VIRY.CZ

Krásné ráno přeji,
chtěl bych poprosit o kontrolu-

Díky moc.


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by zdenek (administrator) on ZDENEK (13-03-2016 06:12:11)
Running from C:\Documents and Settings\zdenek\Plocha\Čištění
Loaded Profiles: zdenek (Available Profiles: zdenek)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: "C:\Documents and Settings\zdenek\Data aplikací\Seznam Browser\Seznam.cz.exe" -surl="%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\Av\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
() C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(SafeNet Inc.) C:\WINDOWS\system32\hasplms.exe
(Intel Corporation) C:\WINDOWS\system32\IPROSetMonitor.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe
() C:\Documents and Settings\zdenek\Data aplikací\Seznam Browser\Seznam.cz.exe
() C:\Documents and Settings\zdenek\Data aplikací\Seznam Browser\Seznam.cz.exe
() C:\Documents and Settings\zdenek\Data aplikací\Seznam Browser\Seznam.cz.exe
() C:\Documents and Settings\zdenek\Data aplikací\Seznam Browser\Seznam.cz.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3862440 2016-02-24] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-484763869-1767777339-1606980848-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\avastSS.scr
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe -update pepperplugin
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\Av\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-484763869-1767777339-1606980848-1004] => localhost:8080
AutoConfigURL: [S-1-5-21-484763869-1767777339-1606980848-1004] => localhost:8080
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{D101B019-1149-45F7-B947-ECD828E8996C}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-484763869-1767777339-1606980848-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-484763869-1767777339-1606980848-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-484763869-1767777339-1606980848-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={1179D74D-295F-44D8-8724-F7D1C5FDB0E7}&mid=169df462d5bf47ccb21951a3ca7e2c7b-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0216piz&pr=fr&d=2016-03-06 17:11:54&v=4.2.6.552&pid=wtu&sg=&sap=hp
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-484763869-1767777339-1606980848-1004 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-484763869-1767777339-1606980848-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-484763869-1767777339-1606980848-1004 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={1179D74D-295F-44D8-8724-F7D1C5FDB0E7}&mid=169df462d5bf47ccb21951a3ca7e2c7b-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0216piz&pr=fr&d=2016-03-06 17:11:54&v=4.2.6.552&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-484763869-1767777339-1606980848-1004 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2016-03-02] (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-17] (Oracle Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.2.6.552\AVG Web TuneUp.dll [2016-03-06] (AVG)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-17] (Oracle Corporation)
Toolbar: HKLM - ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2016-03-02] (IObit)
Toolbar: HKU\S-1-5-21-484763869-1767777339-1606980848-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2013-05-29] (Společnost Microsoft)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\zdenek\Data aplikací\Mozilla\Firefox\Profiles\zjjpa1zi.default
FF Homepage: hxxps://www.centrum.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-30] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.6\\npsitesafety.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-17] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-04-19] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-18] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2016-03-06]
FF Extension: AVG Web TuneUp - C:\Documents and Settings\zdenek\Data aplikací\Mozilla\Firefox\Profiles\zjjpa1zi.default\Extensions\avg@toolbar.xpi [2016-03-06]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-08-22] [not signed]

Chrome:
=======
CHR Profile: C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-18]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-22]
CHR Extension: (Disk Google) - C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-22]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-18]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-18]
CHR Extension: (Gmail) - C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-22]
CHR HKU\S-1-5-21-484763869-1767777339-1606980848-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR StartupUrls: "hxxp://www.centrum.cz/"

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgfws; C:\Program Files\AVG\Av\avgfws.exe [1580352 2016-02-24] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3934184 2016-02-24] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [865704 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [561104 2016-02-24] (AVG Technologies CZ, s.r.o.)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4683144 2014-03-11] (SafeNet Inc.)
R2 Intel(R) PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [109728 2011-02-28] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 vToolbarUpdater40.2.6; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe [1949768 2016-03-06] (AVG Secure Search)
R2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [1215560 2016-03-06] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aksfridge; C:\WINDOWS\system32\drivers\aksfridge.sys [425352 2014-03-11] (SafeNet Inc.)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2000-01-01] (Creative)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [149936 2015-11-06] (AVG Technologies CZ, s.r.o.)
R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [244656 2016-01-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [207792 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [297904 2016-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [205744 2016-02-15] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [37296 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies CZ, s.r.o.)
R0 Avgunivx; C:\WINDOWS\System32\DRIVERS\avgunivx.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
S3 DrvAgent32; C:\WINDOWS\system32\Drivers\DrvAgent32.sys [23456 2014-02-02] (Phoenix Technologies) [File not signed]
S3 E1000; C:\WINDOWS\System32\DRIVERS\e1000325.sys [171152 2008-08-20] (Intel Corporation)
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [19984 2016-03-04] ()
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [234888 2014-03-11] (SafeNet Inc.)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [35144 2015-07-20] ()
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2000-01-01] (Creative Technology Ltd.)
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
R3 RtlWlanu; C:\WINDOWS\System32\DRIVERS\rtwlanu.sys [1345936 2013-03-05] (Realtek Semiconductor Corporation )
S3 SWDUMon; C:\WINDOWS\System32\DRIVERS\SWDUMon.sys [13464 2016-02-29] ()
S3 VClone; C:\WINDOWS\System32\DRIVERS\VClone.sys [30720 2013-07-24] (Elaborate Bytes AG) [File not signed]
S3 catchme; \??\C:\DOCUME~1\zdenek\LOCALS~1\Temp\catchme.sys [X]
S3 cleanhlp; \??\C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-09 07:15 - 2016-03-09 07:15 - 00139328 _____ C:\Documents and Settings\zdenek\Plocha\p. Tesař-signed.pdf
2016-03-09 07:13 - 2016-03-09 07:13 - 00129116 _____ C:\Documents and Settings\zdenek\Plocha\p.Tesar př-signed.pdf
2016-03-09 07:03 - 2016-03-09 07:03 - 00017655 _____ C:\Documents and Settings\zdenek\Plocha\p.Tesar př.pdf
2016-03-08 10:49 - 2016-03-08 10:49 - 00027871 _____ C:\Documents and Settings\zdenek\Plocha\p. Tesař.pdf
2016-03-06 17:12 - 2016-03-06 21:58 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
2016-03-06 17:12 - 2016-03-06 17:13 - 00000000 ____D C:\Documents and Settings\zdenek\Local Settings\Data aplikací\AVG Web TuneUp
2016-03-06 17:11 - 2016-03-06 17:13 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp
2016-03-06 17:11 - 2016-03-06 17:11 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2016-03-06 17:11 - 2016-03-06 17:11 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2016-03-06 17:11 - 2016-03-06 17:11 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
2016-03-06 16:55 - 2016-03-06 16:55 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\AVG
2016-03-06 16:24 - 2016-03-06 16:24 - 00000000 ____D C:\Documents and Settings\zdenek\Data aplikací\AVG
2016-03-06 16:19 - 2016-03-06 16:19 - 00000000 ____D C:\Documents and Settings\zdenek\Data aplikací\TuneUp Software
2016-03-06 16:19 - 2016-03-06 16:19 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG
2016-03-06 16:14 - 2016-03-06 16:14 - 00000000 ___HD C:\$AVG
2016-03-06 16:05 - 2016-03-13 05:30 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MFAData
2016-03-06 16:05 - 2016-03-06 16:05 - 00000000 ____D C:\Documents and Settings\zdenek\Local Settings\Data aplikací\MFAData
2016-03-06 16:04 - 2016-03-06 16:04 - 00000617 _____ C:\Documents and Settings\All Users\Plocha\AVG.lnk
2016-03-06 16:04 - 2016-03-06 16:04 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG Zen
2016-03-06 16:00 - 2016-03-06 16:47 - 00000000 ____D C:\Program Files\AVG
2016-03-06 15:07 - 2016-03-06 16:49 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Avg
2016-03-06 14:54 - 2016-03-07 20:51 - 00000000 ____D C:\Documents and Settings\zdenek\Local Settings\Data aplikací\AvgSetupLog
2016-03-06 14:54 - 2016-03-06 19:25 - 00000000 ____D C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Avg
2016-03-05 07:50 - 2016-03-05 07:51 - 00004856 _____ C:\WINDOWS\system32\00SettingsFile1
2016-03-04 07:52 - 2016-03-06 14:33 - 00000000 ____D C:\Documents and Settings\zdenek\Data aplikací\Enigma Software Group
2016-03-04 07:40 - 2016-03-04 07:40 - 00019984 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-03-04 07:30 - 2016-03-04 07:35 - 00000111 _____ C:\WINDOWS\Reimage.ini
2016-03-04 06:55 - 2016-03-04 06:55 - 00262144 _____ C:\WINDOWS\system32\config\elam
2016-03-04 06:49 - 2016-03-10 09:06 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\ccb7d377-3c73-0
2016-03-04 06:47 - 2016-03-04 06:55 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\79db26d1
2016-03-04 06:47 - 2016-03-04 06:47 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\{32c9f21c-412c-0}
2016-03-04 06:47 - 2016-03-04 06:47 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\{0082d8e3-012c-1}
2016-03-03 14:42 - 2016-03-03 14:42 - 01129284 _____ C:\Documents and Settings\zdenek\Plocha\Ceník_Gewiss_2016.03_DISTR.zip
2016-03-03 08:06 - 2016-03-13 06:03 - 00000000 ____D C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Seznam.cz
2016-03-03 08:06 - 2016-03-08 20:37 - 00000000 ____D C:\Documents and Settings\zdenek\Data aplikací\Seznam Browser
2016-03-03 08:06 - 2016-03-03 08:06 - 00001917 _____ C:\Documents and Settings\zdenek\Nabídka Start\Seznam.cz.lnk
2016-03-02 12:53 - 2016-03-07 19:28 - 00000000 ____D C:\Documents and Settings\zdenek\Plocha\Nová složka (4)
2016-03-02 08:28 - 2016-03-06 15:34 - 00065536 _____ C:\WINDOWS\system32\config\Kaspersk.evt
2016-03-02 07:48 - 2016-03-02 07:48 - 00000881 _____ C:\Documents and Settings\zdenek\Nabídka Start\Uninstall Programs.lnk
2016-03-02 07:48 - 2016-03-02 07:48 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\IObit Uninstaller
2016-03-01 19:49 - 2016-03-01 19:49 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Temp
2016-02-28 06:11 - 2016-02-28 06:17 - 00000000 ____D C:\Program Files\rajce
2016-02-28 06:11 - 2016-02-28 06:11 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Rajče
2016-02-27 07:53 - 2016-02-27 07:53 - 00001498 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera 12.15 1748.lnk
2016-02-27 07:53 - 2016-02-27 07:53 - 00000000 ____D C:\Program Files\Opera
2016-02-26 21:04 - 2016-03-07 19:36 - 00000000 ____D C:\Documents and Settings\zdenek\Plocha\Nová složka
2016-02-24 07:55 - 2016-02-24 07:55 - 00000000 ____D C:\Documents and Settings\zdenek\Dokumenty\Ulozto
2016-02-18 09:58 - 2016-02-20 08:52 - 00001819 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome.lnk
2016-02-15 18:02 - 2016-02-15 18:02 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\EasternGraphics
2016-02-15 16:37 - 2016-02-15 16:37 - 00205744 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys
2016-02-14 16:51 - 2016-02-29 09:44 - 00013464 _____ C:\WINDOWS\system32\Drivers\SWDUMon.sys
2016-02-14 16:51 - 2016-02-14 16:51 - 00000000 ____D C:\Documents and Settings\zdenek\Local Settings\Data aplikací\SlimWare Utilities Inc

