Otravné reklamy v prohlížeči

[aldik]

Nevím, jestli se dostal do kompu vir, ale nějaká havěť to bude.. před chvíli se mi z ničeho nic restartoval prohlížeč (Chrome) a po znovu zapnutí a obnovení všech původně otevřených panelů byla na každé stránce hromada reklamních bannerů a občas ještě vyskočilo i okno s reklamou, a ze správce rozšíření v Chromu jsem odstranil nějaký podezřelý plugin. Nejspíš to má původ v tom, když jsem před pár dny (zcela zbytečně, nakonec jsem to vyřešil ručně) stáhnul program z unlockroot.com pro ROOTnutí mého telefonu (a to obvykle neinstaluji nic stylem Next, Next.. Instal).

Logfile of random's system information tool 1.10 (written by random/random)
Run by aldik at 2014-11-15 18:35:26
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 14 GB (14%) free of 99 GB
Total RAM: 3326 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:35:36, on 15.11.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16584)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\vVX6000.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wuauclt.exe
C:\Users\aldik\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Windows\system32\conime.exe
C:\Program Files\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe
C:\Users\aldik\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\system32\Taskmgr.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\aldik\Downloads\RSIT.exe
C:\Program Files\trend micro\aldik.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [EaseUS EPM tray] C:\Program Files\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe
O4 - HKLM\..\Run: [EaseUS EPM Tray Agent] "C:\Program Files\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe

--
End of file - 4451 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-942989333-4141668800-2953325523-1000Core.job - C:\Users\aldik\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-942989333-4141668800-2953325523-1000UA.job - C:\Users\aldik\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432]
"EaseUS EPM tray"=C:\Program Files\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe [2014-03-06 2086568]
"EaseUS EPM Tray Agent"=C:\Program Files\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe [2014-02-13 254024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-18 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\3943E1C2C50B9EDE4FDAF065822DB80C29DCA610._service_run]
C:\Program Files\Google\Chrome\Application\chrome.exe [2014-11-06 854344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files\BlueStacks\HD-Agent.exe [2014-05-21 832272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\aldik\AppData\Local\Google\Update\GoogleUpdate.exe [2012-10-06 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2013-09-03 659456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
C:\Program Files\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX6000]
C:\Windows\vVX6000.exe [2010-05-20 764784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2004-02-03 113664]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-11-13 11:02:53 ----A---- C:\Windows\BcdLog.txt
2014-11-13 10:41:16 ----A---- C:\Windows\OutLog.txt
2014-11-13 10:24:45 ----A---- C:\Windows\system32\setupempdrv03.exe
2014-11-13 10:24:45 ----A---- C:\Windows\system32\EuEpmGdi.dll
2014-11-13 10:24:45 ----A---- C:\Windows\system32\BootMan.exe
2014-11-13 10:24:44 ----A---- C:\Windows\system32\EuGdiDrv.sys
2014-11-13 10:24:44 ----A---- C:\Windows\system32\epmntdrv.sys
2014-11-12 22:32:10 ----D---- C:\Program Files\EaseUS
2014-11-12 22:07:38 ----A---- C:\Windows\system32\wnaspi32.dll
2014-11-12 17:33:10 ----A---- C:\Windows\system32\pwNative.exe
2014-11-12 17:33:09 ----N---- C:\Windows\system32\pwdrvio.sys
2014-11-12 17:32:56 ----N---- C:\Windows\system32\pwdspio.sys
2014-11-12 17:32:23 ----D---- C:\Program Files\MiniTool Partition Wizard Home Edition 8.1.1
2014-11-12 12:33:16 ----D---- C:\Users\aldik\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
2014-11-12 12:30:15 ----D---- C:\Users\aldik\AppData\Roaming\HTC
2014-11-12 12:21:37 ----D---- C:\Program Files\Common Files\Adobe AIR
2014-11-11 19:31:26 ----A---- C:\Users\aldik\AppData\Roaming\TRRJJ.exe
2014-11-11 19:30:13 ----A---- C:\Users\aldik\AppData\Roaming\OCHFMGI.exe
2014-11-11 19:29:52 ----D---- C:\Program Files\globalUpdate
2014-11-11 19:21:33 ----D---- C:\ProgramData\Sun
2014-11-11 19:21:25 ----A---- C:\Windows\system32\deployJava1.dll
2014-11-11 19:21:24 ----A---- C:\Windows\system32\npDeployJava1.dll
2014-11-11 10:09:43 ----D---- C:\Users\aldik\AppData\Roaming\Mozilla
2014-10-17 19:01:04 ----D---- C:\Users\aldik\AppData\Roaming\Windows Live Writer
2014-10-17 15:16:33 ----D---- C:\Program Files\YTD
2014-10-17 15:14:57 ----A---- C:\Windows\system32\fmcodec.DLL
2014-10-17 14:00:58 ----A---- C:\Windows\system32\msvcr71.dll
2014-10-17 14:00:58 ----A---- C:\Windows\system32\mfc71.dll
2014-10-17 14:00:58 ----A---- C:\Windows\system32\gdiplus.dll
2014-10-16 21:40:51 ----A---- C:\Windows\system32\mscories.dll
2014-10-16 21:40:51 ----A---- C:\Windows\system32\mscorier.dll
2014-10-16 21:40:50 ----A---- C:\Windows\system32\dfshim.dll
2014-10-16 21:37:44 ----A---- C:\Windows\system32\win32k.sys
2014-10-16 21:22:06 ----A---- C:\Windows\system32\drivers\fastfat.sys
2014-10-16 21:18:55 ----A---- C:\Windows\system32\packager.dll

