa.seznam.cz-165656.xml [2014-09-12]
FF SearchPlugin: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\1osd4hsz.default\searchplugins\zbozi.cz-165656.xml [2014-09-12]
FF Extension: Video DownloadHelper - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\1osd4hsz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-08-27]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-02-15]

Chrome:
=======
CHR Profile: C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-02]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S3 AbAdminService; C:\Program Files\ToolbarTerminator\AbAdminService.exe [30984 2015-01-22] (Ascora GmbH)
R2 APC Data Service; C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric)
R2 APC UPS Service; C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3633576 2015-07-31] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [335656 2015-07-31] (AVG Technologies CZ, s.r.o.)
R2 FileOpenManagerService; C:\Program Files\FileOpen\Services\FileOpenManagerService32.exe [213432 2012-11-07] (FileOpen Systems Inc.)
R2 IAANTMON; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [90112 2006-05-11] (Intel Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 MbnExt; C:\Program Files\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [417128 2013-12-02] (Gemfor s.r.o.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-02-26] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32408 2011-08-15] (Google Inc)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [132576 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [250288 2015-07-28] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [190944 2015-05-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-07-23] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [207328 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [290272 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [186800 2015-07-28] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [35808 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [213984 2015-05-12] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [43296 2014-12-10] (AVG Technologies)
S3 cpuz136; C:\Program Files\CPUID\PC Wizard 2013\pcwiz_x32.sys [25320 2013-08-24] (CPUID)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 massfilter; C:\Windows\System32\drivers\massfilter.sys [9216 2011-04-13] (MBB Incorporated)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [457856 2007-06-14] (PixArt Imaging Inc.)
S3 sfng32; C:\Windows\System32\drivers\sfng32.sys [41728 2005-12-02] (Sonic Focus, Inc) [File not signed]
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2015-02-26] ()
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [113688 2011-08-15] (ZTE Incorporated)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\Jirka\AppData\Local\Temp\catchme.sys [X]
S3 cpuz135; \??\C:\Program Files\CPUID\PC Wizard 2012\pcwiz_x32.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 STHDA; system32\drivers\sthda.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-29 12:16 - 2015-08-29 12:17 - 00016082 _____ C:\Users\Jirka\Desktop\FRST.txt
2015-08-29 12:16 - 2015-08-29 12:16 - 00000000 ____D C:\FRST
2015-08-29 12:10 - 2015-08-29 12:11 - 00112640 _____ (forum.viry.cz) C:\Users\Jirka\Desktop\FRSTLauncher.exe
2015-08-29 12:09 - 2015-08-29 12:09 - 01690624 _____ (Farbar) C:\Users\Jirka\Desktop\FRST.exe
2015-08-29 10:30 - 2015-08-29 10:30 - 00000721 _____ C:\Users\Jirka\Desktop\Michal Tučný Tam u nebeských bran [video].mp3.lnk
2015-08-29 10:23 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\Windows\system32\fmcodec.DLL
2015-08-29 09:10 - 2015-08-29 09:10 - 00002229 _____ C:\mbam288.txt
2015-08-28 21:51 - 2015-08-28 21:53 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Jirka\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-28 21:48 - 2015-08-28 21:48 - 01618432 _____ C:\Users\Jirka\Desktop\adwcleaner_5.004.exe
2015-08-28 18:18 - 2015-08-29 10:52 - 00000000 ____D C:\Program Files\trend micro
2015-08-28 18:18 - 2015-08-28 18:19 - 00000000 ____D C:\rsit
2015-08-28 18:18 - 2015-08-28 18:18 - 01107968 _____ C:\Users\Jirka\Downloads\RSIT.exe
2015-08-28 08:16 - 2015-08-28 08:44 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-08-27 20:51 - 2015-08-28 19:16 - 00000440 ____H C:\Windows\Tasks\Norton Security Scan for Jirka.job
2015-08-27 20:51 - 2015-08-27 20:54 - 00000000 ____D C:\Program Files\Norton Security Scan
2015-08-27 20:51 - 2015-08-27 20:51 - 00000000 ____D C:\Windows\system32\Drivers\NSS
2015-08-27 20:50 - 2015-08-27 21:14 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online
2015-08-27 20:50 - 2015-08-27 20:50 - 00779652 _____ C:\Users\Jirka\Downloads\video_downloadhelper-4.9.24-smfx.xpi
2015-08-25 19:00 - 2015-08-25 19:01 - 06632448 _____ C:\Users\Jirka\Downloads\Rynda.ppt
2015-08-23 16:20 - 2015-08-23 20:12 - 00000000 ____D C:\Program Files\Cuminas
2015-08-23 16:20 - 2015-08-23 16:20 - 00000000 ____D C:\ProgramData\Caminova
2015-08-20 18:57 - 2015-08-20 18:57 - 00000110 ____H C:\Users\Jirka\Documents\IMG_20150820_0002.jpg.uid-zps
2015-08-20 16:35 - 2006-10-26 19:56 - 00032592 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll
2015-08-20 16:27 - 2015-08-20 17:13 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-20 16:27 - 2015-08-20 16:27 - 00000000 ____D C:\Users\Jirka\AppData\Local\Microsoft Help