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-13 06:12 - 2016-01-02 19:19 - 00000000 ____D C:\Documents and Settings\zdenek\Local Settings\Temp
2016-03-13 06:12 - 2016-01-02 13:56 - 00000000 ____D C:\FRST
2016-03-13 06:12 - 2013-08-09 06:39 - 00000000 ___RD C:\Documents and Settings\zdenek\Plocha\Čištění
2016-03-13 05:23 - 2013-08-07 06:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-13 05:23 - 2008-04-14 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2016-03-12 21:40 - 2013-08-07 06:08 - 00000178 ___SH C:\Documents and Settings\zdenek\ntuser.ini
2016-03-12 21:40 - 2013-08-07 06:08 - 00000000 ____D C:\Documents and Settings\zdenek
2016-03-12 21:40 - 2013-08-07 06:06 - 00032638 _____ C:\WINDOWS\SchedLgU.Txt
2016-03-12 21:39 - 2015-12-16 19:58 - 00000000 ____D C:\Documents and Settings\zdenek\Data aplikací\vlc
2016-03-12 06:17 - 2014-05-04 07:05 - 00104960 ___SH C:\Documents and Settings\zdenek\Plocha\Thumbs.db
2016-03-12 05:06 - 2013-08-07 06:08 - 00000000 ___HD C:\Documents and Settings\zdenek\Local Settings\Data aplikací
2016-03-10 18:32 - 2013-07-26 12:22 - 00143872 _____ C:\Documents and Settings\zdenek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-09 12:53 - 2014-03-10 14:39 - 00000000 ____D C:\Documents and Settings\zdenek\Data aplikací\uTorrent
2016-03-09 07:51 - 2013-08-20 15:46 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-09 07:34 - 2013-08-10 09:05 - 141270216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-09 07:15 - 2013-08-07 06:08 - 00000000 ____D C:\Documents and Settings\zdenek\Plocha
2016-03-08 11:07 - 2013-08-09 06:35 - 00000000 ___RD C:\Documents and Settings\zdenek\Plocha\Kancelář
2016-03-08 11:05 - 2015-10-20 12:14 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\AdmWin
2016-03-08 10:42 - 2015-10-20 12:14 - 00000000 ____D C:\AdmWin
2016-03-07 20:52 - 2013-08-07 07:51 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2016-03-07 08:20 - 2013-08-07 06:08 - 00000000 ___RD C:\Documents and Settings\zdenek\Nabídka Start
2016-03-06 19:43 - 2015-03-14 18:53 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\DriverGenius
2016-03-06 19:43 - 2013-08-10 10:59 - 00000000 ____D C:\Documents and Settings\zdenek\Data aplikací\HpUpdate
2016-03-06 19:43 - 2013-08-07 07:51 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2016-03-06 19:43 - 2013-07-27 13:35 - 00000000 ____D C:\Documents and Settings\zdenek\.thumbnails
2016-03-06 19:43 - 2013-07-26 06:39 - 00000000 ____D C:\Documents and Settings\zdenek\Data aplikací\Skype
2016-03-06 18:19 - 2013-08-07 07:51 - 01184092 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-06 18:19 - 2008-04-14 13:00 - 00489712 _____ C:\WINDOWS\system32\perfh005.dat
2016-03-06 18:19 - 2008-04-14 13:00 - 00098896 _____ C:\WINDOWS\system32\perfc005.dat
2016-03-06 17:39 - 2013-08-09 06:39 - 00000000 ____D C:\Documents and Settings\zdenek\Plocha\Grafika
2016-03-06 17:12 - 2014-09-25 17:50 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-06 17:10 - 2015-07-19 17:08 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes Anti-Malware
2016-03-06 16:55 - 2013-08-07 06:06 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2016-03-06 16:24 - 2013-08-07 06:08 - 00000000 __RHD C:\Documents and Settings\zdenek\Data aplikací
2016-03-06 16:17 - 2013-08-07 07:43 - 00000000 ___HD C:\WINDOWS\inf
2016-03-06 16:04 - 2015-10-02 08:59 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2016-03-06 15:34 - 2014-01-24 13:00 - 00167466 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2016-03-06 15:34 - 2013-08-07 07:50 - 00146016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-06 14:54 - 2013-08-09 06:31 - 00024464 _____ C:\Documents and Settings\zdenek\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2016-03-06 14:38 - 2013-08-17 06:52 - 00000000 ____D C:\Program Files\PROFIT
2016-03-06 14:38 - 2013-08-07 07:51 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start
2016-03-06 14:19 - 2013-08-09 18:32 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat
2016-03-05 22:00 - 2014-01-24 13:00 - 00769170 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-484763869-1767777339-1606980848-1004-0.dat
2016-03-05 09:16 - 2013-08-07 07:43 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2016-03-05 08:12 - 2013-08-10 08:40 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-03-04 17:54 - 2013-08-10 09:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2659262$
2016-03-04 06:55 - 2015-12-20 08:30 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\ecd7e2b9-77f3-1
2016-03-04 06:50 - 2015-12-20 08:30 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\ecd7e2b9-0ca1-0
2016-03-02 19:24 - 2015-10-14 07:05 - 00000000 ____D C:\Program Files\AVAST Software
2016-03-02 19:24 - 2015-02-28 11:47 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2016-03-02 08:25 - 2016-01-02 12:38 - 00000000 ____D C:\Documents and Settings\All Users\Kaspersky Lab Setup Files
2016-03-02 08:20 - 2013-08-07 07:50 - 00000000 ____D C:\Documents and Settings\All Users
2016-03-02 07:48 - 2013-09-25 14:20 - 00000000 ____D C:\Documents and Settings\zdenek\Data aplikací\IObit
2016-03-02 07:48 - 2013-08-07 06:08 - 00000000 ___HD C:\Documents and Settings\zdenek\Šablony
2016-02-29 14:00 - 2014-05-19 06:19 - 00000000 ____D C:\Documents and Settings\zdenek\EasternGraphics
2016-02-29 14:00 - 2014-05-19 06:15 - 00000000 ____D C:\Documents and Settings\zdenek\Data aplikací\EasternGraphics
2016-02-29 14:00 - 2014-05-19 06:14 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\EasternGraphics
2016-02-28 05:14 - 2014-08-24 08:13 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2016-02-28 05:13 - 2013-10-17 10:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2016-02-27 09:21 - 2015-12-20 08:37 - 00000079 _____ C:\WINDOWS\Wininit.ini
2016-02-27 09:21 - 2014-09-14 06:47 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
2016-02-27 09:21 - 2013-11-14 04:10 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2016-02-27 09:14 - 2014-02-13 12:02 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\IObit
2016-02-27 07:38 - 2013-07-26 06:26 - 00000000 ____D C:\Documents and Settings\zdenek\Dokumenty\Stažené soubory
2016-02-26 07:26 - 2013-08-09 17:48 - 00000000 ____D C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Mozilla
2016-02-26 07:26 - 2013-08-09 17:48 - 00000000 ____D C:\Documents and Settings\zdenek\Data aplikací\Mozilla
2016-02-24 19:30 - 2013-08-07 07:50 - 00000211 __RSH C:\boot.ini
2016-02-24 19:30 - 2008-04-14 13:00 - 00000649 _____ C:\WINDOWS\win.ini
2016-02-24 19:30 - 2008-04-14 13:00 - 00000227 _____ C:\WINDOWS\system.ini
2016-02-24 09:38 - 2016-01-02 16:33 - 00000000 ____D C:\AdwCleaner
2016-02-24 07:55 - 2013-08-07 06:08 - 00000000 ___RD C:\Documents and Settings\zdenek\Dokumenty
2016-02-18 09:59 - 2013-07-28 13:41 - 00000000 ____D C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Google
2016-02-18 08:36 - 2013-07-28 13:41 - 00000000 ____D C:\Program Files\Google
2016-02-15 18:02 - 2014-05-19 06:15 - 00000000 ____D C:\Program Files\EasternGraphics

