Viry?

[MichaelaU]

Dobrý večer, pomůžete mi prosím?
Už pár dní mi Eset zobrazuje, že detekoval vir, nebo něco v tom smyslu. A jelikož dnes se ta zpráva objevila asi čtyřikrát, tak je asi něco v nepořádku. Měla jsem například nějakou dobu počítač v nečinnosti, ale zaplý byl a byla akorát černá obrazovka, kde jsem předtím měla otevřenou kartu na Seznamu.cz, hýbnu myší a za pár vteřin se mi objevilo opět upozornění o viru..a to jsem na nic neklikla, jen jsem byla na seznamu.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Doma at 2016-03-16 19:50:59
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 152 GB (50%) free of 305 GB
Total RAM: 2038 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:52:05, on 16.3.2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16749)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\PixArt\PAC207\Monitor.exe
C:\Program Files\Seznam\Postak\Postak.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\conime.exe
C:\Users\Doma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Doma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Doma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Doma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Doma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Doma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Doma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Doma\Desktop\RSIT.exe
C:\Program Files\trend micro\Doma.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... =CT2405280
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... nkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Bitlord Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
R3 - URLSearchHook: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
R3 - URLSearchHook: ST-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ST-Eng7 - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll
O2 - BHO: Bitlord Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Money Viking - {c7c5384f-d9e9-4db1-8c72-135ecccbc571} - C:\Program Files\Money Viking\Extensions\c7c5384f-d9e9-4db1-8c72-135ecccbc571.dll (file missing)
O2 - BHO: KMP Media Toolbar - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files\kmpmediatoolbar\kmpmediatoolbarX.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll
O3 - Toolbar: Bitlord Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
O3 - Toolbar: ST-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll
O3 - Toolbar: KMP Media Toolbar - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files\kmpmediatoolbar\kmpmediatoolbarX.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Doma\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup (User 'Default user')
O8 - Extra context menu item: Download with Xilisoft Download YouTube Video - C:\Program Files\Xilisoft\Download YouTube Video\upod_link.HTM
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Doma\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C0C5705-9D6E-4227-93F4-2FFF3C0F9D5D}: NameServer = 82.163.143.171 82.163.142.173
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 82.163.143.171 82.163.142.173
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 82.163.143.171 82.163.142.173
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Firewall - Unknown owner - C:\Program Files\Alwil Software\Avast5\afwServ.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Update Service (gupdate1ca024db72fa265) (gupdate1ca024db72fa265) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 11650 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-21638372-3803676863-4093416254-1000Core.job - C:\Users\Doma\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-21638372-3803676863-4093416254-1000UA.job - C:\Users\Doma\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\One System CarePeriod.job - C:\Program Files\OneSystemCare\OneSystemCare.exe -scan