======List of files/folders modified in the last 1 month======

2014-11-15 18:35:36 ----D---- C:\Windows\Prefetch
2014-11-15 18:35:36 ----D---- C:\Program Files\trend micro
2014-11-15 18:35:18 ----D---- C:\Windows\temp
2014-11-15 18:18:14 ----D---- C:\Windows\Tasks
2014-11-14 13:15:26 ----D---- C:\Users\aldik\AppData\Roaming\Skype
2014-11-14 11:08:03 ----SHD---- C:\System Volume Information
2014-11-13 14:57:54 ----D---- C:\Windows\System32
2014-11-13 14:57:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-13 14:57:53 ----D---- C:\Windows\inf
2014-11-13 11:02:53 ----D---- C:\Windows
2014-11-12 22:43:35 ----RD---- C:\Program Files
2014-11-12 22:41:32 ----D---- C:\Windows\system32\drivers
2014-11-12 22:07:00 ----HD---- C:\Program Files\InstallShield Installation Information
2014-11-12 20:15:01 ----SHD---- C:\Windows\Installer
2014-11-12 18:33:52 ----D---- C:\Windows\system32\catroot
2014-11-12 12:28:53 ----D---- C:\Program Files\HTC
2014-11-12 12:21:39 ----D---- C:\Program Files\Adobe
2014-11-12 12:21:37 ----D---- C:\Program Files\Common Files
2014-11-12 09:50:10 ----D---- C:\Windows\system32\catroot2
2014-11-12 09:50:01 ----D---- C:\Windows\winsxs
2014-11-11 20:00:49 ----D---- C:\Program Files\AIMP3
2014-11-11 20:00:46 ----D---- C:\Windows\system32\Tasks
2014-11-11 19:49:17 ----D---- C:\Users\aldik\AppData\Roaming\Seznam.cz
2014-11-11 19:48:45 ----D---- C:\Program Files\Seznam.cz
2014-11-11 19:47:08 ----D---- C:\ProgramData
2014-11-11 19:47:06 ----HD---- C:\Windows\system32\GroupPolicy
2014-11-11 19:41:56 ----AD---- C:\ProgramData\TEMP
2014-11-03 15:41:24 ----D---- C:\Users\aldik\AppData\Roaming\ICQ
2014-11-01 22:39:38 ----D---- C:\Windows\pss
2014-10-30 12:24:45 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-28 15:35:24 ----D---- C:\Users\aldik\AppData\Roaming\FileZilla
2014-10-28 10:30:43 ----D---- C:\Users\aldik\AppData\Roaming\vlc
2014-10-26 12:49:41 ----D---- C:\Program Files\Unlockroot
2014-10-18 15:32:16 ----D---- C:\Windows\system32\WDI
2014-10-18 11:41:06 ----D---- C:\ProgramData\Skype
2014-10-18 11:41:00 ----RD---- C:\Program Files\Skype
2014-10-18 11:07:38 ----D---- C:\Users\aldik\AppData\Roaming\inkscape
2014-10-18 11:07:38 ----D---- C:\Users\aldik\AppData\Roaming\AIMP3
2014-10-18 11:07:34 ----D---- C:\Users\aldik\AppData\Roaming\Adobe
2014-10-18 11:07:33 ----SD---- C:\Users\aldik\AppData\Roaming\Microsoft
2014-10-18 11:07:32 ----D---- C:\Users\aldik\AppData\Roaming\dvdcss
2014-10-18 11:07:31 ----D---- C:\Users\aldik\AppData\Roaming\Corel
2014-10-18 11:07:28 ----D---- C:\Users\aldik\AppData\Roaming\Identities
2014-10-18 10:54:09 ----D---- C:\ProgramData\BlueStacksSetup
2014-10-17 18:49:31 ----D---- C:\Program Files\CDBurnerXP
2014-10-17 15:58:10 ----D---- C:\Program Files\WinRAR
2014-10-17 15:17:32 ----D---- C:\Users\aldik\AppData\Roaming\YouTube Downloader
2014-10-17 15:14:39 ----D---- C:\Program Files\DsNET Corp
2014-10-17 13:38:56 ----D---- C:\Program Files\CCleaner
2014-10-17 13:37:44 ----D---- C:\Program Files\PSPad editor
2014-10-17 13:37:12 ----D---- C:\Program Files\Mp3tag
2014-10-17 13:36:10 ----D---- C:\Program Files\FileZilla FTP Client