==================== Files in the root of some directories =======

2013-11-03 08:06 - 2013-11-03 08:25 - 0000000 ____C () C:\Documents and Settings\zdenek\Data aplikací\bitlord_log.txt
2013-07-26 12:22 - 2016-03-10 18:32 - 0143872 _____ () C:\Documents and Settings\zdenek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-07 20:37 - 2015-03-07 20:37 - 0000830 _____ () C:\Documents and Settings\zdenek\Local Settings\Data aplikací\recently-used.xbel
2008-02-05 13:28 - 2008-02-05 13:28 - 0000051 ____C () C:\Documents and Settings\zdenek\Local Settings\Data aplikací\setup.txt
2013-08-10 10:59 - 2013-08-10 10:59 - 0000057 ____C () C:\Documents and Settings\All Users\Data aplikací\Ament.ini

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Hezké nedělní ráno

jelikož nezmiňuješ žádný konkrétní problém tak ti navrhnu svoji oblíbenou čistící a kontrolní soupravu

Stáhni Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulož jej na plochu a spusť - zobrazí se licenční podminky -> start libovolnou klávesou.
Bude vytvořena záloha a proběhne skenování.
Vyskočí log (nebo je uložen zde C:\Documents and Settings\username\Local Settings\temp\jrt\temp\JRT.txt) - zkopíruj jej sem

Stáhni AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Ulož nejlépe na plochu -> ukonči všechny programy -> spusť AdwCleaner -> klikni na Scan po dokončení na Cleaning
bude provedena oprava, restartuje se - (případně restartuj) a vypadne log C:\Program Files\AdwCleaner\AdwCleaner[C?].txt , jeho obsah vložíš sem

pravděpodobně budeš nucen vypnout na tu chvíli antivir - je to čisté, prověřeno

vyosek píše: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Log bude zde C:\zoek-results.log

Stáhni a nainstaluj MBAM zde http://www.bleepingcomputer.com/downloa ... re/dl/241/ verzi 1.75
Při instalaci ti jako první nabídne instalaci nové verze (případně i při spuštění) - dáš Storno - bude aktualizována jen databáze
Po instalaci Spustit -> na 1.záložce "Kontrolor" -> Úplná kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení a program nezavírej, jen minimalizuj

Takže očekávám tři logy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Microsoft Windows XP x86
Ran by zdenek (Administrator) on ne 13.03.2016 at 6:49:58,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 21

Successfully deleted: C:\Documents and Settings\zdenek\Data aplikací\productdata (Folder)
Successfully deleted: C:\WINDOWS\hgfs.sys (File)
Successfully deleted: C:\WINDOWS\prleth.sys (File)
Successfully deleted: C:\WINDOWS\wininit.ini (File)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\07R30OH0 (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\7LRXTOQR (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\AW9R8XCH (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\IREHCT63 (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\LIX6BGUW (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MYHXT5SE (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\PN70O4PC (Temporary Internet Files Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\QJVSF5U4 (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\prefetch\TOOLBARUPDATER.EXE-1F200485.pf (File)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\07R30OH0 (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\7LRXTOQR (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\AW9R8XCH (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IREHCT63 (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\LIX6BGUW (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\MYHXT5SE (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\PN70O4PC (Temporary Internet Files Folder)
Successfully deleted: C:\WINDOWS\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\QJVSF5U4 (Temporary Internet Files Folder)

Deleted the following from C:\Documents and Settings\zdenek\Data aplikací\Mozilla\Firefox\Profiles\zjjpa1zi.default\prefs.js
user_pref(browser.urlbar.suggest.searches, true);



Registry: 3

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{10921475-03CE-4E04-90CE-E2E7EF20C814} (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 13.03.2016 at 6:53:27,32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v5.101 - Logfile created 13/03/2016 at 06:29:51
# Updated 07/03/2016 by Xplode
# Database : 2016-03-08.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : zdenek - ZDENEK
# Running from : C:\Documents and Settings\zdenek\Local Settings\Temp\nsk9D.tmp\setupadwcleaner_5.101.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : swdumon
[-] Service Deleted : vToolbarUpdater40.2.6

***** [ Folders ] *****

[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\79db26d1
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ccb7d377-3c73-0
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ecd7e2b9-0ca1-0
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ecd7e2b9-77f3-1
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\{0082d8e3-012c-1}
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\{32c9f21c-412c-0}
[-] Folder Deleted : C:\Documents and Settings\zdenek\Local Settings\Data aplikací\slimware utilities inc
[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search

***** [ Files ] *****

[-] File Deleted : C:\Documents and Settings\zdenek\Data aplikací\Mozilla\Firefox\Profiles\zjjpa1zi.default\extensions\Avg@toolbar.xpi
[-] File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[-] File Deleted : C:\WINDOWS\Reimage.ini
[-] File Deleted : C:\WINDOWS\system32\drivers\swdumon.sys

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser [{10921475-03CE-4E04-90CE-E2E7EF20C814}]
[-] Key Deleted : HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Key Deleted : HKLM\SOFTWARE\Reimage
[-] Key Deleted : HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List [C:\Documents and Settings\zdenek\Local Settings\Data aplikací\TNT2\2.0.0.2030\TNT2User.exe]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Documents and Settings\zdenek\Local Settings\Data aplikací\TNT2\2.0.0.2030\TNT2User.exe]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\Program Files\AdwCleaner\AdwCleaner[C1].txt - [4797 bytes] - [13/03/2016 06:29:51]
C:\Program Files\AdwCleaner\AdwCleaner[S1].txt - [4886 bytes] - [13/03/2016 06:27:24]

########## EOF - C:\Program Files\AdwCleaner\AdwCleaner[C1].txt - [4971 bytes] ##########

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2016.02.26.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
zdenek :: ZDENEK [administrátor]

13.3.2016 6:58:50
mbam-log-2016-03-13 (06-58-50).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 322854
Uplynulý čas: 20 minut, 52 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Tak paráda - MBAM buď odinstaluj http://www.malwarebytes.org/mbam-clean.exe
nebo si ho nech na další případnou kontrolu, jen mu zakaž automatické spouštění

Spusť znovu ADWCleaner a dej "Uninstall"