2015-08-19 13:00 - 2015-08-15 01:03 - 12386816 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 13:00 - 2015-08-15 00:56 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-19 13:00 - 2015-08-15 00:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-18 18:32 - 2015-08-18 19:11 - 102887623 _____ C:\Users\Jirka\Downloads\2328443.flv
2015-08-18 18:32 - 2015-08-18 18:45 - 99976548 _____ C:\Users\Jirka\Downloads\55040.mp4
2015-08-16 10:03 - 2015-08-16 10:06 - 00000000 ____D C:\Users\Jirka\AppData\Local\Opera Software
2015-08-16 10:00 - 2015-08-16 10:00 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Shortcut
2015-08-16 09:59 - 2015-08-16 10:08 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\0U1E1Q1T2Z1P0S2Z1T1C
2015-08-16 09:58 - 2015-08-16 09:58 - 00145880 _____ C:\Users\Jirka\Downloads\updatestardrivers.exe
2015-08-16 09:51 - 2015-08-16 09:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrace uživatele zařízení Canon MG7500 series
2015-08-16 09:46 - 2015-08-16 10:43 - 00000000 ____D C:\ProgramData\CanonIJPLM
2015-08-16 09:33 - 2015-01-27 18:04 - 00097280 _____ (CANON INC.) C:\Windows\system32\CNC_C7I.dll
2015-08-16 09:31 - 2015-08-16 09:32 - 34016840 _____ C:\Users\Jirka\Downloads\mp68-win-mg7500-1_01-ea33_3.exe
2015-08-15 14:43 - 2012-03-30 14:58 - 00107392 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbser6k.sys
2015-08-15 14:43 - 2012-03-30 14:58 - 00107392 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbnmea.sys
2015-08-15 14:43 - 2012-03-30 14:58 - 00107392 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbmdm6k.sys
2015-08-15 14:43 - 2011-12-09 09:39 - 00134144 _____ (ZTE Corporation) C:\Windows\system32\Drivers\ZTEusbnet.sys
2015-08-15 14:43 - 2011-04-13 15:42 - 00009216 _____ (MBB Incorporated) C:\Windows\system32\Drivers\massfilter.sys
2015-08-12 18:09 - 2015-07-21 22:55 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 18:09 - 2015-07-21 18:07 - 03605440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-08-12 18:09 - 2015-07-21 18:07 - 03553216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 18:09 - 2015-07-21 18:07 - 00140224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-08-12 18:09 - 2015-07-21 18:07 - 00056256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 18:09 - 2015-07-21 18:03 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-08-12 18:09 - 2015-07-21 18:03 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 18:09 - 2015-07-21 18:03 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 18:06 - 2015-07-31 21:27 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 18:06 - 2015-07-09 16:20 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-08-12 18:05 - 2015-07-11 17:56 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 18:05 - 2015-07-10 21:37 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 17:53 - 2015-07-18 18:03 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 17:53 - 2015-07-10 21:37 - 01402368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 17:53 - 2015-07-10 21:37 - 01253376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 17:52 - 2015-08-01 00:08 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 17:52 - 2015-07-31 23:46 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-08-12 17:52 - 2015-07-31 23:46 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-08-12 17:52 - 2015-07-31 23:46 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-08-12 17:52 - 2015-07-31 23:46 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-08-12 17:52 - 2015-07-31 22:41 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 17:52 - 2015-07-31 22:40 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-08-12 17:52 - 2015-07-31 22:35 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-08-12 17:52 - 2015-07-31 22:33 - 02066944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 17:52 - 2015-07-31 22:33 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 17:52 - 2015-07-31 22:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 17:52 - 2015-07-31 22:33 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 17:51 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 17:51 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 17:51 - 2015-07-01 17:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 11:00 - 2015-07-22 22:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 11:00 - 2015-07-22 22:51 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 11:00 - 2015-07-22 22:47 - 09751040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 11:00 - 2015-07-22 22:46 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 11:00 - 2015-07-22 22:46 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 11:00 - 2015-07-22 22:45 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 11:00 - 2015-07-22 22:45 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-08-12 11:00 - 2015-07-22 22:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 11:00 - 2015-07-22 22:44 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 11:00 - 2015-07-22 22:44 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 11:00 - 2015-07-22 22:44 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 11:00 - 2015-07-22 22:44 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 11:00 - 2015-07-22 22:43 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 11:00 - 2015-07-22 22:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 11:00 - 2015-07-22 22:43 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 11:00 - 2015-07-22 22:43 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-08-12 11:00 - 2015-07-22 22:43 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-08-12 11:00 - 2015-07-22 22:43 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-08-12 11:00 - 2015-07-22 22:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-10 12:10 - 2015-08-29 09:36 - 00010512 _____ C:\Windows\PFRO.log