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
ST-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\prxtbSof0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
Bitlord Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c7c5384f-d9e9-4db1-8c72-135ecccbc571}]
Money Viking - C:\Program Files\Money Viking\Extensions\c7c5384f-d9e9-4db1-8c72-135ecccbc571.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{daf5b34c-1aa3-4c33-ae24-766a370635d2}]
KMP Media Toolbar - C:\Program Files\kmpmediatoolbar\kmpmediatoolbarX.dll [2011-10-13 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
DVDVideoSoft IE Extension - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-01-22 294456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]
{B71B15CF-3093-459C-B764-AEB2486F2273} - &S-Rank - C:\Program Files\Seznam\Postak\SRank.dll [2005-05-17 266240]
{7c5c0f58-e061-457d-9033-77307f5ed00c} -
{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - ST-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\prxtbSof0.dll [2011-05-09 176936]
{daf5b34c-1aa3-4c33-ae24-766a370635d2} - KMP Media Toolbar - C:\Program Files\kmpmediatoolbar\kmpmediatoolbarX.dll [2011-10-13 81920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352]
"PAC207_Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"SMail"=C:\Program Files\Seznam\Postak\Postak.exe [2006-05-18 450560]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-09-09 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-09-09 178712]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-09-09 154136]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-01-12 2219184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-02-26 2289664]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Google Update"=C:\Users\Doma\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-01-15 6628056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu]
C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [2013-04-02 1282632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Doma^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2008-10-04 393216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-09-02 221184]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"MSVideo8"=VfWWDM32.dll
"msacm.divxa32"=msaud32_divx.acm
"vidc.tscc"=tsccvid.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"wave1"=wdmaud.drv
"midi"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-03-16 19:51:00 ----D---- C:\Program Files\trend micro
2016-03-16 19:50:59 ----D---- C:\rsit
2016-03-10 18:42:03 ----D---- C:\ProgramData\a93f167e-2643-0
2016-03-10 18:42:02 ----D---- C:\ProgramData\a93f167e-2cd7-1
2016-03-10 13:08:21 ----A---- C:\Windows\system32\advapi32.dll
2016-03-10 13:08:19 ----A---- C:\Windows\system32\smss.exe
2016-03-10 13:08:19 ----A---- C:\Windows\system32\rpcrt4.dll
2016-03-10 13:08:19 ----A---- C:\Windows\system32\csrsrv.dll
2016-03-10 13:08:18 ----A---- C:\Windows\system32\ntdll.dll
2016-03-10 13:08:16 ----A---- C:\Windows\system32\ntkrnlpa.exe
2016-03-10 13:08:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-03-10 13:07:52 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-10 13:07:52 ----A---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-10 13:07:52 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-10 13:07:52 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\ucrtbase.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-10 13:04:52 ----A---- C:\Windows\system32\seclogon.dll
2016-03-10 13:04:06 ----A---- C:\Windows\system32\atmlib.dll
2016-03-10 13:04:06 ----A---- C:\Windows\system32\atmfd.dll
2016-03-10 12:59:09 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-03-10 12:58:03 ----A---- C:\Windows\system32\olepro32.dll
2016-03-10 12:58:03 ----A---- C:\Windows\system32\asycfilt.dll
2016-03-10 12:58:02 ----A---- C:\Windows\system32\oleaut32.dll
2016-03-10 12:42:36 ----D---- C:\ProgramData\a93f167e-2251-0
2016-03-10 12:42:35 ----D---- C:\ProgramData\a93f167e-4ae1-1
2016-03-10 12:04:05 ----A---- C:\Windows\system32\win32k.sys
2016-03-09 19:33:20 ----A---- C:\Windows\system32\vbscript.dll
2016-03-09 19:33:20 ----A---- C:\Windows\system32\msfeedsbs.dll
2016-03-09 19:33:19 ----A---- C:\Windows\system32\mshta.exe
2016-03-09 19:33:19 ----A---- C:\Windows\system32\msfeeds.dll
2016-03-09 19:33:19 ----A---- C:\Windows\system32\jscript.dll
2016-03-09 19:33:18 ----A---- C:\Windows\system32\urlmon.dll
2016-03-09 19:33:18 ----A---- C:\Windows\system32\ieUnatt.exe
2016-03-09 19:33:18 ----A---- C:\Windows\system32\iertutil.dll
2016-03-09 19:33:17 ----A---- C:\Windows\system32\jsproxy.dll
2016-03-09 19:33:15 ----A---- C:\Windows\system32\wininet.dll
2016-03-09 19:33:15 ----A---- C:\Windows\system32\mshtmled.dll
2016-03-09 19:33:15 ----A---- C:\Windows\system32\msfeedssync.exe
2016-03-09 19:33:15 ----A---- C:\Windows\system32\dxtmsft.dll
2016-03-09 19:33:12 ----A---- C:\Windows\system32\url.dll
2016-03-09 19:33:11 ----A---- C:\Windows\system32\jscript9.dll
2016-03-09 19:33:10 ----A---- C:\Windows\system32\dxtrans.dll
2016-03-09 19:33:09 ----A---- C:\Windows\system32\ieui.dll
2016-03-09 19:33:08 ----A---- C:\Windows\system32\ieframe.dll
2016-03-09 19:33:01 ----A---- C:\Windows\system32\mshtml.dll
2016-03-04 18:42:34 ----D---- C:\ProgramData\a93f167e-2581-0
2016-03-04 18:37:09 ----D---- C:\ProgramData\a93f167e-6277-0
2016-03-04 18:37:07 ----D---- C:\ProgramData\5a73b277
2016-03-04 18:36:59 ----D---- C:\ProgramData\{00fe740a-312c-0}
2016-03-04 18:36:20 ----D---- C:\ProgramData\{2549cc1f-312c-0}
2016-03-04 18:36:17 ----D---- C:\ProgramData\{23d91ae8-212c-1}
2016-02-25 20:38:43 ----D---- C:\Users\Doma\AppData\Roaming\vlc
2016-02-25 20:35:28 ----D---- C:\Program Files\VideoLAN

======List of files/folders modified in the last 1 month======

2016-03-16 19:51:56 ----D---- C:\Windows\Temp
2016-03-16 19:51:12 ----D---- C:\Windows\Prefetch
2016-03-16 19:51:00 ----RD---- C:\Program Files
2016-03-16 18:32:47 ----SHD---- C:\System Volume Information
2016-03-16 16:17:59 ----D---- C:\Program Files\URUSoft
2016-03-16 16:17:48 ----D---- C:\Windows
2016-03-16 16:17:27 ----D---- C:\Program Files\The KMPlayer
2016-03-16 13:34:50 ----A---- C:\Windows\NeroDigital.ini
2016-03-14 20:19:48 ----A---- C:\Windows\win.ini
2016-03-11 21:23:57 ----D---- C:\Users\Doma\AppData\Roaming\Skype
2016-03-11 18:36:42 ----D---- C:\Windows\System32
2016-03-11 18:36:37 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-03-11 15:19:58 ----SHD---- C:\Windows\Installer
2016-03-11 15:19:58 ----HD---- C:\Config.Msi
2016-03-11 15:19:54 ----D---- C:\ProgramData\Microsoft Help
2016-03-10 18:45:22 ----D---- C:\Windows\Microsoft.NET
2016-03-10 18:42:03 ----HD---- C:\ProgramData
2016-03-10 17:26:36 ----D---- C:\Windows\rescache
2016-03-10 17:17:57 ----RSD---- C:\Windows\assembly
2016-03-10 13:10:09 ----D---- C:\Windows\system32\cs-CZ
2016-03-10 13:10:08 ----D---- C:\Windows\system32\XPSViewer
2016-03-10 13:10:08 ----D---- C:\Windows\system32\migration
2016-03-10 13:10:08 ----D---- C:\Program Files\Windows Mail
2016-03-10 13:10:08 ----D---- C:\Program Files\Internet Explorer
2016-03-10 13:10:08 ----D---- C:\Program Files\Common Files\System
2016-03-10 13:09:46 ----D---- C:\Windows\system32\drivers
2016-03-10 13:09:44 ----D---- C:\Windows\inf
2016-03-10 13:08:47 ----D---- C:\Windows\winsxs
2016-03-10 13:08:42 ----D---- C:\Windows\system32\catroot
2016-03-10 13:05:12 ----D---- C:\Windows\system32\catroot2
2016-03-10 12:54:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-10 12:53:13 ----D---- C:\Windows\system32\MRT
2016-03-10 12:41:47 ----A---- C:\Windows\system32\mrt.exe
2016-03-09 11:13:29 ----D---- C:\Program Files\Conduit
2016-03-09 11:11:44 ----D---- C:\Windows\system32\Tasks
2016-03-07 13:23:38 ----D---- C:\ProgramData\CanonIJPLM
2016-03-04 18:37:26 ----D---- C:\ProgramData\c112193f-0155-1
2016-03-04 18:37:13 ----D---- C:\ProgramData\c112193f-1241-0
2016-03-03 19:21:12 ----D---- C:\MagicPlusMini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 137144]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-12-21 134000]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-12-21 41336]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-12-21 33120]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-09-02 2472448]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-08-06 124928]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2011-09-06 111320]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-09-02 2472448]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 PAC207;Eye 110; C:\Windows\system32\DRIVERS\PFC027.SYS [2007-10-25 616064]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2011-01-12 810144]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2013-05-14 140936]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S2 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate1ca024db72fa265;Google Update Service (gupdate1ca024db72fa265); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11 269504]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2011-01-12 33584]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2015-07-22 3611808]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-11 772296]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[MichaelaU]