JRT a jeho log můžeš smazat

dej mi log RSIT http://forum.viry.cz/viewtopic.php?f=13&t=130786

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by zdenek (administrator) on ZDENEK (13-03-2016 09:58:13)
Running from C:\Documents and Settings\zdenek\Plocha\Čištění
Loaded Profiles: zdenek (Available Profiles: zdenek)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: "C:\Documents and Settings\zdenek\Data aplikací\Seznam Browser\Seznam.cz.exe" -surl="%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\Av\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(SafeNet Inc.) C:\WINDOWS\system32\hasplms.exe
(Intel Corporation) C:\WINDOWS\system32\IPROSetMonitor.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Opera Software) C:\Program Files\Opera\opera.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3862440 2016-02-24] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-484763869-1767777339-1606980848-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\avastSS.scr
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe -update pepperplugin
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\Av\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-484763869-1767777339-1606980848-1004] => localhost:8080
AutoConfigURL: [S-1-5-21-484763869-1767777339-1606980848-1004] => localhost:8080
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{D101B019-1149-45F7-B947-ECD828E8996C}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-484763869-1767777339-1606980848-1004 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-484763869-1767777339-1606980848-1004 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-484763869-1767777339-1606980848-1004 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-17] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-17] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-484763869-1767777339-1606980848-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2013-05-29] (Společnost Microsoft)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\zdenek\Data aplikací\Mozilla\Firefox\Profiles\zjjpa1zi.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-30] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-17] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-04-19] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-18] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-08-22] [not signed]

Chrome:
=======
CHR Profile: C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-18]
CHR Extension: (Google Docs) - C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-22]
CHR Extension: (Google Drive) - C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-22]
CHR Extension: (Google Search) - C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-18]
CHR Extension: (Google Docs Offline) - C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-22]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-18]
CHR Extension: (Gmail) - C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-22]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgfws; C:\Program Files\AVG\Av\avgfws.exe [1580352 2016-02-24] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3934184 2016-02-24] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [865704 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [561104 2016-02-24] (AVG Technologies CZ, s.r.o.)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4683144 2014-03-11] (SafeNet Inc.)
R2 Intel(R) PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [109728 2011-02-28] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aksfridge; C:\WINDOWS\system32\drivers\aksfridge.sys [425352 2014-03-11] (SafeNet Inc.)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2000-01-01] (Creative)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [149936 2015-11-06] (AVG Technologies CZ, s.r.o.)
R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [244656 2016-01-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [207792 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [297904 2016-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [205744 2016-02-15] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [37296 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies CZ, s.r.o.)
R0 Avgunivx; C:\WINDOWS\System32\DRIVERS\avgunivx.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
S3 E1000; C:\WINDOWS\System32\DRIVERS\e1000325.sys [171152 2008-08-20] (Intel Corporation)
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [19984 2016-03-04] ()
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [234888 2014-03-11] (SafeNet Inc.)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2000-01-01] (Creative Technology Ltd.)
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
R3 RtlWlanu; C:\WINDOWS\System32\DRIVERS\rtwlanu.sys [1345936 2013-03-05] (Realtek Semiconductor Corporation )
S3 VClone; C:\WINDOWS\System32\DRIVERS\VClone.sys [30720 2013-07-24] (Elaborate Bytes AG) [File not signed]
S3 catchme; \??\C:\DOCUME~1\zdenek\LOCALS~1\Temp\catchme.sys [X]
S3 cleanhlp; \??\C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [X]
S3 DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-13 08:52 - 2016-03-13 08:52 - 00000000 ____D C:\Documents and Settings\zdenek\Data aplikací\ProductData
2016-03-13 08:13 - 2016-03-13 08:13 - 00000000 ____D C:\zoek
2016-03-13 07:38 - 2016-03-13 08:33 - 00002937 _____ C:\runcheck.txt
2016-03-13 07:38 - 2016-03-13 08:19 - 00000000 ____D C:\zoek_backup
2016-03-13 07:37 - 2016-03-13 07:37 - 01309184 _____ C:\Documents and Settings\zdenek\Plocha\zoek.exe
2016-03-06 16:55 - 2016-03-06 16:55 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\AVG
2016-03-06 16:24 - 2016-03-06 16:24 - 00000000 ____D C:\Documents and Settings\zdenek\Data aplikací\AVG
2016-03-06 16:19 - 2016-03-06 16:19 - 00000000 ____D C:\Documents and Settings\zdenek\Data aplikací\TuneUp Software
2016-03-06 16:19 - 2016-03-06 16:19 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG
2016-03-06 16:14 - 2016-03-06 16:14 - 00000000 ___HD C:\$AVG
2016-03-06 16:05 - 2016-03-13 09:43 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MFAData
2016-03-06 16:05 - 2016-03-06 16:05 - 00000000 ____D C:\Documents and Settings\zdenek\Local Settings\Data aplikací\MFAData
2016-03-06 16:04 - 2016-03-06 16:04 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG Zen
2016-03-06 16:00 - 2016-03-06 16:47 - 00000000 ____D C:\Program Files\AVG
2016-03-06 15:07 - 2016-03-06 16:49 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Avg
2016-03-06 14:54 - 2016-03-07 20:51 - 00000000 ____D C:\Documents and Settings\zdenek\Local Settings\Data aplikací\AvgSetupLog
2016-03-06 14:54 - 2016-03-06 19:25 - 00000000 ____D C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Avg
2016-03-05 07:50 - 2016-03-05 07:51 - 00004856 _____ C:\WINDOWS\system32\00SettingsFile1
2016-03-04 07:40 - 2016-03-04 07:40 - 00019984 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-03-04 06:55 - 2016-03-04 06:55 - 00262144 _____ C:\WINDOWS\system32\config\elam
2016-03-03 08:06 - 2016-03-13 08:13 - 00000000 ____D C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Seznam.cz
2016-03-03 08:06 - 2016-03-03 08:06 - 00001917 _____ C:\Documents and Settings\zdenek\Nabídka Start\Seznam.cz.lnk
2016-03-02 12:53 - 2016-03-07 19:28 - 00000000 ____D C:\Documents and Settings\zdenek\Plocha\Nová složka (4)
2016-03-02 08:28 - 2016-03-06 15:34 - 00065536 _____ C:\WINDOWS\system32\config\Kaspersk.evt
2016-03-02 07:48 - 2016-03-02 07:48 - 00000881 _____ C:\Documents and Settings\zdenek\Nabídka Start\Uninstall Programs.lnk
2016-03-02 07:48 - 2016-03-02 07:48 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\IObit Uninstaller
2016-03-01 19:49 - 2016-03-01 19:49 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Temp
2016-02-28 06:11 - 2016-02-28 06:17 - 00000000 ____D C:\Program Files\rajce
2016-02-28 06:11 - 2016-02-28 06:11 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Rajče
2016-02-27 07:53 - 2016-02-27 07:53 - 00001498 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera 12.15 1748.lnk
2016-02-27 07:53 - 2016-02-27 07:53 - 00000000 ____D C:\Program Files\Opera
2016-02-26 21:04 - 2016-03-07 19:36 - 00000000 ____D C:\Documents and Settings\zdenek\Plocha\Nová složka
2016-02-24 07:55 - 2016-02-24 07:55 - 00000000 ____D C:\Documents and Settings\zdenek\Dokumenty\Ulozto
2016-02-18 09:58 - 2016-02-20 08:52 - 00001819 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome.lnk
2016-02-15 18:02 - 2016-02-15 18:02 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\EasternGraphics
2016-02-15 16:37 - 2016-02-15 16:37 - 00205744 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-13 09:58 - 2016-01-02 19:19 - 00000000 ____D C:\Documents and Settings\zdenek\Local Settings\Temp
2016-03-13 09:58 - 2016-01-02 13:56 - 00000000 ____D C:\FRST
2016-03-13 09:58 - 2013-08-09 06:39 - 00000000 ___RD C:\Documents and Settings\zdenek\Plocha\Čištění
2016-03-13 09:52 - 2013-08-07 06:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-13 09:51 - 2013-08-07 06:08 - 00000178 ___SH C:\Documents and Settings\zdenek\ntuser.ini
2016-03-13 09:51 - 2013-08-07 06:06 - 00032562 _____ C:\WINDOWS\SchedLgU.Txt
2016-03-13 09:50 - 2013-08-07 07:51 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2016-03-13 09:50 - 2013-08-07 07:51 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2016-03-13 09:50 - 2013-08-07 06:08 - 00000000 __RHD C:\Documents and Settings\zdenek\Data aplikací
2016-03-13 08:19 - 2013-08-07 06:08 - 00000000 ___HD C:\Documents and Settings\zdenek\Local Settings\Data aplikací
2016-03-13 07:37 - 2013-08-07 06:08 - 00000000 ____D C:\Documents and Settings\zdenek\Plocha
2016-03-13 06:14 - 2015-10-02 08:59 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2016-03-13 05:23 - 2008-04-14 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2016-03-12 21:40 - 2013-08-07 06:08 - 00000000 ____D C:\Documents and Settings\zdenek
2016-03-12 21:39 - 2015-12-16 19:58 - 00000000 ____D C:\Documents and Settings\zdenek\Data aplikací\vlc
2016-03-12 06:17 - 2014-05-04 07:05 - 00104960 ___SH C:\Documents and Settings\zdenek\Plocha\Thumbs.db
2016-03-10 18:32 - 2013-07-26 12:22 - 00143872 _____ C:\Documents and Settings\zdenek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-09 12:53 - 2014-03-10 14:39 - 00000000 ____D C:\Documents and Settings\zdenek\Data aplikací\uTorrent
2016-03-09 07:51 - 2013-08-20 15:46 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-09 07:34 - 2013-08-10 09:05 - 141270216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-08 11:07 - 2013-08-09 06:35 - 00000000 ___RD C:\Documents and Settings\zdenek\Plocha\Kancelář
2016-03-08 11:05 - 2015-10-20 12:14 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\AdmWin
2016-03-08 10:42 - 2015-10-20 12:14 - 00000000 ____D C:\AdmWin
2016-03-07 08:20 - 2013-08-07 06:08 - 00000000 ___RD C:\Documents and Settings\zdenek\Nabídka Start
2016-03-06 19:43 - 2013-07-27 13:35 - 00000000 ____D C:\Documents and Settings\zdenek\.thumbnails
2016-03-06 19:43 - 2013-07-26 06:39 - 00000000 ____D C:\Documents and Settings\zdenek\Data aplikací\Skype
2016-03-06 18:19 - 2013-08-07 07:51 - 01184092 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-06 18:19 - 2008-04-14 13:00 - 00489712 _____ C:\WINDOWS\system32\perfh005.dat
2016-03-06 18:19 - 2008-04-14 13:00 - 00098896 _____ C:\WINDOWS\system32\perfc005.dat
2016-03-06 17:39 - 2013-08-09 06:39 - 00000000 ____D C:\Documents and Settings\zdenek\Plocha\Grafika
2016-03-06 17:12 - 2014-09-25 17:50 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-06 16:55 - 2013-08-07 06:06 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2016-03-06 16:17 - 2013-08-07 07:43 - 00000000 ___HD C:\WINDOWS\inf
2016-03-06 15:34 - 2014-01-24 13:00 - 00167466 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2016-03-06 15:34 - 2013-08-07 07:50 - 00146016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-06 14:54 - 2013-08-09 06:31 - 00024464 _____ C:\Documents and Settings\zdenek\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2016-03-06 14:38 - 2013-08-17 06:52 - 00000000 ____D C:\Program Files\PROFIT
2016-03-06 14:38 - 2013-08-07 07:51 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start
2016-03-06 14:19 - 2013-08-09 18:32 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat
2016-03-05 22:00 - 2014-01-24 13:00 - 00769170 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-484763869-1767777339-1606980848-1004-0.dat
2016-03-05 09:16 - 2013-08-07 07:43 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2016-03-05 08:12 - 2013-08-10 08:40 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-03-04 17:54 - 2013-08-10 09:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2659262$
2016-03-02 19:24 - 2015-02-28 11:47 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2016-03-02 08:25 - 2016-01-02 12:38 - 00000000 ____D C:\Documents and Settings\All Users\Kaspersky Lab Setup Files
2016-03-02 08:20 - 2013-08-07 07:50 - 00000000 ____D C:\Documents and Settings\All Users
2016-03-02 07:48 - 2013-09-25 14:20 - 00000000 ____D C:\Documents and Settings\zdenek\Data aplikací\IObit
2016-03-02 07:48 - 2013-08-07 06:08 - 00000000 ___HD C:\Documents and Settings\zdenek\Šablony
2016-02-29 14:00 - 2014-05-19 06:19 - 00000000 ____D C:\Documents and Settings\zdenek\EasternGraphics
2016-02-29 14:00 - 2014-05-19 06:15 - 00000000 ____D C:\Documents and Settings\zdenek\Data aplikací\EasternGraphics
2016-02-29 14:00 - 2014-05-19 06:14 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\EasternGraphics
2016-02-28 05:14 - 2014-08-24 08:13 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2016-02-28 05:13 - 2013-10-17 10:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2016-02-27 09:21 - 2014-09-14 06:47 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
2016-02-27 09:21 - 2013-11-14 04:10 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2016-02-27 09:14 - 2014-02-13 12:02 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\IObit
2016-02-27 07:38 - 2013-07-26 06:26 - 00000000 ____D C:\Documents and Settings\zdenek\Dokumenty\Stažené soubory
2016-02-26 07:26 - 2013-08-09 17:48 - 00000000 ____D C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Mozilla
2016-02-26 07:26 - 2013-08-09 17:48 - 00000000 ____D C:\Documents and Settings\zdenek\Data aplikací\Mozilla
2016-02-24 19:30 - 2013-08-07 07:50 - 00000211 __RSH C:\boot.ini
2016-02-24 19:30 - 2008-04-14 13:00 - 00000649 _____ C:\WINDOWS\win.ini
2016-02-24 19:30 - 2008-04-14 13:00 - 00000227 _____ C:\WINDOWS\system.ini
2016-02-24 09:38 - 2016-01-02 16:33 - 00000000 ____D C:\AdwCleaner
2016-02-24 07:55 - 2013-08-07 06:08 - 00000000 ___RD C:\Documents and Settings\zdenek\Dokumenty
2016-02-18 09:59 - 2013-07-28 13:41 - 00000000 ____D C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Google
2016-02-18 08:36 - 2013-07-28 13:41 - 00000000 ____D C:\Program Files\Google
2016-02-15 18:02 - 2014-05-19 06:15 - 00000000 ____D C:\Program Files\EasternGraphics