2015-08-05 00:03 - 2015-08-05 00:03 - 00877152 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-08-05 00:03 - 2015-08-05 00:03 - 00538208 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-29 12:14 - 2006-11-02 14:52 - 02074378 _____ C:\Windows\WindowsUpdate.log
2015-08-29 12:00 - 2013-10-26 14:22 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\vlc
2015-08-29 11:41 - 2013-02-16 14:22 - 00000000 ____D C:\Users\Jirka\Documents\Word z W98
2015-08-29 11:36 - 2006-11-02 14:47 - 00004576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-29 11:36 - 2006-11-02 14:47 - 00004576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-29 11:34 - 2013-02-17 15:22 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-29 11:03 - 2013-02-16 14:22 - 00000000 ____D C:\Users\Jirka\Documents\Reklamace
2015-08-29 10:39 - 2013-02-16 14:21 - 00000000 ____D C:\Users\Jirka\Desktop\Utility
2015-08-29 10:23 - 2014-08-10 12:32 - 00000049 _____ C:\Windows\system32\ScrRecX.log
2015-08-29 10:23 - 2014-03-10 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2015-08-29 09:44 - 2006-11-02 12:33 - 01541434 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-29 09:36 - 2013-02-15 20:36 - 00000000 ____D C:\Windows\Panther
2015-08-29 09:36 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-29 09:34 - 2006-11-02 15:01 - 00032532 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-29 09:11 - 2013-02-16 01:11 - 00000000 ____D C:\ProgramData\MFAData
2015-08-28 22:23 - 2015-06-28 16:46 - 00000000 ____D C:\Users\Jirka\dwhelper
2015-08-28 22:02 - 2014-11-27 18:04 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-28 21:59 - 2014-09-13 09:12 - 00000000 ____D C:\AdwCleaner
2015-08-28 21:59 - 2013-02-17 16:19 - 00000000 ____D C:\POSTA
2015-08-28 08:15 - 2014-12-30 10:47 - 34158361 _____ C:\Users\Jirka\Documents\zaloha.ar!
2015-08-27 21:12 - 2013-02-15 23:47 - 00000000 ____D C:\Program Files\Google
2015-08-27 20:56 - 2014-09-12 16:58 - 00000000 ____D C:\ProgramData\Norton
2015-08-27 20:50 - 2014-09-12 16:56 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\ImperiaOnline
2015-08-27 20:44 - 2014-08-28 18:04 - 00000000 ____D C:\Users\Jirka\AppData\Local\Adobe
2015-08-27 20:44 - 2014-06-25 08:02 - 00000030 _____ C:\AVScanner.ini
2015-08-25 18:36 - 2013-07-11 07:11 - 00001356 _____ C:\Users\Jirka\AppData\Local\d3d9caps.dat
2015-08-23 20:24 - 2006-11-02 14:47 - 00403208 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-23 12:22 - 2013-02-18 13:57 - 00000000 ____D C:\Program Files\ProFact 3.0 Free
2015-08-22 12:51 - 2013-02-15 20:54 - 00000000 ____D C:\Users\Jirka
2015-08-22 12:46 - 2013-03-02 09:38 - 00000000 ____D C:\Program Files\Recuva
2015-08-20 18:25 - 2013-02-15 20:55 - 00106848 _____ C:\Users\Jirka\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-20 17:12 - 2013-02-17 15:14 - 00000000 ____D C:\Program Files\Microsoft.NET
2015-08-20 17:12 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\ShellNew
2015-08-20 17:12 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-20 17:08 - 2006-11-02 12:23 - 00000200 _____ C:\Windows\win.ini
2015-08-20 16:28 - 2014-12-23 19:24 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-20 16:24 - 2013-10-22 17:36 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\dvdcss
2015-08-17 21:48 - 2013-02-16 14:29 - 00000000 ____D C:\Users\Jirka\Documents\Štítky
2015-08-16 16:10 - 2013-02-28 09:03 - 00000000 ____D C:\Users\Jirka\AppData\Local\CrashDumps
2015-08-16 15:50 - 2013-02-16 14:18 - 00000000 ____D C:\Users\Jirka\Desktop\Alena
2015-08-16 10:06 - 2014-09-12 16:56 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Opera Software
2015-08-16 10:06 - 2013-02-15 20:55 - 00000954 _____ C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-16 09:52 - 2013-02-17 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-08-16 09:52 - 2013-02-17 16:02 - 00000000 ____D C:\Program Files\Canon
2015-08-16 09:51 - 2006-11-02 13:18 - 00000000 __RSD C:\Windows\Media
2015-08-16 09:45 - 2013-02-17 17:17 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Canon
2015-08-15 14:44 - 2015-07-23 16:18 - 00001578 _____ C:\Windows\setupact.log
2015-08-15 14:43 - 2014-08-23 08:56 - 00000000 ____D C:\Program Files\ZTE
2015-08-12 19:13 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-12 19:06 - 2013-02-20 16:30 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 19:05 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2015-08-12 18:08 - 2013-02-20 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 18:03 - 2013-08-15 13:06 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 17:54 - 2006-11-02 12:24 - 129304528 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-08-12 17:34 - 2013-02-17 15:22 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-08-12 17:34 - 2013-02-17 15:22 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-08-08 19:28 - 2014-05-14 08:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