# AdwCleaner v5.102 - Logfile created 16/03/2016 at 20:41:54
# Updated 13/03/2016 by Xplode
# Database : 2016-03-16.1 [Server]
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Username : Doma - DOMA-PC
# Running from : C:\Users\Doma\Desktop\adwcleaner_5.102.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : ICQ Service

***** [ Folders ] *****

Folder Found : C:\Program Files\Common Files\DVDVideoSoft\AskTB
Folder Found : C:\Program Files\Common Files\DVDVideoSoft\TB
Folder Found : C:\ProgramData\ICQ\ICQToolbar
Folder Found : C:\ProgramData\5a73b277
Folder Found : C:\ProgramData\a93f167e-2251-0
Folder Found : C:\ProgramData\a93f167e-2581-0
Folder Found : C:\ProgramData\a93f167e-2643-0
Folder Found : C:\ProgramData\a93f167e-2cd7-1
Folder Found : C:\ProgramData\a93f167e-4ae1-1
Folder Found : C:\ProgramData\a93f167e-6277-0
Folder Found : C:\ProgramData\c112193f-0155-1
Folder Found : C:\ProgramData\c112193f-1241-0
Folder Found : C:\ProgramData\{00fe740a-312c-0}
Folder Found : C:\ProgramData\{23d91ae8-212c-1}
Folder Found : C:\ProgramData\{2549cc1f-312c-0}
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Converter
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care
Folder Found : C:\Users\Doma\AppData\Local\BitLord
Folder Found : C:\Users\Doma\AppData\Local\Conduit
Folder Found : C:\Users\Doma\AppData\Local\GamePlayLabs Plugin
Folder Found : C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Folder Found : C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Folder Found : C:\Users\Doma\AppData\LocalLow\Conduit
Folder Found : C:\Users\Doma\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Doma\AppData\LocalLow\searchresultstb
Folder Found : C:\Users\Doma\AppData\Roaming\dvdvideosoftiehelpers
Folder Found : C:\Users\Doma\AppData\Roaming\One System Care

***** [ Files ] *****

File Found : C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.icq.com_0.localstorage
File Found : C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.icq.com_0.localstorage-journal

***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

Task Found : One System CarePeriod
Task Found : One System Care Run Delay
Task Found : One System Care Monitor
Task Found : One System Care Task
Task Found : {040D0447-7E04-0B78-0411-08090B0F1105}

***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Found : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5a73b277}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT1640187
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2405280
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
Key Found : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo
Key Found : HKCU\Software\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Found : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Found : HKCU\Software\Classes\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E716F183-5AD7-11DC-9670-00508DC0D496}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Key Found : HKCU\Software\APN DTX
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Free Video Converter
Key Found : HKCU\Software\GamePlayLabs
Key Found : HKCU\Software\Headlight
Key Found : HKCU\Software\ICQ\ICQToolbar
Key Found : HKCU\Software\ICSW1.17
Key Found : HKCU\Software\One System Care
Key Found : HKCU\Software\PRODUCTSETUP
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GamePlayLabs Plugin
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\GamePlayLabs Plugin
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Key Found : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\APN DTX
Key Found : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\Conduit
Key Found : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\Free Video Converter
Key Found : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\GamePlayLabs
Key Found : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\Headlight
Key Found : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\ICQ\ICQToolbar
Key Found : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\ICSW1.17
Key Found : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\One System Care
Key Found : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\PRODUCTSETUP
Key Found : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\Softonic
Key Found : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\AppDataLow\Toolbar
Key Found : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\AppDataLow\Software\PriceGong
Key Found : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Key Found : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\GamePlayLabs Plugin
Key Found : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://search.conduit.com?SearchSource=10&ctid=CT2405280
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://www.icq.com/search/results.php?q={searc ... &ch_id=osd
Data Found : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://search.conduit.com?SearchSource=10&ctid=CT2405280
Data Found : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://www.icq.com/search/results.php?q={searc ... &ch_id=osd
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{8FB34CDB-7397-401B-8D88-0B0107016870}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{1ACDD4D6-4A6F-468A-9D68-8388BB3980DB}]
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DA8AA9BC-93C7-4B8F-B9B2-75A5639E8D0A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Found : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Key Found : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DA8AA9BC-93C7-4B8F-B9B2-75A5639E8D0A}
Data Found : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{8C0C5705-9D6E-4227-93F4-2FFF3C0F9D5D} [NameServer] - 82.163.143.171 82.163.142.173