2014-10-17 13:34:40 ----D---- C:\Users\aldik\AppData\Roaming\Mp3tag
2014-10-17 10:43:46 ----D---- C:\Windows\Microsoft.NET
2014-10-17 10:41:54 ----RSD---- C:\Windows\assembly
2014-10-16 21:47:02 ----D---- C:\Windows\system32\migration
2014-10-16 21:47:02 ----D---- C:\Program Files\Internet Explorer
2014-10-16 21:37:14 ----D---- C:\Windows\system32\MRT
2014-10-16 21:22:29 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 8192]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-03-22 320120]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-03-22 243128]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [2014-05-21 113424]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920]
R3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2013-03-07 9160]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-02-19 10919200]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104]
R3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
R3 VX6000;Microsoft LifeCam VX-6000; C:\Windows\system32\DRIVERS\VX6000Xp.sys [2010-05-20 2074480]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 agljptn4;agljptn4; C:\Windows\system32\drivers\agljptn4.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2013-03-07 14920]
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-06-10 24576]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-12-07 23040]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2013-09-30 15688]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-07-15 117272]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2010-05-20 139632]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 634656]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]
R4 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files\BlueStacks\HD-Service.exe [2014-05-21 402192]
R4 BstHdUpdaterSvc;BlueStacks Updater Service; C:\Program Files\BlueStacks\HD-UpdaterService.exe [2014-05-21 774928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-06 116648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-06 116648]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [2014-05-21 385808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-01-31 1259296]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[aldik]

# AdwCleaner v4.101 - Report created 15/11/2014 at 19:43:35
# Updated 09/11/2014 by Xplode
# Database : 2014-11-13.1 [Live]
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : aldik - MYCOMPUTER
# Running from : C:\Users\aldik\Downloads\adwcleaner_4.101.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\Public\Documents\YTAHelper

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\Trymedia Systems
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AppsHat Mobile Apps
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\iWebar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16584


-\\ Google Chrome v38.0.2125.122


-\\ Chromium v


*************************

AdwCleaner[R2].txt - [2087 octets] - [15/11/2014 19:41:01]
AdwCleaner[S1].txt - [2048 octets] - [15/11/2014 19:43:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2108 octets] ##########

[Rudy]

Dejte nový log RSIT.