==================== Files in the root of some directories =======

2013-10-24 14:57 - 2013-11-30 20:27 - 0000226 _____ () C:\Users\Jirka\AppData\Roaming\trueburner.ini
2013-07-11 07:11 - 2015-08-25 18:36 - 0001356 _____ () C:\Users\Jirka\AppData\Local\d3d9caps.dat
2014-11-13 18:14 - 2015-07-18 22:32 - 0003584 _____ () C:\Users\Jirka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2006-05-02 10:27 - 2006-05-02 10:27 - 0006254 _____ () C:\Users\Jirka\AppData\Local\IDU.ico

Some files in TEMP:
====================
C:\Users\Jirka\AppData\Local\Temp\atcMedia7661440843614.exe
C:\Users\Jirka\AppData\Local\Temp\IPCameraViewer.exe
C:\Users\Jirka\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Jirka\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Jirka\AppData\Local\Temp\ose00000.exe
C:\Users\Jirka\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================


==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jirka\Desktop" je 10679 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu
C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jirka\Desktop" je 10679 MB.

Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku



Pozor na pouzivani TuneUp. Dokaze to nadelat peknou paseku.



Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

Fix result of Farbar Recovery Scan Tool (x86) Version:28-08-2015
Ran by Jirka (2015-08-30 14:21:38) Run:1
Running from C:\Users\Jirka\Desktop
Loaded Profiles: Jirka & UpdatusUser (Available Profiles: Jirka & UpdatusUser)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-473776709-23561653-1376516071-1000\...\Run: [Adobe Reader Synchronizer] => C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe [1104288 2015-06-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-473776709-23561653-1376516071-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-473776709-23561653-1376516071-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-473776709-23561653-1376516071-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-473776709-23561653-1376516071-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch

S3 catchme; \??\C:\Users\Jirka\AppData\Local\Temp\catchme.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]

2015-08-29 09:10 - 2015-08-29 09:10 - 00002229 _____ C:\mbam288.txt
2015-08-28 21:51 - 2015-08-28 21:53 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Jirka\Downloads\mbam-setup-2.1.8.1057.exe

2015-08-27 20:51 - 2015-08-28 19:16 - 00000440 ____H C:\Windows\Tasks\Norton Security Scan for Jirka.job

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
HKU\S-1-5-21-473776709-23561653-1376516071-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Synchronizer => value removed successfully.
HKU\S-1-5-21-473776709-23561653-1376516071-1000\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG => value removed successfully.
HKU\S-1-5-21-473776709-23561653-1376516071-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value removed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-473776709-23561653-1376516071-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value removed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully.
HKU\S-1-5-21-473776709-23561653-1376516071-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
catchme => service removed successfully.
AdobeARMservice => service removed successfully.
AdobeFlashPlayerUpdateSvc => service removed successfully.
C:\mbam288.txt => moved successfully
C:\Users\Jirka\Downloads\mbam-setup-2.1.8.1057.exe => moved successfully
C:\Windows\Tasks\Norton Security Scan for Jirka.job => moved successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu => key removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 1 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 14:24:01 ====

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak to s pc vypada.

Zatím to vypadá dobře, ale ... defrag spuštěn cca před hodinou a jsou hotovy 2%, zbývající čas více než den.
Teplota 44 st, stav HDD dobrý. Mám nechat spuštěno? Děkuji.JB.

lola píše:defrag spuštěn cca před hodinou a jsou hotovy 2%, zbývající čas více než den.
Teplota 44 st, stav HDD dobrý. Mám nechat spuštěno?

Ten casovy odhad obvykle keca a ta doba se o neco zkrati. Ale pokud se defragmentace dlouho nedelala, muze to opravdu trvat hodne dlouho. Jestli to bude mozne, nechte ji dobehnout.