***** [ Web browsers ] *****

[C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : nikpibnbobmbdbheedjfogjlikpgpnhp
[C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : ocphobfcfafpclibolpjdafgaffkaoci

*************************

C:\Program Files\AdwCleaner\AdwCleaner[C1].txt - [493 bytes] - [16/03/2016 20:33:51]
C:\Program Files\AdwCleaner\AdwCleaner[S1].txt - [11285 bytes] - [16/03/2016 20:31:47]
C:\Program Files\AdwCleaner\AdwCleaner[S2].txt - [11373 bytes] - [16/03/2016 20:36:25]
C:\Program Files\AdwCleaner\AdwCleaner[S3].txt - [11279 bytes] - [16/03/2016 20:41:54]

########## EOF - C:\Program Files\AdwCleaner\AdwCleaner[S3].txt - [11367 bytes] ##########

[Rudy]

Neklikla jste na >cleaning<, tudíž ADW nemazal. Zkuste zopakovat.

[MichaelaU]

Zkoušela jsem to dvakrát, ale pokaždé se mi restartoval počítač a po restartu se už nic nenačetlo. Tak nevím, kde dělám chybu?

[Rudy]

Tak po kliknutí na >cleaning< vyskočí další okno, kde jste požádána o restart. Po odkliknutí se PC restartujte. Po novém startu by se měl ukázat log. Pokud je to jinak, zkuste skenovat a mazat v nouz. režimu.

[MichaelaU]

Je mi teda záhadou, proč to šlo až teď, ale budiž, díky

# AdwCleaner v5.102 - Logfile created 16/03/2016 at 21:57:19# Updated 13/03/2016 by Xplode# Database : 2016-03-16.1 [Server]# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (x86)# Username : Doma - DOMA-PC# Running from : C:\Users\Doma\Desktop\adwcleaner_5.102.exe# Option : Clean# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : ICQ Service
***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\Common Files\DVDVideoSoft\AskTB[-] Folder Deleted : C:\Program Files\Common Files\DVDVideoSoft\TB[-] Folder Deleted : C:\ProgramData\ICQ\ICQToolbar[-] Folder Deleted : C:\ProgramData\5a73b277[-] Folder Deleted : C:\ProgramData\a93f167e-2251-0[-] Folder Deleted : C:\ProgramData\a93f167e-2581-0[-] Folder Deleted : C:\ProgramData\a93f167e-2643-0[-] Folder Deleted : C:\ProgramData\a93f167e-2cd7-1[-] Folder Deleted : C:\ProgramData\a93f167e-4ae1-1[-] Folder Deleted : C:\ProgramData\a93f167e-6277-0[-] Folder Deleted : C:\ProgramData\c112193f-0155-1[-] Folder Deleted : C:\ProgramData\c112193f-1241-0[-] Folder Deleted : C:\ProgramData\{00fe740a-312c-0}[-] Folder Deleted : C:\ProgramData\{23d91ae8-212c-1}[-] Folder Deleted : C:\ProgramData\{2549cc1f-312c-0}[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Converter[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care[-] Folder Deleted : C:\Users\Doma\AppData\Local\BitLord[-] Folder Deleted : C:\Users\Doma\AppData\Local\Conduit[-] Folder Deleted : C:\Users\Doma\AppData\Local\GamePlayLabs Plugin[-] Folder Deleted : C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp[-] Folder Deleted : C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocphobfcfafpclibolpjdafgaffkaoci[-] Folder Deleted : C:\Users\Doma\AppData\LocalLow\Conduit[-] Folder Deleted : C:\Users\Doma\AppData\LocalLow\PriceGong[-] Folder Deleted : C:\Users\Doma\AppData\LocalLow\searchresultstb[-] Folder Deleted : C:\Users\Doma\AppData\Roaming\dvdvideosoftiehelpers[-] Folder Deleted : C:\Users\Doma\AppData\Roaming\One System Care
***** [ Files ] *****

[-] File Deleted : C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.icq.com_0.localstorage[-] File Deleted : C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.icq.com_0.localstorage-journal
***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : One System CarePeriod[-] Task Deleted : One System Care Run Delay[-] Task Deleted : One System Care Monitor[-] Task Deleted : One System Care Task[-] Task Deleted : {040D0447-7E04-0B78-0411-08090B0F1105}
***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search][-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5a73b277}[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1640187[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2269050[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2405280[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253[-] Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}][-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}[-] Key Deleted : HKCU\Software\Classes\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E716F183-5AD7-11DC-9670-00508DC0D496}[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}][-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}][-] Key Deleted : HKCU\Software\APN DTX[-] Key Deleted : HKCU\Software\Conduit[-] Key Deleted : HKCU\Software\Free Video Converter[-] Key Deleted : HKCU\Software\GamePlayLabs[-] Key Deleted : HKCU\Software\Headlight[-] Key Deleted : HKCU\Software\ICQ\ICQToolbar[-] Key Deleted : HKCU\Software\ICSW1.17[-] Key Deleted : HKCU\Software\One System Care[-] Key Deleted : HKCU\Software\PRODUCTSETUP[-] Key Deleted : HKCU\Software\Softonic[-] Key Deleted : HKCU\Software\AppDataLow\Toolbar[-] Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes[-] Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Conduit[-] Key Deleted : HKLM\SOFTWARE\Conduit[-] Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GamePlayLabs Plugin[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\GamePlayLabs Plugin[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page][-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search][-] Data Restored : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\Microsoft\Internet Explorer\Main [Start Page][-] Data Restored : HKU\S-1-5-21-21638372-3803676863-4093416254-1000\Software\Microsoft\Internet Explorer\Main [ICQ Search][-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{8FB34CDB-7397-401B-8D88-0B0107016870}][-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{1ACDD4D6-4A6F-468A-9D68-8388BB3980DB}][-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DA8AA9BC-93C7-4B8F-B9B2-75A5639E8D0A}[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope][-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{8C0C5705-9D6E-4227-93F4-2FFF3C0F9D5D} [NameServer]
***** [ Web browsers ] *****