[aldik]

Logfile of random's system information tool 1.10 (written by random/random)
Run by aldik at 2014-11-15 20:10:34
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 14 GB (14%) free of 99 GB
Total RAM: 3326 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:11:20, on 15.11.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16584)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe
C:\Program Files\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\aldik\Downloads\RSIT.exe
C:\Program Files\trend micro\aldik.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [EaseUS EPM tray] C:\Program Files\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe
O4 - HKLM\..\Run: [EaseUS EPM Tray Agent] "C:\Program Files\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe

--
End of file - 4397 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-942989333-4141668800-2953325523-1000Core.job - C:\Users\aldik\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-942989333-4141668800-2953325523-1000UA.job - C:\Users\aldik\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432]
"EaseUS EPM tray"=C:\Program Files\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe [2014-03-06 2086568]
"EaseUS EPM Tray Agent"=C:\Program Files\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe [2014-02-13 254024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-18 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\3943E1C2C50B9EDE4FDAF065822DB80C29DCA610._service_run]
C:\Program Files\Google\Chrome\Application\chrome.exe [2014-11-06 854344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files\BlueStacks\HD-Agent.exe [2014-05-21 832272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\aldik\AppData\Local\Google\Update\GoogleUpdate.exe [2012-10-06 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2013-09-03 659456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
C:\Program Files\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX6000]
C:\Windows\vVX6000.exe [2010-05-20 764784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2004-02-03 113664]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-11-15 19:40:24 ----D---- C:\AdwCleaner
2014-11-13 11:02:53 ----A---- C:\Windows\BcdLog.txt
2014-11-13 10:41:16 ----A---- C:\Windows\OutLog.txt
2014-11-13 10:24:45 ----A---- C:\Windows\system32\setupempdrv03.exe
2014-11-13 10:24:45 ----A---- C:\Windows\system32\EuEpmGdi.dll
2014-11-13 10:24:45 ----A---- C:\Windows\system32\BootMan.exe
2014-11-13 10:24:44 ----A---- C:\Windows\system32\EuGdiDrv.sys
2014-11-13 10:24:44 ----A---- C:\Windows\system32\epmntdrv.sys
2014-11-12 22:32:10 ----D---- C:\Program Files\EaseUS
2014-11-12 22:07:38 ----A---- C:\Windows\system32\wnaspi32.dll
2014-11-12 17:33:10 ----A---- C:\Windows\system32\pwNative.exe
2014-11-12 17:33:09 ----N---- C:\Windows\system32\pwdrvio.sys
2014-11-12 17:32:56 ----N---- C:\Windows\system32\pwdspio.sys
2014-11-12 17:32:23 ----D---- C:\Program Files\MiniTool Partition Wizard Home Edition 8.1.1
2014-11-12 12:33:16 ----D---- C:\Users\aldik\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
2014-11-12 12:30:15 ----D---- C:\Users\aldik\AppData\Roaming\HTC
2014-11-12 12:21:37 ----D---- C:\Program Files\Common Files\Adobe AIR
2014-11-11 19:31:26 ----A---- C:\Users\aldik\AppData\Roaming\TRRJJ.exe
2014-11-11 19:30:13 ----A---- C:\Users\aldik\AppData\Roaming\OCHFMGI.exe
2014-11-11 19:21:33 ----D---- C:\ProgramData\Sun
2014-11-11 19:21:25 ----A---- C:\Windows\system32\deployJava1.dll
2014-11-11 19:21:24 ----A---- C:\Windows\system32\npDeployJava1.dll
2014-11-11 10:09:43 ----D---- C:\Users\aldik\AppData\Roaming\Mozilla
2014-10-17 19:01:04 ----D---- C:\Users\aldik\AppData\Roaming\Windows Live Writer
2014-10-17 15:16:33 ----D---- C:\Program Files\YTD
2014-10-17 15:14:57 ----A---- C:\Windows\system32\fmcodec.DLL
2014-10-17 14:00:58 ----A---- C:\Windows\system32\msvcr71.dll
2014-10-17 14:00:58 ----A---- C:\Windows\system32\mfc71.dll
2014-10-17 14:00:58 ----A---- C:\Windows\system32\gdiplus.dll
2014-10-16 21:40:51 ----A---- C:\Windows\system32\mscories.dll
2014-10-16 21:40:51 ----A---- C:\Windows\system32\mscorier.dll
2014-10-16 21:40:50 ----A---- C:\Windows\system32\dfshim.dll
2014-10-16 21:37:44 ----A---- C:\Windows\system32\win32k.sys
2014-10-16 21:22:06 ----A---- C:\Windows\system32\drivers\fastfat.sys
2014-10-16 21:18:55 ----A---- C:\Windows\system32\packager.dll