==================== Files in the root of some directories =======

2013-07-26 12:22 - 2016-03-10 18:32 - 0143872 _____ () C:\Documents and Settings\zdenek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-07 20:37 - 2015-03-07 20:37 - 0000830 _____ () C:\Documents and Settings\zdenek\Local Settings\Data aplikací\recently-used.xbel
2008-02-05 13:28 - 2008-02-05 13:28 - 0000051 ____C () C:\Documents and Settings\zdenek\Local Settings\Data aplikací\setup.txt
2013-08-10 10:59 - 2013-08-10 10:59 - 0000057 ____C () C:\Documents and Settings\All Users\Data aplikací\Ament.ini

Some files in TEMP:
====================
C:\Documents and Settings\zdenek\Local Settings\Temp\7za.exe
C:\Documents and Settings\zdenek\Local Settings\Temp\DaS_21.exe
C:\Documents and Settings\zdenek\Local Settings\Temp\hijackthis.exe
C:\Documents and Settings\zdenek\Local Settings\Temp\NirCmd.exe
C:\Documents and Settings\zdenek\Local Settings\Temp\PEVZ.EXE
C:\Documents and Settings\zdenek\Local Settings\Temp\remove.exe
C:\Documents and Settings\zdenek\Local Settings\Temp\sed.exe
C:\Documents and Settings\zdenek\Local Settings\Temp\shortcut.exe
C:\Documents and Settings\zdenek\Local Settings\Temp\swreg.exe
C:\Documents and Settings\zdenek\Local Settings\Temp\swxcacls.exe
C:\Documents and Settings\zdenek\Local Settings\Temp\wget.exe
C:\Documents and Settings\zdenek\Local Settings\Temp\zoek-delete.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

log FRST je sice hezký, ale já chtěl RSIT

předem však odinstaluj Spybot a vše od IObitu

Zdravím,

omlouvám se za zpoždění, zasílám log.