[-] [C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : nikpibnbobmbdbheedjfogjlikpgpnhp[-] [C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ocphobfcfafpclibolpjdafgaffkaoci
*************************

:: "Tracing" keys removed:: Winsock settings cleared
*************************

C:\Program Files\AdwCleaner\AdwCleaner[C1].txt - [9535 bytes] - [16/03/2016 20:33:51]
C:\Program Files\AdwCleaner\AdwCleaner[S1].txt - [11285 bytes] - [16/03/2016 20:31:47]
C:\Program Files\AdwCleaner\AdwCleaner[S2].txt - [11373 bytes] - [16/03/2016 20:36:25]
C:\Program Files\AdwCleaner\AdwCleaner[S3].txt - [11461 bytes] - [16/03/2016 20:41:54]
C:\Program Files\AdwCleaner\AdwCleaner[S4].txt - [11549 bytes] - [16/03/2016 21:45:07]
C:\Program Files\AdwCleaner\AdwCleaner[S5].txt - [11637 bytes] - [16/03/2016 21:49:48]
C:\Program Files\AdwCleaner\AdwCleaner[S6].txt - [11725 bytes] - [16/03/2016 21:55:46]

########## EOF - C:\Program Files\AdwCleaner\AdwCleaner[C1].txt - [10150 bytes] ##########

[Rudy]

OK. Dejte nový log RSIT.

[MichaelaU]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Doma at 2016-03-16 22:13:02
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 153 GB (50%) free of 305 GB
Total RAM: 2038 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:13:57, on 16.3.2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16749)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\PixArt\PAC207\Monitor.exe
C:\Program Files\Seznam\Postak\Postak.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\mobsync.exe
C:\Users\Doma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Doma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Doma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Doma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Doma\Desktop\RSIT.exe
C:\Program Files\trend micro\Doma.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... nkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: Bitlord Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
R3 - URLSearchHook: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
R3 - URLSearchHook: ST-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ST-Eng7 - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll
O2 - BHO: Bitlord Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Money Viking - {c7c5384f-d9e9-4db1-8c72-135ecccbc571} - C:\Program Files\Money Viking\Extensions\c7c5384f-d9e9-4db1-8c72-135ecccbc571.dll (file missing)
O2 - BHO: KMP Media Toolbar - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files\kmpmediatoolbar\kmpmediatoolbarX.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll
O3 - Toolbar: Bitlord Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
O3 - Toolbar: ST-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll
O3 - Toolbar: KMP Media Toolbar - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files\kmpmediatoolbar\kmpmediatoolbarX.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Doma\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup (User 'Default user')
O8 - Extra context menu item: Download with Xilisoft Download YouTube Video - C:\Program Files\Xilisoft\Download YouTube Video\upod_link.HTM
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Doma\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 82.163.143.171 82.163.142.173
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 82.163.143.171 82.163.142.173
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Firewall - Unknown owner - C:\Program Files\Alwil Software\Avast5\afwServ.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Update Service (gupdate1ca024db72fa265) (gupdate1ca024db72fa265) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 10398 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-21638372-3803676863-4093416254-1000Core.job - C:\Users\Doma\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-21638372-3803676863-4093416254-1000UA.job - C:\Users\Doma\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
ST-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\prxtbSof0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
Bitlord Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c7c5384f-d9e9-4db1-8c72-135ecccbc571}]
Money Viking - C:\Program Files\Money Viking\Extensions\c7c5384f-d9e9-4db1-8c72-135ecccbc571.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{daf5b34c-1aa3-4c33-ae24-766a370635d2}]
KMP Media Toolbar - C:\Program Files\kmpmediatoolbar\kmpmediatoolbarX.dll [2011-10-13 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B71B15CF-3093-459C-B764-AEB2486F2273} - &S-Rank - C:\Program Files\Seznam\Postak\SRank.dll [2005-05-17 266240]
{7c5c0f58-e061-457d-9033-77307f5ed00c} -
{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - ST-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\prxtbSof0.dll [2011-05-09 176936]
{daf5b34c-1aa3-4c33-ae24-766a370635d2} - KMP Media Toolbar - C:\Program Files\kmpmediatoolbar\kmpmediatoolbarX.dll [2011-10-13 81920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352]
"PAC207_Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"SMail"=C:\Program Files\Seznam\Postak\Postak.exe [2006-05-18 450560]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-09-09 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-09-09 178712]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-09-09 154136]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-01-12 2219184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-02-26 2289664]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Google Update"=C:\Users\Doma\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-01-15 6628056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu]
C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [2013-04-02 1282632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Doma^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2008-10-04 393216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-09-02 221184]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"MSVideo8"=VfWWDM32.dll
"msacm.divxa32"=msaud32_divx.acm
"vidc.tscc"=tsccvid.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"wave1"=wdmaud.drv
"midi"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-03-16 20:31:37 ----D---- C:\Program Files\AdwCleaner
2016-03-16 19:51:00 ----D---- C:\Program Files\trend micro
2016-03-16 19:50:59 ----D---- C:\rsit
2016-03-10 13:08:21 ----A---- C:\Windows\system32\advapi32.dll
2016-03-10 13:08:19 ----A---- C:\Windows\system32\smss.exe
2016-03-10 13:08:19 ----A---- C:\Windows\system32\rpcrt4.dll
2016-03-10 13:08:19 ----A---- C:\Windows\system32\csrsrv.dll
2016-03-10 13:08:18 ----A---- C:\Windows\system32\ntdll.dll
2016-03-10 13:08:16 ----A---- C:\Windows\system32\ntkrnlpa.exe
2016-03-10 13:08:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-03-10 13:07:52 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-10 13:07:52 ----A---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-10 13:07:52 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-10 13:07:52 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\ucrtbase.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-10 13:04:52 ----A---- C:\Windows\system32\seclogon.dll
2016-03-10 13:04:06 ----A---- C:\Windows\system32\atmlib.dll
2016-03-10 13:04:06 ----A---- C:\Windows\system32\atmfd.dll
2016-03-10 12:59:09 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-03-10 12:58:03 ----A---- C:\Windows\system32\olepro32.dll
2016-03-10 12:58:03 ----A---- C:\Windows\system32\asycfilt.dll
2016-03-10 12:58:02 ----A---- C:\Windows\system32\oleaut32.dll
2016-03-10 12:04:05 ----A---- C:\Windows\system32\win32k.sys
2016-03-09 19:33:20 ----A---- C:\Windows\system32\vbscript.dll
2016-03-09 19:33:20 ----A---- C:\Windows\system32\msfeedsbs.dll
2016-03-09 19:33:19 ----A---- C:\Windows\system32\mshta.exe
2016-03-09 19:33:19 ----A---- C:\Windows\system32\msfeeds.dll
2016-03-09 19:33:19 ----A---- C:\Windows\system32\jscript.dll
2016-03-09 19:33:18 ----A---- C:\Windows\system32\urlmon.dll
2016-03-09 19:33:18 ----A---- C:\Windows\system32\ieUnatt.exe
2016-03-09 19:33:18 ----A---- C:\Windows\system32\iertutil.dll
2016-03-09 19:33:17 ----A---- C:\Windows\system32\jsproxy.dll
2016-03-09 19:33:15 ----A---- C:\Windows\system32\wininet.dll
2016-03-09 19:33:15 ----A---- C:\Windows\system32\mshtmled.dll
2016-03-09 19:33:15 ----A---- C:\Windows\system32\msfeedssync.exe
2016-03-09 19:33:15 ----A---- C:\Windows\system32\dxtmsft.dll
2016-03-09 19:33:12 ----A---- C:\Windows\system32\url.dll
2016-03-09 19:33:11 ----A---- C:\Windows\system32\jscript9.dll
2016-03-09 19:33:10 ----A---- C:\Windows\system32\dxtrans.dll
2016-03-09 19:33:09 ----A---- C:\Windows\system32\ieui.dll
2016-03-09 19:33:08 ----A---- C:\Windows\system32\ieframe.dll
2016-03-09 19:33:01 ----A---- C:\Windows\system32\mshtml.dll
2016-02-25 20:38:43 ----D---- C:\Users\Doma\AppData\Roaming\vlc
2016-02-25 20:35:28 ----D---- C:\Program Files\VideoLAN