======List of files/folders modified in the last 1 month======

2014-11-15 20:11:19 ----D---- C:\Program Files\trend micro
2014-11-15 20:10:31 ----D---- C:\Windows\temp
2014-11-15 20:00:35 ----D---- C:\Windows\Prefetch
2014-11-15 19:43:36 ----RD---- C:\Program Files
2014-11-15 19:43:36 ----D---- C:\ProgramData
2014-11-15 18:18:14 ----D---- C:\Windows\Tasks
2014-11-14 13:15:26 ----D---- C:\Users\aldik\AppData\Roaming\Skype
2014-11-14 11:08:03 ----SHD---- C:\System Volume Information
2014-11-13 14:57:54 ----D---- C:\Windows\System32
2014-11-13 14:57:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-13 14:57:53 ----D---- C:\Windows\inf
2014-11-13 11:02:53 ----D---- C:\Windows
2014-11-12 22:41:32 ----D---- C:\Windows\system32\drivers
2014-11-12 22:07:00 ----HD---- C:\Program Files\InstallShield Installation Information
2014-11-12 20:15:01 ----SHD---- C:\Windows\Installer
2014-11-12 18:33:52 ----D---- C:\Windows\system32\catroot
2014-11-12 12:28:53 ----D---- C:\Program Files\HTC
2014-11-12 12:21:39 ----D---- C:\Program Files\Adobe
2014-11-12 12:21:37 ----D---- C:\Program Files\Common Files
2014-11-12 09:50:10 ----D---- C:\Windows\system32\catroot2
2014-11-12 09:50:01 ----D---- C:\Windows\winsxs
2014-11-11 20:00:49 ----D---- C:\Program Files\AIMP3
2014-11-11 20:00:46 ----D---- C:\Windows\system32\Tasks
2014-11-11 19:49:17 ----D---- C:\Users\aldik\AppData\Roaming\Seznam.cz
2014-11-11 19:48:45 ----D---- C:\Program Files\Seznam.cz
2014-11-11 19:47:06 ----HD---- C:\Windows\system32\GroupPolicy
2014-11-11 19:41:56 ----AD---- C:\ProgramData\TEMP
2014-11-03 15:41:24 ----D---- C:\Users\aldik\AppData\Roaming\ICQ
2014-11-01 22:39:38 ----D---- C:\Windows\pss
2014-10-30 12:24:45 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-28 15:35:24 ----D---- C:\Users\aldik\AppData\Roaming\FileZilla
2014-10-28 10:30:43 ----D---- C:\Users\aldik\AppData\Roaming\vlc
2014-10-26 12:49:41 ----D---- C:\Program Files\Unlockroot
2014-10-18 15:32:16 ----D---- C:\Windows\system32\WDI
2014-10-18 11:41:06 ----D---- C:\ProgramData\Skype
2014-10-18 11:41:00 ----RD---- C:\Program Files\Skype
2014-10-18 11:07:38 ----D---- C:\Users\aldik\AppData\Roaming\inkscape
2014-10-18 11:07:38 ----D---- C:\Users\aldik\AppData\Roaming\AIMP3
2014-10-18 11:07:34 ----D---- C:\Users\aldik\AppData\Roaming\Adobe
2014-10-18 11:07:33 ----SD---- C:\Users\aldik\AppData\Roaming\Microsoft
2014-10-18 11:07:32 ----D---- C:\Users\aldik\AppData\Roaming\dvdcss
2014-10-18 11:07:31 ----D---- C:\Users\aldik\AppData\Roaming\Corel
2014-10-18 11:07:28 ----D---- C:\Users\aldik\AppData\Roaming\Identities
2014-10-18 10:54:09 ----D---- C:\ProgramData\BlueStacksSetup
2014-10-17 18:49:31 ----D---- C:\Program Files\CDBurnerXP
2014-10-17 15:58:10 ----D---- C:\Program Files\WinRAR
2014-10-17 15:17:32 ----D---- C:\Users\aldik\AppData\Roaming\YouTube Downloader
2014-10-17 15:14:39 ----D---- C:\Program Files\DsNET Corp
2014-10-17 13:38:56 ----D---- C:\Program Files\CCleaner
2014-10-17 13:37:44 ----D---- C:\Program Files\PSPad editor
2014-10-17 13:37:12 ----D---- C:\Program Files\Mp3tag
2014-10-17 13:36:10 ----D---- C:\Program Files\FileZilla FTP Client
2014-10-17 13:34:40 ----D---- C:\Users\aldik\AppData\Roaming\Mp3tag
2014-10-17 10:43:46 ----D---- C:\Windows\Microsoft.NET
2014-10-17 10:41:54 ----RSD---- C:\Windows\assembly
2014-10-16 21:47:02 ----D---- C:\Windows\system32\migration
2014-10-16 21:47:02 ----D---- C:\Program Files\Internet Explorer
2014-10-16 21:37:14 ----D---- C:\Windows\system32\MRT
2014-10-16 21:22:29 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 8192]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-03-22 320120]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-03-22 243128]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [2014-05-21 113424]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-02-19 10919200]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104]
R3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
R3 VX6000;Microsoft LifeCam VX-6000; C:\Windows\system32\DRIVERS\VX6000Xp.sys [2010-05-20 2074480]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 aenhdt6g;aenhdt6g; C:\Windows\system32\drivers\aenhdt6g.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2013-03-07 14920]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2013-03-07 9160]
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-06-10 24576]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-12-07 23040]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2013-09-30 15688]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-07-15 117272]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2010-05-20 139632]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 634656]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-06 116648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-06 116648]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files\BlueStacks\HD-Service.exe [2014-05-21 402192]
S4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [2014-05-21 385808]
S4 BstHdUpdaterSvc;BlueStacks Updater Service; C:\Program Files\BlueStacks\HD-UpdaterService.exe [2014-05-21 774928]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-01-31 1259296]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-942989333-4141668800-2953325523-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-942989333-4141668800-2953325523-1000UA.job