Logfile of random's system information tool 1.10 (written by random/random)
Run by zdenek at 2016-03-15 07:26:04
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 15 GB (49%) free of 30 GB
Total RAM: 1015 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:26:28, on 15.3.2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\hasplms.exe
C:\WINDOWS\system32\IProsetMonitor.exe
C:\Program Files\PDF Architect\HelperService.exe
C:\Program Files\PDF Architect\ConversionService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\zdenek\Plocha\RSIT.exe
C:\Program Files\trend micro\zdenek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe -update pepperplugin (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe -update pepperplugin (User 'Default user')
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 6111665671
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel LDK License Manager (hasplms) - SafeNet Inc. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Intel Corporation - C:\WINDOWS\system32\IProsetMonitor.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 4691 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\zdenek\Data aplikací\Mozilla\Firefox\Profiles\zjjpa1zi.default

prefs.js - "browser.startup.homepage" - "about:home"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-17 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-17 172640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvgUi]
C:\Program Files\AVG\Framework\Common\avguirnx.exe /lps=fmw []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SystemExplorerHelpService"=3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2000-01-01 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server"
"D:\Hry\viet\Vietcong\vietcong.exe"="D:\Hry\viet\Vietcong\vietcong.exe:*:Enabled:vietcong"
"C:\Documents and Settings\zdenek\Data aplikací\uTorrent\utorrent.exe"="C:\Documents and Settings\zdenek\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\Hry\viet\Vietcong\vcded.exe"="D:\Hry\viet\Vietcong\vcded.exe:*:Enabled:vcded"
"C:\WINDOWS\system32\hasplms.exe"="C:\WINDOWS\system32\hasplms.exe:*:Enabled:Sentinel License Manager"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\AVG\Av\avgmfapx.exe"="C:\Program Files\AVG\Av\avgmfapx.exe:*:Enabled:AVG Installer"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2016-03-15 07:18:25 ----SHD---- C:\Config.Msi
2016-03-15 06:49:57 ----D---- C:\Program Files\trend micro
2016-03-15 06:49:43 ----D---- C:\rsit
2016-03-14 06:32:30 ----D---- C:\Documents and Settings\zdenek\Data aplikací\Seznam Browser
2016-03-13 20:59:03 ----SHD---- C:\RECYCLER
2016-03-13 08:52:34 ----D---- C:\Documents and Settings\zdenek\Data aplikací\ProductData
2016-03-13 08:13:43 ----D---- C:\zoek
2016-03-13 07:38:19 ----A---- C:\runcheck.txt
2016-03-13 07:38:04 ----D---- C:\zoek_backup
2016-03-06 16:24:33 ----D---- C:\Documents and Settings\zdenek\Data aplikací\AVG
2016-03-06 16:19:00 ----D---- C:\Documents and Settings\zdenek\Data aplikací\TuneUp Software
2016-03-06 16:14:00 ----HD---- C:\$AVG
2016-03-06 16:05:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2016-03-06 16:00:52 ----D---- C:\Program Files\AVG
2016-03-06 15:07:28 ----HD---- C:\Documents and Settings\All Users\Data aplikací\Common Files
2016-03-06 15:07:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avg
2016-03-04 07:40:33 ----A---- C:\WINDOWS\system32\drivers\EsgScanner.sys
2016-02-28 06:11:23 ----D---- C:\Program Files\rajce
2016-02-27 07:53:04 ----D---- C:\Program Files\Opera

======List of files/folders modified in the last 1 month======

2016-03-15 07:25:43 ----D---- C:\WINDOWS\Prefetch
2016-03-15 07:24:26 ----D---- C:\WINDOWS
2016-03-15 07:21:45 ----D---- C:\WINDOWS\system32\config
2016-03-15 07:18:49 ----SHD---- C:\WINDOWS\Installer
2016-03-15 07:18:47 ----D---- C:\Program Files
2016-03-15 07:13:12 ----HD---- C:\WINDOWS\inf
2016-03-15 07:13:10 ----D---- C:\WINDOWS\system32\CatRoot2
2016-03-15 07:10:10 ----D---- C:\WINDOWS\Temp
2016-03-15 07:08:11 ----D---- C:\Program Files\Common Files
2016-03-15 07:04:50 ----N---- C:\WINDOWS\SchedLgU.Txt
2016-03-15 07:01:58 ----D---- C:\WINDOWS\system32\drivers
2016-03-15 07:01:53 ----D---- C:\WINDOWS\system32
2016-03-14 21:40:03 ----D---- C:\Documents and Settings\zdenek\Data aplikací\vlc
2016-03-14 06:38:01 ----D---- C:\WINDOWS\Debug
2016-03-13 10:04:15 ----D---- C:\FRST
2016-03-13 07:41:04 ----D---- C:\WINDOWS\system32\drivers\etc
2016-03-09 12:53:16 ----D---- C:\Documents and Settings\zdenek\Data aplikací\uTorrent
2016-03-09 07:51:56 ----D---- C:\WINDOWS\system32\MRT
2016-03-09 07:34:45 ----A---- C:\WINDOWS\system32\MRT.exe
2016-03-08 10:42:29 ----D---- C:\AdmWin
2016-03-06 19:43:47 ----D---- C:\Documents and Settings\zdenek\Data aplikací\Skype
2016-03-06 18:19:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-06 17:13:58 ----SD---- C:\WINDOWS\Tasks
2016-03-06 17:12:16 ----D---- C:\Program Files\Mozilla Firefox
2016-03-06 14:38:16 ----D---- C:\Program Files\PROFIT
2016-03-06 14:38:15 ----RSD---- C:\WINDOWS\Fonts
2016-03-06 14:36:40 ----SHD---- C:\System Volume Information
2016-03-05 09:16:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2016-03-05 08:12:08 ----HD---- C:\Program Files\InstallShield Installation Information
2016-03-04 17:54:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2016-03-03 14:18:33 ----D---- C:\WINDOWS\system32\CatRoot
2016-03-02 19:24:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2016-03-01 19:37:09 ----D---- C:\WINDOWS\WinSxS
2016-02-29 14:00:29 ----D---- C:\Documents and Settings\zdenek\Data aplikací\EasternGraphics
2016-02-29 14:00:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\EasternGraphics
2016-02-28 05:13:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2862335$
2016-02-27 09:21:16 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2016-02-27 09:19:55 ----D---- C:\WINDOWS\SoftwareDistribution
2016-02-26 07:26:14 ----D---- C:\Documents and Settings\zdenek\Data aplikací\Mozilla
2016-02-24 19:30:39 ----RASH---- C:\boot.ini
2016-02-24 19:30:39 ----A---- C:\WINDOWS\win.ini
2016-02-24 19:30:39 ----A---- C:\WINDOWS\system.ini
2016-02-24 09:38:29 ----D---- C:\AdwCleaner
2016-02-18 08:36:05 ----D---- C:\Program Files\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2000-01-01 5672032]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2000-01-01 5630168]
R3 RtlWlanu;Wireless LAN 802.11n USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [2013-03-05 1345936]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
R3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2000-01-01 1691480]
S3 catchme;catchme; \??\C:\DOCUME~1\zdenek\LOCALS~1\Temp\catchme.sys []
S3 cleanhlp;cleanhlp; \??\C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys []
S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys []
S3 E1000;Intel(R) PRO/1000 Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2008-08-20 171152]
S3 EsgScanner;EsgScanner; C:\WINDOWS\system32\DRIVERS\EsgScanner.sys [2016-03-04 19984]
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2000-01-01 1395800]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2013-01-23 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2013-01-23 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2013-08-29 26240]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2013-07-24 30720]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 hasplms;Sentinel LDK License Manager; C:\WINDOWS\system32\hasplms.exe [2014-03-11 4683144]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [2011-02-28 109728]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-18 154440]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-30 269504]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-18 154440]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Zřejmě jsi nenechal dojet Zoek do konce - nevidím soubor C:\zoek-results.log
opakuj a log mi sem dej

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by zdenek on út 15.03.2016 at 17:56:59,32.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\zdenek\Plocha\Čištění\zoek.exe [Scan all users] [Quick Scan] [Auto Clean]