======List of files/folders modified in the last 1 month======

2016-03-16 22:13:04 ----D---- C:\Windows\Temp
2016-03-16 22:00:32 ----A---- C:\Windows\NeroDigital.ini
2016-03-16 21:57:42 ----D---- C:\Windows\Prefetch
2016-03-16 21:57:28 ----HD---- C:\ProgramData
2016-03-16 21:57:27 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2016-03-16 20:34:40 ----D---- C:\Windows\system32\catroot2
2016-03-16 20:33:53 ----RD---- C:\Program Files
2016-03-16 18:32:47 ----SHD---- C:\System Volume Information
2016-03-16 16:17:59 ----D---- C:\Program Files\URUSoft
2016-03-16 16:17:48 ----D---- C:\Windows
2016-03-16 16:17:27 ----D---- C:\Program Files\The KMPlayer
2016-03-14 20:19:48 ----A---- C:\Windows\win.ini
2016-03-11 21:23:57 ----D---- C:\Users\Doma\AppData\Roaming\Skype
2016-03-11 18:36:42 ----D---- C:\Windows\System32
2016-03-11 18:36:37 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-03-11 15:19:58 ----SHD---- C:\Windows\Installer
2016-03-11 15:19:58 ----HD---- C:\Config.Msi
2016-03-11 15:19:54 ----D---- C:\ProgramData\Microsoft Help
2016-03-10 18:45:22 ----D---- C:\Windows\Microsoft.NET
2016-03-10 17:26:36 ----D---- C:\Windows\rescache
2016-03-10 17:17:57 ----RSD---- C:\Windows\assembly
2016-03-10 13:10:09 ----D---- C:\Windows\system32\cs-CZ
2016-03-10 13:10:08 ----D---- C:\Windows\system32\XPSViewer
2016-03-10 13:10:08 ----D---- C:\Windows\system32\migration
2016-03-10 13:10:08 ----D---- C:\Program Files\Windows Mail
2016-03-10 13:10:08 ----D---- C:\Program Files\Internet Explorer
2016-03-10 13:10:08 ----D---- C:\Program Files\Common Files\System
2016-03-10 13:09:46 ----D---- C:\Windows\system32\drivers
2016-03-10 13:09:44 ----D---- C:\Windows\inf
2016-03-10 13:08:47 ----D---- C:\Windows\winsxs
2016-03-10 13:08:42 ----D---- C:\Windows\system32\catroot
2016-03-10 12:54:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-10 12:53:13 ----D---- C:\Windows\system32\MRT
2016-03-10 12:41:47 ----A---- C:\Windows\system32\mrt.exe
2016-03-09 11:11:44 ----D---- C:\Windows\system32\Tasks
2016-03-07 13:23:38 ----D---- C:\ProgramData\CanonIJPLM
2016-03-03 19:21:12 ----D---- C:\MagicPlusMini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 137144]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-12-21 134000]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-12-21 41336]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-12-21 33120]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-09-02 2472448]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-08-06 124928]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2011-09-06 111320]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-09-02 2472448]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 PAC207;Eye 110; C:\Windows\system32\DRIVERS\PFC027.SYS [2007-10-25 616064]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2011-01-12 810144]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2013-05-14 140936]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S2 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate1ca024db72fa265;Google Update Service (gupdate1ca024db72fa265); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11 269504]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2011-01-12 33584]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2015-07-22 3611808]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-11 772296]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-21638372-3803676863-4093416254-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-21638372-3803676863-4093416254-1000UA.job
C:\Program Files\Skype\Toolbars
C:\Program Files\Money Viking\Extensions\c7c5384f-d9e9-4db1-8c72-135ecccbc571.dll