:services
aenhdt6g

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[aldik]

Logfile of random's system information tool 1.10 (written by random/random)
Run by aldik at 2014-11-15 21:29:42
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 15 GB (16%) free of 99 GB
Total RAM: 3326 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:29:58, on 15.11.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16584)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\Taskmgr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\aldik\Downloads\RSIT.exe
C:\Program Files\trend micro\aldik.exe
C:\Windows\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [VX6000] C:\Windows\vVX6000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe

--
End of file - 3337 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432]
"VX6000"=C:\Windows\vVX6000.exe [2010-05-20 764784]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-18 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\3943E1C2C50B9EDE4FDAF065822DB80C29DCA610._service_run]
C:\Program Files\Google\Chrome\Application\chrome.exe [2014-11-06 854344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files\BlueStacks\HD-Agent.exe [2014-05-21 832272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
C:\Program Files\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe [2014-03-06 2086568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM Tray Agent]
C:\Program Files\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe [2014-02-13 254024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\aldik\AppData\Local\Google\Update\GoogleUpdate.exe [2012-10-06 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2013-09-03 659456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2004-02-03 113664]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-11-15 21:08:27 ----D---- C:\_OTM
2014-11-15 19:40:24 ----D---- C:\AdwCleaner
2014-11-13 11:02:53 ----A---- C:\Windows\BcdLog.txt
2014-11-13 10:41:16 ----A---- C:\Windows\OutLog.txt
2014-11-13 10:24:45 ----A---- C:\Windows\system32\setupempdrv03.exe
2014-11-13 10:24:45 ----A---- C:\Windows\system32\EuEpmGdi.dll
2014-11-13 10:24:45 ----A---- C:\Windows\system32\BootMan.exe
2014-11-13 10:24:44 ----A---- C:\Windows\system32\EuGdiDrv.sys
2014-11-13 10:24:44 ----A---- C:\Windows\system32\epmntdrv.sys
2014-11-12 22:32:10 ----D---- C:\Program Files\EaseUS
2014-11-12 22:07:38 ----A---- C:\Windows\system32\wnaspi32.dll
2014-11-12 17:33:10 ----A---- C:\Windows\system32\pwNative.exe
2014-11-12 17:33:09 ----N---- C:\Windows\system32\pwdrvio.sys
2014-11-12 17:32:56 ----N---- C:\Windows\system32\pwdspio.sys
2014-11-12 17:32:23 ----D---- C:\Program Files\MiniTool Partition Wizard Home Edition 8.1.1
2014-11-12 12:33:16 ----D---- C:\Users\aldik\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
2014-11-12 12:30:15 ----D---- C:\Users\aldik\AppData\Roaming\HTC
2014-11-12 12:21:37 ----D---- C:\Program Files\Common Files\Adobe AIR
2014-11-11 19:31:26 ----A---- C:\Users\aldik\AppData\Roaming\TRRJJ.exe
2014-11-11 19:30:13 ----A---- C:\Users\aldik\AppData\Roaming\OCHFMGI.exe
2014-11-11 19:21:33 ----D---- C:\ProgramData\Sun
2014-11-11 19:21:25 ----A---- C:\Windows\system32\deployJava1.dll
2014-11-11 19:21:24 ----A---- C:\Windows\system32\npDeployJava1.dll
2014-11-11 10:09:43 ----D---- C:\Users\aldik\AppData\Roaming\Mozilla
2014-10-17 19:01:04 ----D---- C:\Users\aldik\AppData\Roaming\Windows Live Writer
2014-10-17 15:16:33 ----D---- C:\Program Files\YTD
2014-10-17 15:14:57 ----A---- C:\Windows\system32\fmcodec.DLL
2014-10-17 14:00:58 ----A---- C:\Windows\system32\msvcr71.dll
2014-10-17 14:00:58 ----A---- C:\Windows\system32\mfc71.dll
2014-10-17 14:00:58 ----A---- C:\Windows\system32\gdiplus.dll
2014-10-16 21:40:51 ----A---- C:\Windows\system32\mscories.dll
2014-10-16 21:40:51 ----A---- C:\Windows\system32\mscorier.dll
2014-10-16 21:40:50 ----A---- C:\Windows\system32\dfshim.dll
2014-10-16 21:37:44 ----A---- C:\Windows\system32\win32k.sys
2014-10-16 21:22:06 ----A---- C:\Windows\system32\drivers\fastfat.sys
2014-10-16 21:18:55 ----A---- C:\Windows\system32\packager.dll