==== Older Logs ======================

C:\zoek-results2016-03-13-073153.log 11340 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Documents and Settings\zdenek\Data aplikací\ProductData deleted
"C:\Documents and Settings\zdenek\Data aplikací\Seznam Browser\ffmpegsumo.dll" deleted
"C:\Documents and Settings\zdenek\Data aplikací\Seznam Browser\icudtl.dat" deleted
"C:\Documents and Settings\zdenek\Data aplikací\Seznam Browser\nw.pak" deleted
"C:\Documents and Settings\zdenek\Data aplikací\Seznam Browser\Seznam.cz.exe" deleted
"C:\Documents and Settings\zdenek\Data aplikací\Seznam Browser" not deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\DOCUME~1\zdenek\LOCALS~1\Temp ====
2016-03-15 10:25:56 81D8B4CECBD1E643AFB631266307F5C7 314528 ----a-w- C:\Documents and Settings\zdenek\Local Settings\Temp\eset.temp\{02D83BBE-CB7F-7CA8-0157-FCCDBD2B92F1}\InstHelper.exe
2016-03-15 06:36:19 F72F6CA68C6F57204BDC48B57C67A0F8 3024072 ----a-w- C:\Documents and Settings\zdenek\Local Settings\Temp\eset\bts.session\{DA332EAC-53FD-33C5-4EF8-D96E9E1810E2}\sciter-x.dll
====== Java Cache =====
====== C:\WINDOWS\system32 =====
2016-03-05 06:50:18 024796893BA20AE367085010D10095D8 4856 ----a-w- C:\WINDOWS\System32\00SettingsFile1
====== C:\WINDOWS\system32\drivers =====
2016-03-04 06:40:33 01CE484FF6D70A39479BC6D619DE7ED6 19984 ----a-w- C:\WINDOWS\System32\drivers\EsgScanner.sys
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2016-03-15 05:49:57 -------- d-----w- C:\Program Files\trend micro
2016-03-06 15:00:52 -------- d-----w- C:\Program Files\AVG
2016-02-28 05:11:23 -------- d-----w- C:\Program Files\rajce
2016-02-27 06:53:04 -------- d-----w- C:\Program Files\Opera
======= C: =====
====== C:\Documents and Settings\zdenek\Data aplikací ======
2016-03-15 16:22:49 -------- d-----w- C:\Documents and Settings\zdenek\Local Settings\Data aplikací\ESET
2016-03-15 10:28:25 -------- d-----w- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET
2016-03-15 05:49:23 -------- d-----w- C:\Documents and Settings\Default User\Data aplikací\TuneUp Software
2016-03-14 05:32:30 -------- d-----w- C:\Documents and Settings\zdenek\Data aplikací\Seznam Browser
2016-03-06 18:29:52 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\AvgSetupLog
2016-03-06 15:55:04 -------- d-----w- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\AVG
2016-03-06 15:24:33 -------- d-----w- C:\Documents and Settings\zdenek\Data aplikací\AVG
2016-03-06 15:23:56 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Data aplikací\AVG
2016-03-06 15:19:00 -------- d-----w- C:\Documents and Settings\zdenek\Data aplikací\TuneUp Software
2016-03-06 15:02:13 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Avg
2016-03-06 13:54:22 -------- d-----w- C:\Documents and Settings\zdenek\Local Settings\Data aplikací\AvgSetupLog
2016-03-06 13:54:22 -------- d-----w- C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Avg
2016-03-03 07:06:27 -------- d-----w- C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Seznam.cz
2016-03-01 18:49:53 -------- d-----w- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Temp
====== C:\Documents and Settings\zdenek ======
2016-03-15 06:24:26 -------- d--h--r- C:\Documents and Settings\zdenek\Recent

====== C: exe-files ==
2016-03-15 10:25:56 81D8B4CECBD1E643AFB631266307F5C7 314528 ----a-w- C:\Documents and Settings\zdenek\Local Settings\Temp\eset.temp\{02D83BBE-CB7F-7CA8-0157-FCCDBD2B92F1}\InstHelper.exe
2016-03-15 05:50:02 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\zdenek.exe
2016-03-15 05:48:22 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Documents and Settings\zdenek\Plocha\Čištění\RSIT.exe
2016-03-15 05:24:39 C5C9C1D6AD375A332B332E9C28A0A4EA 1106072 ----a-w- C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\CR_8AD5D.tmp\setup.exe
2016-03-13 05:48:34 3B6D06A4B6DE4298C3D4294AEA10A737 1609216 ----a-w- C:\Documents and Settings\zdenek\Plocha\Čištění\JRT.exe
2016-03-13 05:22:28 E17B63F8E76362CA5610D2C35CFEAEED 8956152 ----a-w- C:\Documents and Settings\zdenek\Plocha\Čištění\adwcleaner_5.101.exe
=== C: other files ==
2016-03-15 17:04:17 F636AABE548914C82E73DD0A5CEDE251 296 ----a-w- C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Seznam.cz\Favicon\links.acomware.mkt5295.com
2016-03-15 06:34:19 7D7E395567A17E2F2CDAC92FB9F14B95 186 ----a-w- C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Seznam.cz\Favicon\www.eset.com
2016-03-15 06:15:36 7391BE387BF75897F71C0E3480B7C71F 592 ----a-w- C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Seznam.cz\Favicon\tickets.markusfilm.com
2016-03-08 18:59:06 74AA7B317DAE008CD092F21DD802CC70 427 ----a-w- C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Seznam.cz\Favicon\view.publitas.com

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-484763869-1767777339-1606980848-1004\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe -update pepperplugin"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe -update pepperplugin"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AvgUi]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AvgUi"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\AVG\\Framework\\Common\\avguirnx.exe\" /lps=fmw"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"NokiaSuite.exe"="C:\\Program Files\\Nokia\\Nokia Suite\\NokiaSuite.exe -tray"
"SlimDrivers"="\"C:\\Program Files\\SlimDrivers\\SlimDrivers.exe\" -boot"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"vProt"="\"C:\\Program Files\\AVG Web TuneUp\\vprot.exe\""


==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe [07.11.2015 18:59]
C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [30.12.2015 11:18]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Documents and Settings\zdenek\Data aplikací\Mozilla\Firefox\Profiles\zjjpa1zi.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Documents and Settings\zdenek\Data aplikací\TomTom\HOME\Profiles\c2g4xau2.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [22.08.2013 21:56]

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\zdenek\Data aplikací\TomTom\HOME\Profiles\c2g4xau2.default
- Undetermined - D:\Programy\tomtom\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- Undetermined - D:\Programy\tomtom\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\zdenek\Data aplikací\Mozilla\Firefox\Profiles\zjjpa1zi.default
7E54D1EC87CE306CB1A26CE59AFE6E37 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
D33D39A318AEA70691CED7530E2D9DF9 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
CFBC726A1712BD8DC9914EA06DBCE20B - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
DA548872C3126B09D7832B4ABEB54116 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.6.5
840C5A58162FB6F02AAC2ED76E0B6641 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.5
EE450CC159F2650E70ACFB99D45494DE - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.5
A60B3186F98F589E4F8001A4C720702A - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.5
CE34BB9EC3ADB3E88BE810D0C5FDDE4B - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.5
E08E67CD1D53C83C696B7E731F3794C0 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.5
683E6C0D2DE6B09E173B193D6B8D1CB1 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.5
421CB2C1010522B3BF7C00725520B844 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
005EBE4A4E6E9C9A7967F6C3F413C1DF - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
52CE0DBFD9738AE528CF525A0367EBEB - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
A847F61BACFA2C4E3E0B0F9431BB5245 - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll - Nokia Suite Enabler Plugin
AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
C7090AB2D8473D12D48B818FC1FE7AF9 - C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U51
95479782C832632116E0FC0C8373F43E - C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.510.16
70858ED7836E5C849D33576A84DC8CCF - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll - Shockwave Flash


==== Chromium Look ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - https://www.google.com/search?trackid=s ... earchTerms}
HKCU\SearchScopes "DefaultScope"="{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - https://www.google.com/search?q={searchTerms}

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvgUi deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\zdenek\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Documents and Settings\zdenek\Local Settings\Data aplikací\Opera Software\Opera Stable\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2051 folders=419 195383442 bytes)

==== Empty Temp Folders ======================

C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully
C:\Documents and Settings\zdenek\Local Settings\Temp will be emptied at reboot
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\zdenek\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\zdenek\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Documents and Settings\zdenek\Data aplikací\Seznam Browser" not found
"C:\Documents and Settings\zdenek\Data aplikací\Seznam Browser" not found