:services
Nero BackItUp Scheduler 3

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c7c5384f-d9e9-4db1-8c72-135ecccbc571}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{daf5b34c-1aa3-4c33-ae24-766a370635d2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NBKeyScan"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[MichaelaU]

A když jsem to zkopírovala, tak pak mám co udělat? Kliknout na cleanup?

[Rudy]

...a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[MichaelaU]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Doma at 2016-03-17 18:48:17
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 153 GB (50%) free of 305 GB
Total RAM: 2038 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:48:59, on 17.3.2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16749)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\PixArt\PAC207\Monitor.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Seznam\Postak\Postak.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Doma\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\Doma\Desktop\RSIT.exe
C:\Program Files\trend micro\Doma.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... nkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: (no name) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
R3 - URLSearchHook: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
R3 - URLSearchHook: ST-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ST-Eng7 - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof0.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Doma\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Exetender_298] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup (User 'Default user')
O8 - Extra context menu item: Download with Xilisoft Download YouTube Video - C:\Program Files\Xilisoft\Download YouTube Video\upod_link.HTM
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Doma\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 82.163.143.171 82.163.142.173
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 82.163.143.171 82.163.142.173
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Firewall - Unknown owner - C:\Program Files\Alwil Software\Avast5\afwServ.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Update Service (gupdate1ca024db72fa265) (gupdate1ca024db72fa265) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 8798 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
ST-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\prxtbSof0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"PAC207_Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"SMail"=C:\Program Files\Seznam\Postak\Postak.exe [2006-05-18 450560]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-09-09 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-09-09 178712]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-09-09 154136]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-01-12 2219184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-02-26 2289664]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Google Update"=C:\Users\Doma\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-01-15 6628056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu]
C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [2013-04-02 1282632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Doma^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2008-10-04 393216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-09-02 221184]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"MSVideo8"=VfWWDM32.dll
"msacm.divxa32"=msaud32_divx.acm
"vidc.tscc"=tsccvid.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"wave1"=wdmaud.drv
"midi"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-03-17 18:48:17 ----D---- C:\rsit
2016-03-17 18:43:05 ----D---- C:\_OTM
2016-03-16 20:31:37 ----D---- C:\Program Files\AdwCleaner
2016-03-16 19:51:00 ----D---- C:\Program Files\trend micro
2016-03-10 13:08:21 ----A---- C:\Windows\system32\advapi32.dll
2016-03-10 13:08:19 ----A---- C:\Windows\system32\smss.exe
2016-03-10 13:08:19 ----A---- C:\Windows\system32\rpcrt4.dll
2016-03-10 13:08:19 ----A---- C:\Windows\system32\csrsrv.dll
2016-03-10 13:08:18 ----A---- C:\Windows\system32\ntdll.dll
2016-03-10 13:08:16 ----A---- C:\Windows\system32\ntkrnlpa.exe
2016-03-10 13:08:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-03-10 13:07:52 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-10 13:07:52 ----A---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-10 13:07:52 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-10 13:07:52 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-10 13:07:51 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-10 13:07:50 ----A---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\ucrtbase.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-10 13:07:49 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-10 13:04:52 ----A---- C:\Windows\system32\seclogon.dll
2016-03-10 13:04:06 ----A---- C:\Windows\system32\atmlib.dll
2016-03-10 13:04:06 ----A---- C:\Windows\system32\atmfd.dll
2016-03-10 12:59:09 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-03-10 12:58:03 ----A---- C:\Windows\system32\olepro32.dll
2016-03-10 12:58:03 ----A---- C:\Windows\system32\asycfilt.dll
2016-03-10 12:58:02 ----A---- C:\Windows\system32\oleaut32.dll
2016-03-10 12:04:05 ----A---- C:\Windows\system32\win32k.sys
2016-03-09 19:33:20 ----A---- C:\Windows\system32\vbscript.dll
2016-03-09 19:33:20 ----A---- C:\Windows\system32\msfeedsbs.dll
2016-03-09 19:33:19 ----A---- C:\Windows\system32\mshta.exe
2016-03-09 19:33:19 ----A---- C:\Windows\system32\msfeeds.dll
2016-03-09 19:33:19 ----A---- C:\Windows\system32\jscript.dll
2016-03-09 19:33:18 ----A---- C:\Windows\system32\urlmon.dll
2016-03-09 19:33:18 ----A---- C:\Windows\system32\ieUnatt.exe
2016-03-09 19:33:18 ----A---- C:\Windows\system32\iertutil.dll
2016-03-09 19:33:17 ----A---- C:\Windows\system32\jsproxy.dll
2016-03-09 19:33:15 ----A---- C:\Windows\system32\wininet.dll
2016-03-09 19:33:15 ----A---- C:\Windows\system32\mshtmled.dll
2016-03-09 19:33:15 ----A---- C:\Windows\system32\msfeedssync.exe
2016-03-09 19:33:15 ----A---- C:\Windows\system32\dxtmsft.dll
2016-03-09 19:33:12 ----A---- C:\Windows\system32\url.dll
2016-03-09 19:33:11 ----A---- C:\Windows\system32\jscript9.dll
2016-03-09 19:33:10 ----A---- C:\Windows\system32\dxtrans.dll
2016-03-09 19:33:09 ----A---- C:\Windows\system32\ieui.dll
2016-03-09 19:33:08 ----A---- C:\Windows\system32\ieframe.dll
2016-03-09 19:33:01 ----A---- C:\Windows\system32\mshtml.dll
2016-02-25 20:38:43 ----D---- C:\Users\Doma\AppData\Roaming\vlc
2016-02-25 20:35:28 ----D---- C:\Program Files\VideoLAN