======List of files/folders modified in the last 1 month======

2014-11-15 21:29:57 ----D---- C:\Program Files\trend micro
2014-11-15 21:29:39 ----D---- C:\Windows\temp
2014-11-15 21:08:28 ----D---- C:\Windows\Tasks
2014-11-15 21:08:23 ----D---- C:\Windows\Prefetch
2014-11-15 19:43:36 ----RD---- C:\Program Files
2014-11-15 19:43:36 ----D---- C:\ProgramData
2014-11-14 13:15:26 ----D---- C:\Users\aldik\AppData\Roaming\Skype
2014-11-14 11:08:03 ----SHD---- C:\System Volume Information
2014-11-13 14:57:54 ----D---- C:\Windows\System32
2014-11-13 14:57:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-13 14:57:53 ----D---- C:\Windows\inf
2014-11-13 11:02:53 ----D---- C:\Windows
2014-11-12 22:41:32 ----D---- C:\Windows\system32\drivers
2014-11-12 22:07:00 ----HD---- C:\Program Files\InstallShield Installation Information
2014-11-12 20:15:01 ----SHD---- C:\Windows\Installer
2014-11-12 18:33:52 ----D---- C:\Windows\system32\catroot
2014-11-12 12:28:53 ----D---- C:\Program Files\HTC
2014-11-12 12:21:39 ----D---- C:\Program Files\Adobe
2014-11-12 12:21:37 ----D---- C:\Program Files\Common Files
2014-11-12 09:50:10 ----D---- C:\Windows\system32\catroot2
2014-11-12 09:50:01 ----D---- C:\Windows\winsxs
2014-11-11 20:00:49 ----D---- C:\Program Files\AIMP3
2014-11-11 20:00:46 ----D---- C:\Windows\system32\Tasks
2014-11-11 19:49:17 ----D---- C:\Users\aldik\AppData\Roaming\Seznam.cz
2014-11-11 19:48:45 ----D---- C:\Program Files\Seznam.cz
2014-11-11 19:47:06 ----HD---- C:\Windows\system32\GroupPolicy
2014-11-11 19:41:56 ----AD---- C:\ProgramData\TEMP
2014-11-03 15:41:24 ----D---- C:\Users\aldik\AppData\Roaming\ICQ
2014-11-01 22:39:38 ----D---- C:\Windows\pss
2014-10-30 12:24:45 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-28 15:35:24 ----D---- C:\Users\aldik\AppData\Roaming\FileZilla
2014-10-28 10:30:43 ----D---- C:\Users\aldik\AppData\Roaming\vlc
2014-10-26 12:49:41 ----D---- C:\Program Files\Unlockroot
2014-10-18 15:32:16 ----D---- C:\Windows\system32\WDI
2014-10-18 11:41:06 ----D---- C:\ProgramData\Skype
2014-10-18 11:41:00 ----RD---- C:\Program Files\Skype
2014-10-18 11:07:38 ----D---- C:\Users\aldik\AppData\Roaming\inkscape
2014-10-18 11:07:38 ----D---- C:\Users\aldik\AppData\Roaming\AIMP3
2014-10-18 11:07:34 ----D---- C:\Users\aldik\AppData\Roaming\Adobe
2014-10-18 11:07:33 ----SD---- C:\Users\aldik\AppData\Roaming\Microsoft
2014-10-18 11:07:32 ----D---- C:\Users\aldik\AppData\Roaming\dvdcss
2014-10-18 11:07:31 ----D---- C:\Users\aldik\AppData\Roaming\Corel
2014-10-18 11:07:28 ----D---- C:\Users\aldik\AppData\Roaming\Identities
2014-10-18 10:54:09 ----D---- C:\ProgramData\BlueStacksSetup
2014-10-17 18:49:31 ----D---- C:\Program Files\CDBurnerXP
2014-10-17 15:58:10 ----D---- C:\Program Files\WinRAR
2014-10-17 15:17:32 ----D---- C:\Users\aldik\AppData\Roaming\YouTube Downloader