==== EOF on út 15.03.2016 at 19:06:24,79 ======================

Jsou tam dva AV (ESET+Avg) - mohou být v kolizi
jeden odinstaluj a dej mi nový log RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by zdenek at 2016-03-16 16:52:51
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 16 GB (52%) free of 30 GB
Total RAM: 1015 MB (25% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:53:27, on 16.3.2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hasplms.exe
C:\WINDOWS\system32\IProsetMonitor.exe
C:\Program Files\PDF Architect\HelperService.exe
C:\Program Files\PDF Architect\ConversionService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\zdenek\Data aplikací\uTorrent\uninstall.exe
C:\Documents and Settings\zdenek\Data aplikací\uTorrent\utorrent.exe
C:\zoek_backup\C_Documents and Settings_zdenek_Data aplikací_Seznam Browser\Seznam.cz.exe
C:\zoek_backup\C_Documents and Settings_zdenek_Data aplikací_Seznam Browser\Seznam.cz.exe
C:\zoek_backup\C_Documents and Settings_zdenek_Data aplikací_Seznam Browser\Seznam.cz.exe
C:\zoek_backup\C_Documents and Settings_zdenek_Data aplikací_Seznam Browser\Seznam.cz.exe
C:\zoek_backup\C_Documents and Settings_zdenek_Data aplikací_Seznam Browser\Seznam.cz.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\zdenek\Plocha\Čištění\RSIT.exe
C:\Program Files\trend micro\zdenek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe -update pepperplugin (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe -update pepperplugin (User 'Default user')
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 6111665671
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Sentinel LDK License Manager (hasplms) - SafeNet Inc. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Intel Corporation - C:\WINDOWS\system32\IProsetMonitor.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 5174 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-17 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-17 172640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SystemExplorerHelpService"=3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2000-01-01 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server"
"D:\Hry\viet\Vietcong\vietcong.exe"="D:\Hry\viet\Vietcong\vietcong.exe:*:Enabled:vietcong"
"C:\Documents and Settings\zdenek\Data aplikací\uTorrent\utorrent.exe"="C:\Documents and Settings\zdenek\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\Hry\viet\Vietcong\vcded.exe"="D:\Hry\viet\Vietcong\vcded.exe:*:Enabled:vcded"
"C:\WINDOWS\system32\hasplms.exe"="C:\WINDOWS\system32\hasplms.exe:*:Enabled:Sentinel License Manager"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\AVG\Av\avgmfapx.exe"="C:\Program Files\AVG\Av\avgmfapx.exe:*:Enabled:AVG Installer"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2016-03-15 19:09:11 ----SHD---- C:\RECYCLER
2016-03-15 19:03:21 ----A---- C:\WINDOWS\zoek-delete.exe
2016-03-15 19:03:20 ----D---- C:\WINDOWS\Temp
2016-03-15 11:26:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2016-03-15 07:18:25 ----SHD---- C:\Config.Msi
2016-03-15 06:49:57 ----D---- C:\Program Files\trend micro
2016-03-15 06:49:43 ----D---- C:\rsit
2016-03-13 07:38:04 ----D---- C:\zoek_backup
2016-03-06 16:05:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2016-03-06 15:07:28 ----HD---- C:\Documents and Settings\All Users\Data aplikací\Common Files
2016-03-04 07:40:33 ----A---- C:\WINDOWS\system32\drivers\EsgScanner.sys
2016-02-28 06:11:23 ----D---- C:\Program Files\rajce
2016-02-27 07:53:04 ----D---- C:\Program Files\Opera

======List of files/folders modified in the last 1 month======

2016-03-16 16:52:58 ----D---- C:\WINDOWS\Prefetch
2016-03-16 16:45:09 ----D---- C:\Documents and Settings\zdenek\Data aplikací\uTorrent
2016-03-16 15:50:23 ----D---- C:\WINDOWS
2016-03-16 15:24:23 ----D---- C:\Program Files
2016-03-15 22:00:43 ----N---- C:\WINDOWS\SchedLgU.Txt
2016-03-15 21:34:36 ----D---- C:\Documents and Settings\zdenek\Data aplikací\vlc
2016-03-15 19:20:14 ----D---- C:\Documents and Settings\zdenek\Data aplikací\Skype
2016-03-15 19:07:09 ----D---- C:\WINDOWS\system32\CatRoot2
2016-03-15 19:05:13 ----D---- C:\Program Files\ESET
2016-03-15 17:56:32 ----D---- C:\WINDOWS\system32
2016-03-15 11:28:37 ----HD---- C:\WINDOWS\inf
2016-03-15 11:28:37 ----D---- C:\WINDOWS\system32\drivers
2016-03-15 11:28:30 ----SHD---- C:\WINDOWS\Installer
2016-03-15 07:31:59 ----DC---- C:\WINDOWS\system32\DRVSTORE
2016-03-15 07:30:56 ----D---- C:\Program Files\Google
2016-03-15 07:29:51 ----D---- C:\Program Files\AntiTwin
2016-03-15 07:21:45 ----D---- C:\WINDOWS\system32\config
2016-03-15 07:08:11 ----D---- C:\Program Files\Common Files
2016-03-14 06:38:01 ----D---- C:\WINDOWS\Debug
2016-03-13 10:04:15 ----D---- C:\FRST
2016-03-13 07:41:04 ----D---- C:\WINDOWS\system32\drivers\etc
2016-03-09 07:51:56 ----D---- C:\WINDOWS\system32\MRT
2016-03-09 07:34:45 ----A---- C:\WINDOWS\system32\MRT.exe
2016-03-08 10:42:29 ----D---- C:\AdmWin
2016-03-06 18:19:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-06 17:13:58 ----SD---- C:\WINDOWS\Tasks
2016-03-06 17:12:16 ----D---- C:\Program Files\Mozilla Firefox
2016-03-06 14:38:16 ----D---- C:\Program Files\PROFIT
2016-03-06 14:38:15 ----RSD---- C:\WINDOWS\Fonts
2016-03-06 14:36:40 ----SHD---- C:\System Volume Information
2016-03-05 09:16:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2016-03-05 08:12:08 ----HD---- C:\Program Files\InstallShield Installation Information
2016-03-04 17:54:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2016-03-03 14:18:33 ----D---- C:\WINDOWS\system32\CatRoot
2016-03-02 19:24:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2016-03-01 19:37:09 ----D---- C:\WINDOWS\WinSxS
2016-02-29 14:00:29 ----D---- C:\Documents and Settings\zdenek\Data aplikací\EasternGraphics
2016-02-29 14:00:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\EasternGraphics
2016-02-28 05:13:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2862335$
2016-02-27 09:21:16 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2016-02-27 09:19:55 ----D---- C:\WINDOWS\SoftwareDistribution
2016-02-24 19:30:39 ----RASH---- C:\boot.ini
2016-02-24 19:30:39 ----A---- C:\WINDOWS\win.ini
2016-02-24 19:30:39 ----A---- C:\WINDOWS\system.ini
2016-02-24 09:38:29 ----D---- C:\AdwCleaner

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2016-02-09 206312]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2016-02-09 146024]
R1 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2016-02-09 152728]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2016-02-09 69816]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 ekbdflt;ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [2016-02-09 111040]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2016-02-09 47168]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2000-01-01 5672032]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2000-01-01 5630168]
R3 RtlWlanu;Wireless LAN 802.11n USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [2013-03-05 1345936]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2000-01-01 1691480]
S3 catchme;catchme; \??\C:\DOCUME~1\zdenek\LOCALS~1\Temp\catchme.sys []
S3 cleanhlp;cleanhlp; \??\C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys []
S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys []
S3 E1000;Intel(R) PRO/1000 Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2008-08-20 171152]
S3 EsgScanner;EsgScanner; C:\WINDOWS\system32\DRIVERS\EsgScanner.sys [2016-03-04 19984]
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2000-01-01 1395800]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2013-01-23 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2013-01-23 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2013-08-29 26240]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2013-07-24 30720]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-02-22 1983264]
R2 hasplms;Sentinel LDK License Manager; C:\WINDOWS\system32\hasplms.exe [2014-03-11 4683144]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [2011-02-28 109728]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-30 269504]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Pokud nemáš vědomě či úmyslně nastaveno Proxy (často si to nastavoval ransomware)

Spusť program C:\Program Files\trend micro\Zdenek.exe
klik "Do a system scan only"
dej fajfku do čtverečku před řádek:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8080
"Fix checked" -> OK

DelFix https://toolslib.net/downloads/finish/2/
Stáhni a spusť
Ponech zatržítkou pouze u volby "Remote disinfection tools"
Klikni na "Run" - uklidí po použitých čističích

Mohu doporučit kontrolu a vyčištění Ccleanerem

Stáhni Ccleaner - http://www.filehippo.com/download_ccleaner
Při instalaci vyhodit fajfku u instalace různých toolbarů

zavřít Internetový prohlížeč a
spustit "Čistič" > "Spustit Ccleaner" - odstraní nepotřebné
spustit "Registry" > "Hledej problémy" > "Opravit vybrané problémy"
souhlas se zálohou registrů - opakovat dokud nebudou registry čisté.
spustit "Nástroje" > "Start" - tady můžeš zkusit deaktivovat procesy, které při spuštění nepotřebuješ (pokud by ti potom něco nechodilo, stejným způsobem je povolíš)
Návod:http://jnp.zive.cz/Clanky/Prirucka-do-k ... fault.aspx

Ten si můžeš nechat i na budoucí občasné čištění.

A pokud nejsou pozorovatelné problémy měli bychom mít hotovo