======List of files/folders modified in the last 1 month======

2016-03-17 18:48:58 ----D---- C:\Windows\Temp
2016-03-17 18:46:01 ----D---- C:\Windows\Prefetch
2016-03-17 18:45:21 ----A---- C:\Windows\NeroDigital.ini
2016-03-17 18:43:25 ----D---- C:\Windows
2016-03-17 18:43:08 ----RD---- C:\Program Files\Skype
2016-03-17 18:43:08 ----D---- C:\Windows\Tasks
2016-03-16 21:57:28 ----HD---- C:\ProgramData
2016-03-16 21:57:27 ----D---- C:\ProgramData\ICQ
2016-03-16 21:57:27 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2016-03-16 20:34:40 ----D---- C:\Windows\system32\catroot2
2016-03-16 20:33:53 ----RD---- C:\Program Files
2016-03-16 18:32:47 ----SHD---- C:\System Volume Information
2016-03-16 16:17:59 ----D---- C:\Program Files\URUSoft
2016-03-16 16:17:27 ----D---- C:\Program Files\The KMPlayer
2016-03-14 20:19:48 ----A---- C:\Windows\win.ini
2016-03-11 21:23:57 ----D---- C:\Users\Doma\AppData\Roaming\Skype
2016-03-11 18:36:42 ----D---- C:\Windows\System32
2016-03-11 18:36:37 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-03-11 15:19:58 ----SHD---- C:\Windows\Installer
2016-03-11 15:19:58 ----HD---- C:\Config.Msi
2016-03-11 15:19:54 ----D---- C:\ProgramData\Microsoft Help
2016-03-10 18:45:22 ----D---- C:\Windows\Microsoft.NET
2016-03-10 17:26:36 ----D---- C:\Windows\rescache
2016-03-10 17:17:57 ----RSD---- C:\Windows\assembly
2016-03-10 13:10:09 ----D---- C:\Windows\system32\cs-CZ
2016-03-10 13:10:08 ----D---- C:\Windows\system32\XPSViewer
2016-03-10 13:10:08 ----D---- C:\Windows\system32\migration
2016-03-10 13:10:08 ----D---- C:\Program Files\Windows Mail
2016-03-10 13:10:08 ----D---- C:\Program Files\Internet Explorer
2016-03-10 13:10:08 ----D---- C:\Program Files\Common Files\System
2016-03-10 13:09:46 ----D---- C:\Windows\system32\drivers
2016-03-10 13:09:44 ----D---- C:\Windows\inf
2016-03-10 13:08:47 ----D---- C:\Windows\winsxs
2016-03-10 13:08:42 ----D---- C:\Windows\system32\catroot
2016-03-10 12:54:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-10 12:53:13 ----D---- C:\Windows\system32\MRT
2016-03-10 12:41:47 ----A---- C:\Windows\system32\mrt.exe
2016-03-09 11:11:44 ----D---- C:\Windows\system32\Tasks
2016-03-07 13:23:38 ----D---- C:\ProgramData\CanonIJPLM
2016-03-03 19:21:12 ----D---- C:\MagicPlusMini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 137144]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-12-21 134000]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-12-21 41336]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-12-21 33120]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-09-02 2472448]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-08-06 124928]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2011-09-06 111320]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-09-02 2472448]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 PAC207;Eye 110; C:\Windows\system32\DRIVERS\PFC027.SYS [2007-10-25 616064]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2011-01-12 810144]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2013-05-14 140936]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate1ca024db72fa265;Google Update Service (gupdate1ca024db72fa265); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11 269504]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2011-01-12 33584]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2015-07-22 3611808]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-11 772296]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Rudy]

Smazáno. Nastala nějaká změna?

[MichaelaU]

Vypadá to, že zatím snad jo, protože poslední okno s upozorněním od Esetu, že se něco děje mi vyskočilo naposledy v asi 21:56 včera a dnes zatím nic. Mám pro jistotu vymazat i ty zachycené věci, co mám v karanténě v antiviru?
A děkuji moc za pomoc, bez vaší pomoci bych to určitě nevyřešila.