2014-10-17 15:14:39 ----D---- C:\Program Files\DsNET Corp
2014-10-17 13:38:56 ----D---- C:\Program Files\CCleaner
2014-10-17 13:37:44 ----D---- C:\Program Files\PSPad editor
2014-10-17 13:37:12 ----D---- C:\Program Files\Mp3tag
2014-10-17 13:36:10 ----D---- C:\Program Files\FileZilla FTP Client
2014-10-17 13:34:40 ----D---- C:\Users\aldik\AppData\Roaming\Mp3tag
2014-10-17 10:43:46 ----D---- C:\Windows\Microsoft.NET
2014-10-17 10:41:54 ----RSD---- C:\Windows\assembly
2014-10-16 21:47:02 ----D---- C:\Windows\system32\migration
2014-10-16 21:47:02 ----D---- C:\Program Files\Internet Explorer
2014-10-16 21:37:14 ----D---- C:\Windows\system32\MRT
2014-10-16 21:22:29 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 8192]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-03-22 320120]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-03-22 243128]
R1 MpKsl3abef3fb;MpKsl3abef3fb; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EFE353E2-E82E-4EC0-9A05-4F94374F32FC}\MpKsl3abef3fb.sys [2014-11-15 39464]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [2014-05-21 113424]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-02-19 10919200]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104]
R3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
R3 VX6000;Microsoft LifeCam VX-6000; C:\Windows\system32\DRIVERS\VX6000Xp.sys [2010-05-20 2074480]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 aakse2aa;aakse2aa; C:\Windows\system32\drivers\aakse2aa.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2013-03-07 14920]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2013-03-07 9160]
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-06-10 24576]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-12-07 23040]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920]
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2013-09-30 15688]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-07-15 117272]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2010-05-20 139632]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 634656]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-06 116648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-06 116648]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files\BlueStacks\HD-Service.exe [2014-05-21 402192]
S4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [2014-05-21 385808]
S4 BstHdUpdaterSvc;BlueStacks Updater Service; C:\Program Files\BlueStacks\HD-UpdaterService.exe [2014-05-21 774928]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-01-31 1259296]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]

-----------------EOF-----------------

[Rudy]

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?

[aldik]

Zatím je klid, nikde žádná otravná reklama takže problém byl snad vyřešen Děkuji.

[Rudy]

Rádo se stalo!